Author: Dave C. Date: To: Juha Saarinen CC: exim-users Subject: Re: [Exim] Ideas to handle "confirm.to" style of MIME/HTML abuse?
Block the individual IP or netblock of this webserver in your upstream
router?
On Mon, 10 Sep 2001, Juha Saarinen wrote:
> I'm looking for filtering ideas to shortcircuit "services" like this
> one: www.confirm.to >
> The "read receipt" is essentially a MIME'd attachment that doesn't show
> up in Outlook XP or Outlook Express (unless you do Message Properties in
> the latter), but Pine displays it as:
>
> <font size=+1><PRE>
> aksl
> </PRE>
> <img
> src=http://164.124.123.208/read/1000080733-7d0d40db6519a17d.e9b48f40e5b0 > 0d8e/someone
> @somewhere.com.confirm.postel.to width=0 height=0>
> </BODY>
> </HTML>
>
> The <PRE> tag obviously attempts to disguise the HTML nature of the
> message, and the whole scheme looks like a variation on the single-pixel
> image file.
>
> @#$#@!!! HTML enabled mail clients...
>
>
> --
> Juha Saarinen
>
>
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>