I get a few phishing spams a day, almost always from PayPal and eBay. I make it a point to send them to to the spoof@ address for each service, but I would like to be able to automate the process of viewing the message as raw text, forwarding it to spoof@, and then sending them on.
I looked at Automator and AppleScript but neither seems to have the mojo necessary to change the view of the message so I can forward on the revealing bits.
Anyone cracked this particular nut?
[update] attached is a compiled .scpt file of an example that appears in comments, contributed by Mark Reed.
If it doesn’t download cleanly, just copy and paste from the comments, then search and replace curly quotes with the other kind.
AppleScript can almost certainly do it. It’s possible that your mail program’s dictionary doesn’t support it directly, but even then you can fall back on GUI scripting (sending fake user interface events, e.g. keystrokes and mouse movement/clicks). What are you using, Mail?
Yes, I am using Mail.app (shoulda specified that). You’re right about the dictionary not supporting it: that’s the problem referred to heretofore as “the mojo necessary”).
I was hoping not to do something unnecessarily kludgy. Ideally, this would, for a select email or group of same:
select the “view message as raw text” option
select the contents
forward the email, thereby copying the selected text to the forwarded email, complete w/ headers
address the email (this may take some user intervention)
stick it in the outbox for mailing per final review
How about this? If you select the phish msgs in Mail and run it, it will create a forward for each one to the appropriate spoof@ and save them in your Drafs folder:
tell application “Mail”
set phishMessages to selected messages of first message viewer
repeat with msg in phishMessages
set {fromAddress, subjectLine, rawText} to {(extract address from sender), subject, source} of msg
set AppleScript’s text item delimiters to “@”
set fromDomain to text item 2 of fromAddress
set forwardedMsg to (make new outgoing message with properties {content: rawText, subject:”Spoof Attempt: ” & subjectLine})
tell forwardedMsg to make new to recipient with properties {address:”spoof@” & fromDomain}
save forwardedMsg
end repeat
end tell
O.K.
That looks like the very thing.
I despair of being able to figure stuff like this out. I thought I looked for raw text in Mail.app’s dictionary.
Thanks.
It’s called “source”; rawText is just what I named my variable.
messageān [inh. item] : An email message
PROPERTIES
source (string, r/o) : Raw source of the message
Yes, I saw that when I reviewed the dictionary again.
Thanks for putting that together. I almost look forward to some phishing attempts so I can respond with ruthless automated efficiency.