On 11/01/2010 14:55, Charles Gregory wrote:
On Mon, 11 Jan 2010, Mike Cardwell wrote:
: I just copied and pasted that out of pastebin into a little project I've
: been working on. Here's the result:
: http://spamalyser.com/v/6xnb26gp/mime
Question: What does spamalyzer do with an HTML message part?
It is of concern (naturally) that implanted malicious scripts not be
rendered whole and complete....
Presently it renders them as plain text. I'm fully aware of the
potential problems with it. Ideally I'd like to be able to render those
parts as HTML, but I need to be 100% sure that I've stripped out
anything dangerous (including embedded remote content by default) first.
It's on the "ToDo List" page.
I'm also aware of the issues surrounding people potentially uploading
images and then linking to them from spam websites or spam. That's why
I've put http referer restrictions in place.
--
Mike Cardwell : UK based IT Consultant, LAMP developer, Linux admin
Cardwell IT Ltd. : UK Company - http://cardwellit.com/ #06920226
Technical Blog : Tech Blog - https://secure.grepular.com/blog/
Spamalyser : Spam Tool - http://spamalyser.com/
