On Wed 13-Jul-05 12:52am -0500, alien wrote:
Wednesday, July 13, 2005, 12:23:23 AM, you wrote:
I posted my test filter - just paste it in you incoming
mail filter (right click on Incoming mail and choose
paste) and change the destination of the move.
Ok, tried that and it didn't work for
Hi Konrad,
Monday, July 11, 2005, 3:06:18 PM, you wrote:
message source matches all as Regex http://.*\.scr action Set
Not matches all as Regexp, only match.
And try this regexp:
(?s)http://[^\]*\.(scr|exe|pif|whatever)
[^\] means: every char
On Mon 11-Jul-05 8:45am -0500, alien wrote:
I'm trying to detect emails that have hidden http links to dangerous
files (scr, exe, etc) in HTML documents . Here are two examples:
ahref=http://host144dnx.plugin.com/foto007.scr;http://www.fee.com/docs/fotos/Loren.jpg/a/font/font/p
Witam Cię, alienie. Dwunastego lipca 2005 roku napisałeś:
Konrad has kindly suggested the expression above but no joy. I'm not
too sure about the (?s) he put in front so I tried this one as well
but it also didn't work.
(?s) is not required (if is set, a dot metacharater in the pattern
Witam Cię, Billu. Dwunastego lipca 2005 roku napisałeś:
Also both examples have a `` after the naughty extension, not a
``.
I have seen html messages without `` chars in links. See test
message attached.
Try this as your regex - the (?s) will cause lines to be spanned:
the (?: ... )
On Tue 12-Jul-05 3:33pm -0500, alien wrote:
Tuesday, July 12, 2005, 1:09:51 PM, Bill McCarthy wrote:
(?s)http://.*\.(?:scr|exe|etc)
If that fails you, could you send one of those messages
as an attachment?
Unfortunately it didn't work either
I received your two emails. That above regex
Hi Bill,
Tuesday, July 12, 2005, 9:11:09 PM, you wrote:
You apparently are doing something strange :-)
That's actually comforting to know, at least the hard RegExp part is
out of the way ;-)
I tripled checked my filter and can't see anything obviously wrong
(it's pretty straightforward
On Tue 12-Jul-05 9:49pm -0500, alien wrote:
Tuesday, July 12, 2005, 9:11:09 PM, you wrote:
You apparently are doing something strange :-)
That's actually comforting to know, at least the hard RegExp part is
out of the way ;-)
I tripled checked my filter and can't see anything obviously
Hi Bill,
Wednesday, July 13, 2005, 12:23:23 AM, you wrote:
I posted my test filter - just paste it in you incoming
mail filter (right click on Incoming mail and choose
paste) and change the destination of the move.
Ok, tried that and it didn't work for me. Thanks anyhow.
Also you could
Hallo alien,
On Mon, 11 Jul 2005 10:45:25 -0300GMT (11-7-2005, 15:45 +0200, where I
live), you wrote:
A I'm trying to detect emails that have hidden http links to dangerous
A files (scr, exe, etc) in HTML documents . Here are two examples:
HTML messages are attachments. AFAIK TB doersn't scan
Hi Roelof,
Monday, July 11, 2005, 12:12:27 PM, you wrote:
A I'm trying to detect emails that have hidden http links to dangerous
A files (scr, exe, etc) in HTML documents . Here are two examples:
HTML messages are attachments. AFAIK TB doersn't scan inside
attachments.
If I am filtering on
Hi Roelof Otten,
On Monday, July 11, 2005, you wrote:
A I'm trying to detect emails that have hidden http links to
A dangerous files (scr, exe, etc) in HTML documents . Here are two
A examples:
HTML messages are attachments. AFAIK TB doersn't scan inside
attachments.
I think with v3 and the
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
***^\ ._)~~
~( __ _o Was another beautiful day, Mon, 11 Jul 2005,
@ @ at 17:12:27 +0200, when Roelof Otten wrote:
Hallo alien,
[...] you wrote:
A I'm trying to detect emails that have hidden http links to dangerous
A files
13 matches
Mail list logo
