exe extension in url

James Gray james at grayonline.id.au
Mon Jan 9 22:29:19 GMT 2006


    [ The following text is in the "utf-8" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

On Tuesday 10 January 2006 04:41, Information Services wrote:
> Here is something I haven't seen, and maybe these have been coming through
> but this is the first I have taken notice too.
>
> I have an email (posted below), that tries to get the user to go to a link
> with an executable file.  Where would I go in order to block this type of
> email?
> I could block the postcard domain, but that would resolve only them.  I am
> concerned about hackers sending to less knowledgeable users.

I have written a number of SpamAssassin rules that increase the score for 
messages that link to executables (exe/dll/bat/etc... but NOT ".com"...think 
about it :P).  Unfortunately some of them also hit legitimate websites (like 
www.ht.com.au which uses a program called "xworks.exe" for its dynamic 
content).

<SHAMELESS_PLUG>
All my rules are available at http://files.grayonline.id.au - all the URL/URI 
rules are in the "local_uri.cf" which is in the tar ball.  The rest of the 
instructions are on the website.
</SHAMELESS_PLUG>

Pick and choose as you see fit :)

Cheers,

James
-- 
You will triumph over your enemy.

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!



More information about the MailScanner mailing list