[Mimedefang] HTML Mail / Active content filter

Kevin A. McGrail kmcgrail at pccc.com
Tue Apr 11 06:53:48 EDT 2023

On 4/11/2023 6:06 AM, Florian Lohoff via MIMEDefang wrote:
>  From my quick analysis javascript in mails is pretty rare and in 99% of
> the cases spam/ad stuff. I right now have a simple custom rule in
> spamassassin scoring the above very high as spam and rejecting it. But
> for my taste thats tooo simple. I'd rather walk through all individual
> MIME parts.

 From my experience, there is a lot of javascript in emails from a lot 
of name brands.  However, MIMEDefang's origins are based on exactly this 
type of concept when DFS invented it.

There are a LOT of obuscation techniques but there are also real (but 
very stupid) banks that do things like email html files for instructions 
to their clients and things.

Do you have a sample of the file with the bad HTML and I can see if 
there are SA rules that hit it too?



More information about the MIMEDefang mailing list