It's past my bed time, the source has been corrupted with too many =3D, =2E, HEX codes, and without the headers, I can't run it through debug, but a quick check of the whitelist doesn't seem to include:
https://epl.paypal-communication.com.
I see:
paypal-marketing
app.paypal-now.com
www.paypal-gifts.com
for a handful of the domains you listed.
-Al-
On Wed, May 31, 2017 at 01:16 AM, ***@epsilon.com wrote:
>
> Hi Al,
>
> I'm including below the source of an email that was rejected recently. Could you please point out exactly what you feel is the issue with the links?
>
> Many thanks,
>
> Anne-Sophie
>
>
> <!doctype html>
> <html>
> <head>
> <meta charset=3D"utf-8">
> <meta name=3D"viewport" content=3D"width=3Ddevice-width, initial-scale=3D1=
> =2E0">
> <meta name=3D"format-detection" content=3D"telephone=3Dno" />
> <title>Your Legal Agreements with PayPal</title>
> <style type=3D"text/css">
> table th { margin:0 !important; padding:0 !important; vertical-align:top; =
> font-weight:normal; }
> body {
> margin:0;
> padding:0;
> font-family:Arial;
> font-size: 16px;
> color:#666666;
> }
> *{
> line-height:normal !important;
> }
> /*Yahoo paragraph fix*/
> p {
> margin: 1em 0;
> }
> /*This resolves the Outlook 07, 10, and Gmail td padding issue fix*/
> table td {
> border-collapse: collapse;
> }
> /*viewport width scaling for all devices*/
> @-ms-viewport {
> width: device-width;
> }
> /*This resolves the issue when iphone puts links on dates, etc=2E*/
> =2EappleLinks {
> color: inherit;
> text-decoration: none;
> }
> =2EappleLinks a {
> color: inherit;
> text-decoration: none;
> }
>
>
> a[href^=3D"x-apple-data-detectors:"] {
> color: inherit;
> text-decoration: inherit;
> }
>
> @media screen and (max-width:480px) {
> /*Do not show in mobiles*/
> *=2Enomobile, *[class~=3D"hide"] {
> display: none !important;
> }
> /*Shows in mobiles*/
> *=2Eshow {
> display: block !important;
> margin: 0 !important;
> padding: 0 !important;
> overflow: visible !important;
> width: auto !important;
> max-height: inherit !important;
> }
> =2Econtainer {
> width:100% !important;
> min-width:100% !important;
> }
> =2Econtent {
> width:91=2E71428571428571% !important;
> }
>
> *[class~=3D"logo"], *[class~=3D"logo_right"] {
> width:40% !important;
> }
> =2Ecoldrop {
> display:block !important;
> width:100% !important;
> }
> =2Eimgfull {
> width:100% !important;
> height:auto !important;
> }
> *[class~=3D"nopad"] {
> padding:0px 0px 0px 0px !important;
> }
> *[class~=3D"dbl_line"] {
> border-top:1px solid #d9d9d9 !important;
> border-bottom:1px solid #FFFFFF !important;
> }
>
>
> /* text styles */
>
> *[class~=3D"heading01"] {
> font-size:25px !important;
> }
>
> =2Etext01 {
> font-size:12px !important;
> }
> =2Etext02 {
> font-size:14px !important;
> }
> =2Etext03 {
> font-size:16px !important;
> }
> =2Etext04 {
> font-size:10px !important;
> }
> =2Earrange_top{
>
> display:table-header-group !important;
> }
> =2Earrange_bottom{
> display:table-footer-group !important;
> }
> =2Eheight20 {
> height:20px !important;
> }
> =2Eheight15 {
> height:15px !important;
> }
> =2Eheight10 {
> height:10px !important;
> }
> =2Eheight5 {
> height:5px !important;
> }
> =2Ewidth20 {
> width:20px !important;
> }
> =2Ewidth15 {
> width:15px !important;
> }
> =2Ewidth10 {
> width:10px !important;
> }
> =2Ewidth5 {
> width:5px !important;
> }
> }
>
> @media screen and (max-width:320px) {
> /* *[class~=3D"logo"], *[class~=3D"logo_right"] {
> width:40% !important;
> } */
> *[class~=3D"align_left320"] {
> float:left !important;
> text-align:left !important;
> }
> *[class~=3D"align_right320"] {
> float:right !important;
> text-align:right !important;
> }
>
> =2Econtent_02 {
> width:98% !important;
> }
> *[class~=3D"logo"], *[class~=3D"logo_right"] {
> width:40% !important;
> }
> }
>
> </style>
> </head>
>
> <body yahoo=3D"fix">
> <!-- preheader -->
> <table bgcolor=3D"#f2f2f2" style=3D"table-layout:fixed;" width=3D"100%" bo=
> rder=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td valign=3D"top" align=3D"center">
> <table bgcolor=3D"#f2f2f2" width=3D"740" class=3D"container" border=3D"0" =
> cellspacing=3D"0" cellpadding=3D"0" style=3D"min-width:740px;">
> <tr>
> <td valign=3D"middle" style=3D"padding:10px 0px 10px 0px;" align=3D"center=
> ">
> <table class=3D"content" bgcolor=3D"#f2f2f2" width=3D"700" border=3D"0" ce=
> llspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td valign=3D"middle" align=3D"left" style=3D"font-family:Arial; font-size=
> :12px; color:#666666;"><b> </b> - We're making a few changes</td>
> <td valign=3D"middle" align=3D"right" style=3D"font-family:Arial; font-siz=
> e:12px; color:#666666;"><a style=3D"font-family:Arial; color:#666666;" href=
> =3D"https://epl=2Epaypal-communication=2Ecom/H/2/v20000015c53387d90b8822cf4=
> bbc782e8/5ac10d12-aef1-4111-b057-9f4d47f20daa/Html" target=3D"_blank">View =
> Online</a></td>
> </tr>
> </table>
> </td>
> </tr>
> </table>
> </td>
> </tr>
> </table>
> <!-- /preheader -->
>
> <!-- main content -->
> <table bgcolor=3D"#f2f2f2" style=3D"table-layout:fixed;" width=3D"100%" bo=
> rder=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td valign=3D"top" align=3D"center">
> <table bgcolor=3D"#f2f2f2" width=3D"740" class=3D"container" border=3D"0" =
> cellspacing=3D"0" cellpadding=3D"0" style=3D"min-width:740px;">
> <tr>
> <td valign=3D"middle" align=3D"center">
> <table class=3D"container" bgcolor=3D"#FFFFFF" width=3D"700" border=3D"0" =
> cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td class=3D"grey_line" valign=3D"middle" align=3D"left" style=3D"font-fam=
> ily:Arial; font-size:1px; color:#666666;" height=3D"1"><img style=3D"displa=
> y:block; border:none;" src=3D"https://www=2Epaypalobjects=2Ecom/digitalasse=
> ts/c/EMEA/email/1111_rnd_crnr_top=2Ejpg" width=3D"700" height=3D"7" alt=3D"=
> " class=3D"hide"/></td>
> </tr>
> <tr>
> <td valign=3D"middle" class=3D"nopad" bgcolor=3D"#e3e3e3" align=3D"left" s=
> tyle=3D"font-family:Arial; font-size:12px; color:#666666; padding:0px 1px 0=
> px 1px;">
> <table bgcolor=3D"#FFFFFF" width=3D"100%" border=3D"0" cellspacing=3D"0" c=
> ellpadding=3D"0">
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;" align=3D"c=
> enter" valign=3D"top">
> <table class=3D"content" width=3D"642" border=3D"0" cellspacing=3D"0" cell=
> padding=3D"0">
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;" height=3D"=
> 15"></td>
> </tr>
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;">
> <table width=3D"100%" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;" align=3D"l=
> eft">
> <table class=3D"logo" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td style=3D"font-family:Arial; font-size:16px; color:#666666;"><a href=3D=
> "https://epl=2Epaypal-communication=2Ecom/T/v20000015c53387d90b8822cf4bbc78=
> 2e8/5ac10d12aef141110000021ef3a0bcc2/5ac10d12-aef1-4111-b057-9f4d47f20daa" =
> target=3D"_blank"><img class=3D"imgfull" style=3D"display:block; border:non=
> e;" src=3D"https://www=2Epaypalobjects=2Ecom/digitalassets/c/EMEA/email/111=
> 1_logo-paypal=2Epng" width=3D"152" height=3D"38" alt=3D"PayPal"/></a></td>
> </tr>
> </table>
> </td>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;" align=3D"r=
> ight">
> <table border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td style=3D"font-family:Arial; font-size:16px; color:#666666;"></td>
> </tr>
> </table>
> </td>
>
>
> </tr>
> </table>
> </td>
> </tr>
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;" height=3D"=
> 25" class=3D"height15"></td>
> </tr>
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;">
> <table width=3D"100%" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;" align=3D"l=
> eft">
> <table border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td class=3D"heading01" style=3D"font-family:Arial; font-size:40px; color:=
> #009cde;">Just to let you know=2E=2E=2E</td>
> </tr>
> </table>
> </td>
> </tr>
> </table>
> </td>
> </tr>
> <tr>
> <td style=3D"font-family:Arial; font-size:1px; color:#666666;" height=3D"1=
> 5" class=3D"height15"></td>
> </tr>
> <tr>
> <td align=3D"left" style=3D"font-family:Arial; font-size:13px; color:#6666=
> 66;">We're changing our Legal Agreements=2E We wanted to check itR=
> 17;s OK with you=2E<br><br> We're making some changes to our Legal Ag=
> reements; the documents that govern our relationship with you=2E We'v=
> e put details of the changes on our <a style=3D"font-family:Arial; font-siz=
> e:13px; color:#009cde; text-decoration:none; font-weight:bold;" href=3D"htt=
> ps://epl=2Epaypal-communication=2Ecom/T/v20000015c53387d90b8822cf4bbc782e8/=
> 5ac10d12aef141110000021ef3a0bcc3/5ac10d12-aef1-4111-b057-9f4d47f20daa">Poli=
> cy Update web page</a> - you can also find the page at <a style=3D"f=
> ont-family:Arial; font-size:13px; color:#009cde; text-decoration:none; font=
> -weight:bold;" href=3D"https://epl=2Epaypal-communication=2Ecom/T/v20000015=
> c53387d90b8822cf4bbc782e8/5ac10d12aef141110000021ef3a0bcc4/5ac10d12-aef1-41=
> 11-b057-9f4d47f20daa">www=2Epaypal=2Ecom</a>, by clicking 'Legal̵=
> 7; at the bottom of the page, selecting "Other countries (in English)=
> " from the drop-down menu and then selecting 'Policy Updates=
> 217;=2E</td>
> </tr>
> <tr>
> <td style=3D"font-family:Arial; font-size:1px; color:#666666;" height=3D"1=
> 5" class=3D"height15"></td>
> </tr>
> <tr>
> <td align=3D"left" style=3D"font-family:Arial; font-size:13px; color:#6666=
> 66;"><b>What do I have to do?</b></td>
> </tr>
> <tr>
> <td style=3D"font-family:Arial; font-size:1px; color:#666666;" height=3D"1=
> 5" class=3D"height15"></td>
> </tr>
>
> <tr>
> <td align=3D"left" style=3D"font-family:Arial; font-size:13px; color:#6666=
> 66;">Take a look at our Policy Update page to ensure you consent to the cha=
> nges=2E If you do, you don't need to do anything=2E If you don'=
> t want to accept the changes you can follow the steps we've set out o=
> n our Policy Update page=2E</td>
> </tr>
> <tr>
> <td style=3D"font-family:Arial; font-size:1px; color:#666666;" height=3D"1=
> 5" class=3D"height15"></td>
> </tr>
> <tr>
> <td align=3D"left" style=3D"font-family:Arial; font-size:16px; color:#6666=
> 66;" valign=3D"middle">
> <table width=3D"310" class=3D"container" border=3D"0" cellspacing=3D"0" ce=
> llpadding=3D"0">
> <tr>
>
> <!--[if lt IE 9 | mso]>
> <td width=3D"5" style=3D"font-family:Arial; font-size:16px; color:#666666;=
> " valign=3D"middle" bgcolor=3D"#009cde"><img style=3D"display:block; border=
> :none;" src=3D"https://www=2Epaypalobjects=2Ecom/digitalassets/c/EMEA/email=
> /1111_cta_blue_left=2Ejpg" width=3D"5" height=3D"40" alt=3D""/></td>
> <![endif]-->
> <td bgcolor=3D"#009cde" style=3D"font-family:Arial; font-size:16px; color:=
> #666666; -moz-border-radius: 5px; -webkit-border-radius: 5px; border-radius=
> : 5px;" valign=3D"middle">
> <table width=3D"100%" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td style=3D"font-family:Arial; font-size:14px; color:#FFFFFF;" valign=3D"=
> middle" align=3D"center"><a style=3D"display:block; text-decoration:none; c=
> olor:#ffffff; padding:10px 0px 10px 0px; font-weight:bold;" href=3D"https:/=
> /epl=2Epaypal-communication=2Ecom/T/v20000015c53387d90b8822cf4bbc782e8/5ac1=
> 0d12aef141110000021ef3a0bcc5/5ac10d12-aef1-4111-b057-9f4d47f20daa" target=
> =3D"_blank">See the Policy Update Page</a></td>
> </tr>
> </table>
>
> </td>
>
> <!--[if lt IE 9 | mso]>
> <td width=3D"5" style=3D"font-family:Arial; font-size:16px; color:#666666;=
> " valign=3D"middle"><img style=3D"display:block; border:none;" src=3D"https=
> ://www=2Epaypalobjects=2Ecom/digitalassets/c/EMEA/email/1111_cta_blue_right=
> =2Ejpg" width=3D"5" height=3D"40" alt=3D""/></td>
> <![endif]-->
>
> </tr>
> </table>
>
> </td>
> </tr>
> <tr>
> <td style=3D"font-family:Arial; font-size:1px; color:#666666;" height=3D"1=
> 5" class=3D"height15"></td>
> </tr>
>
> </table>
> </td>
> </tr>
> </table>
> </td>
> </tr>
>
> <tr>
> <td valign=3D"middle" height=3D"1" bgcolor=3D"#e3e3e3" align=3D"left" styl=
> e=3D"font-family:Arial; font-size:1px; color:#666666;"><img style=3D"displa=
> y:block; border:none;" src=3D"https://www=2Epaypalobjects=2Ecom/digitalasse=
> ts/c/EMEA/email/1111_rnd_crnr_bottom=2Ejpg" width=3D"700" height=3D"7" alt=
> =3D"" class=3D"hide"/></td>
> </tr>
> </table>
> </td>
> </tr>
> </table>
> </td>
> </tr>
> </table>
> <!-- /main content -->
> <!-- footer -->
> <table bgcolor=3D"#f2f2f2" style=3D"table-layout:fixed;" width=3D"100%" bo=
> rder=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td valign=3D"top" align=3D"center">
> <table bgcolor=3D"#f2f2f2" width=3D"740" class=3D"container" border=3D"0" =
> cellspacing=3D"0" cellpadding=3D"0" style=3D"min-width:740px;">
> <tr>
> <td valign=3D"middle" align=3D"center">
> <table class=3D"container" bgcolor=3D"" width=3D"700" border=3D"0" cellspa=
> cing=3D"0" cellpadding=3D"0">
>
> <tr>
> <td style=3D"font-family:Arial; font-size:1px; color:#666666;" height=3D"1=
> 5"></td>
> </tr>
> <tr>
> <td valign=3D"middle" class=3D"" align=3D"left" style=3D"font-family:Arial=
> ; font-size:12px; color:#666666;">
> <table bgcolor=3D"" width=3D"100%" border=3D"0" cellspacing=3D"0" cellpadd=
> ing=3D"0">
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;" align=3D"c=
> enter" valign=3D"top">
> <table class=3D"container" width=3D"642" border=3D"0" cellspacing=3D"0" ce=
> llpadding=3D"0">
>
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;">
> <table width=3D"100%" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <th style=3D"font-family:Arial; font-size:12px; color:#666666;" class=3D"c=
> oldrop" align=3D"left">
> <table class=3D"container" border=3D"0" cellspacing=3D"0" cellpadding=3D"0=
> ">
> <tr>
> <td style=3D"font-family:Arial; font-size:13px; color:#666666; font-weight=
> :bold;" align=3D"center">
> <table border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr align=3D"center">
> <td style=3D"font-family:Arial; font-size:13px; color:#666666; font-weight=
> :bold;">
> <a style=3D"text-decoration:none; color:#666666;" href=3D"https://epl=2Epa=
> ypal-communication=2Ecom/T/v20000015c53387d90b8822cf4bbc782e8/5ac10d12aef14=
> 1110000021ef3a0bcc6/5ac10d12-aef1-4111-b057-9f4d47f20daa" target=3D"_blank"=
>> Help</a></td>
> <td width=3D"10"></td>
> <td style=3D"font-family:Arial; font-size:13px; color:#666666; font-weight=
> :bold;">
> <a style=3D"text-decoration:none; color:#666666;" href=3D"https://epl=2Epa=
> ypal-communication=2Ecom/T/v20000015c53387d90b8822cf4bbc782e8/5ac10d12aef14=
> 1110000021ef3a0bcc7/5ac10d12-aef1-4111-b057-9f4d47f20daa" target=3D"_blank"=
>> Contact</a></td>
> <td width=3D"10"></td>
> <td style=3D"font-family:Arial; font-size:13px; color:#666666; font-weight=
> :bold;"><a style=3D"text-decoration:none; color:#666666;" href=3D"https://e=
> pl=2Epaypal-communication=2Ecom/T/v20000015c53387d90b8822cf4bbc782e8/5ac10d=
> 12aef141110000021ef3a0bcc8/5ac10d12-aef1-4111-b057-9f4d47f20daa" target=3D"=
> _blank">Security</a></td><td width=3D"10"></td>
>
>
> </tr>
> </table>
>
> </td>
>
> </tr>
> </table>
> </th>
> </tr>
> </table>
> </td>
> </tr>
>
> </table>
> </td>
> </tr>
> </table>
> </td>
> </tr>
> <!-- Seperator -->
> <tr>
> <td height=3D"15" style=3D"font-size:1px;"><!--[if gt mso 14]> <![end=
> if]--></td>
> </tr>
> <tr>
> <td height=3D"1" bgcolor=3D"#d9d9d9" style=3D"font-size:1px;"><!--[if gt m=
> so 14]> <![endif]--></td>
> </tr>
> <tr>
> <td height=3D"1" bgcolor=3D"#FFFFFF" style=3D"font-size:1px;"><!--[if gt m=
> so 14]> <![endif]--></td>
> </tr>
> <tr>
> <td height=3D"15" style=3D"font-size:1px;"><!--[if gt mso 14]> <![end=
> if]--></td>
> </tr>
> <!-- Seperator end-->
> <tr>
> <td valign=3D"middle" class=3D"" align=3D"left" style=3D"font-family:Arial=
> ; font-size:12px; color:#666666;">
> <table bgcolor=3D"" width=3D"100%" border=3D"0" cellspacing=3D"0" cellpadd=
> ing=3D"0">
>
>
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;" align=3D"c=
> enter" valign=3D"top">
> <table class=3D"content" width=3D"642" border=3D"0" cellspacing=3D"0" cell=
> padding=3D"0">
>
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;">
> <table width=3D"100%" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <th style=3D"font-family:Arial; font-size:12px; color:#666666;" class=3D"c=
> oldrop" align=3D"left">
> <table class=3D"container" border=3D"0" cellspacing=3D"0" cellpadding=3D"0=
> ">
> <tr>
> <td style=3D"font-family:Arial; color:#666666;" align=3D"center">
> <table border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td align=3D"left" style=3D"font-family:Arial; font-size:11px; color:#8c8c=
> 8c; font-weight:normal !important;">
> <b>How do I know this is not a fake email?</b><br><br>
> An email really coming from PayPal will address you by your first and last=
> names or your business name=2E It will not ask you for sensitive informati=
> on like your password, bank account or credit card details=2E Most fake ema=
> ils threaten that your account will be in jeopardy if you do not take actio=
> n immediately=2E An email that urgently requests you to supply sensitive pe=
> rsonal information is usually an attempt at fraud=2E Also, fake emails ofte=
> n contain misspellings and grammatical errors or are written in a language =
> which you did not set as preferred for your PayPal account=2E Remember not =
> to click any links in suspicious looking emails=2E
> <br><br>
> <a href=3D"https://epl=2Epaypal-communication=2Ecom/T/v20000015c53387d90b8=
> 822cf4bbc782e8/5ac10d12aef141110000021ef3a0bcc9/5ac10d12-aef1-4111-b057-9f4=
> d47f20daa" target=3D"_blank" style=3D"color:#8c8c8c;">Click here to learn h=
> ow to defend yourself against phishing and spoofing</a>=2E</td></tr>
>
> </table>
> </td>
> </tr>
> </table>
> </th>
> </tr>
> </table>
> </td>
> </tr>
> </table>
> </td>
> </tr>
> <!-- Seperator -->
> <tr>
> <td height=3D"15" style=3D"font-size:1px;"><!--[if gt mso 14]> <![end=
> if]--></td>
> </tr>
> <tr>
> <td height=3D"1" bgcolor=3D"#d9d9d9" style=3D"font-size:1px;"><!--[if gt m=
> so 14]> <![endif]--></td>
> </tr>
> <tr>
> <td height=3D"1" bgcolor=3D"#FFFFFF" style=3D"font-size:1px;"><!--[if gt m=
> so 14]> <![endif]--></td>
> </tr>
> <tr>
> <td height=3D"15" style=3D"font-size:1px;"><!--[if gt mso 14]> <![end=
> if]--></td>
> </tr>
> <!-- Seperator end -->
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;" align=3D"c=
> enter" valign=3D"top">
> <table class=3D"content" width=3D"642" border=3D"0" cellspacing=3D"0" cell=
> padding=3D"0">
> <tr>
> <td style=3D"font-family:Arial; font-size:12px; color:#666666;">
> <table width=3D"100%" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <th style=3D"font-family:Arial; font-size:12px; color:#666666;" class=3D"c=
> oldrop" align=3D"left">
> <table class=3D"container" border=3D"0" cellspacing=3D"0" cellpadding=3D"0=
> ">
> <tr>
> <td style=3D"font-family:Arial; color:#666666;" align=3D"center">
> <table border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
> <tr>
> <td align=3D"left" style=3D"font-family:Arial; font-size:11px; color:#8c8c=
> 8c; font-weight:normal !important;">This email was sent to <a style=3D"colo=
> r:#8c8c8c; text-decoration:none;" href=3D"mailto:"></a>=2E
> <br>
> <br>
> Copyright (c) 1999-2017 PayPal=2E PayPal Pte=2E Ltd=2E Address: 5=
> Temasek Boulevard #09-01, Suntec Tower 5, Singapore 038985=2E Registration=
> number 200509725E=2E<br><br> Consumer advisory: PayPal Pte Ltd, the Holder=
> of the PayPal(tm) payment stored value facility, does not require the a=
> pproval of the Monetary Authority of Singapore=2E Consumers (users) are adv=
> ised to read the terms and conditions carefully=2E</td></tr>
>
> </table>
> </td>
> </tr>
> </table>
> </th>
> </tr>
> </table>
> </td>
> </tr>
> </table>
> </td>
> </tr>
> </table>
> </td>
> </tr>
> </table>
> </td>
> </tr>
> </table>
> </td>
> </tr>
> <tr>
> <td style=3D"font-family:Arial; font-size:1px; color:#666666;" height=3D"1=
> 5"></td>
> </tr>
>
> </table>
>
>
> <!-- footer -->
>
>
> <img src=3D'https://epl=2Epaypal-communication=2Ecom/O/v20000015c53387d90b=
> 8822cf4bbc782e8/5ac10d12aef1411100004c5a42963aa1' style=3D"display:none; ma=
> x-height: 0px; font-size: 0px; overflow: hidden; mso-hide: all"/></body>
> </html>
>
> -----Original Message-----
> From: clamav-users [mailto:clamav-users-***@lists.clamav.net] On Behalf Of Al Varnell
> Sent: 31 May 2017 09:06
> To: ClamAV users ML <clamav-***@lists.clamav.net>
> Subject: Re: [clamav-users] clamav-users Digest, Vol 150, Issue 19
>
> Perhaps they feel the burden is on PayPal to remove the obfuscation being used in their links.
>
> Might be necessary for PayPal corporate to contact Cisco/Talos/ClamAV directly to resolve this long standing issue.
>
> But I am a bit surprised that they haven't commented.
>
> -Al-
>
> On Wed, May 31, 2017 at 12:53 AM, Outreach wrote:
>>
>> Hi,
>>
>> I did but never heard anything back unfortunately.
>>
>> We still had a lot of mail blocked on the 29/5 because of this issue.
>>
>> Is there any other way I can submit the samples than via the website? It looks like no-one is following up on this, which is very poor.
>>
>> Thanks,
>>
>> Anne-Sophie
>>
>> -----Original Message-----
>> From: clamav-users [mailto:clamav-users-***@lists.clamav.net] On
>> Behalf Of Al Varnell
>> Sent: 31 May 2017 05:05
>> To: ClamAV users ML <clamav-***@lists.clamav.net>
>> Cc: ***@jubileegroup.co.uk; clamav-***@lists.clamav.net
>> Subject: Re: [clamav-users] clamav-users Digest, Vol 150, Issue 19
>>
>> Did I you ever submit those samples as I recommended. It's unlikely that any action will be taken until you do.
>>
>> Most of the people that participate on this list are users and can't do anything but give you advice.
>>
>> Sent from Janet's iPad
>>
>> -Al-
>>
>> On May 19, 2017, at 9:14 AM, "Outreach wrote:
>>> Hi Ged,
>>>
>>> I did read your message. Note that the header that you quote below is not related to my request. I am contacting you regarding the following:
>>>
>>> IPs: 142.54.244.[96-110]
>>>
>>> Domains:
>>> mail.paypal.at
>>> mail.paypal.be
>>> mail.paypal.ch
>>> mail.paypal.co.il
>>> mail.paypal.co.uk
>>> mail.paypal.de
>>> mail.paypal.dk
>>> mail.paypal.es
>>> mail.paypal.fr
>>> mail.paypal.it
>>> mail.paypal.nl
>>> mail.paypal.no
>>> mail.paypal.pl
>>> mail.paypal.se
>>> mail.paypal.com
>>>
>>> Call it "reject", "bounce" or "delivery error" - the bottom line is that legitimate mail from our client (including financial communications from account holders) is not being delivered and wrongly identified as a phish by ClamAv.
>>>
>>> These emails are authenticated, they come from a well-respected organization - hence there is no reason for them to be rejected with the message "554 Your email was rejected because it contains the Heuristics.Phishing.Email.SpoofedDomain virus"
>>>
>>>
>>> Many thanks,
>>>
>>>
>>> Anne-Sophie Marsh, Sr Email Deliverability Manager EMEA
>>> T +44 2086143219 M +44 7469352383 Epsilon, 67 Broad Street, Teddington TW11 8QZ, UK epsilon.com
>>>
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> -
>>>
>>> Message: 1
>>> Date: Thu, 18 May 2017 17:51:15 +0100 (BST)
>>> From: "G.W. Haywood"
>>> To: clamav-***@lists.clamav.net
>>> Subject: Re: [clamav-users] Mail from Paypal wrongly identified as
>>> phishing by ClamAv
>>> Message-ID:
>>> <***@mail6.jubileegroup.co.uk>
>>> Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
>>>
>>> Hi there,
>>>
>>> On Thu, 18 May 2017, Anne-Sophie Marsh wrote:
>>>
>>>> Mail from our client Paypal is being wrongly flagged as phishing by ClamAv.
>>>
>>> No surprise there.
>>>
>>>> We get this type of bounce erros:
>>>> 554 Your email was rejected because it contains the
>>>> Heuristics.Phishing.Email.SpoofedDomain virus
>>>
>>> That's not a bounce, it's a reject.
>>>
>>>> Please make the necessary changes to your product ASAP.
>>>
>>> Well... the last email I saw from PayPal had this in it, carefully hidden:
>>>
>>> 8<-------------------------------------------------------------------
>>> -
>>> --
>>> [lefttrianglebracket]
>>> img height="1"
>>> width="1"
>>> src="https://102.112.2O7.net/b/ss/paypalglobal/1/G.4--NS/123456?pageName=system_email_PP1814"
>>> border="0"
>>> alt=""/
>>> [righttrianglebracket]
>>> 8<-------------------------------------------------------------------
>>> -
>>> --
>>>
>>> The mail did pass our SPF checks on receipt:
>>>
>>> 8<-------------------------------------------------------------------
>>> -
>>> --
>>> Received-SPF: pass (mail5: domain of ***@paypal.co.uk designates
>>> 173.0.84.226 as permitted sender) receiver=mail5;
>>> client-ip=173.0.84.226; helo=mx0.slc.paypal.com;
>>> envelope-from=***@paypal.co.uk;
>>> x-software=spfmilter 0.98-gwh with libspf2-1.2.9;
>>> 8<-------------------------------------------------------------------
>>> -
>>> --
>>>
>>> but then it went in the bin.
>>>
>>> Admittedly this was quite a while ago; we've been rejecting all mail from PayPal since 2013. All the same, you aren't helping anybody by doing things like that.
>>>
>>> I don't suppose you'll actually read this.
> _______________________________________________
> clamav-users mailing list
> clamav-***@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
-Al-
--
Al Varnell
Mountain View, CA