On Tue, 6 Jul 2021 07:58:15 + (UTC)
Pedro David Marco wrote:
>
>
>
> On Monday, July 5, 2021, 11:45:42 PM GMT+2, RW
> wrote:
> >I'm not sure what you are referring to there. If you copy and paste a
> >web page into an HTML email, are you not just copying the
> >formatting?
>
> Agree
On Monday, July 5, 2021, 11:45:42 PM GMT+2, RW
wrote:
>I'm not sure what you are referring to there. If you copy and paste a
>web page into an HTML email, are you not just copying the formatting?
Agree RW, but...
copy and paste from web source to MUA works!
--Pedreter.
On 2021-07-06 00:32, RW wrote:
It's a question of whether a simple copy and paste from a web page to
an email body copies any javascript. I don't see why it would.
diffrent mail programs will give diffrent results of embedded, i dont
know if javascript in noscript html tag is even ignored or
On Tue, 2021-07-06 at 00:16 +0200, Benny Pedersen wrote:
> On 2021-07-05 23:45, RW wrote:
>
> > >
>
> https://www.w3resource.com/javascript/introduction/html-documents.php
>
> embeeded javascript is possible
>
Yes, but it may well depend on how the e-mail was assembled.
A message Cut from a
On Tue, 06 Jul 2021 00:16:00 +0200
Benny Pedersen wrote:
> On 2021-07-05 23:45, RW wrote:
>
> >> > What legitimate email uses javascript?
> >> Pretty common! many people copy and paste from webs.. and of course
> >> these are important mails! :-(
> >
> > I'm not sure what you are referring
On 2021-07-05 23:45, RW wrote:
> What legitimate email uses javascript?
Pretty common! many people copy and paste from webs.. and of course
these are important mails! :-(
I'm not sure what you are referring to there. If you copy and paste a
web page into an HTML email, are you not just
On Mon, 5 Jul 2021 08:01:25 + (UTC)
Pedro David Marco wrote:
>
>
>>On Thursday, July 1, 2021, 05:03:50 PM GMT+2, RW
>> wrote:
>
> > What legitimate email uses javascript?
> Pretty common! many people copy and paste from webs.. and of course
> these are important mails! :-(
>On Thursday, July 1, 2021, 05:03:50 PM GMT+2, RW
wrote:
> What legitimate email uses javascript?
Pretty common! many people copy and paste from webs.. and of course these are
important mails! :-(
Pedreter
On Fri, 2021-07-02 at 21:25 -0400, Jared Hall wrote:
> I never would've caught this except it hit an old header rule I use
> for certain Hotmail Porn detection.
>
> Content-Type: multipart/mixed;
> boundary="_c23d8b80-2b40-49d4-8897-08b0026dddfb_"
>
> Thanks for that: added it to a
Alex wrote:
Hi,
Would anyone like to help me block this office phish? It includes an
HTML file that presents an O365 login page:
https://pastebin.com/JMSrY6KU
More javascript in an HTML file.
Yes, there's something going on.
I had some trouble yesterday, and found a message sent from a valid
Hi,
> >> I realize blocking all javascript is prone to error,
> > What legitimate email uses javascript?
> And more important: which email clients do actually process Javascript
> that comes within an email? Thunderbird doesn't since 10 or 20 years
> ago. I don't know of any other as well. This
I realize blocking all javascript is prone to error,
What legitimate email uses javascript?
And more important: which email clients do actually process Javascript
that comes within an email? Thunderbird doesn't since 10 or 20 years
ago. I don't know of any other as well. This phish is
On Thu, 01 Jul 2021 18:40:04 +0100
Martin Gregorie wrote:
> On Thu, 2021-07-01 at 18:59 +0200, Benny Pedersen wrote:
> > On 2021-07-01 17:03, RW wrote:
> >
> > > > I realize blocking all javascript is prone to error,
> > > What legitimate email uses javascript?
> >
> > and what mua will
On Thu, 2021-07-01 at 18:59 +0200, Benny Pedersen wrote:
> On 2021-07-01 17:03, RW wrote:
>
> > > I realize blocking all javascript is prone to error,
> > What legitimate email uses javascript?
>
> and what mua will show html attachment as default ?
Evolution is as configurable as any MUA I've
On 2021-06-30 21:51, Alex wrote:
Hi,
Would anyone like to help me block this office phish? It includes an
HTML file that presents an O365 login page:
https://pastebin.com/JMSrY6KU
More javascript in an HTML file.
# put this content into a file name "local_html.cdb" in clamav dat
On 2021-07-01 17:42, Henrik K wrote:
John's already done something that hits:
mimeheader T_OBFU_HTML_ATTACHContent-Type =~
m,\bapplication/octet-stream\b.+\.html?\b,i
Maybe that along with checking for very short body etc.
add htmltidy to extract text plugin would also solve it, perl
On 2021-07-01 17:03, RW wrote:
I realize blocking all javascript is prone to error,
What legitimate email uses javascript?
and what mua will show html attachment as default ?
On Thu, Jul 01, 2021 at 08:42:01AM -0400, Alex wrote:
> Hi,
>
> > > I modified the ExtractText plugin to also process HTML files
> > >
> > > extracttext_externalhtmlcat /usr/bin/cat {}
> > > extracttext_use htmlcat .htm .html
> > >
> >
> > Quite horrible hack, as the result should
On Thu, 1 Jul 2021 08:42:01 -0400
Alex wrote:
> I realize blocking all javascript is prone to error,
What legitimate email uses javascript?
, Alex wrote:
Would anyone like to help me block this office phish? It includes an
HTML file that presents an O365 login page:
https://pastebin.com/JMSrY6KU
More javascript in an HTML file.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e
Hi,
> > I modified the ExtractText plugin to also process HTML files
> >
> > extracttext_externalhtmlcat /usr/bin/cat {}
> > extracttext_use htmlcat .htm .html
> >
>
> Quite horrible hack, as the result should be _rendered_ text. Inserting raw
> HTML for all body rules is probably
On Wed, Jun 30, 2021 at 05:41:56PM -0400, Alex wrote:
>
> I modified the ExtractText plugin to also process HTML files
>
> extracttext_externalhtmlcat /usr/bin/cat {}
> extracttext_use htmlcat .htm .html
>
Quite horrible hack, as the result should be _rendered_ text. Inserting
Hi,
> SpamAssassin has plugins for PhishTank and OpenPhish. I would suggest
> you submit the link to them.
> You can also reach out to the domain provider, hosting provider(s) and
> other companies involved.
> > https://pastebin.com/JMSrY6KU
We've got to do better than that. These O365 phishing
SpamAssassin has plugins for PhishTank and OpenPhish. I would suggest
you submit the link to them.
You can also reach out to the domain provider, hosting provider(s) and
other companies involved.
On 30/06/2021 21:51, Alex wrote:
Hi,
Would anyone like to help me block this office phish
Hi,
Would anyone like to help me block this office phish? It includes an
HTML file that presents an O365 login page:
https://pastebin.com/JMSrY6KU
More javascript in an HTML file.
25 matches
Mail list logo
