A few years back I went to an email conference where I heard a number of anti-virus and anti-spam technical folks talking on a panel about some of their tactics and where the trends were going. It was a bit of a yawn-fest, but one comment got me thinking. They basically said that one of the variables they use for detection is so easy to fix they couldn't tell anyone, but it has to do with the fingerprint they leave on the system they are sending email to.
I happen to know a bit about spam, as one of the email accounts I have is so old, and so well distributed on the net, that I've nearly crushed the email servers that host my mail in spam. In fact, we get so much spam that one of the anti-spam companies uses it as heuristics to tune their own spam engines. Amazing! And even after that I still have my own anti-spam filters, AND I still get spam. It's crushing.
But I wonder what that fingerprint is. It could be something as simple as sending something in lowercase when all other MTUs send it in uppercase, or adding an extra line feed or anything small. Anyone have any ideas? It might give us a clue as to what to search for in terms of other applications.
I happen to know a bit about spam, as one of the email accounts I have is so old, and so well distributed on the net, that I've nearly crushed the email servers that host my mail in spam. In fact, we get so much spam that one of the anti-spam companies uses it as heuristics to tune their own spam engines. Amazing! And even after that I still have my own anti-spam filters, AND I still get spam. It's crushing.
But I wonder what that fingerprint is. It could be something as simple as sending something in lowercase when all other MTUs send it in uppercase, or adding an extra line feed or anything small. Anyone have any ideas? It might give us a clue as to what to search for in terms of other applications.
