Is there a legitimate reason to use an encoded word in any header other than the subject?
Encoded words allow non-US-ASCII characters to be encoded as US-ASCII and thus placed into email headers.
http://en.wikipedia.org/wiki/MIME#Encoded-Word
Encoded words are often used in the Subject header, especially when the Subject is in another language, such as Spanish:
Subject: =?iso-8859-1?Q?=A1Hola,_se=F1or!?=
Question: Is there a legitimate reason to use an encoded word in any header other than the Subject?
Answer:
Examples from RFC 2047
- Display Names in email addresses: To: =?ISO-8859-1?Q?Keld_J=F8rn_Simonsen?=
- Comments: From: Nathaniel Borenstein (=?iso-8859-8?b?7eXs+SDv4SDp7Oj08A==?=)
Edit:
I actually received one of these recently. The "guilty" party was Airmail. Here's the headers (with the email address changed):
To: "=?utf-8?Q?john=40doe.org?=" <[email protected]>
Message-ID: <[email protected]>
Subject: check this out
X-Mailer: Airmail (237)
Solution 1:
Human names aren't limited to US-ASCII so anything involving a person's name (e.g. To:
, From:'
, Reply-to:
and CC:
) are legitimate. RFC 2047 shows examples of this. It wouldn't surprise me if product name headers (X-Mailer:
) showed up with encoded characters as well.