Loads of pump&dump spam

by Volker Weber

A week ago I started receiving loads of pump&dump spam. An all-html message with a large gif file which contains the payload. Do you have any suggestions how to tweak SpamAssassin to trap these mails?

Comments

I have been receiving these types of spam for a couple of months. I heard about one solution where the SA admin installed an OCR reader and OCR'd all images to determine if they were spam.

The spammers had already thought about that: Some of the GIFs are actually animated GIF's - each frame showing just a part of the spam message.

I guess there is no easy solution for the time being

Jens-Christian Fischer, 2006-10-27

Same here. It's been bad enough we are looking beyond SA to other solutions. Good luck, I hope enough people read that we get more helpful responses.

Also, what do you consider 'loads'? Lots of spam is relative to what you were getting yesterday; I'd suggest 2-5/day as a safe range after filtering, what do others see? We started getting more complaints once people started tripping into 5-10, which I'd agree is annoying enough to look into better controls. After calculating the productivity loss of even 10 seconds times employees and estimated spam, it adds up quick!

Rich

Rich Thomsen, 2006-10-27

Hrm ... i'm doing it the obvious (for me) way: increased points for HTML_MESSAGE over 50.
HTML is evil ...

In the beginning was the word and the word was
content-type: plain/text

Olaf Baumert, 2006-10-27

Hi Volker,

maybe this one helps:

# ImageInfo - designed to catch image spam
#
loadplugin Mail::SpamAssassin::Plugin::ImageInfo

ImageInfo announced
Hompage?
HowTo (search for ImageInfo)

Florian Steinel, 2006-10-28

I am using DSPAM and after some training of the filter I have no more problems with SPAM like this. My SPAM ratio is 58% and DSPAM catches more than 99% of them. Also these with images!

Detlev

Detlev Schümann, 2006-10-28

I have been using Vanquish mail (http://www.vanquish.com) for over three years. They don't use filters. Filters catch too many valuable emails by the time it's cranked down enough to catch a significant amount of spam'. When a filter blocks 90% of spam' it will always block some valuable email. The greater percentage of spam' it blocks the more it blocks valuable emails. You could keep checking the "held mail" folder, but that will drive you nuts.

Vanquish is embedding encrypted Id's in the mail so you can get direct control of the mail yourself. It's system that starts with the black/white list, but the encrypted key adds the foundation to keep the system open so it isn't limited to your own small list. It keeps strangers honest. You get protection that can't be fooled. It's such a complete fix you forget spam' exists.

I kept all seven of my various email addresses and just forwarded them to Vanquish. I turned off every spam' filter at every one of those accounts. That way I don't lose valuable messages to anyone's filter algorithm. Lots of people never get my mail because of their filters. That will change.

You don't have to change any addresses or notify anyone of anything. You can keep the original account address in your replies. Vanquish is independent of operating system and email client and you have web mail. And last of all, new contacts can reach you easily and with total reliability in several ways.

Really I hate filters so excuse the long post. They cost you new business contacts and prevent old friends from contacting you. Filters keep spam' alive by leaving the backdoor open to new profiles. Vanquish actually kills off spam' by shutting the door. As Vanquish adoption increases you'll see spam' die off. It will be a direct relationship.

There is more and this is a future thing, but it's already built in. Legitimate marketers can still reach you if they post a cash bond in advance with Vanquish. By legitimate I mean anyone who posts a cash bond with Vanquish to cover your bond setting. They can then send you an email and if you think it was a waste of your time you click a button in the email and a nickel or quarter or whatever you decide in advance is deposited into your account. It's real money. You have the power.

I will set my bond high. Maybe a US dollar. If the marketer thinks my bond requirement is too high to risk the loss they can just not send me the email. Unlike postage, money goes to me, the mail recipient. It's a direct relationship and I have complete control. If some old friend sends me an email they can simply reply to the challenge email Vanquish sends to them to prove they are not a spam' bot.

Vanquish has been developed from all possible points of view. From the beginning it was considered to be the gold standard solution by email industry insiders, but they feared some threshold was required for it to succeed. That has not proven true. Vanquish addressed objections operationally, but there is a lot of emotion around email so it will take some folks more time to see it for what it is. Email has been very frustrating for people. It's the most wonderful communication mechanism, a direct electronic channel to you that has been crushed by the very freedom of the internet. You have to use Vanquish to really feel the emotional difference. When you are empowered and protected you feel different.

I have yet to get one piece of bonded commercial email, but I look forward to it. This commercial email will be highly targeted since real money is deposited in advance at Vanquish. This is cash and the sender will want to target me carefully because it will cost them unless it's something I really am interested in. There is so much data about "me" for marketers to use, they will be able to zero in on me. I spend money on what I'm interested in and they have the information.

I could just block this commercial sender with a click of the mouse if it's a near miss. If I always take the money no one will reach out to me. I think I'll appreciate it that they actually thought enough of me to risk real money and it's not insulting, a simple disallow or maybe a block, but if it's in bad taste, in my opinion, I will take the money. Vanquish creates a marketplace for me and my buying power. This is an instant atmosphere of accountability and honesty. The money is really on the table, so to speak.

Bonded commercial email is the future. Not postage. It's here at Vanquish. Free enterprise is necessary in the modern world, the whole world. It's the final dimension of Vanquish mail that makes email complete for everyone including business. Today Vanquish just stops spam' dead in it's tracks without false positives and elegantly lets me enjoy email the way it is suppose to be. Email is GREAT AGAIN. PC Magazine agrees. Power users agree.

Every once in awhile I have to let loose about Vanquish. Thanks for your time.

Steve Roberts
Nashville
sr@vqme.com

Steve Roberts, 2006-10-30

Here's one possible solution - block China.

Chris Linfoot, 2006-10-31

Recent comments

Ben Langhinrichs on Your purchases, subscriptions and reservations in Gmail at 22:13
Thomas Cloer on ZTE, Huawei, DJI :: Die große Willkür at 16:24
Kristof Doffing on ZTE, Huawei, DJI :: Die große Willkür at 14:57
Frank Quednau on ZTE, Huawei, DJI :: Die große Willkür at 12:25
Erik Brooks on Reuters: Google suspends some business with Huawei after Trump blacklist at 02:32
Erik Brooks on Reuters: Google suspends some business with Huawei after Trump blacklist at 01:42
Kai Pahl on Reuters: Google suspends some business with Huawei after Trump blacklist at 22:54
Benjamin Hering on Your purchases, subscriptions and reservations in Gmail at 19:39
Thomas Cloer on Reuters: Google suspends some business with Huawei after Trump blacklist at 14:31
Johannes Neubrecht on Reuters: Google suspends some business with Huawei after Trump blacklist at 14:28
Jochen Kattoll on Your purchases, subscriptions and reservations in Gmail at 12:43
Volker Weber on Your purchases, subscriptions and reservations in Gmail at 11:47
Andreas Eldrich on Your purchases, subscriptions and reservations in Gmail at 11:15
Ben Poole on Your purchases, subscriptions and reservations in Gmail at 11:13
Andreas Eldrich on Your purchases, subscriptions and reservations in Gmail at 10:53
Manfred Wiktorin on Reuters: Google suspends some business with Huawei after Trump blacklist at 09:37
Maximilian von Hulewicz on Reuters: Google suspends some business with Huawei after Trump blacklist at 09:24
Volker Weber on Samsung Galaxy S10 :: Ich mag das at 08:36
Johannes Matzke on Reuters: Google suspends some business with Huawei after Trump blacklist at 08:25
Roland Dressler on Samsung Galaxy S10 :: Ich mag das at 08:20
Friedrich Holstein on Reuters: Google suspends some business with Huawei after Trump blacklist at 00:41
Armin Grewe on Reuters: Google suspends some business with Huawei after Trump blacklist at 22:51
Volker Weber on Reuters: Google suspends some business with Huawei after Trump blacklist at 22:22
Armin Grewe on Reuters: Google suspends some business with Huawei after Trump blacklist at 22:19
Volker Weber on Samsung Galaxy S10 :: Ich mag das at 09:54

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 00:35

visitors.gif

buy me coffee

Paypal vowe