Damn Spam.
Aug. 29th, 2003 01:37 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
mbarrick
The e-mail system at work is pretty much my baby, that means trying to block spam is part of my job. I read about this particular insidious trick the other day and just noticed my first example of it. This is a new tactic being used to bypass content filters:<p>G<!--iup8uh1kwzve-->et Vi<!--9zdgum1zqa5-->a<!--0iifrz1kwv-->gra o<!--g1esqe2qa1dz53-->nline N<!--xdgz301z7hi-->ow <!--yun98a212g-->! <br>
The subject line was innocuous and unfilterable ("Answer my question please"). The content is in HTML. In HTML <!--comment goes here--> is a comment tag and doesn't render so the above text reads "Get Viagra online now!" The contents of the comments are completely random and randomly inserted in the text. Adding insult to injury the random comments not only subvert all but the most sophisticated (and expensive) heuristics filters, they make the message multiple times larger than it's content, chewing up considerably more bandwidth.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
I built a workaround for this already.
Date: 2003-08-29 04:23 pm (UTC)I became aware of this tactic last year about this time.
Depending on what your mail system is, you should be able to pass inbound mail through a tag stripper to analyze it without too much trouble.
Re: I built a workaround for this already.
Date: 2003-08-29 05:01 pm (UTC)no subject
no subject
Date: 2003-08-30 10:24 am (UTC)