Print Page | Close Window

How to block HTML e-mail?

Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=445
Printed Date: 05 February 2025 at 2:02pm


Topic: How to block HTML e-mail?
Posted By: Guests
Subject: How to block HTML e-mail?
Date Posted: 09 May 2003 at 10:16am

Hi

Just bye spamfilter to Danish ISP, it has work very fine in the test periode. I do have a small problem with HTML e-mail and keywords. I can not blok html e-mail - only normal text e-mail is responding on my keywords.

Claus 


Replies:
Posted By: Guests
Date Posted: 09 May 2003 at 10:41am

Examine your HTML messages closely. I have found that spammers are learning to bypass keyword content filters by embedding comments in the messages; e.g.

Get your via<!--342fxfdf-->gra here

The embedded comment doesn't get displayed by the mail client but fools keyword checkers. A useful option for SpamFilter would be an HTML parser that knows to ignore comments like these.

This might be why messages are making it through your filter.

Posted By: Guests
Date Posted: 09 May 2003 at 12:14pm

Here's a thought...

How about using a keyword filter for the opening portion of a tag for an HTML comment as follows

<!

That way all email with HTML comments get filtered.  Realistically who needs comments in the HTML of an email message?

Likewise you would be able to filter out all HTML messages that use web images (to get by keyword filters) by using

img src=

These will increase the required monitoring of the quarantine, but if they are a big problem they may help out.

Comments?

Posted By: Guests
Date Posted: 10 May 2003 at 6:42pm

Benn running the HTML filter suggestions, it blocks about 90% of my email -- ALL SPAM  -- no legit messages hit yet!  I can't believe it!!!!!

 

James Taylor

mailto:jltaylor@metrotel.net" CLASS="ASPForums" TITLE="WARNING: URL created by poster. - jltaylor@metrotel.net


Posted By: Guests
Date Posted: 11 May 2003 at 5:46am

Here is another trick spammers are now using. They will place this code in html emails in between words .

<font face="Arial" size="4">Would you like a larger one...? or for your

spouse to have a larger one. </font><b><font face="Arial" color="#FFFFFF">6rp4bl2

6rp4bln</font></b><font face="Arial" size="4"><br>

Our product is an excellent way to add permanent length and girth to a </font>

If you place this sample code in an html editor and do a preview you will see what I mean as to how it works.

I have been using color="#FFFFFF in the keywords list and have seen a dramatic decrease in spam getting by the filter.

Just remember that some legitimate email will have images in them. Most email should not have a white font in them since unless the body background is black the reader would not be able to read the email.

Just some more food for thought.

 

Posted By: Guests
Date Posted: 12 May 2003 at 12:18pm

Glad it worked for you. 

No guarantee it will last long as there are a lot more ways that keywords can be messed with using HTML that I won't mention.  Don't want to give any help to spammers...

Posted By: Guests
Date Posted: 13 May 2003 at 2:50pm

Well, looks like legit email sent HTML may have the following line:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

Which means the "comment" filter doesn't work so well.

 

Posted By: Guests
Date Posted: 15 May 2003 at 12:17pm

Yes it all depends on what type of mail you recieve.

If you regularly recieve a lot of HTML base email from people that you don't have in your whitelist then this will not work for you.


Print Page | Close Window