OT: pdf spam

[Jason Ede]

You have the prerequisite 'Big stick' V2.0 for this task then?
________________________________________
From: mailscanner-bounces at lists.mailscanner.info [mailscanner-bounces at lists.mailscanner.info] On Behalf Of Martin.Hepworth [martinh at solidstatelogic.com]
Sent: 26 June 2007 13:13
To: MailScanner discussion
Subject: RE: OT: pdf spam

Seeing a few myself, BUT some are double filename extended so MS blocks
them.

I was just discussing the next stage being PDF-ed gif's earlier this
morning with my colleague. So I therefore conclude he's a spammer and
will deal with him appropriately ;-)

--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
> bounces at lists.mailscanner.info] On Behalf Of Gareth
> Sent: 26 June 2007 12:27
> To: MailScanner discussion
> Subject: Re: OT: pdf spam
>
> On Wed, 2007-06-20 at 15:35, Gareth wrote:
> > On Wed, 2007-06-20 at 14:49, Sattler, Tim wrote:
> > > Hello,
> > >
> > > today we received a lot of penny stock spam with just dummy text
and a
> > > pdf attachment "<username>_report.pdf". All "spammy" key words are
> > > inside the pdf document, so these mails are not marked as spam in
the
> > > majority of cases. If this becomes fashion, I guess it will
require
> new
> > > techniques like regex filtering inside attachments or hash
databases
> for
> > > "spammy" documents.
> >
> > I was just about to post about these myself. I have attached an
example.
> >
> > I have found if I use 'less' to view the document it renders it to
plain
> > text and is very readable. So would it be possible to convert a pdf
to
> > plain text and append it to the email message for the purposes of
the
> > spamassassin checks?
> >
> > Alternativly perhaps this is a job for MCP?
> >
> > Another possibility would be for the author of fuzzyocr to recognise
> > .pdf files and render them so they can be scanned for keywords. I
can
> > think of a few keyword and load issues this could cause though.
>
> Here is another example of pdf spam. This time they have converted
their
> normal gif/jpg spam image to a pdf file and sent it.
>
> I have also posted this example to the fuzzyocr mailing list.




**********************************************************************
Confidentiality : This e-mail and any attachments are intended for the
addressee only and may be confidential. If they come to you in error
you must take no action based on them, nor must you copy or show them
to anyone. Please advise the sender by replying to this e-mail
immediately and then delete the original from your computer.
Opinion : Any opinions expressed in this e-mail are entirely those of
the author and unless specifically stated to the contrary, are not
necessarily those of the author's employer.
Security Warning : Internet e-mail is not necessarily a secure
communications medium and can be subject to data corruption. We advise
that you consider this fact when e-mailing us.
Viruses : We have taken steps to ensure that this e-mail and any
attachments are free from known viruses but in keeping with good
computing practice, you should ensure that they are virus free.

Red Lion 49 Ltd T/A Solid State Logic
Registered as a limited company in England and Wales
(Company No:5362730)
Registered Office: 25 Spring Hill Road, Begbroke, Oxford OX5 1RU,
United Kingdom
**********************************************************************

--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!