[HTTPS-E Rulesets] HTTPS Everywhere rule

Claudio Moretti flyingstar16 at gmail.com
Fri Jan 24 15:10:50 PST 2014


On Fri, Jan 24, 2014 at 3:32 PM, Daniel Kahn Gillmor
<dkg at fifthhorseman.net>wrote:

> Is there any evidence that this list has been abused to transmit
> malicious content to any of its readers?
>

No (and if there has, Gmail filtered them out for me) but I think he's
referring to the fact that for some reason the actual content of the XML
file is

<ruleset name="phkr.de">
>   <target host="www.phkr.de" />
> *  <target host="twitter.de <http://twitter.de>" /> *
>
>   <rule from="^http://(www\.)?phkr\.de/" to="https://www.phkr.de/"/>
> </ruleset>
>

Joshua, if that's what you meant, you shoud know that rules are checked
manually by the EFF staff (so not by everyone in the list) before being
added to the extension :)

In this case, moreover, AFAIK having that target host does not affect
Twitter.de, because there's no actual rule that matches Twitter.

If you meant actual spam and malware, instead, there should be a
SpamAssassin+ClamAV combination on the server that scans all mail, and if
the mail is sent by someone not subscribed to the list it goes into the
moderation queue.

Of course, it's impossible to catch everything (not even the best
spam/malware filters can do that) so I'd recommend a good antivirus for
those cases :)

Cheers,

Claudio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/https-everywhere-rules/attachments/20140124/f3f8982a/attachment.html>


More information about the HTTPS-Everywhere-Rules mailing list