You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Jeff Chan <je...@surbl.org> on 2005/05/17 12:53:38 UTC

New? URI obfuscation: backslash at end of URI

Can someone check if 3.03 or 3.1 catches this URI obfuscation
spotted in recent spams: 

      <P><A
      href=3D"http://hyahlarzvz96ckva9nsn9zvs9.tnashbsv.com\">Check
      it Out</A></P><BR></DIV></TD></TR>  

Apparently the backslash at the end of the URI throws off some
parsers such as (unpatched) 3.0.1.  Hopefully the same patch that
catches just : at the end of URIs, etc. also catches these.

Cheers,

Jeff C.
-- 
Jeff Chan
mailto:jeffc@surbl.org
http://www.surbl.org/

Re: New? URI obfuscation: backslash at end of URI

Posted by Theo Van Dinter <fe...@kluge.net>.

On Tue, May 17, 2005 at 03:53:38AM -0700, Jeff Chan wrote:
> Apparently the backslash at the end of the URI throws off some
> parsers such as (unpatched) 3.0.1.  Hopefully the same patch that
> catches just : at the end of URIs, etc. also catches these.

Not really.  3.0 doesn't deal with it, 3.1 works fine.

-- 
Randomly Generated Tagline:
"That has more ifs than the source to Win2k." - Chris Hagerty