We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Este fío arquivouse. Faga unha nova pregunta se precisa axuda.

Certain emails appear with non-standard fonts in headers

  • 1 resposta
  • 1 has this problem
  • 1 view
  • Last reply by Zenos

Aimhere
Aimhere
more options

Lately, I've been receiving a few "spam" emails where the text of the message headers ("From" and "Subject", in particular) appears in a non-standard font (e.g. different from all other plaintext in Thunderbird). I didn't think such a thing was even possible within email headers.

Looking at the message source (Ctrl-U), it appears the "From" and "Subject" headers are being encoded in UTF-8.

Is this some kind of attempt by the sender to bypass or trick anti-spam filters?

Note: attached pic has the text highlighted in yellow.

Lately, I've been receiving a few "spam" emails where the text of the message headers ("From" and "Subject", in particular) appears in a non-standard font (e.g. different from all other plaintext in Thunderbird). I didn't think such a thing was even possible within email headers. Looking at the message source (Ctrl-U), it appears the "From" and "Subject" headers are being encoded in UTF-8. Is this some kind of attempt by the sender to bypass or trick anti-spam filters? Note: attached pic has the text highlighted in yellow.
Capturas de pantalla anexas

All Replies (1)

Zenos
Zenos
more options

Yes, UTF-8 can be used in subject lines, and yes, it can make some spam filtering harder work.

The legitimate intention is to allow non-Latin character sets to be used in subject lines and addresses. One minor form of abuse (IMHO) is using it to insert icons into subject lines. This is a typical example, from a travel company who use it to insert a calendar icon into the subject line.

Subject: =?UTF-8?B?8J+ThSBDaHJpcywgaXMgaXQgdGltZSBmb3IgeW91ciBuZXh0IHRyaXA/?=

As a side effect, it's now non-trivial to tell what the message is about, at least when looking at the source.

Zenos modificouno o