GTUBE

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

The GTUBE ("Generic Test for Unsolicited Bulk Email") is a 68-byte test string used to test anti-spam systems, in particular those based on SpamAssassin. In SpamAssassin, it carries an antispam score of 1000 by default, which would be sufficient to trigger any installation.

Contents[edit]

The contents of the string are as follows:

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

and should be placed in the message body of an RFC 5322 compliant email message, without any linebreaks or whitespaces.

Checksums for the string (68 bytes, no trailing newline) are as follows:

Hash type Value
CRC32 dfdf8070
MD5 6a684e1cdca03e6a436d182dd4069183
SHA1 c13086867f444d503829044f504826177e3eb438
SHA224 1c23f40d1c94c2337176d7baa3e1d820adf6bd329f84d702f9f4f8e1
SHA256 4418994365912e23b756ec7f14960f1a89230e44e6acb74de055db7c092f8b9c
SHA384 7c717360788affa4fa3ff6681456d2f9153311ae4d712fdce28f2d7ba5c98f13c8e3b409ea710e1f75c9fd11a73cdc6e
SHA512 981e015cb8ade405d59ec9bb723a2e6b876fb40f597b368d7095f6734e64fe09f54cac93a3eb892967fd91f1890982ad1f158c2ae4725af65dab293b6deac9c8

There exist some varieties, notably the NAItube (which will carry a variable weight)[1] and the GTphish (which will trigger specifically as a phishing mail),[2] which are used in the McAfee implementation of SpamAssassin.

The GTUBE is expected to be detected as a substring and is not executable at all, unlike the test for computer viruses developed by EICAR (known as the EICAR test file).

References[edit]

  1. ^ "How to generate test messages for Email Gateway anti-spam testing". McAfee. 2019-12-16.
  2. ^ "McAfee Support Community - What is Threat Type: Test". McAfee. 2013-06-07.

Bibliography[edit]