Links in {Disarmed} Messages Still Function
Julian Field
MailScanner at ecs.soton.ac.uk
Tue Aug 23 16:46:37 IST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 23 Aug 2005, at 15:53, Ed Bruce wrote:
> Julian Field wrote:
>
>
>> Yes, they should still work. Due to the nature of the problem,
>> identifying phishing attacks can never be totally free of false
>> alarms. So you need the original link to still work when that
>> happens.
>>
>> On 23 Aug 2005, at 13:46, Daniel Straka wrote:
>>
>> >Should the web links in disarmed messages work? Mine do, what do
>> I >need
>> >to do?
>>
>>
> If I set:
>
> Disarmed Modify Subject = yes
>
> Is this only fired off for suspicious links or are there other HTML
> tags that are disarmed? I'm still trying to come up with a tag that
> doesn't alarm or confuse our PHB :)
As phishing links are not disarmed, but just "brought to your
attention", it does not do the "Disarmed Modify Subject" if that is
all that was changed.
The "Disarmed Modify" does what it says on the tin, it modifies the
subject line if any HTML tags were "disarmed", i.e. altered due to a
"disarm" request in MailScanner.conf.
- --
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.2 (Build 2425)
iQA/AwUBQwtE3xH2WUcUFbZUEQLUwACfVaC3tOdapV/WqZwFJzEABSrmFEwAoM6s
qSbgF/DQHxnAjkQazf5yVEcI
=sMM5
-----END PGP SIGNATURE-----
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list