On Wed, 12 Oct 2011, Christian Grunfeld wrote:
> > SA is a scoring filter, not a modifcation filter. Changing SA to rewrite
> > message bodies is, I think most if all will agree, beyond the scope of what
> > SA is intended to do, and beyond the scope of what it _should_ do.
>
> it does modify headers, subjects....why not bodies ?
Modifying headers -might- mess up DKIM, gpg, etc sigs (depending upon
how they were done). Modifying bodies -will- mess up sigs.
Mucking up a header might render it useless but will leave the message
mostly readable, messing up the body may well render the message
useless.
> > Certainly SA should detect and score such obfuscation, if the FP rate can be
> > kept low. But controlling what the end user sees in the body of the mail is
> > properly the MUA's job.
>
> No, MUAs interprets and shows html like browsers does and does not
> modify it. Detect such obfuscation can be as diffucult as to try SA to
> decode a capcha ! Humans can do better that task !
Umm, you've never seen Thunderbird warnings such as:
"To protect your privacy Thunderbird has blocked remote content in this
message"
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
