You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Rupert Gallagher <ru...@protonmail.com> on 2019/04/17 14:20:52 UTC

HTML/URI defuser

Let's talk about those works of art that elude our best filters. Written and posted like a legit message, their only threat is a big red button with a label that says "do not push me". In truth, they are just a "click here for your overdue bill" and similar hooks for the gullible few.

There are two things I would like to do asap: automatically rewrite any html e-mail into plain text, and automatically rewrite any URI into something that does not trigger any external program (browser, ftp, you name it).

This is the only loophole left in my systems, and see non alternative.