Phishing Trouble

Julian Field MailScanner at
Fri Aug 19 17:16:10 IST 2005

Hash: SHA1

On 19 Aug 2005, at 16:48, Denis Beauchemin wrote:

> * PGP Bad Signature, Signed by a unverified key
> Julian Field wrote:
>> Attached is a patch for which should stop this  
>> happening  again.
> Julian,
> Tried it yesterday and this morning my server had a huge backlog of  
> messages in  I managed to single out some messages and  
> ran MS in debug mode on them to get the following error:
> Unmatched ) in regex; marked by <-- HERE in m/^www 
> \.mailscannersoup&ccedil;onnelelien" <-- HERE "/ at / 
> usr/lib/MailScanner/MailScanner/ line 4954
> and line 4954 is:
>      if ($squashedtext =~ /^www\.$squashedpossible\"$linkurl\"/) {
> So I backed out of the patch and then the messages went by just fine.

Sorry, I forgot to quotemeta the regexp.

Change that bit of code so it looks like this instead:

       my $squashedpossible = lc($possiblefraudstart);
       $squashedpossible =~ s/\s//g;
       $squashedpossible =~ s/(\<\/?[^>]*\>)*//ig; # Remove tags
       $squashedpossible = "www.$squashedpossible\"$linkurl\"";
       $squashedpossible = quotemeta($squashedpossible);
       #print STDERR "NEW CODE: SquashedText     = $squashedtext\n";
       #print STDERR "NEW CODE: SquashedPossible = $squashedpossible\n";
       #print STDERR "NEW CODE: LinkURL          = $linkurl\n";
       if ($squashedtext =~ /^$squashedpossible/) {
         #print STDERR "FOUND IT\n";
         print "$DisarmLinkText$text";
         $DisarmLinkText = ""; # Reset state of automaton

Then it should work rather better!
Sorry about that, I wrote it in too much of a hurry :-(
- -- 
Julian Field
Buy the MailScanner book at
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

Version: PGP Desktop 9.0.2 (Build 2425)


------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki ( and
the archives (

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list