[LINK] getting rid of image spam
cas at taz.net.au
Sat Oct 28 11:39:22 AEST 2006
On Sat, Oct 28, 2006 at 07:04:34AM +1000, Kim Holburn wrote:
> Nice technique for getting rid of image spam. Applies only to Apple
> Mail.app but could probably be made to work in other mail clients.
> >He noticed that the image spam emails always have two
> >distinguishing marks: they come from a different address each time
> >and the Content-Type header begins with ?multipart/related?.
i've been using the FuzzyOCR plugin for spamassassin for a few weeks
now, and it works quite well....but this is useful. i much prefer to
block spam during the SMTP stage with a reject than to accept and tag
for anyone using postfix, here's a PCRE header_checks rule which blocks them:
i came up with the boundary=... qualifier by examining all the
multipart/related image spams in my amavisd spamtrap quarrantine.
there's no guarantee that it wont reject other non-image-spam messages,
but this pattern is common to all of the ones in my spamtrap.
craig sanders <cas at taz.net.au> (part time cyborg)
More information about the Link