Re: A bug in IDCoderHeader DecodeHeader function?

Giganews Newsgroups
Subject: Re: A bug in IDCoderHeader DecodeHeader function?
Posted by:  Ciaran Costelloe (ccostell…@flogas.ie)
Date: Fri, 2 Jul 2004

"Andrew Lockwood" <andrew.lockwo…@fsbdial.co.uk> wrote in message
news:7CB213A449A3E240andrew.lockwo…@fsbdial.co.uk...
> We have (unfortunately!) just received the following e-mail which puts the
> DecodeHeader function into an endless loop.
>
> When we encountered this before, Don S suggested that the problem may be
> that the message is malformed due to the lack of whitespaces in the folded
> header lines.  Whether or not the message is malformed seems irrelevant.
If
> Indy is to function properly, it needs to be able to cope with problems
like
> this.

I have checked in an updated IdCoderHeader to fix this.  The problem was in
the Subject line, the =?KOI8-R?Q? indicated it was encoded, but the text was
not actually encoded (Please Reply me soonest)
and Indy got stuck in a loop because it was not correctly moving past the
last charset found.

What Don was referring to was lines like the following in your email:

> X-Spam-Status: No, hits=4.9 required=5.0
> tests=BAYES_01,NIGERIAN_BODY1,NIGERIAN_BODY2,NIGERIAN_BODY3 autolearn=no

The problem is that they were originally:

> X-Spam-Status: No, hits=4.9 required=5.0
>    tests=BAYES_01,NIGERIAN_BODY1,NIGERIAN_BODY2,NIGERIAN_BODY3
autolearn=no

i.e. when you copied+pasted, the spaces before "tests=" were removed.  It is
just an annoying side-effect of copy+paste in certain circumstances: the
lack of spaces immediately makes the header invalid.

Ciaran

> Received: from 212.176.41.6 by newserver ([192.168.1.100] running VPOP3)
> with ESMTP for <ma…@acousticdesign.co.uk>; Thu, 24 Jun 2004 21:19:47
+0100
> Received: (qmail 9537 invoked by uid 514); 24 Jun 2004 20:08:55 -0000
> X-Virus-Scan: Scanned by clamdmail 0.15 on mail.rin.ru (no viruses); Fri,
25
> Jun 2004 00:08:56 +0400
> Received: from unknown (HELO localhost) (127.0.0.1) by localhost with
SMTP;
> 24 Jun 2004 20:08:54 -0000
> Content-type: text/plain;charset=koi8-r;
> Date: Fri, 25 Jun 2004 00:08 +0400
> Content-transfer-encoding: quoted-printable
> Mime-version: 1.0
> X-sender-ip: 81.199.85.145
> Return-path: <primestim…@rin.ru>
> To: ospectra37…@netscape.net
> From: =?KOI8-R?Q?Muhammed Abacha?= <primestim…@rin.ru>
> X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on mail.rin.ru
> X-Spam-Level: ****
> X-Spam-Status: No, hits=4.9 required=5.0
> tests=BAYES_01,NIGERIAN_BODY1,NIGERIAN_BODY2,NIGERIAN_BODY3 autolearn=no
> version=2.63 * -1.5 BAYES_01 BODY: Bayesian spam probability is 1 to 10% *
> [score: 0.0692] *  0.7 NIGERIAN_BODY2 Message body looks like a Nigerian
> spam message 2+ *  5.0 NIGERIAN_BODY1 Message body looks like a Nigerian
> spam message 1+ *  0.7 NIGERIAN_BODY3 Message body looks like a Nigerian
> spam message 3+
> Message-Id: <VPOP31.5.0g.20040624211947.536.1e.1.006e9325@newserver>
> X-Server: VPOP3 V1.5.0g - Registered
> Subject: =?KOI8-R?Q?Please Reply me soonest?=
>
>      VERY URGENT AND STRICTLY CONFIDENTIAL BUSINESS PROPOSAL.
>
> =20
> Sir,=20
> =20
> I am MR. MOHAMMED ABACHA the son of the late Gen. Sani Abacha, former head
=
> of State of Nigeria who died on 8th June 1998 while in office. Since the
de=
> ath of my father the present Government of Chief Olusegun Obasanjo has
been=
>  tormenting members of the Abachas family including family friends. All
bus=
> inesses and property owned by the Abachas have been confiscated by the
Gove=
> rnment and all our Bank Account in Nigeria and abroad have been frozen. A
q=
> uick reference of Newsweek publication of March 13th 1999 were 88million
do=
> llars was taken from us will give you an insight of what I have gone
throug=
> h. After a short while I was arrested and detained in prison custody, the
g=
> overnment came up with a trump up charge against me and honestly speaking
I=
>  have been in detention since November 1999 and I was only released on
Thur=
> sdays (11-07-02) by the supreme court of Nigeria who passed judgment in my
=
> favor.
> =20
> During the reign of my father as the president of this country, an
Aluminum=
>  Smelter Company of Nigeria (Alscom) contract was revealed. The contract
wa=
> s for the construction of plant, at Ikuta Abasi in Akwa Ibom State of
Niger=
> ia, for production of ingots and billets required as raw material for
Alumi=
> num and Allied Industries, Reynolds Incorporated of America, Phoenix and
M&=
> F Companies of Switzerland conducted the feasibility studies. The contract
=
> was awarded to Ferrostall AG of Germany. However, after the revaluation of
=
> the contract, Ferrostall AG collected its own share of the increment in
pro=
> ject cost, while my father's share of fifty-eight Million U.S. Dollars
(US$=
> 58M) was deposited on my name with a security company here in Nigeria for
s=
> afety keep and I know that my father was planning of how to send this
money=
>  abroad before his sudden death in June 8 1998. Since then the money has
be=
> en with the security company up till date. This US$58M was secretly
package=
> d in a trunk box and the certificate of deposit where on my name and is
sti=
> ll in my possession.
> =20
> Hence all plane is to ship this money abroad through a diplomatic means
wit=
> hout the knowledge of anybody from outside knowing my involvement in this
m=
> oney, to avoid being seized due to my presently situation and also I am
han=
> dicapped as what next to do since I am not conversant with international
mo=
> nitory policies. Hence I am contacting you as a reputable and trustworthy
p=
> erson, with a well experience and able hand to help. This was to bit the
se=
> curity system in Nigeria Because I want you to claim the money on my
behalf=
>  I have declared to the security company that the consignment belongs to
(=
> YOU) as my foreign business partners.  Actually I got your contact from a
r=
> eliable source, and also I believe you are in a good position to assist me
=
> to transfer this fund for good investment.
> =20
> Upon receipt of your willingness to assist me claim this money I will then
=
> contact my personal attorney to draft a power of attorney that will
authori=
> ze you as the beneficially of this money so that you can handle this
transa=
> ction on my behalf. And as soon as this money leaves Nigeria I will travel
=
> out to seek asylum either in Europe or America. Our contract with APEX
FINA=
> NCE AND SECURITIES GROUP remains few weeks to expire and I am down broke
to=
>  renew the duration with the Security Company.
> =20
> As a matter of urgency, I will like you to send to me immediately your
tele=
> phone and fax number. I shall send you all the clearance documents by fax.
=
> I will then forward your name as the beneficiary and my foreign business
pa=
> rtner to the Security Company. You will be entitled to 20% of the total
sum=
>  involved for your assistance, 5% will be set aside for reimbursement to
yo=
> u for any incidental expenses that may be incurred in the course of the
tra=
> nsaction.
> =20
> Your URGENT response is needed. I want you to call my Attorney, Barrister
L=
> awrence Daniel on 234 1 7755778 for more detailed directives information
an=
> d the nest required step of how we have to make move immediately as I have
=
> told him about you and he is to handle all the processing with you on my
be=
> half.  All your REPLY must go through these our family private email
addres=
> s: mohammed.abac…@mail.ee and ospectra37…@netscape.net , I will also
need=
>  your private and direct telephone and fax number for easy reach. Please
th=
> is is a very confidential matter, you don't disclose to anybody for us to
h=
> ave success.
> =20
> Best regard
> =20
> MR MOHAMMED ABACHA=20
>
> N: B=20
> PLAESE I WANT YOU TO RELPY ME THIS MAIL TO MY ALTERNATIVE EMAIL ADDRESSES
m=
> ohammed.abac…@mail.ee and ospectra37…@netscape.net or BEST CALL MY
LAWYER=
>  ON 234 1 7755778 FOR MORE DIRECT EXPLANATIONS ABOUT THE BUSINESS.
>
> =20
> =20
>
> Andrew Lockwood

Replies

None

In response to

A bug in IDCoderHeader DecodeHeader function? posted by Andrew Lockwood on Fri, 2 Jul 2004