Main Menu

Home

About

Spam-Stopper
A New Concept For
End Users

Become A Member

Member Login

IP Tracking


Why So Many Anti-Spam Solutions Simply Do Not Work


Anti-Spam Methods

There are many anti-spam methods out there. Computer users have done everything to try to limit the amount of spam that they receive at their email address. The most common method has been filtering email messages.

Spam Filter Method:
If you have a quick look through a good search engine, you will find MANY anti-spam services being offered. Most of these services are based on filtering technology. Email accounts are also coming with filter options and email programs are also adding limited filter functions.

The problem is that the spammers have also had a good hard look at how filtering works. Spammers have gone out of there way to find ways to get their messages past the filtering concept.

Content-Transfer-Encoding
This will send the message completely encoded. When you click on the message to read it your email program UN-encodes the message so that you can read it automatically. The reason why spammers started using this method to send their mail was to avoid spam filters. If the spam filter is set to trash an email that has content such as "Buy It Now", the words would never be seen in an encoded message as shown below:

Reply-To: <yobaby5132h16@yahoo.com>
Message-ID: <031c06e62c2b$8445d5b2$5da01aa2@qjwmpp>
From: <yobaby5132h16@yahoo.com>
To: Lower bills
Subject: ** Approved.
Date: Tue, 24 Sep 2002 11:24:41 +0600
MiME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_00A3_83C84A5C.B4868C82"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Internet Mail Service (5.5.2650.21)
Importance: Normal

------=_NextPart_000_00A3_83C84A5C.B4868C82
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: base64
PGh0bWw+DQo8Ym9keT4NCjxmb250IGNvbG9yPSJmZmZmZmYiPnNreTwvZm9u
dD4NCjxwPllvdXIgaG9tZSByZWZpbmFuY2UgbG9hbiBpcyBhcHByb3ZlZCE8
YnI+PC9wPjxicj4NCjxwPlRvIGdldCB5b3VyIGFwcHJvdmVkIGFtb3VudCA8
YSBocmVmPSJodHRwOi8vd3d3LjJnZXRmcmVlcXVvdGVzLmNvbS8iPmdvDQpo
ZXJlPC9hPi48L3A+DQo8YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJy
Pjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+PGJyPjxicj48YnI+
DQo8cD5UbyBiZSBleGNsdWRlZCBmcm9tIGZ1cnRoZXIgbm90aWNlcyA8YSBo
cmVmPSJodHRwOi8vd3d3LjJnZXRmcmVlcXVvdGVzLmNvbS9yZW1vdmUuaHRt
bCI+Z28NCmhlcmU8L2E+LjwvcD4NCjxmb250IGNvbG9yPSJmZmZmZmYiPnNr
eTwvZm9udD4NCjwvYm9keT4NCjxmb250IGNvbG9yPSJmZmZmZmYiPjFnYXRl
DQo8L2h0bWw+DQo4MzM0Z1RpbzgtbDk=

The example above is what the message looks like out side your mail reader. You can filter this type of message by simply saying that you do not want to receive any messages that are completely encoded. The problem with this is that we have found many people that have their mail program sending this type of message content. If you filter it, you will not get the email message even though it is not a spam message. If you have the filter decode the message and then filter it filtering will work, but only to it's limits.

Hashing
Some spammers use hashing to get their message through a filter system. If you look at the source you will notice that the text that you see in the message body does not match the text found in the message source itself. They get this right down to the word! This is easy to be missed without actually viewing the source before setting up your filter.

Example Of Message Body:

As seen on NBC, CBS, and CNN, and even Oprah! The health
discovery that actually reverses aging while burning fat,
without dieting or exercise! This proven discovery has even
been reported on by the New England Journal of Medicine.
Forget aging and dieting forever! And it's Guaranteed!

* Reduce body fat and build lean muscle WITHOUT EXERCISE!
* Enhace sexual performance
* Remove wrinkles and cellulite
* Lower blood pressure and improve cholesterol profile
* Improve sleep, vision and memory
* Restore hair color and growth
* Strengthen the immune system
* Increase energy and cardiac output
* Turn back your body's biological time clock 10-20 years
in 6 months of usage !!!

FOR FREE INFORMATION AND GET FREE 1 MONTH SUPPLY OF HGH CLICK HERE

At a quick glance, you may copy a line of this text such as "discovery that actually reverses aging" into your filter. When you continue to receive these messages you may even add a few more lines before viewing the source code of the message shown below.

Example Of Message Source Code:

As se<!--5-->en on NB<!--D-->C, CBS, and CN<!--H-->N, and even Opr<!--D-->ah! The health<br> discove<!--F-->ry that actually revers<!--D-->es aging while burning fat,<br>
with<!--boy-->out dieti<!--D-->ng or exerc<!--F-->ise! This pro<!--A-->ven discovery has even<br>
been report<!--resale-->ed on by the Ne<!--test-->w Engl<!---->and Jour<!--F-->nal of Medi<!--F-->cine.<br> For<!--resale-->get aging and d<!---->ieting forever! And it's Gua<!--S-->ranteed!<br>
<br><br>* Red<!--lo-->uce body fat and build lean muscle WIT<!--resale-->HOUT EXERCISE!<br> * Enha<!--resale-->ce se<!--la-->xual perf<!--hehe-->ormance<br>
* Rem<!--resale-->ove wrinkles and cellulite<br> * Lower blood pres<!--resale-->sure and improve choles<!---->terol profile<br> * Imp<!--resale-->rove sleep, vision and me<!---->mory<br>
* Resto<!--resale-->re hair color and gro<!---->wth<br> * Stren<!--resale-->gthen the immune sys<!---->tem<br> * Incre<!--resale-->ase ener<!---->gy and card<!---->iac output<br>
* Turn bac<!--resale-->k your body's biol<!---->ogical time cl<!---->ock 10-20 years<br>
in 6 months of usage !!!<br><br> <a href="http://www.chinaniconline.com/ultimatehgh/">FOR FRE<!--o-->E INFO<!--you-->RMATION AND G<!--love-->ET FREE 1 MON<!--resale-->TH SUPPLY OF HG<!---->H CLICK HERE</a><br><BR><br><BR><br><BR><br><BR><br> <BR><br><BR><br><BR><br><BR> You are recei<!--resale-->ving this email as a subscr<!---->iber<br> to the Opt<!--resale-->-In Ameri<!---->ca Mailin<!---->g Lis<!---->t. <br>
To remo<!--resale-->ve your<!---->self from all related mailli<!--me-->sts,<br>
just <a href="http://www.chinaniconline.com/ultimatehgh/remove.php?userid=resale@globals
pider.net"> Click Here</a>

As you can see the message has been hashed to avoid detection from spam filters.
Hashing uses html code commands that are meant to display comments. This message contains comments separating words. When the filter looks for the words that you have gave it to filter out, it can't find them because they simply do not exist.

Filtering - The Work Involved
Above are only two examples of how spammers are getting around filters. With each method that the spammer comes up with, it increases the amount of time involved in filtering. Do not think that if you ask to be removed from his address list that he will do it. If he does anything he will move you from one product to another, or from one company to another.
He may give you a month before he rehashes his message and sends it off again. This means that you will be opening the source again and then adding yet another filter.

In the six month filter test that we did, we ended up adding 6,540 different expressions which included filtering by email addresses, body content, subject, undisclosed recipients, x-mailer, worms, cc recipient list not shown, recipient list suppressed, all encoded as well as others.

At the end of six months, we found that we were still filtering a large percentage of the same email and senders. We also found that filtering was a never ending battle, already lost simply because of the time and work that goes into it.

The other draw back is that OPT lists are now settling and being allowed by many ISP's.

 




 

Copyright 2002 The Proxy Connection : Email:support@admin.spam-stopper.net
Site best viewed with IE v5.0 or above