Hi Team At the moment, I guess the while german speaking part of the world is being plagued by fake email invoices leading to phishing or malware sites.
Unfortunately, as many legitimate invoices are being sent by email, it is a bit tricky to block only those fake ones. What seems to be the common way to recognize a fake invoice is: * Subject contains String 'Rechnung'. * Email contains HTML attachment, not a MIME alternative to the TEXT part. Some examples of such attachments: Content-Type: application/octet-stream; name="AR6-6624419.html" Content-Transfer-Encoding: base64 Content-Disposition: attachment Content-Type: application/octet-stream; name="B2B_RECHNUNG_00012054_B00181056_RB00181058.html" Content-Transfer-Encoding: base64 Content-Disposition: attachment Content-Type: application/octet-stream; name=Rechnung17040.html Content-Transfer-Encoding: base64 Content-Disposition: attachment Content-Type: application/octet-stream; name=Ausgangsrechnung_760900_20251126_084703.html Content-Transfer-Encoding: base64 Content-Disposition: attachment Is there a way to do a regexp match of the 'name' attribute in the Content-Type header? Has anyone maybe come up with some nice working solution? Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________
