On Fri, 27 Oct 2023, Antony Stone wrote:
On Friday 27 October 2023 at 16:56:36, DEMBLANS Mathieu wrote:
Hi,
Anyone know if there is a way to request an external API throught a
spamsassassin plugin ? It will be to search an URL extracted by SA from a
body of a mail and check if it's referenced with an API request on an
external service (virustotal or other). We receive some mails with URL
inside whose page contains malware. One day, a user will click on it...
If I can junk it before, it would be great.
You may want to be cautious about "checking" URLs in this way, because some
emails will contain things like "to unsubscribe, click here" or "accept
meeting invitation?" and so on.
You do not really want some automated system "clicking" on URLs like that and
triggering external events either without the user's knowledge (they haven't
even seen the email at this stage) or indeed doing something they do not want.
It doesn't sound like it will *visit* the link, just ask some service if
the like has a reputation.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...the Fates notice those who buy chainsaws...
-- www.darwinawards.com
-----------------------------------------------------------------------
4 days until Halloween
