... when clueless nominally legitimate senders commit the same idiotic
failures...
I'm dissecting a false positive on a message from Quora, brought on
largely by local rules targeting abuse of non-ASCII lookalike characters.
In the process of chasing down what idiocy triggered these rules, I find
this:
Oct 4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got
hit: "private texts t? my husband’."
Oct 4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got
hit: "tter quit her j?b w?rking f?r"
Oct 4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got
hit: "uple after disc?vering that the"
Oct 4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got
hit: "were talking ab?ut her behind h"
Oct 4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got
hit: "private texts t? my husband’."
Oct 4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got
hit: "tter quit her j?b w?rking f?r"
Oct 4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got
hit: "uple after disc?vering that the"
Oct 4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got
hit: "were talking ab?ut her behind h"
Note the non-ASCII looklike "o", either \xd0\xbe or \xce\xbf (don't
really care which; as far as I'm concerned neither is at all acceptable
in those text fragments).
Depending on the font the displayed text in the original email doesn't
even look all that different - but it clearly took some specific effort
to cause this to happen.
*sigh*
Does anyone have a contact at Quora to prod with a cluebat?
-kgd
failures...
I'm dissecting a false positive on a message from Quora, brought on
largely by local rules targeting abuse of non-ASCII lookalike characters.
In the process of chasing down what idiocy triggered these rules, I find
this:
Oct 4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got
hit: "private texts t? my husband’."
Oct 4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got
hit: "tter quit her j?b w?rking f?r"
Oct 4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got
hit: "uple after disc?vering that the"
Oct 4 14:17:37.854 [16262] dbg: rules: ran body rule FOO ======> got
hit: "were talking ab?ut her behind h"
Oct 4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got
hit: "private texts t? my husband’."
Oct 4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got
hit: "tter quit her j?b w?rking f?r"
Oct 4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got
hit: "uple after disc?vering that the"
Oct 4 14:17:37.855 [16262] dbg: rules: ran body rule FOO ======> got
hit: "were talking ab?ut her behind h"
Note the non-ASCII looklike "o", either \xd0\xbe or \xce\xbf (don't
really care which; as far as I'm concerned neither is at all acceptable
in those text fragments).
Depending on the font the displayed text in the original email doesn't
even look all that different - but it clearly took some specific effort
to cause this to happen.
*sigh*
Does anyone have a contact at Quora to prod with a cluebat?
-kgd