False Negatives and Hash Busters

Super remove close reason reveal identity known event complaint legal goes. edited AM. delivered Troika system. copy Sandhills Company rights reserved. tool crack mode. If happening anything unable candidate number tested per second branch bytes Software.

No your eyes aren’t deceiving you. The above is a genuine set of words that was contained in several emails I received recently. The email is of course spam.

In this case I think it was promoting some investment opportunity. The point is that it broke through the spam filter which has been set to vicious mode (ie wipe out everything considered to be spam). When spam is able to bypass your spam filter, it is considered to be a false negative. Since the adoption of Bayesian filtering techniques, it has been harder for spam to get through to a user’s in-box.

One technique that has been successfully used to initially defeat Bayesian filters is to include in the spam mail – what is called a hash buster. A hash buster looks like something someone on drugs has written but is actually an extremely clever way of lowering the likelihood that the email is considered to be spam by the introduction of words considered to be normal to most email.

Of course eventually a Bayesian filter will eventually recognise this to be spam but only last week I had over eighty of these things come through to waste my time in deleting them!

The point of this is that as our filtering techniques become more sophisticated, so will the spammers methods of avoiding them - the b*&tards! What is illogical is that many spammers claim that what they are doing is legitimate and that many people want to know about these offers.

However people who don’t wish to know about these offers will get a spam filter. Now if they buy a spam filter surely that means that they don’t want to know – so why are spammers putting hash busters in their spam???????