[Mimedefang] HTML Mail / Active content filter
Kevin A. McGrail
kmcgrail at pccc.com
Tue Apr 11 06:53:48 EDT 2023
On 4/11/2023 6:06 AM, Florian Lohoff via MIMEDefang wrote:
> From my quick analysis javascript in mails is pretty rare and in 99% of
> the cases spam/ad stuff. I right now have a simple custom rule in
> spamassassin scoring the above very high as spam and rejecting it. But
> for my taste thats tooo simple. I'd rather walk through all individual
> MIME parts.
From my experience, there is a lot of javascript in emails from a lot
of name brands. However, MIMEDefang's origins are based on exactly this
type of concept when DFS invented it.
There are a LOT of obuscation techniques but there are also real (but
very stupid) banks that do things like email html files for instructions
to their clients and things.
Do you have a sample of the file with the bad HTML and I can see if
there are SA rules that hit it too?
Regards,
KAM
More information about the MIMEDefang
mailing list