https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8358
Bug ID: 8358
Summary: A HREF with "about:" prefix breaks URI check
Product: Spamassassin
Version: unspecified
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: spamassassin
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: Undefined
Created attachment 6051
--> https://bz.apache.org/SpamAssassin/attachment.cgi?id=6051&action=edit
Example of spam with '<a href="about:https://' pattern that doesn't get blocked
We are seeing phishing emails in which the payload URIs are prefixed by
"about:" at the start of the URI. The host name of the URI is not checked
against configured URI block lists.
Therefore the mail is not blocked even when the domain is on a block list.
Example:
<A title=""
style="TEXT-DECORATION: none; COLOR: rgb(0,78,206)"
href="about:https://example.com"; rel=noopener
target=_blank>
--
You are receiving this mail because:
You are the assignee for the bug.
