Vernon Schryver
vjs@calcite.rhyolite.com
Sun, 7 Jul 2002 13:39:28 -0600 (MDT)
> From: "Francois Baligant" <francois.baligant@be.wanadoo.com> > To: <dcc@calcite.rhyolite.com> > Anyone has an idea with DCC can deal with message body > that looks like this ? Basicaly, can it make abstraction > of the variable length HTML comments ? > > If not, can it be done and still be okay performance-wise ? > > <html> > <body bgColor="#CCCCCC" topmargin=1 onMouseOver="window.status=''; > return true" oncontextmenu="return false" ondragstart="return false" > onselectstart="return false"> > Hello, francois@myself.com<BR> > <BR> > As se<!--5-->en on NB<!--D-->C, CBS, and CN<!--H-->N, and even > Opr<!--D-->ah! The health<br> > ... Is there evidence that spam is not being caught? From what I've seen, things are working. A few weeks ago someone sent me close to 100 different samples of that sort of spam. `dccproc -Q` said most were spam according to the common DCC database. That suggests that they are not a problem. I have in mind some simple, inexpensive, changes that would be effective if that particular spammer makes the changes that it would need to make to evaded the current fuzzy checksums using that tactic. As always, I do not like to talk about the workings of the fuzzy checksums in a public mailing list that is indexed by Google. If spammers were not what they are, they'd not need any help to evade any likely body filtering mechanism. However, they are what they are. Vernon Schryver vjs@rhyolite.com