You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by Justin Mason <jm...@jmason.org> on 2004/07/22 18:58:23 UTC
Re: SA 2.63 -> 3.0 causes degraded rule efficiency.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Loren Wilton writes:
> I believe that is correct, yes. And that's as far as we go in 3.0
> (if I replace the = with =3D):
>
> http://penistone=2eopoloveok=2ecom/3/
>
> This bothers me. As best I recall reading the discussions, it turned out
> that a number of clients would recursively resolve qp until it couldn't be
> done anymore, then use the result. Perhaps though I'm misremembering and it
> was only browsers that would do this and not MUAs.
You could be misremembering, and thinking of browsers decoding %-escapes.
We did find that redirectors often would in turn decode %-escapes, so
spammers were using URLs like this:
http://redir1.com/r?url=http://redir2.com/r?url=http://target.biz
where 'http://target.biz' had been %-encoded, then
'http://redir2.com/r?url=[encoded]' was in turn encoded, resulting in the
'http://target.biz' part being *double*-encoded.
if I recall correctly double QP-encoding wasn't an issue though.
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFA//IvQTcbUG5Y7woRAmrRAJ9ByU2f2zrZ7W6BfoxUx6P0edw90wCePbLh
97/K6v2b2u6q8mk1LdBuaDQ=
=+y6X
-----END PGP SIGNATURE-----