Why should a uft-8 base64 coded Mail should contain less spam?
When user get compromised we look into Spammails that was sent.
many of that mails was UTF-8 base64 coded and some mail with us-ascii
Guess with mail got through spamassassin?
RIGHT. base64 coded male with charset utf-8. Containing the same content....
I can understand the point of this rule, but IMO this rule has Bug and should
be redesigned
On 11/16/21 12:15 PM, Martin Gregorie wrote:
On Tue, 2021-11-16 at 11:32 +0100, Philipp Ewald wrote:
This is correct. But why is us-ascii requeired for this rule? Are
spammer only in US?
No, its because the base character set for e-mail bodies is USASCII.
Base64 encoding is a way of making sure that attachments using other
charsets (UTF8, and those using 16 bit encoding) will look just like
USASCII attachments to mail-handling programs, etc and not cause those
programs to have reject the mail message. As far as I know it has no
other common, legitimate use, but it does have the side effect of making
anything thats base 64-encoded unreadable.
So, you can see that the ONLY effect of using base64 encoding on an
attachment containing usascii text is to make it unreadable. This is why
spammers use it: they've worked out that SA will spot and score
malicious URLs, shortners, etc. So, some spammers think that using
base64 encoding will hide those bad URLs from SA, which is quite true.
However their tiny minds don't see that using base64 encoding on a
usascii attachment is a fairly reliable spam indicator all by itself.
Martin
--
Philipp Ewald
Administrator
DigiOnline GmbH, Probsteigasse 15 - 19, 50670 Köln
Fax: +49 221 6500-690, E-Mail: philipp.ew...@digionline.de
AG Köln HRB 27711, St.-Nr. 5215 5811 0640
Geschäftsführer: Werner Grafenhain
Informationen zum Datenschutz: www.digionline.de/ds
