Antidrug ruleset
Matt Kettler
mkettler at EVI-INC.COM
Mon Mar 22 21:22:31 GMT 2004
At 08:37 PM 2/26/2004, Michael St. Laurent wrote:
>Whups, I misread something. It did *indeed* catch it.
>
>Never mind. ;-)
That's quite surprising, because mine did not.... and I _wrote_ antidrug.cf..
The particular message in question is using a letter-dropping form of
obfuscation I've not yet implemented in antidrug.
Antidrug currently gets a wide variety of character substitution, gapping,
mis-spelling, etc, but it's not perfect and doesn't catch every possible
obfuscation.
My goals aren't really to catch every possible variant.. there's too many
possibilities.. My goal is to make sure that drug spam is so horrifically
unreadable that potential buyers won't be able to decipher what's for sale.
I'll be adding more variants in the next release, but I've been busy with
other things lately. In the interim, I'd suggest working with some bayes
training to try to catch them. Obfuscations make good bayes-fodder.
More information about the MailScanner
mailing list