[Mimedefang] HTML Mail / Active content filter

giovanni at paclan.it giovanni at paclan.it
Tue Apr 11 05:49:39 EDT 2023

On 4/10/23 11:32, Florian Lohoff via MIMEDefang wrote:
> Hi,
> i'd like to drop/replace HTML attachments/mails which contain active
> components like javascript/javascript external refs.
> 	<script language="javascript></script>
> or
> 	<html><head>
> 		<script type="text/javascript" src="http://a.b.c.d"></script>
> 	</head></html>
> Basically going through all text/html etc parts. I am unshure whether
> i'd need to really decode HTML with HTML::Parse or the like to find it
> or if simple "regex" matching would be sufficient. Currently i am
> dropping this by spamassassin with custom filters using regex.
> Has anyone an example for this or experience which HTML perl module
> is the most stable?
it can be done using HTML::Parser, and then running Mail::MIMEDefang::Actions:action_rebuild().
In some cases it can be tricky because html attachments could be base64 encoded.


> And while at it. I tried my luck to do this also with PDF with active
> content, trying to parse PDF with CAM::PDF (or PDF::API2) to drop
> PDFs with active content. So if anyone has suggestions here would
> also be nice.
> Flo
> _______________________________________________
> NOTE: If there is a disclaimer or other legal boilerplate in the above
> message, it is NULL AND VOID.  You may ignore it.
> MIMEDefang mailing list MIMEDefang at lists.mimedefang.org
> https://lists.mimedefang.org/mailman/listinfo/mimedefang_lists.mimedefang.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://lists.mimedefang.org/pipermail/mimedefang_lists.mimedefang.org/attachments/20230411/df5f0760/attachment.sig>

More information about the MIMEDefang mailing list