AF> On Thu, Jun 19, 2003 at 01:54:26PM +1000, Robin Whittle AF> wrote: >> Thanks for this Abigail: >> >> > I have yet to see a >> > *valid* email that is Base-64 encoded. >>
AF> Lucky you. I see quite a few. The crappy e-mail client "Incredimail" AF> that is unfortunately quite popular likes to do this. Thanks for pointing that out, Alain -- I guess it depends in part on the way SA email is handled. I do review the email that is tagged by SA because of the encoding, and in fact have used a post-SA procmail script to note the Base-64 issue -- generally it is apparent from the sender/subject information that the email is spam. So, for example, a log entry might look like this: >Base64 Encoding From [EMAIL PROTECTED] Wed Jun 18 22:13:21 2003 >Subject: Re: F r e e_Vacation & F r e e_Airfare rqlsew (I also have yet to see a legitimate mailer attach a random series of letters to the end of the subject line, such as the rqlsew sequence above, though I don't think there's a SA routine that can spot that, at least not yet) But the point is that I do double check, and I'm willing to live with a few false positives given the high preponderance of offensive content in the Base64 stuff. (The above example is unusual -- all of the other stuff in today's log file seems to be from emails with *.ru or *.tw extensions and suggestive subjects). I'd rather fish a false positive out of the spam folder than have to deal with the porn that would get through if I didn't tag it & pull it. Probably people should just recognize that Base64 encoding tends to be a spammer's trick, and experiment around with changing settings and score until the optimum mechanism for screening is reached. Those who have figured out the art of Bayes training may find it best to simply mark the false negs as spam & let the computer figure out the best algorithms. -Abigail ------------------------------------------------------- This SF.Net email is sponsored by: INetU Attention Web Developers & Consultants: Become An INetU Hosting Partner. Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
