base64 spam / forcing bogofilter -p judgement
Matthias Andree
matthias.andree at gmx.de
Fri Nov 8 22:14:26 CET 2002
Nick Simicich <njs at scifi.squawk.com> writes:
> RFC2049 seems to give situations where MTAs should feel free to alter
> the encoding of a message body to an encoding that is seven bit safe.
> Sendmail has done this for quite a while, in both directions, and I
> believe that Postfix has just completed installing RFC2049
> translations.
Yes, Postfix has recently got full RFC-1652 support and will
quoted-printable encode 8bit data for non-8BITMIME destinations on the
fly.
> I have perl code that will do the base64-8 bit translation.
Fine.
> There is also a utility called reformime with maildrop. It also
> extracts quoted printable and base64, as well as doing a good job of
> analyzing (and, in some cases, regularizing) mime structure. I have
> gotten some mime that would beat my lame attempts to change its
> structure - putting a single quote in the separator killed my attempt to
> rewrite the header with the separator from a script because it broke the
> command line. reformime -r
> put the mime into a "regular" format, and even replaced all the
> separators with separators that didn't have special characters - so that
> I could rewrite the headers and change the type.
That is a problem, some boundaries were found to be indicative of spam,
and eliminating the boundaries removes some "traces".
> It may well be that mimedecode is a better tool for this particular
> job.
Neither of (mimedecode-1.9, mimedecode 2.0.0, reformime) is optimal.
(Please, erase the irrelevant quoted parts for the benefit of all
subscribers, mailing list operators and list lurkers. Thank you.)
--
Matthias Andree
More information about the Bogofilter
mailing list