Network Security: Detailed info on Re: Something new in my inbox

Subject:	Re: Something new in my inbox
Date:	Wed, 29 Sep 2004 07:01:37 +1000

----- Original Message ----- From: "Rob Hughes" <rob@robhughes.com> To: <security-basics@securityfocus.com> Sent: Tuesday, September 28, 2004 11:35 AM Subject: Something new in my inbox

All,

I've noticed an increasing amount of spam that's using what looks like a
broken attempt to mime-encode a url. An example would be
http://www=2euwantedx=2einfo/rm/news_out=2ehtm. Does anyone recognize
this encoding type? I need to create some spamassassin rules to pick it
up. The only place I've seen the "=2e" stuff is in broken outlook
emails, so any help or pointers to sites with info on this encoding will
be appreciated.

Sorry but that isn't new at all. I use Spamkiller and I have had certain URLs looked for and knock out the spam. When that sort of thing comes in it can stuff things up. However, just set a rule looking for "www" and "=2" both and you kill them easily. You can also kill anything with .info and .biz in it, JFYI.

Greg.

<Prev in Thread]	Current Thread	[Next in Thread>
Something new in my inbox, Rob Hughes Re: Something new in my inbox, Atom 'Smasher' Re: Something new in my inbox, Greg <= Re: Something new in my inbox, H Carvey RE: Something new in my inbox, Chris Santerre

Previous by Date:	Looking for mixed Unix/Windows secure coding course, Hollis via Rubicon Recluse
Next by Date:	Re: Where does ICF store it`s ACL ?, Paul Kurczaba
Previous by Thread:	Re: Something new in my inbox, Atom 'Smasher'
Next by Thread:	Re: Something new in my inbox, H Carvey
Indexes:	[Date] [Thread] [Top] [All Lists]