Thomas, I am using ASSP version 2.1.2(12068). AFAIK that is the latest. The issue exists in ASSP version 2.1.2(12068).
Michael Thomas Mathbox 978-687-3300 Toll Free: 1-877-MATHBOX (1-877-628-4269) On 3/11/2012 1:40 PM, Thomas Eckardt wrote: >> but I use $AddURIS2MyHeader, > >> Without those two lines, ASSP never sees the example URI as URI. ASSP > skips over them. > > Do you use the latest version - this was changed in any of the latest > versions. > >> $uri =~ s/\%([a-f0-9]{2})/chr(hex($1))/gieo; # >> decode percents >> $uri =~ s/\&\#(\d+)\;?/decHTMLentHD($1)/geo; # > decode >> &#ddd's >> $uri =~ >> s/\&\#x((?:[a-f0-9]{2})+)\;?/decHTMLentHD($1,'h')/geio; # decode >> &#xHHHH's >> > > > Thomas > > > > > > Von: Michael Thomas<m...@mathbox.com> > An: ASSP development mailing list<assp-test@lists.sourceforge.net> > Datum: 11.03.2012 18:28 > Betreff: Re: [Assp-test] Antwort: URI Scanning fixes > > > > Thomas, > > If you insist, but I use $AddURIS2MyHeader, so I see a list of all URI > discovered by ASSP. I downloaded ASSP version 2.1.2(12068) and installed > it. When I discovered spam getting through, I examined the spam and > realized I had forgotten to add those two lines. > > Without those two lines, ASSP never sees the example URI as URI. ASSP > skips over them. > > With those two lines added, ASSP sees the URI as URI and adds them to > the URI list. Further, if the URI are blacklisted, ASSP acts > appropriately. Without those two lines, ASSP does not act on the > offending URI. > > Variant #1 - "href=3D" > In Variant #1, the hex code is not in the URI. The hex code is in the > HTML anchor syntax. > Hotmail Example > --------------------------- > <a href=3D"http://chesapeakeluxurydays= > pa.com/flash.php">http://chesapeakeluxurydayspa.com/flash.php</a>=0A= > <br>=0A= > =0A= > <br> <br> <br> <br> <br> <br> <br>=0A= > --------------------------- > > Variant #2 - "。" > I do not know why ASSP misses this one, but it does. > > I see these variants from Hotmail and Yahoo all the time. > > Michael Thomas > Mathbox > 978-687-3300 > Toll Free: 1-877-MATHBOX (1-877-628-4269) > > On 3/11/2012 5:06 AM, Thomas Eckardt wrote: >> This is not needed >> >> - assp decodes all MIME encodings in&cleanMIMEBody2UTF8($bd). >> >> - assp decodes all HTML encodings in >> $data = decHTMLent($data);. >> and >> $uri =~ s/\%([a-f0-9]{2})/chr(hex($1))/gieo; # >> decode percents >> $uri =~ s/\&\#(\d+)\;?/decHTMLentHD($1)/geo; # > decode >> &#ddd's >> $uri =~ >> s/\&\#x((?:[a-f0-9]{2})+)\;?/decHTMLentHD($1,'h')/geio; # decode >> &#xHHHH's >> >> >> >> Thomas >> >> >> >> >> Von: Michael Thomas<m...@mathbox.com> >> An: ASSP development mailing list<assp-test@lists.sourceforge.net> >> Datum: 10.03.2012 20:21 >> Betreff: [Assp-test] URI Scanning fixes >> >> >> >> Thomas, >> >> In sub URIBLok_Run I made the following modifications to handle two URI >> variants: >> >> Variant 1: href=3d"http://... >> Variant 2: http://somename。com >> >> >> my $data =&cleanMIMEBody2UTF8($bd); >> $data =~ s/\=(?:\015?\012|\015)//go; >> # MIKE >> $data =~ s/href\=3[dD]/href\=/go; >> $data =~ s/\&\#12290\;/./go; >> # End MIKE >> $data = decHTMLent($data); >> >> >> >> >> >> > ------------------------------------------------------------------------------ >> Virtualization& Cloud Management Using Capacity Planning >> Cloud computing makes use of virtualization - but cloud computing >> also focuses on allowing computing to be delivered as a service. >> http://www.accelacomm.com/jaw/sfnl/114/51521223/ >> >> >> >> _______________________________________________ >> Assp-test mailing list >> Assp-test@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/assp-test > > > ------------------------------------------------------------------------------ > Virtualization& Cloud Management Using Capacity Planning > Cloud computing makes use of virtualization - but cloud computing > also focuses on allowing computing to be delivered as a service. > http://www.accelacomm.com/jaw/sfnl/114/51521223/ > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > > DISCLAIMER: > ******************************************************* > This email and any files transmitted with it may be confidential, legally > privileged and protected in law and are intended solely for the use of the > > individual to whom it is addressed. > This email was multiple times scanned for viruses. There should be no > known virus in this email! > ******************************************************* > > > > > > ------------------------------------------------------------------------------ > Virtualization& Cloud Management Using Capacity Planning > Cloud computing makes use of virtualization - but cloud computing > also focuses on allowing computing to be delivered as a service. > http://www.accelacomm.com/jaw/sfnl/114/51521223/ > > > > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test