Links in {Disarmed} Messages Still Function

Julian Field MailScanner at
Tue Aug 23 16:46:37 IST 2005

Hash: SHA1

On 23 Aug 2005, at 15:53, Ed Bruce wrote:

> Julian Field wrote:
>> Yes, they should still work. Due to the nature of the problem,   
>> identifying phishing attacks can never be totally free of false   
>> alarms. So you need the original link to still work when that  
>> happens.
>> On 23 Aug 2005, at 13:46, Daniel Straka wrote:
>> >Should the web links in disarmed messages work? Mine do, what do  
>> I  >need
>> >to do?
> If I set:
> Disarmed Modify Subject = yes
> Is this only fired off for suspicious links or are there other HTML  
> tags that are disarmed? I'm still trying to come up with a tag that  
> doesn't alarm or confuse our PHB :)

As phishing links are not disarmed, but just "brought to your  
attention", it does not do the "Disarmed Modify Subject" if that is  
all that was changed.

The "Disarmed Modify" does what it says on the tin, it modifies the  
subject line if any HTML tags were "disarmed", i.e. altered due to a  
"disarm" request in MailScanner.conf.

- -- 
Julian Field
Buy the MailScanner book at
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

Version: PGP Desktop 9.0.2 (Build 2425)


------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki ( and
the archives (

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list