On 6/1/2017 7:31 PM, John Hardin wrote:
Interesting. I wonder how that affects RFC-2822 (et. al.) headers, and
specifically, the X-Spam-* headers that SA emits?
RFC 6648 is a best practice and "deprecates the convention for newly
defined parameters with textual (as opposed to numerical) names
Ignore them. Focus on RFC compliant headers and reject anything that fails.
Sent from ProtonMail Mobile
On Thu, Jun 1, 2017 at 12:14 AM, Loren Wilton wrote: I
see I have received several new spam messages today from what looks (to
me) like a new tool. Admittedly these three were all caught as s
On Thu, 1 Jun 2017, A. Schulze wrote:
John Hardin:
any header that begins with "X-" is permitted.
permitted - yes
but I'm aware may user assisiate X- header still as private header.
This is no longer true since 2012: https://tools.ietf.org/html/rfc6648
just to mention that...
Andreas
In
On Thu, 1 Jun 2017, Loren Wilton wrote:
Hopeless-Forming-Philistinizes: jobs
Lossy-Cabdriver: 2368db81dcf1
Alba-Leanness-Elections: 38376DB11A
Merrimac-Grams-Participating: B354488539E
Giving-Remarkably-Incriminate: drawl
Dustin-Ransoming: 18
Person-Decathlon-Arnold: dfcfce7ba985
Majori
Nice to see you're around Loren.
Been a looong time since we did stuff like
headerSARE_MSGID_RATWARE2 MESSAGEID =~
/\<\d{10,15}\.\d{18,40}\@[a-z]+\>/ # no /i!
describe SARE_MSGID_RATWARE2 Message-Id is
score SARE_MSGID_RATWARE2 0.639
#hist SARE_MSGI
On 1 Jun 2017, at 8:28, Loren Wilton wrote:
If he is intending to hide tracking info in the headers, it seems
pointless unless he is also writing an MTA of some sort that will see
the headers. But maybe he didn't think that far, and it was his intent
to hide tracking info. Still, it seems a li
If I were to guess, adding such headers is done to confuse tools that
compute hashes based on headers or use bayes filtering on the entire
mail, since it adds innocent words to the mail without showing them
to most end-users.
It doesn't confuse either Bayes or any hash I'm aware of.
Just as a
On Thu, 1 Jun 2017 01:59:44 +0200 (CEST)
Kim Roar Foldøy Hauge wrote:
> If I were to guess, adding such headers is done to confuse tools that
> compute hashes based on headers or use bayes filtering on the entire
> mail, since it adds innocent words to the mail without showing them
> to most end-
John Hardin:
any header that begins with "X-" is permitted.
permitted - yes
but I'm aware may user assisiate X- header still as private header.
This is no longer true since 2012: https://tools.ietf.org/html/rfc6648
just to mention that...
Andreas
Hopeless-Forming-Philistinizes: jobs
Lossy-Cabdriver: 2368db81dcf1
Alba-Leanness-Elections: 38376DB11A
Merrimac-Grams-Participating: B354488539E
Giving-Remarkably-Incriminate: drawl
Dustin-Ransoming: 18
Person-Decathlon-Arnold: dfcfce7ba985
Majority-Gambles: 4f856
Buttock-Milky-Dogged: 8E626A
Kim Roar Foldøy Hauge skrev den 2017-06-01 01:59:
If I were to guess, adding such headers is done to confuse tools that
compute hashes based on headers or use bayes filtering on the entire
mail, since it adds innocent words to the mail without showing them to
most end-users.
bayes plugin:
#
On 2017-05-31 16:59, Kim Roar Foldøy Hauge wrote:
On Wed, 31 May 2017, John Hardin wrote:
On Thu, 1 Jun 2017, Benny Pedersen wrote:
John Hardin skrev den 2017-06-01 00:29:
> That sort of thing has happened before, and there are rules to *try*
> to catch nonsense headers in my sandbox,
On Wed, 31 May 2017, John Hardin wrote:
On Thu, 1 Jun 2017, Benny Pedersen wrote:
John Hardin skrev den 2017-06-01 00:29:
> That sort of thing has happened before, and there are rules to *try*
> to catch nonsense headers in my sandbox, but IIRC they never worked
> well enough in massch
On Thu, 1 Jun 2017, Benny Pedersen wrote:
John Hardin skrev den 2017-06-01 00:29:
That sort of thing has happened before, and there are rules to *try*
to catch nonsense headers in my sandbox, but IIRC they never worked
well enough in masscheck to actually get published.
would it be possib
John Hardin skrev den 2017-06-01 00:29:
That sort of thing has happened before, and there are rules to *try*
to catch nonsense headers in my sandbox, but IIRC they never worked
well enough in masscheck to actually get published.
would it be possible to make list of non nonsense headers, and co
On Wed, 31 May 2017, Loren Wilton wrote:
I see I have received several new spam messages today from what looks (to me)
like a new tool. Admittedly these three were all caught as spam, but some of
them were close and went over the edge on some local rules I have. The new
tool is putting absolut
I see I have received several new spam messages today from what looks (to
me) like a new tool. Admittedly these three were all caught as spam, but
some of them were close and went over the edge on some local rules I have.
The new tool is putting absolutely absurd random headers in the spam
mess
17 matches
Mail list logo
