Daniel Barrett pondered: > Hmm... how does that work when Craigslist anonymizes all addresses > (e.g., abcde-5950223...@sale.craigslist.org)? Do they ... somehow > discover your real address?
It's a possibility they've created bots that seem real enough to engage you in conversation outside Craigslist (for example, I'm apartment-hunting now, and 20-30% of the postings are scam ads that I thought were targeted at suckers who might foolish put down deposits for applications on places they've never been to, but might just be harvesting email addresses). But I doubt that this is the origin of the spam I'm seeing. > ... my approach to spam is to run spastic (spastic.sourceforge.net) > and spamassassin in sequence. I'm not familiar with spastic; its description at sourceforge doesn't provide much of a clue as to how it would complement spamassassin. The new torrent of messages is coming in bursts, about 50 a day, and they seem to rotate IP source addresses: there are patterns of multiple messages on a given IP but I haven't yet figured out a pattern for how they're doing it. One thing that's pretty clear is that most of these have a message body that their "client" has paid to distribute, followed by a screenful of blank lines, followed by several paragraphs of Bayesian-buster text typed by hand (Mechanical Turk or the like) or by a sufficiently-clever algorithm. Whatever firm is behind this obviously has an outbound server farm that has all the same spam-busting tools that we try to use for defense: their messages pass existing tests with flying colors. Tools like sa-learn are no match for them. -rich _______________________________________________ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss