Steve Basford wrote: >> Ok, I need a bit of help here. I have had a couple of messages blocked >> because of this signature. I decoded it, but the result doesn't make >> sense other than the word Halloween is in it. The message has the word >> Halloween in it plus a link to some images stored at www {dot} wtv >> {dash} zone {dot} com {slash} angleimage. > > Hi Lyle, > > Thanks for the report... I've removed the sig... and mirrors updated. > >> False positive maybe? Maybe someone could tell me how to read that >> signature... > > A simple decoder is here, but it does decode 100%: > > http://sanesecurity.co.uk/decodesigs.htm > > If anyone could code a proper sig decoder for the web, that would be great :) Steve, feel free to use the perl code snippet that I have in my script that does proper decoding of signatures. Bill