[Esa-l] Defanging of HTML mail

[Brett Glass]

We just got a nasty HTML spam which contained directives
to fetch content fromt he spammer's site; it was
not fully neutralized by John's current sanitizer code. 
The source looked like this after defanging:

><x-html>
><html>
><head>
><title>Oldies Online Casino - Happy New Year!!!</title>
><bgsound src="http://www.oldiesonlinecasino.com/getyourbets.wav" loop="1">
><body bgcolor="#FFFFFF">
><p><font color="#000000" face="Arial, Helvetica, sans-serif" size="5">Oldies
>Online 
>  Casino</font><br>
>  <font face="Arial, Helvetica, sans-serif" color="#FF0000">Would like to
>welcome 
>  you and your family a Happy New Year!</font><font face="Arial, Helvetica,
>sans-serif"><br>
>  </font><a href="http://www.oldiesonlinecasino.com"><DEFANGED_IMG
>src="http://www.oldiesonlinecasino.com/img/25perbonus.gif" width="253"
>height="164" border="0"></a><br>
>  <font face="Arial, Helvetica, sans-serif" color="#FF0000">We Would also like 
>  to offer ALL NEW &amp; EXISTING Members a <br>
>  Holiday 25% Bonus<br>
>  </font><font face="Arial, Helvetica, sans-serif" color="#000000">Oldies Online 
>  Casino offers Free no download Flash Internet <br>
>  gambling, games include craps, keno, slots, video poker, <br>
>  roulette and blackjack in real time. Play for fun or cash!<br>
>  <a
>href="http://www.oldiesonlinecasino.com">http://www.oldiesonlinecasino.com</a
>><br>
>  <font size="1"><br>
>  to <a href="http://www.oldiesonlinecasino.com"><font
>color="#FF0000">unsubscribe</font></a> 
>  click here</font></font></p>
></HTML>

Note that the background sound got through.... I suspect that a
background bitmap would as well.

--Brett