Re: 1.72 SUBJECT_ENCODED_TWICE Subject: MIME encoded twice

[mouss <us...@free.fr>]

Kai Schaetzl wrote:
> I just saw that a normal Ebay outbid notice hit two high-score rules. One 
> is from sare-spoof and I already contacted the maintainer. But one is in 
> the default 3.1.1 ruleset and I think this rule should get completely 
> removed or get a score of 0. It's
> 
> 1.72 SUBJECT_ENCODED_TWICE Subject: MIME encoded twice
> 
> From grepping the rules it does what it says: it checks if there are two 
> B/Q encoding identifiers in the subject. Why is this scoring with 1.72 or 
> at all? This is absolutely valid Q/B encoding and actually *required* by 
> RFC if your subject line is longer than 80 (or was it 72?) characters 
> (minus the encoding, so it's actually more like a 60 raw character limit).
> This rule will hit on *lots* of non-ASCII mail and on almost all mail 
> coming from Ebay Germany.
> 
> There are also the rules SUBJECT_EXCESS_QP and SUBJECT_EXCESS_BASE64 which 
> are "similar". QP scores 0 and BASE64 scores 0.449. This is much more 
> reasonable.
> 

same here (multiple FPs). I disabled these rules.
many popular MSPs here in .fr use software that trigger these. The days 
I feel angry and bad, I can block caramail, but I can never block 
laposte.net and wanadoo...

For similar reasons, I had to disable (after lowering the score 
incrementally) some *bl lists. for now, these are sorbs, rfci, 
bad_whois, spamcops. the list seems growing:)