Hello, Please note that most of the mailsploit fixes will help for the new messages only. For the messages that are already received, there are already invalid data stored in the message base index files. However, you would be able to update it by re-building index information for theese messages, e.g., by moving them to another folder.
The header line decoder in The Bat! was not context aware. It did decode instances of the RFC-2047 "encoded-word" regardless of the context. However, section 5 of this RFC states that an "encoded-word" may only be processed (decoded) in certain context, and according to certain specific rules. Moreover, section 5 of the RFC explicitly specifies that an "encoded-word" MUST NOT appear in any portion of an 'addr-spec' (i.e. an email address). We have reworked lots of code in The Bat! to make the header decoder context-aware. Besides making the header line decoder context aware, we have also made the following checks in the display name part of an address: if it contains an "@" character or any control character (with code less than code of a space character), then such a name part is discarded. -- Best regards, Maxim Masiutin Director Ritlabs, SRL www.ritlabs.com ________________________________________________________ Current beta is 8.0.18.1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
