LuKreme <kremels(_at_)kreme(_dot_)com> queried:
On Monday, Jan 20, 2003, [. . .] dman(_at_)nomotek(_dot_)com wrote:
:0: # 021109 () base-64-encoded html head is shrouding more than
charset
* ^Content-Type:(.*\<)?text/(html|plain)
* ^Content-Transfer-Encoding:(.*\<)?base64
Content-Transfer-Encoding appears in the headers?
Certainly. Take a look at any representative spam collection.
Here is some simple visual corroboration. The folder .myspam contains
the most recent 100 spam message I've received.
6:28pm [~/Mail/.myspam] 408[0]> ls -fA | wc -l
100
6:28pm [~/Mail/.myspam] 409[0]> foreach f ( * )
foreach? sed -n '1,/^$/{ /^Content-Transfer-Encoding/p; }' $f >> CTE
foreach? end
6:29pm [~/Mail/.myspam] 410[0]> wc -l CTE
41 CTE
6:29pm [~/Mail/.myspam] 411[0]> grep -c base64 CTE
18
So there are eighteen such suspect headers in my most recent one hundred
spam messages; and forty-one CTE headers overall.
--
dman
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail