Mods to Fuz2 seem to make it less effective

Vernon Schryver vjs@calcite.rhyolite.com
Thu Mar 6 22:37:20 UTC 2003


> From: Paul Wright <paul.wright@pobox.com>

> I've recently switched to 1.1.31 from somewhere around 1.1.16 or 1.1.17.
> Looks like the changes to Fuz2 have made it less effective in some cases,
> which are now slipping through the DCC filters I use.
>
> For example <1046944284.96.2674@verence.noctua.org.uk> in .sightings comes
> out with Fuz2 as "many" with 1.1.16 but no Fuz2 at all in 1.1.31 (because
> of the lack of "interesting" things once the changes have done their work,
> I presume). 

In this case, ignoring HTML tags.

> The new Fuz2 is better for some spams, but fails on others. Once the
> whole world is using the later versions, the utility of the old Fuz2
> will be lost. Are there spare slots for checksums so it would it be
> possible to keep the old Fuz2 as another checksum? 

There are only 4 bits for the checksum type in the protocol and (more
importantly) the database, and 14 types have been allocated.  I hate
to burn the last two--I hope that doesn't mean they'll not be used until
the heat death of the universe.

It seems to me that this sample is a kind of mail that should never
be allowed past a firewall.  It is not only HTML, but HTML without
even a plaintext multipart-alternative.   It is impossible for
humans to view such mail without at least confirming to the sender
that it has been seen and risking far worse on vulnerable platforms.


vjs



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.