Dallman Ross wrote:
Second of all, why do you *want* to decode base64? Do you get
some legit mail that is base-64 encoded? (Why not whitelist it
and trash the rest?)
I brought up a related issue little while ago (actually
a reason that you might want to do something like this)
that got little response. Note that I am dealing with it
so far with whitelisting but I hate to whitelist.
Here it is again:
Re: Microsoft Exchange base64 encoding testand html messages?
In the last month I have been getting a lot of false positives
from my rule that tags base64 encoded text or html as spam.
It seems to be that the latest(?) Exchange server implementations
or upgrades are default (mis)configured to to do this. Here is
an example from the headers of a recent message:
X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0
Can anyone corroborate this? And more to the point do you
think there is any hope of getting, potentially technically
challenged, MS exchange admins (or MS themselves) to realize
this is a problem and fix it? I know of no good/legit reason
why text or html should be base64 encoded.
Without this rule I open up my system to any spam that is
encoded for obfuscation purposes unless I hack in decoding
before procmail filtering. A hassle but I suppose it may
be getting to the point that email has to be decoded and
partly html rendered before scanning due to all the
obfuscation tricks that spammers are trying.
Daryle A. Tilroe
procmail mailing list