More on image spam

This past weekend I was browsing the internet for image spam, I wanted to read a little bit about what other people are saying about it.  They basically confirmed what I already knew:

  • Image spam is on the rise
  • It is ubiquitous (everywhere)
  • It’s getting past a lot of filters

I found this one discussion thread where I came across two comments.  The first was “Any filter worth their salt can block images” and the second comment was “Any message that just contains an image is most likely spam.”  These two comments are related, but they are wrong.

Yes, it’s true, a spam filter can block all messages that contain images but it is not rue that any message that contains only an image is most likely spam.  In fact, what I have learned is that this is only true during spam runs and that messages that contain only images are routinely used in legitimate contexts.  We see people sending image-only emails to their friends all the time.  People include images in their email signatures using the same tags that spammers use to insert their image spam inline.  So, while we could block all messages that contain images, we would be blocking a significant portion of legitimate mail.

In fact, that’s why image spam is so effective, spam filters have a difficult time interpreting what is in the message.  Simply blocking mail with images is not the solution, more criteria needs to be used when making the decision to “guess” if a message is spam or not.