Scott A Crosby writes: >> SpamAssassin should be just about here for most REs -- at least the ones >> that operate in "body" tests, due to splitting lines at an arbitrary limit >> of 2048 chars (that's MAX_BODY_LINE_LENGTH). > >*hmm* Could this be a way to get around content-filtering? Put a noisy >body at the beginning, say, within an HTML comment or as nonsense >within a HTML tag. Say, something like: > <A HREF="foobar" BLAH="BIG_LONG_STRING">?
no -- that should just get split into 2 lines. >Also, forcing the victim to burn a second for every 2kb is still >interesting. There's nothing that keeps the attacker from repeating >this sort of thing every paragraph, so a 60kb email takes >30 seconds. yeah, that's true. I think though, that if 1 hand-crafted message takes 30 seconds, that's still acceptable. At the point where it's over about a minute of CPU time chewed up per message, that may be a problem though. Hmm, hard to pick a good limit for this ;) --j. ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
