![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SpamCop-List] Re: Mail Daemon Spam - what is it?
Bill (BCS)
bcs1 at spamcop.net
Thu Mar 4 14:56:30 EST 2004
"Mike Easter" <MikeE at ster.invalid> wrote in message
news:c27q3j$b5o$1 at news.spamcop.net...
> Marjolein Katsma wrote:
> > Mike Easter
> >> but we're talking about a major parser 'revamp' here, that
> >> I don't think is likely to happen. Not this year.
> >
> > This year has only just started. Just like nearly every spammer now
> > uses random word or tags to fool conetnt and possible bayesian
> > filters, pretty soon every spammer will make every spam look like a
> > bounce - and that might well happen before this year has ended.
>
> Correct - I predict no big SC upgrades this year 2004 -- not to say
> there won't be considerable spammer improvements.
>
> It wouldn't be at all surprising to me to see ongoing spam 'upgrades' -
> so that a higher and higher percentage of spam can elude the current
> content filters and a lower and lower percentage of spam would be
> blocked by various blocklists, including spamcop's. With the wealth of
> available trojans out there and more coming 'online' and available all
> of the time, the spammer can move 'elusive content' spam from source to
> source faster than the SCbl can keep up.
>
> The spammer can currently say, "Let me see, what do I want to avoid?"
> and if it is spamcop, there's a method of doing that, as in our fake
> bounce example.
>
> Some spammers probably don't care whether they 'avoid' spamcop or not;
> their sources are rotated so that the source isn't on the scbl, and
> their payloads reference links whose providers are non-responsive to
> spamcop notifies, or their payload reference links aren't even really
> where the payload is, that is, what spamcop notifies isn't 'where it's
> at'.
>
> Spamcop reporting, all by itself, isn't actually very 'comprehensive'.
> If you want to do some notifying, you already have to 'step outside' of
> SC's limitations. It's been that way a long time.
>
I have stated in a previous post ( to a different thread) that I am
currently redoing my server, and as bad as I hate ( not really though) to
admit it, all foreign domains will be blocked at the mail server.
in addition to using SCbl, and others that are good.
eventually the only mail transport I will use will be my own box, and the
only thing that'll get thru is whitelisted, and known good ip addys.
Bill
More information about the SpamCop-List
mailing list