Beating bayes

Matt Kettler mkettler at EVI-INC.COM
Thu Feb 5 00:42:03 GMT 2004

At 06:55 PM 2/4/2004, you wrote:
>Interesting article on beating bayes filters at the BBC

It points out the fundamental reason why SpamAssassin isn't a pure bayes
system. It's also why SA tokenizes headers, not just message bodies when it
does bayes (if you tokenize headers, that section isn't as easy to
obfuscate and/or add poison to).

And let's face it.. my most recent bayes-poison loaded spam got:

         BAYES_99 5.40, HTML_MESSAGE 0.10, RCVD_IN_BL_SPAMCOP_NET 1.50,

Some benefit the 280 words of bayes poison they stuffed at the end got them.

For reference the email in question is a bayes-poison loaded, random
charachter-insert obfuscated super v-drug spam.

It offered to:

"Suxper chajrge your lolve linfe!"


More information about the MailScanner mailing list