Print Page | Close Window

Yet another Spam Technique

Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: http://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=3212
Printed Date: 22 October 2017 at 1:26pm


Topic: Yet another Spam Technique
Posted By: Desperado
Subject: Yet another Spam Technique
Date Posted: 14 March 2004 at 6:44pm

All,

I hope this interface does not change this posting but ...

Here is a somewhat new (to me) form of obfuscation.  Look between the 2nd and 3rd "0". I really think that is the font style calls for a size of "1", we can very safely say it is Spam unless someone has REAL good eyesight.  A simple RegEx catches this one.

Over 1,00v0,000,000

The html is "Over 1,00<font style="font-size: 1;">v</font>0,000,000"  I don't know about you but that "v" is really hard to make out. Good eye test ya think?

Regards,

Dan S. 




Replies:
Posted By: Desperado
Date Posted: 14 March 2004 at 6:58pm

I have put a RegEx as the very last keyword and it is STILL catching the previous "trick".  I wonder ... will the Bayesian Filter learn this? 

Dan S.



Posted By: Guests
Date Posted: 15 March 2004 at 4:28pm

That doesn't look like proper HTML in the first place, should be something like

<FONT SIZE=1>whatever</FONT>

The "1" tells the browser to enlarge whatever the current font size the browser is set to up one point.

If the spammer wanted to make the font really small they would make it -3 or -4 for example.



Posted By: Desperado
Date Posted: 15 March 2004 at 5:57pm

It is a "Style" which is OK for html but not for me!

Dan S



Posted By: Guests
Date Posted: 15 March 2004 at 6:00pm

Shows how much I know of HTML.  I would think though the numbering for font size would still be correct though (I could be wrong of course).  As for spammers using HTML to junk up their spammy sales pitches... YUCK!




Print Page | Close Window