From: Charles Gregory (cgregoryhwcn.org)
Date: Tue May 02 2006 - 15:22:14 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2 May 2006, Magnus [iso-8859-1] Bäck wrote:
> > I don't suppose there is a 'stupid pet trick' that will let me
> > perform a simple 'body_check' on base64 encoded text bodies?
> Nope.

(sigh) Kinda expected that answer. Thanks for not calling *me* stupid. :)

> Sure, there are many such programs and scripting languages but since a
> given string has more than one possible Base64 equivalent it would not
> be practical.

(sigh again)

> Stop trying to use body_checks and friends as the spam blocker of
> choice. You will spend far too much time maintaining your expressions
> and you still won't come even close to the accuracy of "real" antispam
> solutions.

Agreed, but we're in a weird spot where we have tried to implement the
'real' anti-spam solutions with appropriate per-user opt-in mechansisms,
and excuse my candor, but the users are just so (ahem) unknowledgable that
they don't understand the idea of setting their filter properly to avoid
false positives. And so a lot of users set them in 'test mode' without
realizing that is what it is, and then complain that the filter "doesn't
work" - and then there are a bunch of people who can't even be bothered
trying to turn it on. So I try to skim the few really repetitive and
obvious spams, like the penny stock ads.... Which was working okay until I
started getting base64 copies of them..... (sigh once more)

> Please define "improper use of Base64".

Not sure there *is* such a beast. But I notice that spamassassin has a
score for BASE64_NO_NAME so maybe there are one or two forms of 'misuse'
that could be caught?

Anyways. Thanks for the answer.

- Charles

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]