Date: 2007-01-23 07:45:00
Tags: spam
url blacklists
One of the most useful antispam techniques of late has been the "URL blacklist". This compares all URLs found within a message body against one or more global lists of URLs that are related to spam. SpamAssassin uses several such blacklists together and performs very well.

Recently I have seen a couple of messages leak through my filters that contain text such as this:

http://www.px555*com ( Do not forget to replace "*" with "." )

Another one used a different instruction like "remove the * from the middle". Looks like SpamAssassin needs to implement a more relaxed check for spammy urls.

But really, who is it that keeps buying stuff from these spammers even with such anti-anti-spam measures in place? What kind of person thinks these are legitimate businesses with the customer's best interests in mind?
Just today Slashdot ran a story about Frieder and Zittrain's study on the effectiveness of stock spam. One point they mention in that study is that even if you don't believe the claims made in the spam, you may still think that you can win by purchasing the stock at the start of the spam and selling it when the price rises from the other suckers buying too - effectively riding on the coat-tails of the original scammers. And the market doesn't care why people buy; the scam will work just because there's a lot of buying activity. So there's an incentive to participate even for relatively sophisticated investors, just because of the reasonable expectation that others will participate, as long as you think you can be one of the first.
Similar story on MSNBC recently, makes for interesting reading at least. The small business stocks that get hit this way often find themselves in precarious legal positions, although lately there have been so many penny stock spam scams that the SEC cannot possibly investigate them all.

Today a follow-up article about what we normal people can help do about the spam problem was posted on the same column.

Yeah, the one I mentioned in my post was a prescription spam. Stock spam is harder because it "works" on so many levels for so many different kinds of people. And there is some serious money to be made, so that one doesn't seem like it's going away anytime soon.

There is hope, though. I don't see much mortgage or university diploma spam anymore these days.
Greg Hewgill <>