You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by ha...@t-online.de on 2007/10/09 20:44:16 UTC
Re: the IT job boarrd spam?
>>
>> On Tue, 9 Oct 2007, Loren Wilton wrote:
>>
>> > Base-64 encoding of HTML strikes me as a little odd. I wonder if
>> > it would make a good spam sign.
>>
>> Very likely. The only reason to do that is to shield the HTML from
>> pattern matching filters that don't decode text body parts first.
>>
>> Of course, it might not be widely used...
>>
You would see it more often in countries like germany or france, where letters sometimes
wear hats :)
I am definitely no fan of than stuff, and also tend to consider it as a possible spam sign.
But, in favor of the practice: if someone ever had to create a script to encode text,
because of very few non-Ascii characters causing problems - why should they scan the
message first whether it actually needs encoding, and not send it through the encoder
straight away.
And, of course, with the exception of eastern Europe and Asia, quoted printable seems to be
a more appropriate choice than base64
Wolfgang Hamann
Re: the IT job boarrd spam?
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
> John D. Hardin wrote:
>
> > Encoding the entire HTML body in base-64 is terribly
> > wasteful given how much it will expand the size of the content.
On 10.10.07 09:41, Per Jessen wrote:
> I agree, but being wasteful is not a distinctive sign of spam :-(
no, but it scores, which is what SA does :)
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
2B|!2B, that's a question!
Re: the IT job boarrd spam?
Posted by Per Jessen <pe...@computer.org>.
John D. Hardin wrote:
> Encoding the entire HTML body in base-64 is terribly
> wasteful given how much it will expand the size of the content.
I agree, but being wasteful is not a distinctive sign of spam :-(
/Per Jessen, Zürich
Re: the IT job boarrd spam?
Posted by Loren Wilton <lw...@earthlink.net>.
> I thought about that, but encoding the *entire* HTML body in base64 is
> not a reasonable way to deal with that; you should just encode the
> individual accented characters properly using standard HTML encoding
> methods. Encoding the entire HTML body in base-64 is terribly
> wasteful given how much it will expand the size of the content.
And besides, in 8-bit transport, a large number of the european characters
are in the standard iso-latin-1 character set, so are directly available.
Heck, I'm on a ton of Russian spam lists (how I got there I have no idea, I
don't speak Russian or deal with Russian companies) and all that Cyrillic is
encoded as hex escapes in standard HTML.
Loren
Re: the IT job boarrd spam?
Posted by "John D. Hardin" <jh...@impsec.org>.
On 9 Oct 2007 hamann.w@t-online.de wrote:
> >> On Tue, 9 Oct 2007, Loren Wilton wrote:
> >>
> >> > Base-64 encoding of HTML strikes me as a little odd. I wonder if
> >> > it would make a good spam sign.
> >>
> >> Very likely. The only reason to do that is to shield the HTML from
> >> pattern matching filters that don't decode text body parts first.
> >>
> >> Of course, it might not be widely used...
>
> You would see it more often in countries like germany or france,
> where letters sometimes wear hats :)
I thought about that, but encoding the *entire* HTML body in base64 is
not a reasonable way to deal with that; you should just encode the
individual accented characters properly using standard HTML encoding
methods. Encoding the entire HTML body in base-64 is terribly
wasteful given how much it will expand the size of the content.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
An AR-15 in civilian hands used to defend a home or business:
a High Velocity Assault Weapon with High Capacity Magazine
An AR-15 in Law Enforcement Officer hands used to murder six kids:
a Police-Style rifle
-----------------------------------------------------------------------
229 days until the Mars Phoenix lander arrives at Mars