And users wonder why spam is so hard to catch...

[Kris Deugau <kd...@vianet.ca>]

... when clueless nominally legitimate senders commit the same idiotic 
failures...

I'm dissecting a false positive on a message from Quora, brought on 
largely by local rules targeting abuse of non-ASCII lookalike characters.

In the process of chasing down what idiocy triggered these rules, I find 
this:

Oct  4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got 
hit: "private texts tо my husband’."
Oct  4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got 
hit: "tter quit her jоb wоrking fоr"
Oct  4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got 
hit: "uple after discоvering that the"
Oct  4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got 
hit: "were talking abоut her behind h"
Oct  4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got 
hit: "private texts tо my husband’."
Oct  4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got 
hit: "tter quit her jоb wоrking fоr"
Oct  4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got 
hit: "uple after discоvering that the"
Oct  4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got 
hit: "were talking abоut her behind h"


Note the non-ASCII looklike "o", either \xd0\xbe or \xce\xbf (don't 
really care which;  as far as I'm concerned neither is at all acceptable 
in those text fragments).

Depending on the font the displayed text in the original email doesn't 
even look all that different - but it clearly took some specific effort 
to cause this to happen.

*sigh*

Does anyone have a contact at Quora to prod with a cluebat?

-kgd