>...
>From: "Loren Wilton" <[EMAIL PROTECTED]>
>To: <users@spamassassin.apache.org>
>References: <[EMAIL PROTECTED]>
>Subject: Re: Is there such a test?
>Date: Tue, 15 Mar 2005 15:39:32 -0800
>...
>> I have just received spam from <Esmeralda Bouchard> [EMAIL PROTECTED]
>> Is there a test which identifies that the description (Esmeralada
>> Bouchard) bears no resemblance to the given sender's address?
>
>No. Because there is no possibly way of knowing that [EMAIL PROTECTED] really
>isn't "Johnny P. Spammer".
>
>> Similarly I sometimes receive spam mail to my email address but with a
>> completely unrecognisable description.
>
>This one can be done on an individual basis, sometimes. It relies on you
>having a standard format for the stuff in quotes. You have to allow for
>friends that will put the stuff in quotes in a somewhat different form. But
>it can't be done (at this time, at least) as a standard test.
>
> Loren
>
Unfortunately even the "quotes", while typical, are optional; I have
lots of examples of both ham and spam without the quotes. The rule is that
everything from the ':' up to the '<' is the description (and nearly anything
is "legal"). To show examples, here is an example from RFC2821 appendix D.3
"
D.3 Relayed Mail Scenario
...
C: Date: Thu, 21 May 1998 05:33:29 -0700
C: From: John Q. Public <[EMAIL PROTECTED]>
C: Subject: The Next Meeting of the Board
C: To: [EMAIL PROTECTED]
..."
Which shows that even the '<' and '>' are optional in headers, though
other sections make clear that they are required in commands.
Though I do believe there is a limit on total line length that
must be allowed, there must be at least some MTAs with bugs regarding this
since a sometimes see both viruses and spam which uses > 300 character
strings for names of both accounts and hosts.
... Ah, found it - RFC2821 section 4.5.3.1
"...
local-part
The maximum total length of a user name or other local-part is 64
characters.
domain
The maximum total length of a domain name or number is 255
characters.
path
The maximum total length of a reverse-path or forward-path is 256
characters (including the punctuation and element separators).
command line
The maximum total length of a command line including the command
word and the <CRLF> is 512 characters. SMTP extensions may be
used to increase this limit.
reply line
The maximum total length of a reply line including the reply code
and the <CRLF> is 512 characters. More information may be
conveyed through multiple-line replies.
text line
The maximum total length of a text line including the <CRLF> is
1000 characters (not counting the leading dot duplicated for
transparency). This number may be increased by the use of SMTP
Service Extensions.
... (even more length limits)"
Paul Shupak
[EMAIL PROTECTED]
