Forum Moderators: phranque
Or posts within your forums and blogs where the content is just a single image?
It is an ingenious way of circumventing even the better Bayesian method based spam filters. There is nothing to review - it is binary data, and all but the most sophisticated anti-spam tools can do OCR (optical character recognition) on the fly in a speedy fashion, prior to reviewing content.
The images are - text converted to simple GIF or JPG file, with a slight fuzzy and colored backgrounds.
What do these images remind you of? CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) images. Distored text, required to be entered by humans at various verifications.
The presumption is that automated processes, often created for spamming, will not be able to read it (convert it from image back to text) in a timely fashion.
The identical problem presented to anti-spam software.
I predict that anti-spam developers will come up with new methods to convert those pesky image-based spams for classification.
I also predict that spammers will beta test it, by implementing it in their captcha-defeating online spam tools.
So long CAPTCHA. your long (6 years?) Internet life was indeed a pleasure, while it lasted.
Educate me. I don't know of any such system
For starters, this would be a nice improvement across the board.
SPF: Sender Policy Framework
[openspf.org...]
IMO, it misses a few critical elements that I proposed when I was in the email industry in the early 90s, but that's all water under the bridge, you have to start somewhere and SPF is a step in the right direction.
As someone already mentioned, asking a random question in plain text does the job perfectly well [ goog 'free contact form'! for scripts ].
But this still only defends against automated spam bots. There will always be an army of human spammers there.... and for that there is no reasonable solution, only ways to make it harder for them.
I was not talking about administrative, or end-user spam solutions. I was not talking about how one technology, solution, method, or enforcement was any better then an other.
I simply pointed out the potential ironic nature of the developement of character recognition to be built into anti-spam software to be then used for CAPTCHA defeat by other type of spammers.
I simply pointed out the potential ironic nature of the developement of character recognition to be built into anti-spam software to be then used for CAPTCHA defeat by other type of spammers.
You have a very narrow definition of CAPTCHA.
The following are CAPTCHA's as well:
1. Picture of something, let's use a tree as an example, with a multiple choice answer "a) Dog, B) Tree, C) Frog". You'll need a bit more technology than character recognition to bypass this one.
2. A math question such as "What's 10+6?" and you type in the answer.
3. A javascript challenge "Enable Javascript and CLICK HERE to continue".
4. An automatic javascript redirect, which doesn't even bother the end user, as everyone running javascript will be redirected past the CAPTCHA page automatically.
5. A random question with simple answers such as "What color is the sky?"
The best solution is a random application of the various types of CAPTCHA's so the odds of them all being bypassed at any given time is fairly minimal at the moment.
Most (all that I have seen) will implement one, at best - two of the above listed CAPTCHA solutions.
If you don't have at least an SPF record, there is a good chance that up to 50% or more of your mail is not being received
In other words, can't fix stupid
or intolerant, overzealous admins grasping at straws.
you know, the same ones who burst a blood vessel over top posting.
spf is bad, broken and stupid.
burst a blood vessel over top posting
the potential ironic nature of the developement of character recognition to be built into anti-spam software to be then used for CAPTCHA defeat by other type of spammers.
This is already done though, the images sent by spammers in an e-mail are going to be easily read by either a human or a bot. Any character recognition ability built into spam filters will be far less than what is already in use. Just as an example the image captcha for phpbb2 has a 98% failure against the most common software used to defeat captcha's.
It's easily defeated for a variety of reasons but it's not something that would be very practical if your intent is to send spam in an e-mail that you want read.
can anyone point me to any info about which methods they use?
Google are unlikely to publish this information - spammers could use it to bypass the filters.
I wouldn't publish the intimate details of my spam filtering methods either. Sorry! :-(
plumsauce wrote:
spf is bad, broken and stupid
Would you be kind and elucidate?
