Phishing Disarm
Derek Buttineau
derek at csolve.net
Tue Nov 2 14:47:50 GMT 2010
We just encountered an interesting problem with the Phishing Disarm. The attached message body becomes corrupted when MailScanner tries to disarm it resulting in the message being undeliverable (It's spam but that's another issue). The problem is that the phishing link doesn't terminate so the rest of the document ends up being removed.
Going to see if I can figure out how to work around it, but thought I should report it in case anyone else is encountering their queues growing with the recent Rolex spam.
Cheers,
Derek
-------------- next part --------------
Mime-Version: 1.0
Content-type: text/html; charset="utf-8"
Content-Transfer-Encoding: 7bit
<html bgcolor="#000000" style="background:#000000; color:#FFFFFF; font-size:12px; font-family:Lucida Sans Unicode, Lucida Grande, Sans-Serif;" xmlns="http://www.w3.org/1999/xhtml" xmlns:custom="urn:custom-functions">
<head>
<style type="text/css">
body, html { background:#000000; color:#FFFFFF; font-size:12px; font-family:Lucida Sans Unicode, Lucida Grande, Sans-Serif; }
h3 { font-family:Times New Roman; font-size:14px; color:#FFFFFF; }
a { text-decoration:none; color:#FFFFFF; }
</style>
</head>
<body bgcolor="#000000" style="background:#000000; color:#FFFFFF; font-size:12px; font-family:Lucida Sans Unicode, Lucida Grande, Sans-Serif;">
<table width="455" cellpadding="0" cellspacing="0" border="0" align="center">
<tr>
<td>
<table>
<tr>
<td height="50" width="455" />
</tr>
<tr width="455">
<td>
<a href="http://www.rolex.com.gripevery.com"><img style="border:none;" src="http://www.rolex.com/images/email/baselEmailLogo.jpg" width="455" height="59" />
</td>
</tr>
<tr>
<td height="50" width="455" />
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table>
<tr width="455" style="font-size:12px; font-family:Lucida Sans Unicode, Lucida Grande, Sans-Serif ;">
<td>
<h3 style="margin:0;font-size:20px; color:#FFFFFF;">Dear derek at thelostrealm.net</h3>
<h3 style="margin:0; color:#FFFFFF;">WANTS TO SHARE SOMETHING WITH YOU</h3>
<br />
<p style="margin:0; color:#FFFFFF;">While exploring the Rolex.Com website, discovered this official Rolex address and thought you would be interested. </p>
<a href="http://www.rolex.com.gripevery.com" style="color:#b89c43; text-decoration:underline;">http://www.rolex.com</a>
<br />
<p style="margin:0; color:#FFFFFF;">and wanted to share it with you.</p>
<br />
<p style="margin:0; color:#FFFFFF;">Thank you. </p>
<p style="margin:0; color:#FFFFFF;">See you soon on Rolex.com </p>
<br />
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table>
<tr width="455">
<td>
<a href="http://www.rolex.com.gripevery.com"><img style="border:none;" src="http://www.rolex.com/images/email/BaselEmailWatch.jpg" width="455" height="298" />
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table>
<tr width="455" align="center" style="font-family:Lucida Sans Unicode, Lucida Grande, Sans-Serif; font-size:10px;">
<td>
<br />
<br />
<br />
<br />
<p style="margin:0; color:#FFFFFF;">Rolex S.A. respects your right to privacy and is committed to maintaining your confidence and trust. Any information you provide us through our website will not be sold or rented.</p>
<br />
<p style="margin:0; color:#FFFFFF;">Rolex S.A. does not collect any information from you without your knowledge and permission, and does not ask that you enter any personal information to access the website.</p>
<br />
<p style="margin:0; color:#FFFFFF;">Information you provide Rolex S.A. is stored in a secure location and is accessible only by designated staff.</p>
<br />
<p style="margin:0; color:#FFFFFF;">© Rolex SA, Geneva, Switzerland</p>
<br />
</td>
</tr>
</table>
</td>
</tr>
</table>
<br />
<br />
</body>
</html>
More information about the MailScanner
mailing list