[unisog] SP*M Detection Methods & Processes
r.fulton at auckland.ac.nz
Tue Sep 26 00:00:47 GMT 2006
Bill Martin wrote:
> One last bit on this, given the similarities in tools, design, etc...
> I would expect that statistics (rejected, tagged-passed, passed clean)
> would be roughly similar in percentages. Given the recent escalation in
> "complaints" of "excessive spam getting through", I can only speculated
> that others are seeing similar results?
Absolutely. I noted some of the factors that we are struggling with in
my previous post. This morning I found a spam in my mail box that had a
SA score of 0.0 -- the only thing that SA had picked up was that it was
an html email.
Spammers have now taken things to a new level and SA is not coping well.
One question I have (and it is one some of our managers are asking):
Are commercial products doing any better? If you have an army of people
tweaking things on a hour by hour basis (like we now do with AV) you
may be able to make some progress but it is going to be very expensive
and in the end (I believe futile).
Anyway, I'd be interested in hearing from anyone who is using commercial
products as to how they are coping with the current wave of image spam.
We are playing with fuzzyocr plugin but have not put it into production
yet. I view this as a short term stop gap as we have already seen
images with obscured fonts...
More information about the unisog