Henrik Krohns writes:
> On Wed, Jul 04, 2007 at 10:08:29AM +0100, Justin Mason wrote:
> >
> > Bear in mind that the spammer who is developing this PDF spam is only one
> > person, and he/she probably has at least one non-spammy-looking email
> > address at his disposal.
> >
> > What's to spot him/her from asking Dallas for a copy of the ruleset and
> > plugin, same as any other SpamAssassin user, waiting a few days to cover
> > his/her tracks, then fixing the spam to avoid it again?
> >
> > And if you think this isn't already happening, I have a bridge for sale

> If I was a spammer, I couldn't care less if few people were using some
> secret PDF blocking stuff. It's not like AOL or some big companies are using
> it.

oh yeah -- good point. On one occasion in the past when spammers have
evaded open-source-developed rules, I was able to find out later why they
made those changes, and it had nothing to do with our little open source
projects... instead it was to evade AOL's independently-developed,
closed-source, secret-sauce filtering which used a similar method.
The big guys are the spammers' targets.