On 2025-02-17 at 09:43:37 UTC-0500 (Mon, 17 Feb 2025 15:43:37 +0100)
Michel Arboi <mic...@arboi.fr>
is rumored to have said:
I received a phishing e-mail that contained this URL:
http://z0kr.com%2F%40@%E2%80%8Bz0kr.imonation.fr%E2%80%8B
%E2%80%8B = ZERO-WIDTH SPACE
Spamcop chokes on it and cannot decode the URL correctly.
I cannot imagine a innocuous use of this character in a URL. There are
probably many other dangerous Unicode characters.
Well, it can be triggered by bugs but even here it is toxic:
https://stackoverflow.com/questions/63187010/e2808b-appears-in-url-net-core
In what way is this relevant to the development of Apache SpamAssassin?
Note that SA does NOT have any problem checking mail including that URL.
We have no connection to Spamcop other than supporting submission of
samples to them, as well as to other services. Spamcop bugs are not in
our scope.
PS: is this the right place to submit spam samples?
Not generally. This list is for issues related specifically to the
development of Apache SpamAssassin, not general discussion of all things
related to spam.
The ASF SpamAssassin Project does not operate any facility for
submitting spam samples. If you wish to discuss techniques for handling
specific sorts of spam with the SpamAssassin community, the best place
for that it the SpamAssassin Users list: us...@spamassassin.apache.org.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo@toad.social and many *@billmail.scconsult.com
addresses)
Not Currently Available For Hire
