| Main Archive Page > Month Archives > clamav-users archives |
Re: [Clamav-users] test for SafeBrowsing?
From: Erwan David <erwan_at_nospam>Date: Wed Mar 18 2009 - 13:04:57 GMT
To: clamav-users@lists.clamav.net
On Wed, Mar 18, 2009 at 01:55:14PM CET, Dennis Peterson <dennispe@inetnw.com> said:
> Moray Henderson (ICT) wrote:
> >> From: Török Edwin [mailto:edwintorok@gmail.com]
> >>>> Try using <a href="..."> for the URL.
> >>>>
> >>> Is that a requirement? If so we should get the spammers on board because
> >> some of
> >>> them may not know this :).
> >> No, there are more places from where URLs can be extracted, but "<a
> >> href" is one that must work.
> >
> > With modern email clients "helpfully" presenting text that looks like a URL as a real URL at the client end, SafeBrowsing really ought to check the plain text, not just within html tags. http://pastebin.com/m13232c54 may be just plain text when transmitted and scanned, but it's an "<a href>" by the time I read it: underlined, blue, and turns my cursor to a pointy finger with a pop-up box saying "Click to follow link".
>
> I don't imagine the world's premier spammers are sitting at their laptop in
> their shorts sending out thousands of spams with Thunderbird. There are purpose
> built products for this and can format the mail any way they wish.
>
What was said is that many MUA, *receiving* a mail with an URL in the text will automatically create a link from it. It has bothing to do with the sending software. -- Erwan _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml