Jump to content

GTUBE: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
Removed passage because a.) the source simply provides a definition of a substring, not relevant to the claims made and b.) the EICAR test file is similarly comprised of a pre-defined string that is not executable code.
Not necessary to use a citation to define a word/concept, just link to the wiki article.
 
Line 10: Line 10:
and should be placed in the message body of an RFC 5322 compliant [[email]] message, without any line breaks or whitespace.
and should be placed in the message body of an RFC 5322 compliant [[email]] message, without any line breaks or whitespace.


Checksums<ref>{{Cite web |title=What is a Checksum? {{!}} A Definition from TechTarget.com |url=https://www.techtarget.com/searchsecurity/definition/checksum |access-date=2023-07-13 |website=Security |language=en}}</ref> for the string (68 bytes, no trailing newline) are as follows:
[[Checksums]] for the string (68 bytes, no trailing newline) are as follows:


{| class="wikitable"
{| class="wikitable"

Latest revision as of 00:44, 19 August 2024

The GTUBE ("Generic Test for Unsolicited Bulk Email") is a 68-byte test string used to test anti-spam systems, in particular those based on SpamAssassin.[1] In SpamAssassin, it carries an anti-spam score of 1000 by default, which would be sufficient to trigger any installation.

The contents of the string are as follows:

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

and should be placed in the message body of an RFC 5322 compliant email message, without any line breaks or whitespace.

Checksums for the string (68 bytes, no trailing newline) are as follows:

Hash type Value
CRC32 dfdf8070
MD5 6a684e1cdca03e6a436d182dd4069183
SHA1 c13086867f444d503829044f504826177e3eb438
SHA224 1c23f40d1c94c2337176d7baa3e1d820adf6bd329f84d702f9f4f8e1
SHA256 4418994365912e23b756ec7f14960f1a89230e44e6acb74de055db7c092f8b9c
SHA384 7c717360788affa4fa3ff6681456d2f9153311ae4d712fdce28f2d7ba5c98f13c8e3b409ea710e1f75c9fd11a73cdc6e
SHA512 981e015cb8ade405d59ec9bb723a2e6b876fb40f597b368d7095f6734e64fe09f54cac93a3eb892967fd91f1890982ad1f158c2ae4725af65dab293b6deac9c8

There exist some varieties, notably the NAItube (which will carry a variable weight)[2] and the GTphish (which will trigger specifically as a phishing mail),[3] which are used in the McAfee implementation of SpamAssassin.

References

[edit]
  1. ^ "SpamAssassin: The GTUBE". spamassassin.apache.org. Retrieved 2023-07-13.
  2. ^ "How to generate test messages for Email Gateway anti-spam testing". McAfee. 2019-12-16. Archived from the original on 2020-11-01.
  3. ^ "McAfee Support Community - What is Threat Type: Test". McAfee. 2013-06-07.

Bibliography

[edit]