back to advancis.com

advancis Blog


Blocking Spam

Spammers keep refining their tactics to reach your email accounts. Here are the latest techniques to stop them. The session is free to watch and the solutions are free to use. Enjoy... less spam in 2022.

In this article, we will be looking at strategies to stop the latest SPAM techniques. Like every company, we have seen a lot SPAM over the past 20 years. It seems the problem is getting worse every year despite all the legislation. And it is coming from ... everywhere.

For example and Not sure why, but we have been getting a lot of SPAM from Germany lately. Up to 20 emails per account a day promoting, well, let's just say adult-oriented services.

Every day. Non-stop. And, we had enough.

The good thing is that the German language contains some unique characters not found in other languages; so this actually helped us understand the problem and develop a response very quickly.

The regular filters and SPAM blocking techniques did not initially work. The SPAMMERs had anticipated those moves and created their messages accordingly. So, the SPAM kept pouring in. As a result, we had to refine our response. The results have been 100% effective and can be used by anyone on advancis networks and client apps as well non-advancis software. So, it is very useful. If you use standard email software like Mail on a Mac or Outlook, this will work for you as well.
Normally, to stop adult-themed SPAM, you would simply define rules to stop emails containing certain graphic terms from being delivered. If the message contains the term, boom it is deleted by the server or the app. easy enough.

So, we translated a few key words in German, updated the filters rules and Voilà. Well, not exactly the SPAM kept getting through.

Text-based rules did not work which was very strange. It turns out that they were not enough because some messages were HTML messages which meant that spelling a W.O.R.D. using the roman alphabet did not work all the time. We had to ensure that the corresponding HTML entity was also included in the filter rules.

For example, I don't speak GERMAN so I will use Voilà as a term you want to use as a flag, the rules must include both the roman-alphabet version and its HTML-entity based version. So, in this case:

Voilà
Voilà

For help on finding HTML entities
https://www.w3schools.com/charsets/ref_html_entities_a.asp

But for the German spammers, that was not enough. SPAM kept flooding in. As we looked as the source code, we noticed that for some messages, they were encoding the source code as base64 code. The result was perfectly displayed by the eMail applications but the filters could not stop the flags because they were encoded and did not appear as Voilà or
Voilà

In fact, they showed up as: Vm9pbMOgCg== and Vm9pbCZhZ3JhdmU7 which are the base64 versions of those 2 flags.

For help on base64 encode your terms, you can type "base64 encode" in Bing to access an online tool.

After updating the filter rules to also include the base64 code of Flags, we ended up with 4 flags for each term:

Voilà
Voilà
Vm9pbMOgCg==
Vm9pbCZhZ3JhdmU7

We had to use all four versions because some messages included the base64 version of the HTML entity version of the roman-alphabet version. It sounds more complicated that it is.

That was it. Outsmarted the spammers for now.


 

web and Internet solutions for e-business Home | Products | Services | Solutions | Specials | News | Search | Site map | Programs | Buy Online

All rights reserved - Legal notice -