Re: [anti-spam-wg] Imaged spam
-
From: Walter Ian Kaye walter@localhost
-
Date: Thu, 22 Jun 2006 14:26:04 -0700
At 06:54p +0100 06/21/2006, Michele Neylon :: Blacknight.ie didst
inscribe upon an electronic papyrus:
peter h wrote:
> Throwing away html-formatted e-mail is a good way to deal with this type
of abuse.
That sounds like complete overkill. There are ways of blocking the image
spam, but simply blocking all HTML email isn't the sanest...
I do both, because I like to know what exactly it was about the HTML
message that made it get blocked.
And don't forget, I think it was a given that you would whitelist the
few senders from whom you do allow it (like one's mother, or those
who are still using AOL 7.0 or whichever version was broken; i'm too
lazy to check expita).
My rules go something like this (vastly simplified for brevity):
if whitelisted sender, let it through
if multipart, trash it (recoverable)
if image spam, delete it
if obfuscated html, delete it
if html, delete it
My filter logs its actions, so I regularly check and see if something
was deleted that I need resent (and whitelisted to allow through,
duh).
It works for me.
At 09:59a +0100 06/22/2006, Michele Neylon :: Blacknight Solutions
didst inscribe upon an electronic papyrus:
Gert Doering <
> said on 22 June 2006 09:57:
> Blocking all HTML email sounds like a very good plan to get rid of
> current and future crap e-mail.
Only if you live in a little cave .....
In the real world HTML email is used by a very large number of businesses,
so if you can afford to cutoff your livelihood go ahead. I don't mind :)
I think the point is that most HTML mail is spam, and most spam is
HTML (well, it was, but seems to be going back more to text
specifically to get around our attempts to block it by blocking HTML,
heh), so by blocking HTML you block a large amount of spam. Also,
HTML is "unsolicited" bulk inside the email, so that's a kind of UBE
in and of itself. Waste of bandwidth (time) and disk space, and adds
nothing of value. If I want a Web page, there's this thing called the
World Wide Web where they were designed for; it was never designed
for email, and was only put there out of sheer laziness.
At 10:05a +0100 06/22/2006, Michele Neylon :: Blacknight Solutions
didst inscribe upon an electronic papyrus:
Gert Doering <
> said on 22 June 2006 10:03:
> Well, YMMV, but I just *cannot*read* HTML mail anyway - as I'm using
a text mode e-mail client.
That's your choice
> Surprisingly enough, communication with our customers works very well.
Lucky you
> The only things that come in as HTML-*only* are SPAM, Advertising,
and Viruses.
Not my experience.
Thus the "YMMV" phrase above. That's why configurability is good. :-D
-Walter