Stock Spams; aka Pump and Dump part 2

Wed, 07 Jun 2006 12:59:11 -0700 

Greetings list,
I've been reading a pretty active and recent thread from one of the sa-users mailing list archives that talks about a high rate of these stock spams that are getting through. I, too, am currently suffering from this problem and am wondering if anyone has any recommendations. I would've joined in the conversation, but I just now subscribed to the list. Apologies in advance... 


I'm running 3.1.2 (just saw the 3.1.3 security update, I'll be upgrading 
shortly) with bayes and network tests on, including the DCC, Razor2, and 
Pyzor digest checks. Our bayes learning is configured for both autolearn 
and based on feedback from the users via IMAP folders, stored in a MySQL 
backend database. My bayes_seen table has 343,697 records in it. I am 
also using the SARE stock spam custom rule set. Every message that comes 
through does hit on the Bayes check, and usually registers somewhere 
between 0% - 60%, so it won't produce a point value.



So, I'm kinda of the impression that I'm doing everything I'm supposed 
to, but somehow these messages are all getting through with little to no 
point value. Our threshold is only 4.0.


In addition to these:
> ***BREAKING NEWS ALERT ISSUED****
> We think the fun is just beginning with this stock.
>
> Trade Date : 7 June 2006
> Name : AbsoluteSKY, Inc.
> S t o c k  :  A B S Y
> Today : $0.95
> 10month Target : $1 - $3
> Recommendation : 300-500%
>
> That would be well over a 300% gain from these levels.
> Big watch in play this tomorrow morning!
> This stock will explode!
> Do not wait until it is too late!!!

We're also getting these:

> The average home-loan we've given out this month is $400,000.00 @ 
4.03% int!

> We do not care about your current credit/financial situation.
>
> Last 3 closed-loans:
>
> 1. Holder, Natasha Houston, Texas 271,000 @ 4.12%
> 2. Chavez, Tyson Orlando, Florida 314,000 @ 4.33%
> 3. Hargrove, Ava Augusta, Georgia 713,000 @ 3.22%
>

> 
<http://geocities.yahoo.com.br/fearing_04toppingss4>http://geocities.yahoo.com.br/fearing_04toppingss4



Any help would be greatly appreciated. Maybe I just need to start 
regexing my heart out, but everything's always worked so well basically 
out of the box with SA and the network checks. I also can't figure out 
how these emails aren't getting listed in DCC, Pyzor, and Razor2. (Also, 
my current Pyzor server is 82.94.255.100:24441, as the pyzor discover 
one has been down)


Thanks
























					Reply via email to