News: New outbound filter rule

Published: 2021-09-01

We've recently identified a trend from compromised email accounts (mostly referring to users who reused passwords and were compromised elsewhere) that we have been unable to capture except by enforcing a new rule in the filters. The rule is that outbound email will be rejected which matches this:

"Has text part encoded in base64 that does not contain any 8bit characters"

This is used to conceal content behind encoding to confuse spam filters. We're not seeing widespread use of this for any other purpose, and our position is that it's a bit odd to use it to conceal plain text as it does not add any security or function to the email.