Evil image spam

Adam Ierymenko api@xactcommerce.com
Mon Oct 14 19:59:41 UTC 2002


I'm starting to see more and more of this... spam which consists
of simply an image attachment.  While this costs more bandwidth
for the spammer to send (that is, if they are using their bandwidth
and not relay raping), this provides a means to defeat most filters
as images can be perturbed very easily and in many different
ways.  Slightly blur, sharpen, color change, or move elements in
an image and it can be perturbed into an endless array of possible
binary representations.

It seems to me that this breaks all the fuzzy checksums that DCC
is capable of.  Is there any plan to integrate a fuzzy image
checksum in the future?  It seems like this would not be *that*
hard, as GPL/BSD code for fuzzy image fingerprinting has probably
already been written somewhere.  It would just have to be plugged
in.  I know google and some web filters use this kind of technology
to categorize and group images by similarity.

Of course, you could automatically bulk-mark all mail that consists
only of an image or a small quantity of HTML with images.  Such
things are normally not sent as part of normal communication.




More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.