On Mon, 12 Jan 2004, Larry Starr wrote:
Just noticed a message with an encoded URL, that misses, the BIZ_TLD rule,
etc.
The message body contains:
a href=3dhttp://gf=2eclearmath=2ebiz/jsimp/index=2ehtml;font
face=3darialscored /fontthis way=2e
brimg
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David B Funk writes:
On Mon, 12 Jan 2004, Larry Starr wrote:
Just noticed a message with an encoded URL, that misses, the BIZ_TLD rule,
etc.
The message body contains:
a href=3dhttp://gf=2eclearmath=2ebiz/jsimp/index=2ehtml;font
On Tue, 13 Jan 2004, Justin Mason wrote:
David B Funk writes:
I can see two different ways to handle this, either make SA more
flexible and decode the bastardized QP so normal rules will hit
or write a rule that hits such bastardized QP coding as a spam-tool
signature.
Are you sure about