dman wrote: > On Tue, May 28, 2002 at 09:53:14AM +0100, Matt Sergeant wrote: > | dman wrote: > | >What is the charset GB2312? Is it a windows thing? Trying to > display > | >this spam message just gives me an odd sequence of high-order latin1 > | >chars. > | > | It's an encoding for Chinese characters. > > Ok, it's now being rejected as well. > > | >Also, what is =?UNKNOWN?Q? in a header (eg Subject:)? I know it's > | >supposed to give the charset used in the header, but UNKNOWN? You > | >don't know what charset you used!? Come on. > | > | There are lots of broken mailers out there, sadly. > > I've seen that a few times, but the only message I currently have like > that is the spam message. It doesn't indicate which mailer sent it. > It does have some interesting headers, though : > > From: ************@[202.101.10.130] > Sender: EmailSender@[202.101.10.130] > Reply-to: [EMAIL PROTECTED] > > | >Both of these (found in the same message just now) seem like good > | >reasons to junk the message. > | > > | >I just discovered an error in the SUBJ_ALL_CAPS rule, I think. If > | >the subject is encoded in a dfferent charset than US-ASCII it could > | >have "all caps" but really be other characters. When that rule is > | >evaluated, is it evaluated on the raw header or the decoded version? > | > | Unfortunately it's done on the raw headers at the moment. Hopefully > with > | the port to MIME::tools (or my custom mail parser) that will change, > but > | I don't think MIME::tools supports that many character sets - just the > > | ISO-8859 ones (the one I wrote supports anything that iconv supports > on > | your system). > > I think we need both raw and decoded header tests. Checking for > things like the UNKNOWN charset could be useful. Do you know of a > legitimate mailer that inserts that code?
I think pine or some other text based mailers might when they encounter stuff they don't recognise (like 8 bit chars when the terminal is set for ASCII). I agree you need both. That's easy enough to do with my mail class (it's a one line change). Does anyone know if encoded headers in MIME sub-parts are legitimate? I seem to recall reading they're only valid in the main headers section, but I can't seem to find that now, and I suspect that mail clients will probable decompose encoded headers in mime sub-parts anyway. Still, the code is there if someone wants to play with it. Matt. _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
