Security Basics mailing list archives
Re: Something new in my inbox
From: "Greg" <pchandyman () ozemail com au>
Date: Wed, 29 Sep 2004 07:01:37 +1000
----- Original Message ----- From: "Rob Hughes" <rob () robhughes com>
To: <security-basics () securityfocus com> Sent: Tuesday, September 28, 2004 11:35 AM Subject: Something new in my inbox
All, I've noticed an increasing amount of spam that's using what looks like a broken attempt to mime-encode a url. An example would be http://www=2euwantedx=2einfo/rm/news_out=2ehtm. Does anyone recognize this encoding type? I need to create some spamassassin rules to pick it up. The only place I've seen the "=2e" stuff is in broken outlook emails, so any help or pointers to sites with info on this encoding will be appreciated.
Sorry but that isn't new at all. I use Spamkiller and I have had certain URLs looked for and knock out the spam. When that sort of thing comes in it can stuff things up. However, just set a rule looking for "www" and "=2" both and you kill them easily. You can also kill anything with .info and .biz in it, JFYI.
Greg.
Current thread:
- Something new in my inbox Rob Hughes (Sep 28)
- Re: Something new in my inbox Atom 'Smasher' (Sep 29)
- Re: Something new in my inbox Greg (Sep 30)
- <Possible follow-ups>
- Re: Something new in my inbox H Carvey (Sep 29)
- RE: Something new in my inbox Chris Santerre (Sep 30)