[Mimedefang] Incredible spam obfuscation
Paul Heinlein
heinlein at cse.ogi.edu
Thu Feb 19 14:46:37 EST 2004
On Thu, 19 Feb 2004, Joseph Brennan wrote:
> # note iframe, script, object
> if (/<(iframe|script|object) /i) {
> $badtag = $1;
> $_ =~ s/<(iframe|script|object) /<no-$1 /ig;
> }
> $bla .= $_;
Would it be helpful to tweak the regex just a bit?
if ( /<(iframe|script|object)\b/i ) {
$badtag = $1;
s/<(iframe|script|object)\b/<no-$1/ig;
}
That'd help catch something other than an ordinary space after the tag
name, since any form of whitespace (tabs, newlines) can be used.
--Paul Heinlein <heinlein at cse.ogi.edu>
More information about the MIMEDefang
mailing list