Mailto's being marked as detected fraud attempt.

Quentin Campbell Q.G.Campbell at NEWCASTLE.AC.UK
Wed Nov 17 14:13:59 GMT 2004

>-----Original Message-----
>From: MailScanner mailing list 
>[mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Quentin Campbell
>Sent: 17 November 2004 14:06
>Subject: Re: Mailto's being marked as detected fraud attempt.
>There is another curiosity. The Sendmail logs say that HTML in the
>affected user's signature line is disarmed by MailScanner's "Content
>Checks". The only content check that disarms HTML is the new "WebBugs"
>one. All the other content checks strip the HTML.
>A consequence of this disarming is that all the text following the
>"href=" tag is underlined until the end of the message. Do you know why
>that might be happening?  

Note that this only happens when the signature is added to a message
sent as RTF. It does not seem to happen when the message is sent as


------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ ( and
the archives (

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list