On 31/12/14 12:22, Martin Gregorie wrote:
During last night I received a phishing message with a new (to me anyway) form of obfuscation which can only be used inside HTML body text using us-ascii encoding. The obfuscation was apparently aimed at SA and similar scanners because its not obvious to anybody reading the message: every 'o' (0x6f) in the text is replaced by ο
I believe the following thread might answer some questions and offer a few options. http://spamassassin.1065346.n5.nabble.com/More-text-plain-questions-td110060.html I believe the upcoming release should have the following new functionality to help with this? https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7068 and https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7063 -- Paul Stead Systems Engineer Zen Internet
