From: Taylor, Grant
Date: 2006-12-05 15:00:52 -0500
Subject: Re: new milter idea: milter-random-named-file
More information..: http://www.milter.info/#Support
Michael Elliott wrote:
> Hello Anthony. I have a request for a new milter to put on your
> "whenever I get to it" pile. Just let me know if that would January
> or September. ;-) It is intended to go after the pump-and-dump
> stock scams. That is the only real class of problem email I am having
> today at the ISP level. This will allow the first few messages through
> as it auto learns. Then it will block the rest of the garbage.
> This idea should work to kill a lot of what is floating around today, and
> will be defeated when the enemy starts using image creation tools to
> modify the outgoing image for every message. Today, while it is possible,
> they are not spending that much cpu power to generate their message.
> They are randomizing text sections currently, but not the image files other
> than filename. I admit this will only give us 6 months of use in the
> arms war, but it would be an effective weapon. It will also pick off the
> occasional virus is you leave the attachment types a little more open.
I think this is a very good and creative out side of the box thinking type
of idea. However, I feel like there is a lot of room for error. You did
touch on some of the room for error with Grandma sending / receiving lots of
pictures of grand kids. I still think there is a lot of room for error /
mis-interpretation of things. Rather than out right rejecting messages, I'd
add a header that included the number of times an image matched and then use
something like SpamAssassin to look for this to alter the spam score for a
given message and reject using something like milter-spamc.
Just my $0.02 worth.
Grant. . . .
Copyright 2009, 2012 by SnertSoft. All rights reserved.