Full Disclosure mailing list archives
Re: Spam with PGP
From: "Curt Purdy" <purdy () tecman com>
Date: Wed, 8 Oct 2003 08:53:05 -0500
The answer to SPAM IMHO is filtering on the client side. Our server filter gets 80%+ of it but I still got 50+ SPAMs a day. Since going to PopFile proxy filter on my laptop (awsome & free @ sourceforge) I get maybe one a week. It's based on Bayesian Theorum. Not bad for a 15th Century monk ;) Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity zar Richard Clarke -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of MaX Flebus Sent: Tuesday, October 07, 2003 6:52 PM To: Full-Disclosure () lists netsys com Subject: [inbox] Re: [Full-disclosure] Spam with PGP
I remember hearing this is another method for bypassing spam filters. Apparently some filters will pass e-mail with PGP signatures thinking it is legitimate. It is an interesting concept, though. I think my favorite is still the jpgin an html enabled e-mail with seemingly valid information and links that is actually a link to an xss or pr0n site. Spammers are starting to use better methodologies and soon filtering options will be almost impossible. I find it amusing to see what they will do next, though. -William
Well, this reminds us that a spam filter, although definitely a good thing, it's not the definitive solution, just like a firewall IMHO. You can't bet too much on a purely automatic solution. Anyway, again like firewalls, I'm not so pessimistic: completely filtering out what you don't want could be, OK, impossible but filtering out almost all, is what we really need. MaX -- www.flebus.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Spam with PGP, (continued)
- Re: Spam with PGP Shawn McMahon (Oct 07)
- Re: Spam with PGP Sebastian Niehaus (Oct 07)
- Re: Spam with PGP Shawn McMahon (Oct 07)
- Break Macromedia Activation Alex (Oct 07)
- RE: Spam with PGP Andy Wood (Oct 07)
- RE: Spam with PGP Brown, Randy (InfoSec) (Oct 07)
- Re: Spam with PGP Dave Howe (Oct 07)
- Re: Spam with PGP DAN MORRILL (Oct 07)
- RE: Spam with PGP Brian Dinello (Oct 07)
- Re: Spam with PGP Thomas Binder (Oct 07)
- Re: Spam with PGP MaX Flebus (Oct 07)
- Re: Spam with PGP Curt Purdy (Oct 08)
- Re: Spam with PGP Steffen Kluge (Oct 09)
- Re: Spam with PGP Curt Purdy (Oct 08)
- RE: Spam with PGP Zach Forsyth (Oct 07)
- Spam with PGP Olivier (Oct 08)
- RE: Spam with PGP Bassett, Mark (Oct 09)