Jump to content

Bomarc

Members
  • Content Count

    2
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Bomarc

  • Rank
    Newbie
  1. Here is the subject line (which seemed to cause the problem): Subject: RE: xxxxxxxxxx =?UTF-32?B?UQAAAA==?==?UTF-32?B?dQAAAA==?==?UTF-32?B?YQAAAA==?==?UTF-32?B?bAAAAA==?==?UTF-32?B?aQAAAA==?==?UTF-32?B?ZgAAAA==?==?UTF-32?B?eQAAACAAAAA=?==?UTF-32?B?dAAAAG8AAAAgAAAAQwAAAA==?==?UTF-32?B?YQAAAA==?==?UTF-32?B?cgAAAA==?==?UTF-32?B?cgAAAHkAAAAgAAAAYQAAACAAAABHAAAA?==?UTF-32?B?dQAAAA==?==?UTF-32?B?bgAAACAAAABMAAAA?==?UTF-32?B?ZQAAAA==?==?UTF-32?B?ZwAAAA==?==?UTF-32?B?YQAAAA==?==?UTF-32?B?bAAAAA==?==?UTF-32?B?bAAAAA==?==?UTF-32?B?eQAAAC4AAAAgAAAAUwAAAA==?==?UTF-32?B?dAAAAA==?==?UTF-32?B?YQAAAA==?==?UTF-32?B?cgAAAA==?==?UTF-32?B?dAAAACAAAABmAAAA?==?UTF-32?B?bwAAAA==?==?UTF-32?B?cgAAACAAAABGAAAA?==?UTF-32?B?UgAAAA==?==?UTF-32?B?RQAAAA==?==?UTF-32?B?RQAAACAAAABUAAAA?==?UTF-32?B?bwAAAA==?==?UTF-32?B?ZAAAAA==?==?UTF-32?B?YQAAAA==?==?UTF-32?B?eQAAAA==?==?UTF-32?B?IQAAAA==?=
  2. I've been getting more spam that is tailored to circumvent SpamCop. The latest one has two 'exploits' ... one is a limitation of SC (that shouldn't exist); the other is a new 'bug'. Three key areas that impede SC reporting: Bug: eMail subject line that causes the email body to not be processed. How / do you want me to report this? (As it has header info; I don't want to post it in a public forum) It's been raised before, and I'll raise it again: The hard limitation of links needs to be re-though and re-designed. This same message as #1; they had over 900 lines of "https://products.office.com/en-us/products..." which were obviously intended to circumvent SC reporting. Suggested fix (for each item .. If number exceed): Remove duplicates; as duplicate email's checked and are not set; not counting duplicates would be a big first step. Remove known URL's that a) don't accept reports or b) known "red herring" URL's (microsoft.com as an example) If max is still exceed .. report only the first "n" - or - allow me to choose which "n" should be reported; with them all disabled Rethink the max char limited. Another circumvention technique is to add a substantial amount of html / formatting / white space at the top of the body. When SC truncates (at max chars); the URL's are below that line; and they don't get reported. Suggested fix: Pre-process email to ignore/strip/remove non-visible HTML/white space before truncate and/or search for URL's before truncate. I realize that a great deal of this is "the way it's always been". The spammers are getting around that; and SC needs to be updated to handle the new tactics.
×