![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
[geek] eliminated incoming image spam
I do some pretty aggressive spam filtering, because I get a lot of spam. I even wrote my own multi-word token bayesian filter, and it works, but not better than spamprobe. So my complete inability to block the new style of spam that includes a bunch of random text and with all its spaminess contained in an inlined attached image depressed me. My discussions with the authors of SpamProbe and CRM114 (very effective adaptive filters) did not improve my mood.
A big problem with dealing with spam is what to do with the spam.
The two options I was aware of were:
Write it to a folder and never look at it again (or discard it). Then if it turns out to be legit mail you never see it and the sender doesn't know.
Bounce it back to the sending address which was probably forged which does nobody any good.
A few days ago I was talking to![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif)
beowabbit about spam, and he mentioned that spam can be scored and rejected before the the initial incoming SMTP connection is closed, which results in the sending mail server being responsible for sending the rejection message. This is wonderful because if it was sent by a spammer no bounce gets sent, and if it was a legit email the sender gets an email from their own mail server saying their mail didn't get delivered.
From there it was a pretty simple matter of looking up how Postfix (my mail server software) does regex (pattern) matches on email to reject them, which is body_checks.
Then I looked around to see if anybody had created a relevant regex already, and they had, a rather nice one:
/\bsrc\s*=(?:3D)?\s*"?cid:/ REJECT
from http://archives.neohapsis.com/archives/postfix/2006-05/0430.html
Yes I am aware of the solutions integrating OCR into SpamAssassin and I think it's a terrible idea.
Yes this means if you email me an image, you cannot embed the attached image in the body of the email - just attaching it is fine, you just can't <img src> it. I believe this will inevitably become common email policy, because I believe other solutions will not be useful for long.
A big problem with dealing with spam is what to do with the spam.
The two options I was aware of were:
Write it to a folder and never look at it again (or discard it). Then if it turns out to be legit mail you never see it and the sender doesn't know.
Bounce it back to the sending address which was probably forged which does nobody any good.
A few days ago I was talking to
beowabbit about spam, and he mentioned that spam can be scored and rejected before the the initial incoming SMTP connection is closed, which results in the sending mail server being responsible for sending the rejection message. This is wonderful because if it was sent by a spammer no bounce gets sent, and if it was a legit email the sender gets an email from their own mail server saying their mail didn't get delivered.From there it was a pretty simple matter of looking up how Postfix (my mail server software) does regex (pattern) matches on email to reject them, which is body_checks.
Then I looked around to see if anybody had created a relevant regex already, and they had, a rather nice one:
/\bsrc\s*=(?:3D)?\s*"?cid:/ REJECT
from http://archives.neohapsis.com/archives/postfix/2006-05/0430.html
Yes I am aware of the solutions integrating OCR into SpamAssassin and I think it's a terrible idea.
Yes this means if you email me an image, you cannot embed the attached image in the body of the email - just attaching it is fine, you just can't <img src> it. I believe this will inevitably become common email policy, because I believe other solutions will not be useful for long.
no subject
I fell off the rabid anti spam bandwagon a long time ago, so I'm probably sounding like a heretic.
The 2-3 spams I get per week at this point are actually of the 'ascii art' variety. I don't even care where they're from, I just delete them.
(no subject)
(no subject)