When spammers get serious
Spammers spam and I make a living stoping spam (well, that's not the only thing i do) and i do it well. At work we use a combination of Spamassassin and CRM114. That's a combination of two different antispam mechanisms:
- static rules, matching keywords in headers or/and body
- a learning filter capable of classifying mails using bayesian statistical methods (spamassassin) or the Markovian discrimination method (CRM114)
This system isn't perfect but give pretty good results: 99.6% of the spam that were sent to my addresses were detected. But that was before they started using poisonning methods and captcha images...
So spammers spams and spams are filtered and life is good. But sometime spammers get serious and really try. They have their own tactics to fool antispam filters:
Image only spam
But this is getting old.. static rules filters like spamassassin can detect the mail doesn't contains anything but an image. this and the fact the sender is fake make it easy for the filter to tell it's spam.
I'm sure you received strange mails, not really spams because they don't sell anything, but lines and lines of crap... sometimes it just doesn't mean anything, sometimes it's litterature. That's a spammer's tastic called Bayesian Poisonning, trying to fool people into reporting the mail as spam so the filter starts detecting ham (non-spam mails) as spam. When the baysian filter is messed up enough, their real spams start passing through it.
Poisonning is often used with images because poisonning is usefull for them, but since they send something why not try to use it to sell more stuff to naive users? Plus images doesn't mess the poisonning. That's why filters started analyzing images to trying to read what's written in it (cf Spamassassin OCR plugin). And that why spammers started using Captcha spams!
Captcha spams... that's the latest trick in live in color from spamland. Captcha is an acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart". It's a simple test for you to prove you aren't a machine (are you?) It's just an image with some misformed text hard to read that only an human could understand.
The image on the left is a captcha
Anyway, spammers started using this method to make their images unreadable so the antispam filters can't detect what's going on in the image. The filters will just detect a mail with some perfectly normal text (poisonning) with an image that doesn't look like a spam (as far as they know that could be a landscape...):
Filters will evolve and will be able to detect new form of spams, using external methods like Razor, RBLs, etc. and Spammers will find new ways to trick filters...
AlexEck talks about the Captcha images: http://sunbeltblog.blogspot.com/2006/11/creative-image-spam.html