[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Edlug Archive Mar 2004
]
Re: [edlug] Garbage at end of spam emails
On Tue, Mar 30, 2004 at 08:15:13PM +0100, Justin B Rye wrote:
>
> Stuart Pettie wrote:
> > Just wondering if anyone can shed light on what function the random words,
> > usally attached at the end of spam emails provides.
> >
> > Nobody I know has been able to explain it, and it has got us guessing.
>
> What, no replies yet? Or has spamassassin nobbled them all?
>
> I always assumed the random (and therefore non-spam-related) words
> were there to drown out the giveaways like "certificate of deposit"
> or "prescription viagra" in various kinds of statistical filter.
I think they serve two purposes, one which Justin mentioned is to
throw off statistical analysis.
The second purpose is more subtle, I believe the random words
and the random strings strings appended to an emails subject
are designed to make "identical" messages hash differently.
There are some anti-spam systems which work by hashing message
bodies, either identically or fuzzily. If a mail matches a
known bad hash then it can be discarded. The variations are
designed to subvert this process.
(For reference this is how razor/pyzor work).
Steve
--
-
----------------------------------------------------------------------
You can find the EdLUG mailing list FAQ list at:
http://www.edlug.org.uk/list_faq.html