On 11/28, jdow wrote: > >>>Which browser(s) treat addresses of the form > >>>178.000235.0000150.000372 as actual addresses? That seems like a
If you have multiple emails with this pattern that spamassassin is not catching, please provide them via something like pastebin. We can create rules to match it, and see if it correlates well to spam. Otherwise, I'm not sure how relevant this subject is to this list. > The implication is that it's yet another way to obfuscate addresses. It > is NOT legal in a URL regardless of its legality in C. Any browser that > reads that URL is broken. Which one(s) accept it? They probably have a > gaping vulnerability the URL in question takes advantage of. The solution to that problem, if it is a problem, is to submit bug reports to the web browser maintainers. Discussing whether or not it is a problem, on this list, is probably of limited use. It may be more useful to discuss it on http://irtf.org/mailman/listinfo/asrg I can confirm that chromium converts octets starting with 0 to octal. It's less obvious what firefox does with it. https://bugzilla.mozilla.org/ http://code.google.com/p/chromium/issues/entry https://bugs.opera.com/wizard/ http://developer.apple.com/bugreporter/ -- "Life is either a daring adventure or it is nothing at all." - Helen Keller http://www.ChaosReigns.com
