|
|
Incidents
Re: Re: Strange mail with number in subject line and body Jun 08 2006 01:38AM paul french abs gov au (2 replies) Re: Strange mail with number in subject line and body Jun 08 2006 05:47AM Jesse Gough (jgough securityfocus com) |
|
Privacy Statement |
been getting a mixed bag of these emails, some with .PNG attachments,
some without...
Regards,
Eric
-----Original Message-----
From: paul.french (at) abs.gov (dot) au [email concealed] [mailto:paul.french (at) abs.gov (dot) au [email concealed]]
Sent: Wednesday, June 07, 2006 9:39 PM
To: jamesr (at) europe (dot) com [email concealed]
Cc: incidents (at) securityfocus (dot) com [email concealed]; jamie.riden (at) gmail (dot) com [email concealed];
junkmail (at) babtras (dot) com [email concealed]; Christine Kronberg
Subject: Re: Re: Strange mail with number in subject line and body
We had a similar incident sometime back but it was a name in both the
subject and body.
Greylisting, which we are about to implement, is an extra line of
defence where an MTA will temporarily reject email from a new or
unrecognised
source. A legitimate (and properly configured) mail server will
attempt
to connect later on to deliver the e-mail. Many mass e-mail tools used
by spammers will not bother to retry a failed delivery, so the spam is
never delivered. One can only hope that a failed delivery the first
time would lead spammers to believe that it is an invalid address.
cheers
Paul
"Jamie Riden"
jamesr (at) europe (dot) com [email concealed]
Sent by:
To
jamie.riden (at) gmail (dot) com [email concealed] "Christine Kronberg"
<seeker (at) shalla (dot) de [email concealed]>
cc
junkmail (at) babtras (dot) com [email concealed],
incidents (at) securityfocus (dot) com [email concealed]
08/06/2006 07:05 AM
Subject
Re: Re: Strange mail with
number in subject line and body
On 08/06/06, Christine Kronberg <seeker (at) shalla (dot) de [email concealed]> wrote:
> On Wed, 7 Jun 2006, junkmail (at) babtras (dot) com [email concealed] wrote:
>
> > My best guess is that this is meant to poison the statistics of
bayesian mail filters and trick them into letting spam through.
>
> Do you really think a few mails with just a number in it will have
> a noticeable effect on the filters? To me it seems more likely that
> someone uses a bot net for address verification and list washing.
Indeed - most Bayesian techniques I have seen will only look at the n
most 'useful' words in determining whether it's spam or not spam. I just
can't see any feasible way to poison this sort of scheme.
cheers,
Jamie
--
Jamie Riden / jamesr (at) europe (dot) com [email concealed] / jamie.riden (at) computer (dot) org [email concealed] NZ Honeynet
project - http://www.nz-honeynet.org/
------------------------------------------------------------------------
------
This List Sponsored by: Black Hat
Attend the Black Hat Briefings & Training USA, July 29. August 3 in Las
Vegas.
World renowned security experts reveal tomorrow.s threats today. Free of
vendor pitches, the Briefings are designed to be pragmatic regardless of
your security environment. Featuring 36 hands-on training courses and 10
conference tracks, networking opportunities with over 2,500 delegates
from 40+ nations.
http://www.blackhat.com
------------------------------------------------------------------------
------
------------------------------------------------------------------------
------------------------
Free publications and statistics available on www.abs.gov.au
------------------------------------------------------------------------
------
This List Sponsored by: Black Hat
Attend the Black Hat Briefings & Training USA, July 29. August 3 in Las
Vegas.
World renowned security experts reveal tomorrow.s threats today. Free of
vendor pitches, the Briefings are designed to be pragmatic regardless of
your security environment. Featuring 36 hands-on training courses and 10
conference tracks, networking opportunities with over 2,500 delegates
from 40+ nations.
http://www.blackhat.com
------------------------------------------------------------------------
------
J.B. Hanauer & Co. will not accept trade order instructions via e-mail and will not be responsible for carrying out such orders and/or instructions. This e-mail is not an official transaction confirmation. The only official confirmation of a transaction will be sent to you via regular mail. J.B. Hanauer & Co. reserves the right to monitor and review the content of all e-mail communications sent and/or received by its employees. Since the confidentiality of Internet e-mail cannot be guaranteed, please refrain from sending personal or sensitive information (Social Security numbers, usernames/passwords, bank information, account numbers, birth dates, etc.) in your e-mails to J.B. Hanauer & Co.
------------------------------------------------------------------------
------
This List Sponsored by: Black Hat
Attend the Black Hat Briefings & Training USA, July 29. August 3 in Las Vegas.
World renowned security experts reveal tomorrow.s threats today. Free of
vendor pitches, the Briefings are designed to be pragmatic regardless of your
security environment. Featuring 36 hands-on training courses and 10 conference
tracks, networking opportunities with over 2,500 delegates from 40+ nations.
http://www.blackhat.com
------------------------------------------------------------------------
------
[ reply ]