Thanks for this Abigail: > I would simply recommend that you raise the score in the > local.cf file for the SA test BASE64_ENC_TEXT to near or > above your minimum spam threshhold. I have yet to see a > *valid* email that is Base-64 encoded.
Indeed. From now on such messages have a one-way ticket to the spam pit: score BASE64-ENC-TEXT 100.0 The default scoring at http://spamassassin.org/tests.html strikes me as rather low, unless there really are legitimate messages being sent with base-64 encoding: TEST NAME DEFAULT SCORES (local, net, with bayes, with bayes+net) BASE64_ENC_TEXT 2.354 1.643 1.544 1.768 Its my impression that for these two reasons: 1 - SpamAssassin and maybe other filtering systems don't read the decoded contents of base-64 encoded material. 2 - SpamAssassin scores this encoding only moderately positively. that the current default enables spammers to drive straight through SpamAssassin's default configuration. While this may be just an occasional practice at present, as more spammers read this list and as SpamAssassin becomes more widely used, it is reasonable to expect that as long as the default BASE64_ENC_TEXT score remains this low, that more and more spammers will exploit this hole in the otherwise *excellent* protection SpamAssassin provides. Does anyone know of a single non-spam message which is sent this way? What software, other than that of spammers, would generate such messages? If these two questions draw a blank, then perhaps the score for this test should be raised to a very high figure. Unless someone provides evidence to the contrary, I will regard the use of base-64 encoding for text or HTML as a 100% sure indicator that the message is spam. I have updated my page: http://www.firstpr.com.au/web-mail/Postfix-SA-Anomy-Maildrop/ to reflect this new scoring. - Robin ------------------------------------------------------- This SF.Net email is sponsored by: INetU Attention Web Developers & Consultants: Become An INetU Hosting Partner. Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
