Thomas, I searched for the email that caused me to send email about:
> href=3D > 。 I could not find the message. Also, I set up a a test rig with ASSP version 2.1.2(12068) and fed it real messages with example coding. ASSP caught each one and processed appropriately. Test messages were not double encoded. I have never seen the issue double encoded. Sorry for the confusion. Michael Thomas Mathbox 978-687-3300 Toll Free: 1-877-MATHBOX (1-877-628-4269) On 3/13/2012 3:34 AM, Thomas Eckardt wrote: > Both encodings are detected and decoded by assp. > > If you see both strings after '$data = decHTMLent($data);' > > href=3D > 。 > > they must be double encoded in the original source - something like: > > &#12290 > or > &#%31%32=32%39=30. > > If this is the case - IMHO these stings should not be shown as an URL in > the mail client. > > Thomas please could you check this for me - thank you. > > Thomas > > > > > Von: Michael Thomas<m...@mathbox.com> > An: ASSP development mailing list<assp-test@lists.sourceforge.net> > Datum: 11.03.2012 19:27 > Betreff: Re: [Assp-test] Antwort: Re: Antwort: URI Scanning fixes > > > > Thomas, > > I am using ASSP version 2.1.2(12068). AFAIK that is the latest. The > issue exists in ASSP version 2.1.2(12068). > > Michael Thomas > Mathbox > 978-687-3300 > Toll Free: 1-877-MATHBOX (1-877-628-4269) > > On 3/11/2012 1:40 PM, Thomas Eckardt wrote: >>> but I use $AddURIS2MyHeader, >> >>> Without those two lines, ASSP never sees the example URI as URI. ASSP >> skips over them. >> >> Do you use the latest version - this was changed in any of the latest >> versions. >> >>> $uri =~ s/\%([a-f0-9]{2})/chr(hex($1))/gieo; # >>> decode percents >>> $uri =~ s/\&\#(\d+)\;?/decHTMLentHD($1)/geo; # >> decode >>> &#ddd's >>> $uri =~ >>> s/\&\#x((?:[a-f0-9]{2})+)\;?/decHTMLentHD($1,'h')/geio; # > decode >>> &#xHHHH's >>> >> >> >> Thomas >> >> >> >> >> >> Von: Michael Thomas<m...@mathbox.com> >> An: ASSP development mailing list<assp-test@lists.sourceforge.net> >> Datum: 11.03.2012 18:28 >> Betreff: Re: [Assp-test] Antwort: URI Scanning fixes >> >> >> >> Thomas, >> >> If you insist, but I use $AddURIS2MyHeader, so I see a list of all URI >> discovered by ASSP. I downloaded ASSP version 2.1.2(12068) and installed >> it. When I discovered spam getting through, I examined the spam and >> realized I had forgotten to add those two lines. >> >> Without those two lines, ASSP never sees the example URI as URI. ASSP >> skips over them. >> >> With those two lines added, ASSP sees the URI as URI and adds them to >> the URI list. Further, if the URI are blacklisted, ASSP acts >> appropriately. Without those two lines, ASSP does not act on the >> offending URI. >> >> Variant #1 - "href=3D" >> In Variant #1, the hex code is not in the URI. The hex code is in the >> HTML anchor syntax. >> Hotmail Example >> --------------------------- >> <a href=3D"http://chesapeakeluxurydays= >> pa.com/flash.php">http://chesapeakeluxurydayspa.com/flash.php</a>=0A= >> <br>=0A= >> =0A= >> <br> <br> <br> <br> <br> <br> <br>=0A= >> --------------------------- >> >> Variant #2 - "。" >> I do not know why ASSP misses this one, but it does. >> >> I see these variants from Hotmail and Yahoo all the time. >> >> Michael Thomas >> Mathbox >> 978-687-3300 >> Toll Free: 1-877-MATHBOX (1-877-628-4269) >> >> On 3/11/2012 5:06 AM, Thomas Eckardt wrote: >>> This is not needed >>> >>> - assp decodes all MIME encodings in&cleanMIMEBody2UTF8($bd). >>> >>> - assp decodes all HTML encodings in >>> $data = decHTMLent($data);. >>> and >>> $uri =~ s/\%([a-f0-9]{2})/chr(hex($1))/gieo; # >>> decode percents >>> $uri =~ s/\&\#(\d+)\;?/decHTMLentHD($1)/geo; # >> decode >>> &#ddd's >>> $uri =~ >>> s/\&\#x((?:[a-f0-9]{2})+)\;?/decHTMLentHD($1,'h')/geio; # > decode >>> &#xHHHH's >>> >>> >>> >>> Thomas >>> >>> >>> >>> >>> Von: Michael Thomas<m...@mathbox.com> >>> An: ASSP development mailing list<assp-test@lists.sourceforge.net> >>> Datum: 10.03.2012 20:21 >>> Betreff: [Assp-test] URI Scanning fixes >>> >>> >>> >>> Thomas, >>> >>> In sub URIBLok_Run I made the following modifications to handle two URI >>> variants: >>> >>> Variant 1: href=3d"http://... >>> Variant 2: http://somename。com >>> >>> >>> my $data =&cleanMIMEBody2UTF8($bd); >>> $data =~ s/\=(?:\015?\012|\015)//go; >>> # MIKE >>> $data =~ s/href\=3[dD]/href\=/go; >>> $data =~ s/\&\#12290\;/./go; >>> # End MIKE >>> $data = decHTMLent($data); >>> >>> >>> >>> >>> >>> >> > ------------------------------------------------------------------------------ >>> Virtualization& Cloud Management Using Capacity Planning >>> Cloud computing makes use of virtualization - but cloud computing >>> also focuses on allowing computing to be delivered as a service. >>> http://www.accelacomm.com/jaw/sfnl/114/51521223/ >>> >>> >>> >>> _______________________________________________ >>> Assp-test mailing list >>> Assp-test@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/assp-test >> >> >> > ------------------------------------------------------------------------------ >> Virtualization& Cloud Management Using Capacity Planning >> Cloud computing makes use of virtualization - but cloud computing >> also focuses on allowing computing to be delivered as a service. >> http://www.accelacomm.com/jaw/sfnl/114/51521223/ >> _______________________________________________ >> Assp-test mailing list >> Assp-test@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/assp-test >> >> >> >> >> DISCLAIMER: >> ******************************************************* >> This email and any files transmitted with it may be confidential, > legally >> privileged and protected in law and are intended solely for the use of > the >> >> individual to whom it is addressed. >> This email was multiple times scanned for viruses. There should be no >> known virus in this email! >> ******************************************************* >> >> >> >> >> >> > ------------------------------------------------------------------------------ >> Virtualization& Cloud Management Using Capacity Planning >> Cloud computing makes use of virtualization - but cloud computing >> also focuses on allowing computing to be delivered as a service. >> http://www.accelacomm.com/jaw/sfnl/114/51521223/ >> >> >> >> _______________________________________________ >> Assp-test mailing list >> Assp-test@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/assp-test > > > ------------------------------------------------------------------------------ > Virtualization& Cloud Management Using Capacity Planning > Cloud computing makes use of virtualization - but cloud computing > also focuses on allowing computing to be delivered as a service. > http://www.accelacomm.com/jaw/sfnl/114/51521223/ > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > > DISCLAIMER: > ******************************************************* > This email and any files transmitted with it may be confidential, legally > privileged and protected in law and are intended solely for the use of the > > individual to whom it is addressed. > This email was multiple times scanned for viruses. There should be no > known virus in this email! > ******************************************************* > > > > > > ------------------------------------------------------------------------------ > Keep Your Developer Skills Current with LearnDevNow! > The most comprehensive online learning library for Microsoft developers > is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, > Metro Style Apps, more. Free future releases when you subscribe now! > http://p.sf.net/sfu/learndevnow-d2d > > > > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test