Fw: [Assp-user] [Crosspost] URIBL patch

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Fw: [Assp-user] [Crosspost] URIBL patch

Przemek Czerkas
Wim Borghs wrote:

> 2 cases that are detected as obfuscated URIs but found in 'good' mail:
> www.brusselsairlines.be%2Fnl_be%
> www.naturellement.be


REPLACE:
 while ($b=~/(?:ht|f)tps?[\041-\176]{0,3}\:\/{1,3}($URIRe)|((?:www|ftp)(?:\=2e|\&\#0?46\;?|\.)$URIRe)/gio) {
   $uri=$1 || $2;
   # RFC 2821, section 4.5.2, 'Transparency': delete leading '.' character
   $uri=~s/$URIContinuationRe\.?//go; # and strip line continuations
   $uri=~s/\=([a-f0-9]{2})/chr(hex($1))/gie; # decode quoted-printables
   # decode 'at' character
   $uri=~s/\%40/@/g;
   $uri=~s/\&\#0?64\;?/@/g;
   if ($uri=~/(?:[^\s\/\@]+\@)?($URIHostRe)/io) {
    $uri=$1;
    # fix HTML
    $uri=~s/\&\#1[03]\;?.*$//;
    $uri=~s/\&(?:nbsp|amp|quot|gt|lt)\;?//gi;

WITH:
 while ($b=~/(?:ht|f)tps?[\041-\176]{0,3}\:\/{1,3}($URIRe)|((?:www|ftp)(?:[\=\%]2e|\&\#0?46\;?|\.)$URIRe)/gio) {
   $uri=$1 || $2;
   # RFC 2821, section 4.5.2, 'Transparency': delete leading '.' character
   $uri=~s/$URIContinuationRe\.?//go; # and strip line continuations
   $uri=~s/\=([a-f0-9]{2})/chr(hex($1))/gie; # decode quoted-printables
   $uri=~s/\%40|\&\#0?64\;?/@/g; # decode '@' character
   if ($uri=~/(?:[^\s\/\@]+\@)?($URIHostRe)/io) {
    $uri=$1;
    # fix HTML
    $uri=~s/[\=\%]2[ef]|\&\#0?4[67]\;?/./gi; # decode '.,' characters
    $uri=~s/\&(?:nbsp|amp|quot|gt|lt|\#0?1[03])\;?.*$//i;

P.

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Assp-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/assp-devel