[Esd-l] On e-mail sent with header: Content-Transfer-Encoding: base64

Min-Soo Kim minsukim at jikji.org
Mon Feb 2 22:43:43 PST 2004


Hello,

I think I need a brief introduction before shoot a question, as my name / e-mail encoding may appear to be one you're trying to block.

Yes, I'm a Korean, but I really hate spams all over the world, and I'm using your Sanitizer and spambnc quite successfully to block spam e-mails among other tools I've been used. 

I'm a born spam hater; ever since I've had seen this web site http://korea.services.net/index.phtml, I have become more spam hater than before, not only because some site like above is blocking the entire IP address one country, my country, has been allocated by international organization, but also because we cannot block UTF-7/UTF-8 encoding from each other for better communication in near future.  It's not a matter of whether one country is notorious for sending / relaying spams, but how we're going to prevent myself / my kids / my friend /  my neighbor being exposed to that 4-letter spammers and threir e-mails is what matters and is more important. 

I found that Sanitizer is quite useful tool to make the goal I had set more realistic.

Here is my most recent problem. (I'm not a programmer, but an end-user)
With this mail header below, images - entire HTML contents - can be seen and not filtered, and the continuing problem is I have to use Korean encoding for my daily life and should accept this transfer-endocing according to http://support.microsoft.com/default.aspx?scid=kb;EN-US;323489 .  God feeling is this is not a proper e-mail, but I do not know how to block them.

E-mail header is like this:
===================
MIME-Version: 1.0
X-Security: MIME headers sanitized on jikji-home.jikji.org
See http://www.impsec.org/email-tools/sanitizer-intro.html
for details. $Revision: 1.139 $Date: 2003-09-07 10:14:23-07 
Content-Type: multipart/mixed;boundary= "----=_NextPart_000_0058_18DCD15F.9AF77D72"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2462.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000 
X-SpamBouncer: 1.8 (1/26/04)
X-SBPass: No Freemail Filtering
X-SBScore: 0 (Spam Threshold: 5) (Block Threshold: 2)
X-SBClass: OK
X-Folder: Default
X-UIDL: )n7!!3h`!!dY`"!<0T!!

------=_NextPart_000_0058_18DCD15F.9AF77D72
Content-Type: text/html; charset= "ks_c_5601-1987"
Content-Transfer-Encoding: base64

vsiz58fPvLy/qSC/5MHyIMitwabAxyC/7rW/uLjAuLfOIMiutOu1x7TCIMbktM+9uiDHwbfO
......
===================

I've searched to get some hint, and what I found is as follows,

1. http://news.spamcop.net/pipermail/spamcop-list/2003-February/031732.html
 "The messages _do_ contain valid HTML, and when I remove the header line,
the message is correctly parsed."

2. http://wpbl.pc9.org/procmailrc
"# The following will catch Mimail.Q, MiMail.R, Mydoom, Novarg, Shimg
# and automatically drop them after recording the sender for WPBL
# Last updated 2004-01-27 21:30 CST"

While I'm not sure whether this procmailrc is the one that blocks the spam mail I'm getting, I put this recipe into my .procmailrc with a hope, and now I'm wondering if you could make this thing working with existing local-rules.procmail, as I said before, I'm not goot at hacking.

It's been a long mail, but the point is simple.
 1. Thank you so much Mr. John Hardin for the Sanitizer.  You saved a lot of my energy for better use.
 2. Appreciate if you could add Mimail.Q MiMail.R Mydoom, Shimg into your distribution.  I could send you some e-mails if you need them.


With regards, Min-Soo Kim.





More information about the esd-l mailing list