Obscuring URLs

[SourdoughJim]

I've recently noticed that some URLs in the spam I receive are not being parsed by SpamCop. The problem appears to be the insertion of a null character between the href= and the full URL. Usually the character is shown in hex as 3D. It would be handy if the parsing routine could filter out anything between the href= and the quote mark at the beginning of the URL. I've been doing it manually, but sometimes I miss one.

[Wazoo]

I've recently noticed that some URLs in the spam I receive are not being parsed by SpamCop.

This is something that has come up so often over the years, there are FAQ and Wiki entries about it.

The problem appears to be the insertion of a null character between the href= and the full URL. Usually the character is shown in hex as 3D. It would be handy if the parsing routine could filter out anything between the href= and the quote mark at the beginning of the URL.

What you appear to be describing is a "quoted-printable" construct of the body. The SpamCop.net parser doesn't have a problem with handling of that construction .... as long as the header defiitions and the body contents actually match. A Tracking URL would have allowed for some specific discussion about the specific spam involved.

I've been doing it manually, but sometimes I miss one.

This line forces the re-location of this Post/Topic to the Reporting Help Forum section as an example of someone breaking the rules .. something else addressed wthin the FAQ and Wiki. You place your Reporting Account in jeapordy by doing this.

[SourdoughJim]

This is something that has come up so often over the years, there are FAQ and Wiki entries about it.

What you appear to be describing is a "quoted-printable" construct of the body. The SpamCop.net parser doesn't have a problem with handling of that construction .... as long as the header defiitions and the body contents actually match. A Tracking URL would have allowed for some specific discussion about the specific spam involved.

This line forces the re-location of this Post/Topic to the Reporting Help Forum section as an example of someone breaking the rules .. something else addressed wthin the FAQ and Wiki. You place your Reporting Account in jeapordy by doing this.

I should have been clearer. What I'm seeing looks like this:

[a href=3D"www.somewhere.com"]

If I leave the 3D in there the parser ignores the URL as invalid.

[StevenUnderwood]

I should have been clearer. What I'm seeing looks like this:

[a href=3D"www.somewhere.com"]

If I leave the 3D in there the parser ignores the URL as invalid.

Which you need to do if you do not wish to chance losing your account.

You are making a change to the message in order to help the parser find something it would not otherwise find and that is verbotten. (sp?)

Your original message was clear. As Wazoo mentioned, that =3D is normally inserted because of the quoted printable data type of the message. Properly implemented quoted printable is not normally a problem for the parser.

[Farelf]

...You are making a change to the message in order to help the parser find something it would not otherwise find and that is verbotten. (sp?)...

Ja ist es verboten. Can't be said enough:

forbidden, 禁止, verboden, interdit, απαγορευμένος, severo, 禁止される, 금지하는, proibido, запрещено, prohibido, yasaktir, etc.

What is allowed is munging your name/identity whether in headers or body and that's about "it" (parser handling of this may be incomplete - and that worries some - particularly when a "From:" is involved. Yes, I've even seen that "missed" when it is the same as the "To:").