On 4/28/2017 4:56 AM, Matus UHLAR - fantomas wrote:
On 22.04.17 00:37, Benny Pedersen wrote:
https://www.xudongz.com/blog/2017/idn-phishing/
should we care in spammassassin ?
yes.
i ask since its solved in chrome, but its entirely a bad nic tld
handling on that isssue
if idn decode gives 7bit domain hostname, its a fake domain
agreed.
Do you feel this is covered in bug
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7072
Can you document out an example of something bad?
I'm wondering if we need a rule type for URI's in punycode that can be
tested specifically.
Regards,
KAM
--
Kevin A. McGrail
Asst. Treasurer, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
