Thomas,
I am using ASSP version 2.1.2(12068). AFAIK that is the latest. The
issue exists in ASSP version 2.1.2(12068).
Michael Thomas
Mathbox
978-687-3300
Toll Free: 1-877-MATHBOX (1-877-628-4269)
On 3/11/2012 1:40 PM, Thomas Eckardt wrote:
>> but I use $AddURIS2MyHeader,
>
>> Without those two lines, ASSP never sees the example URI as URI. ASSP
> skips over them.
>
> Do you use the latest version - this was changed in any of the latest
> versions.
>
>> $uri =~ s/\%([a-f0-9]{2})/chr(hex($1))/gieo; #
>> decode percents
>> $uri =~ s/\&\#(\d+)\;?/decHTMLentHD($1)/geo; #
> decode
>> &#ddd's
>> $uri =~
>> s/\&\#x((?:[a-f0-9]{2})+)\;?/decHTMLentHD($1,'h')/geio; # decode
>> &#xHHHH's
>>
>
>
> Thomas
>
>
>
>
>
> Von: Michael Thomas<m...@mathbox.com>
> An: ASSP development mailing list<assp-test@lists.sourceforge.net>
> Datum: 11.03.2012 18:28
> Betreff: Re: [Assp-test] Antwort: URI Scanning fixes
>
>
>
> Thomas,
>
> If you insist, but I use $AddURIS2MyHeader, so I see a list of all URI
> discovered by ASSP. I downloaded ASSP version 2.1.2(12068) and installed
> it. When I discovered spam getting through, I examined the spam and
> realized I had forgotten to add those two lines.
>
> Without those two lines, ASSP never sees the example URI as URI. ASSP
> skips over them.
>
> With those two lines added, ASSP sees the URI as URI and adds them to
> the URI list. Further, if the URI are blacklisted, ASSP acts
> appropriately. Without those two lines, ASSP does not act on the
> offending URI.
>
> Variant #1 - "href=3D"
> In Variant #1, the hex code is not in the URI. The hex code is in the
> HTML anchor syntax.
> Hotmail Example
> ---------------------------
> <a href=3D"http://chesapeakeluxurydays=
> pa.com/flash.php">http://chesapeakeluxurydayspa.com/flash.php</a>=0A=
> <br>=0A=
> =0A=
> <br> <br> <br> <br> <br> <br> <br>=0A=
> ---------------------------
>
> Variant #2 - "。"
> I do not know why ASSP misses this one, but it does.
>
> I see these variants from Hotmail and Yahoo all the time.
>
> Michael Thomas
> Mathbox
> 978-687-3300
> Toll Free: 1-877-MATHBOX (1-877-628-4269)
>
> On 3/11/2012 5:06 AM, Thomas Eckardt wrote:
>> This is not needed
>>
>> - assp decodes all MIME encodings in&cleanMIMEBody2UTF8($bd).
>>
>> - assp decodes all HTML encodings in
>> $data = decHTMLent($data);.
>> and
>> $uri =~ s/\%([a-f0-9]{2})/chr(hex($1))/gieo; #
>> decode percents
>> $uri =~ s/\&\#(\d+)\;?/decHTMLentHD($1)/geo; #
> decode
>> &#ddd's
>> $uri =~
>> s/\&\#x((?:[a-f0-9]{2})+)\;?/decHTMLentHD($1,'h')/geio; # decode
>> &#xHHHH's
>>
>>
>>
>> Thomas
>>
>>
>>
>>
>> Von: Michael Thomas<m...@mathbox.com>
>> An: ASSP development mailing list<assp-test@lists.sourceforge.net>
>> Datum: 10.03.2012 20:21
>> Betreff: [Assp-test] URI Scanning fixes
>>
>>
>>
>> Thomas,
>>
>> In sub URIBLok_Run I made the following modifications to handle two URI
>> variants:
>>
>> Variant 1: href=3d"http://...
>> Variant 2: http://somename。com
>>
>>
>> my $data =&cleanMIMEBody2UTF8($bd);
>> $data =~ s/\=(?:\015?\012|\015)//go;
>> # MIKE
>> $data =~ s/href\=3[dD]/href\=/go;
>> $data =~ s/\&\#12290\;/./go;
>> # End MIKE
>> $data = decHTMLent($data);
>>
>>
>>
>>
>>
>>
> ------------------------------------------------------------------------------
>> Virtualization& Cloud Management Using Capacity Planning
>> Cloud computing makes use of virtualization - but cloud computing
>> also focuses on allowing computing to be delivered as a service.
>> http://www.accelacomm.com/jaw/sfnl/114/51521223/
>>
>>
>>
>> _______________________________________________
>> Assp-test mailing list
>> Assp-test@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/assp-test
>
>
> ------------------------------------------------------------------------------
> Virtualization& Cloud Management Using Capacity Planning
> Cloud computing makes use of virtualization - but cloud computing
> also focuses on allowing computing to be delivered as a service.
> http://www.accelacomm.com/jaw/sfnl/114/51521223/
> _______________________________________________
> Assp-test mailing list
> Assp-test@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/assp-test
>
>
>
>
> DISCLAIMER:
> *******************************************************
> This email and any files transmitted with it may be confidential, legally
> privileged and protected in law and are intended solely for the use of the
>
> individual to whom it is addressed.
> This email was multiple times scanned for viruses. There should be no
> known virus in this email!
> *******************************************************
>
>
>
>
>
> ------------------------------------------------------------------------------
> Virtualization& Cloud Management Using Capacity Planning
> Cloud computing makes use of virtualization - but cloud computing
> also focuses on allowing computing to be delivered as a service.
> http://www.accelacomm.com/jaw/sfnl/114/51521223/
>
>
>
> _______________________________________________
> Assp-test mailing list
> Assp-test@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/assp-test
------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
