[Openchrome-users] False positives on spam?
Philip Prindeville
philipp_subx
Sat Apr 22 12:12:43 PDT 2006
[Resending with hopefully fewer typos]
Hi.
I'm seeing the following:
Apr 22 12:27:24 mail mimedefang.pl[3399]: helo: 1-1-8-31a.gmt.gbg.bostream.se (82.182.75.118)
said "helo mail.shipmail.org"
Apr 22 12:27:25 mail sendmail[4236]: k3MIRO51004236:
from=<openchrome-users-bounces at openchrome.org>, size=3873, class=-30, nrcpts=1,
msgid=<078.7e9728bfac18142c8d40d271129fed6f at openchrome.org>, proto=ESMTP, daemon=MTA-v4,
relay=1-1-8-31a.gmt.gbg.bostream.se [82.182.75.118]
Apr 22 12:27:26 mail mimedefang.pl[3399]: k3MIRO51004236: hits=7.543, req=5,
names=L_FORGN_SUBJ,SUBJECT_ENCODED_TWICE,SUBJECT_EXCESS_QP
Apr 22 12:27:26 mail mimedefang.pl[3399]:
MDLOG,k3MIRO51004236,spam,7.543,82.182.75.118,<openchrome-users-bounces at openchrome.org>,<philipp_subx at redfish-solutions.com>,Re:
[Openchrome-users] =?utf-8?q?=5BopenChrome=5D_=2333=3A_Video_corr?=
=?utf-8?q?uption_on_via_sp13000_=28CN400=29?=
Apr 22 12:27:26 mail mimedefang.pl[3399]: filter: k3MIRO51004236: bounce=1 discard=1
Apr 22 12:27:26 mail mimedefang[11357]: k3MIRO51004236: Bouncing because filter instructed us to
Apr 22 12:27:26 mail sendmail[4236]: k3MIRO51004236: Milter: data, reject=554 5.7.1 Message
rejected; scored too high on the Spam test.
Sigh.
There are two things wrong with this email.
First, the relevant RFC's (and I would have to dig out the numbers)
mandate that a message that CAN be encoded in the smallest (most
restricted) encoding MUST be done as such.
I.e. if a UTF-8 message uses only ISO 8859-1 characters, it must be
downgraded to that encoding. If an ISO 8859-1 message uses only
the lower page (i.e. 0x00-0x7e) characters, then it in turn must be
downgraded to US-ASCII. And so on.
There was nothing in that subject line that wasn't US-ASCII, so
no explicit encoding was required...
Secondly, putting an explicit encoding in the subject line two or more
times (when it's the same encoding) is a sure-fire spam-sign...
Why am I bringing this up?
Well, people send out malformed email because of their broken mailers,
which our site properly rejects (as it should) for being non-compliant
with the applicable RFC's... then the list mailer detects that we're
dropping messages and threatens to revoke our list membership.
That's not right.
People: please fix your mailers or switch to another vendor that's less
broken.
Thanks,
-Philip
More information about the Openchrome-users
mailing list