Bear in mind that the spammer who is developing this PDF spam is only one
person, and he/she probably has at least one non-spammy-looking email
address at his disposal.

What's to spot him/her from asking Dallas for a copy of the ruleset and
plugin, same as any other SpamAssassin user, waiting a few days to cover
his/her tracks, then fixing the spam to avoid it again?

And if you think this isn't already happening, I have a bridge for sale


Thomas Raef writes:
> I for one agree with the protected model.
> I've read post after post in this group and others where people complain
> that some new method is no longer effective due to the "other guys"
> knowing our every step.
> If there were an application process, which would be too burdensome on
> the maintainers, I'd support that as well - and offer my help.
> No I'm not a spammer and I've never played one on TV either...
> That's just my two cents worth of opinion, I could be wrong.
> Thank you to the people who write these plugins. You people rock!
> -----Original Message-----
> From: Raymond Dijkxhoorn []
> Sent: Tuesday, July 03, 2007 4:10 PM
> To: Jason Haar
> Cc:
> Subject: Re: So what about and these anti-PDF rules?
> Hi!
> >> All in all, you're better off just making things public.

> > model in the antivirus/antispam arena...
> >
> > ...and it may be true - but no-one on this list believes it ;-)

> Its a matter of fact that published rules (see sare rulesets) become
> less
> effective immediate after publishing. That due to spammers reading along
> ect ect.
> I can understand Dallas point and dont agree that making this open will
> give the same results.... It should, but it just doesnt.
> We have rules very ok hitting, and i know once we put this in a SARE set
> the effeciveness will drop and we have to come up with new rules. Not
> really something people look forward to. Its just a handfull people
> contributing as you know.
> Bye,
> Raymond.