Resending [Phishing net and international characters]

Denis Beauchemin denis.beauchemin at USHERBROOKE.CA
Mon Aug 29 15:21:14 IST 2005


On Sat, 27 Aug 2005 11:05:20 +0100, Julian Field
<MailScanner at ECS.SOTON.AC.UK> wrote:

>How is MailScanner going to know that %E9 is the same as &eacute; ?

I don't know but since these are no longer illegal there has to be a way to
not treat them as such.

Denis

>
>Denis Beauchemin wrote:
>
>> Hello Julian,
>>
>> Someone told me that our phishing net believes ALL accented characters
>> are bad, as seen here:
>> <a href="http://www.%E9.com"><font color="red"><b>MailScanner
>> soup&ccedil;onne le lien "www._BAD_.com" d'&ecirc;tre une tentative de
>> fraude de la part de</b></font> www.&eacute;.com</a><br>
>>
>> The source of the message was:
>> <a href="http://www.%E9.com">www.&eacute;.com</a>
>>
>> I know there are many vulnerabilities with IDN, but they will probably
>> get mainstream soon.  I found this article about Netscape 7 that dates
>> back July 2003:
>> http://devedge-temp.mozilla.org/viewsource/2003/idn/index_en.html
>>
>> So, is this a bug in MS or a desing decision?
>>
>> Thanks again!
>>
>> Denis
>> PS: I sent this message 2 hours ago and I still haven't seen it back...
>>
>

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!



More information about the MailScanner mailing list