Fog Creek Software
Discussion Board




combating spam

One thing I've noticed about the spam I've been receiving lately is the use of images in the body of the message, instead of text. The images contain the text that would normally constitute the body of the message. While there's usually some wording and a link to click in the event that the image failed to load, I'd like to know others' approaches to filtering out these kind of spam messages.

Holy Crusader Against Spam
Thursday, January 15, 2004

I found blocking all HTML email altogether cut the amount of spam I received by 95%.

SG
Thursday, January 15, 2004

Use a filter that looks at HTML tags, URLs and the like. Or just filter out all mail in HTML format :-).

Gareth McCaughan
Thursday, January 15, 2004

Blanket HTML blocking is not going to work in most companies over "X" employees. Travel arrangements (Car rentals, flight verifications, hotel reservations, etc.)  all come in as html with links. 

When the company I was last consulting at took the no html approach, execs stopped getting travel information and then it was found they done the blanket block to kill spam.  I believe they created a list of "valid if from" sites to deal with it.

MSHack
Thursday, January 15, 2004

check out http://popfile.sourceforge.net

Matthew Lock
Thursday, January 15, 2004

Spam is an arms war.

Sapm Bayes does a reasonable job but needs permanent retraining.

Blocking HTML mail is stupid in my opinion. Blocking automatic loading of the links is not necessaly so.

Stephen Jones
Thursday, January 15, 2004

Or they start breaking up obvious words:

B:U:Y::V:I:A:G:R:A

I think the future lies in centralized communication hubs. Rather than the distributed nature of e-mail, forcing everyone to sign up to a forum style mail server. For example, I have a website with an e-mail submission form. The only way to get my e-mail address is to send me e-mail via the form. Similar to this forum, you can't get my address from it.

One day I'll probably put in a threaded discussion board, with each thread being password protected for each participant. I saw one on SourceForge that I might install.

My friends will have my e-mail address, and the smart ones don't send me greeting cards or foward petitions to 50 of their friends including me.

Everyone else gets the form.

www.MarkTAW.com
Thursday, January 15, 2004

The point of multi-part mime email is that you can get a plain text version as well as an html version.

Anyone that sends me html alone email doesn't get read, plain and simple.  And I do get email from travel companies and bookings and so on and there's always a text part.

Simon Lucy
Thursday, January 15, 2004

My solution to spam is to simply not give my email address out haphazardly.  In the same manner that you probably wouldn't give out your home phone number to random strangers, you shouldn't give out your email address to random strangers.  I've been more inconvenienced by people who insist on "combating spam" than I have been by spam.

SomeBody
Thursday, January 15, 2004

The proverbial horse has already left the proverbial barn, so how does reprimanding the OP about not giving out his/her email address help them now?

Somebody Else
Thursday, January 15, 2004

The problem, SomeBody, is that some of us would like to be found by old friends and people who want to actually talk with us.

So just as telemarketers have made it such that people don't want to be listed in the white pages, spammers have made it such that people don't want to reveal their email address.

Furthermore, it's obnoxious.  I have had the same email address for about 7 years and it's available, unmasked, to various publicly accessible webpages and in spam databases.  I'm far too stubborn to change it because of somebody *else*.

Flamebait Sr.
Thursday, January 15, 2004

My point is that radical anti-spam measures are often worse than spam.  The topic at hand concerns radical anti-spam measures -- filtering out email based on things like images and HTML. 

If you get spam, it's because you've given your email address (directly or indirectly) to spammers.  Sure, it would be nice if spammers were honorable people who would respect your desire to not receive spam, but you're being a bit naive if you expect this.  It's easy to get a secondary throw-away address at Hotmail or Yahoo that you can make publically visible and check infrequently for old friends emailing you.  This is an infinitely better solution than randomly blocking email because it contains images or HTML. 

If HTML blocking became popular, do you think it would be really hard for spammers to realize this and to start sending plain text?  So then all the idiot sysadmins will be blocking HTML email at the server and you'll be missing travel reservations or email from people who didn't change the default in Outlook/Outlook Express to plain text but you won't miss a single spam.  Great idea!

SomeBody
Friday, January 16, 2004

*  Recent Topics

*  Fog Creek Home