This document describes how to block empty HTML emails.
The body of HTML emails normally contains the HTML tags which always match as false negative if you use the normal blocking method for the plain text emails.
These were suggested earlier in this filter:
if (NOT only-body-contains(".", 1))
{
Action
}
Where if you take a look at the emails being sent as HTML it has these known parts:
<HTML>, <Body>, <div>, <p>.
And also including the attributes of the text such as font details, color and size, which is included in the tag: <styles>.
You can block this type of emails by using this filter:
if (NOT only-body-contains(".", 1) OR body-contains("<p>\\xa0</p>|<o:p>\\xa0</o:p>",1))
{
quarantine("Policy");
log-entry("$FilterName triggered \n");
}
Conditions explanation:
1. NOT only-body-contains(".", 1): matching the normal empty plain text emails.
2. <p>\\xa0</p>: matching open source mail clients.
3. <o:p>\\xa0</o:p>: matching outlook empty HTML emails,
Note: xa0 is a non-breaking space symbol ( ), that is included only in empty HTML files/emails.
If you want to block only empty HTML emails but not the plain text emails, this can be done as shown here:
if ( header("Content-Type") )
{
#to catch outlook emails
if (NOT only-body-contains(".", 1) OR body-contains("<p>\\xa0</p>|<o:p>\\xa0</o:p>",1))
{
quarantine("Policy");
log-entry("$FilterName triggered \n");
}
}
| Revision | Publish Date | Comments |
|---|---|---|
1.0 |
08-Jul-2026
|
Initial Release |