https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8272
Joe Wein <joew...@surbl.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |---
--- Comment #16 from Joe Wein <joew...@surbl.org> ---
We are still seeing the problem with the latest batch of emails from this gang.
The emails have text/html sections using charset=UTF-8 but then a "META
content" HTML tag also declares it to use charset=GB2312 which is the
"Simplified Chinese" character set.
Example:
====
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<html>=0A<head>=0A <META content=3D"text/html; charset=3DGB2312" http-eq=
uiv=3DContent-Type>=0A <STYLE>body{margin-top:5px; margin-right:2px ; ma=
====
Link that mismatches against a URI BL:
====
3px"=0A href=3D'https://yahoo.co.jp=E2=88=
=956ybzql46h8z9pwl4n=E2=88=956ybzql46h8z9pwl4n=E2=88=95odcsdggjfjjg@odcsdgg=
jfjjg.=F0=9D=96=99=F0=9D=96=90=F0=9D=96=98=F0=9D=96=8D=F0=9D=96=94=
=F0=9D=96=95=F0=9D=96=9B=F0=9D=96=9B=F0=9D=96=8C.%F0%9D%92%B8%F0%9D%91%9C%F=
0%9D%93%82/gongyi?token=3D66xdBOq2ifwAfOfq_lANfwTnpWi4ooiqhpQjPLfKuMm63twSa=
Gsb3HFcOcOaM-5cG_CX_HZQ2EPEPQGkm29ZtXSpThdlX21K3gBYaflXAdeg'=0A =
====
As you can see, some characters are quoted-printable encoded 8-bit values for
the UTF8 while others are HTML-encoded but either should convert from UTF-8 to
plain ASCII after the decoy Basic authentication "yahoo.co.jp=(...)fjjg@" is
stripped off.
The SA score header makes no mention of URI matches even though the basic
domain "tkshopvvg[.]com" (from the URI after UTF-8 to ASCII conversion) is
listed.
--
You are receiving this mail because:
You are the assignee for the bug.
