I am using HTML Email creator/editor(I cannot share the name). I run into the problem that when I edit the email content and save it i get this bunch of CSS automatically:
#ad-4, #ad-4-300x90, #ad-5-images, #ad-55, #ad-63, #ad-635x40-1, #ad-655, #ad-7, #ad-728, #ad-728-90, #ad-728x90-1, #ad-728x90-leaderboard-top, #ad-728x90-top, #ad-728x90-top0, #ad-732, #ad-734, #ad-74, #ad-88, #ad-88-wrap, #ad-970, #ad-98, #ad-a, #ad-a1, #ad-abs-b-0, #ad-abs-b-1, #ad-abs-b-10, #ad-abs-b-2, #ad-abs-b-3, #ad-abs-b-4, #ad-abs-b-5, #ad-abs-b-6, #ad-abs-b-7, #ad-absolute-160, #ad-ads, #ad-adsensemedium, #ad-advertorial, #ad-affiliate, #ad-around-the-web, #ad-article, #ad-article-in, #ad-aside-1, #ad-atf-mid, #ad-atf-top, #ad-ban, #ad-banner, #ad-banner-1, #ad-banner-970, #ad-banner-980, #ad-banner-atf, #ad-banner-body-top { display: none!important; }
#ad-banner-bottom, #ad-banner-image, #ad-banner-placement, #ad-banner-top, #ad-banner-wrap, #ad-bar, #ad-base, #ad-beauty, #ad-below-content, #ad-big, #ad-bigbox, #ad-bigsize, #ad-billboard, #ad-billboard-atf, #ad-billboard-bottom, #ad-blade, #ad-block, #ad-block-125, #ad-block-bottom, #ad-block-container, #ad-border, #ad-bottom-300x250, #ad-bottom-banner, #ad-bottom-right-container, #ad-bottom-wrapper, #ad-bottomright, #ad-box, #ad-box-1, #ad-box-2, #ad-box-bottom, #ad-box-first, #ad-box-halfpage, #ad-box-leaderboard, #ad-box-rectangle, #ad-box-rectangle-2, #ad-box-right, #ad-box-second, #ad-box1, #ad-box2, #ad-boxATF, #ad-boxes, #ad-br-container, #ad-bs, #ad-btf-bot, #ad-btm, #ad-buttons, #ad-campaign, #ad-carousel, #ad-case, #ad-center { display: none!important; }
#ad-circfooter, #ad-code, #ad-col, #ad-colB-1, #ad-column, #ad-container-1, #ad-container-2, #ad-container-adaptive-1, #ad-container-adaptive-3, #ad-container-fullpage, #ad-container-inner, #ad-container-leaderboard, #ad-container-mpu, #ad-container-outer, #ad-container-overlay, #ad-container1, #ad-contentad, #ad-cube-Bottom, #ad-cube-Middle, #ad-cube-sec, #ad-cube-top, #ad-desktop-wrap, #ad-discover, #ad-display-ad, #ad-div-leaderboard, #ad-double-spotlight-container, #ad-drawer, #ad-e-container, #ad-ear, #ad-extra-comments, #ad-extra-flat, #ad-f-container, #ad-featured-right, #ad-first-post, #ad-five, #ad-five-75x50s, #ad-flex-first, #ad-flex-top, #ad-footer, #ad-footer-728x90, #ad-footprint-160x600, #ad-for-map, #ad-frame, #ad-framework-top, #ad-front-btf, #ad-front-footer, #ad-front-page-160x600-placeholder, #ad-front-sponsoredlinks, #ad-full-width, #ad-fullbanner-btf { display: none!important; }
#ad-fullbanner-outer, #ad-fullbanner2, #ad-fullbanner2-billboard-outer, #ad-fullwidth, #ad-giftext, #ad-globalleaderboard, #ad-google-chrome-sidebar, #ad-googleAdSense, #ad-gpt-bottomrightrec, #ad-gpt-leftrec, #ad-gpt-rightrec, #ad-gutter-left, #ad-gutter-right, #ad-halfpage, #ad-header-left, #ad-header-mad, #ad-header-mobile, #ad-header-right, #ad-holder, #ad-homepage-content-well, #ad-homepage-top-wrapper, #ad-horizontal, #ad-horizontal-header, #ad-horizontal-top, #ad-idreammedia, #ad-img, #ad-in-post, #ad-index, #ad-inner, #ad-inside1, #ad-inside2, #ad-interstitial-wrapper, #ad-introtext, #ad-label, #ad-label2, #ad-large-header, #ad-lb, #ad-lb-secondary, #ad-ldr-spot, #ad-lead, #ad-leader, #ad-leader-atf, #ad-leader-container, #ad-leaderboard-1, #ad-leaderboard-1-container, #ad-leaderboard-2, #ad-leaderboard-2-container, #ad-leaderboard-bottom, #ad-leaderboard-container, #ad-leaderboard-footer { display: none!important; }
#ad-leaderboard-spot, #ad-leaderboard-top, #ad-leaderboard-top-container, #ad-leaderboard_bottom, #ad-leadertop, #ad-left, #ad-left-sidebar-ad-1, #ad-left-sidebar-ad-2, #ad-left-sidebar-ad-3, #ad-left-timeswidget, #ad-links-content, #ad-list-row, #ad-lrec, #ad-main-bottom, #ad-main-top, #ad-makeup, #ad-manager, #ad-manager-ad-bottom-0, #ad-manager-ad-top-0, #ad-medium, #ad-medium-lower, #ad-medium-rectangle, #ad-medrec, #ad-medrec_premium, #ad-megaban2, #ad-megasky, #ad-mid, #ad-mid-rect, #ad-middle, #ad-middlethree, #ad-middletwo, #ad-midpage, #ad-minibar, #ad-module, #ad-mpu, #ad-mpu-topRight-container, #ad-mpu-warning, #ad-mpu1-spot, #ad-mpu2, #ad-mpu2-spot, #ad-mpu600-right-container, #ad-mrec, #ad-mrec2, #ad-new, #ad-news-sidebar-300x250-placeholder, #ad-north, #ad-north-base, #ad-northeast, #ad-one, #ad-other { display: none!important; }
#ad-output, #ad-overlay, #ad-page-1, #ad-page-sky-300-a1, #ad-page-sky-300-a2, #ad-page-sky-left, #ad-pan3l, #ad-pencil, #ad-placard, #ad-placeholder, #ad-placement, #ad-plate, #ad-popup, #ad-popup1, #ad-position-a, #ad-post, #ad-push, #ad-pushdown, #ad-r, #ad-rbkua, #ad-rec-atf, #ad-rec-btf-top, #ad-recommend, #ad-rect, #ad-rectangle, #ad-rectangle-flag, #ad-rectangle1, #ad-rectangle1-outer, #ad-rectangle2, #ad-rectangle3, #ad-region-1, #ad-results, #ad-rian, #ad-right-3, #ad-right-container, #ad-right-sidebar, #ad-right-sidebar-ad-1, #ad-right-sidebar-ad-2, #ad-right-skyscraper-container, #ad-right-top, #ad-right2, #ad-right3, #ad-righttop, #ad-ros-atf-300x90, #ad-ros-btf-300x90, #ad-row, #ad-row-1, #ad-s1, #ad-safe, #ad-secondary-sidebar-1 { display: none!important; }
#ad-section, #ad-separator, #ad-shop, #ad-side, #ad-side-text, #ad-sidebar, #ad-sidebar-1, #ad-sidebar-2, #ad-sidebar-3, #ad-sidebar-300x80, #ad-sidebar-btf, #ad-sidebar-container, #ad-sidebar-mad, #ad-sidebar-mad-wrapper, #ad-sidebar-right_300-1, #ad-sidebar-right_300-2, #ad-sidebar-right_300-3, #ad-sidebar-right_bitgold, #ad-sidebar1, #ad-sidebar2, #ad-sidebarleft-bottom, #ad-sidebarleft-top, #ad-single-spotlight-container, #ad-skin, #ad-sky, #ad-sky-atf, #ad-sky-btf, #ad-skyscraper, #ad-skyscraper-feedback, #ad-skyscraper1-outer, #ad-sla-sidebar300x250, #ad-slot-1, #ad-slot-2, #ad-slot-4, #ad-slot-right, #ad-slot1, #ad-slot4, #ad-slug-wrapper, #ad-small-banner, #ad-smartboard_1, #ad-smartboard_2, #ad-smartboard_3, #ad-software-description-300x250-placeholder, #ad-software-sidebar-300x250-placeholder, #ad-space, #ad-space-1, #ad-space-2, #ad-space-big, #ad-special, #ad-splash { display: none!important; }
#ad-sponsored-traffic, #ad-sponsors, #ad-spot, #ad-spot-bottom, #ad-spot-one, #ad-springboard-300x250, #ad-squares, #ad-standard-wrap, #ad-stickers, #ad-story-bottom-in, #ad-story-bottom-out, #ad-story-right, #ad-story-top, #ad-stripe, #ad-tab, #ad-tail-placeholder, #ad-tape, #ad-target, #ad-target-Leaderbord, #ad-teaser, #ad-techwords, #ad-textad-single, #ad-three, #ad-tlr-spot, #ad-top-250, #ad-top-300x250, #ad-top-728, #ad-top-banner, #ad-top-leaderboard, #ad-top-left, #ad-top-lock, #ad-top-right, #ad-top-right-container, #ad-top-text-low, #ad-top-wrap, #ad-tower, #ad-tower1, #ad-trailerboard-spot, #ad-tray, #ad-two, #ad-typ1, #ad-uprrail1, #ad-video, #ad-video-page, #ad-west, #ad-wide-leaderboard, #ad-wrap, #ad-wrap-right, #ad-wrapper-728x90, #ad-wrapper-left { display: none!important; }
#ad-wrapper-right, #ad-wrapper1, #ad-yahoo-simple, #ad-zone-1, #ad-zone-2, #ad-zone-inline, #ad001, #ad002, #ad01, #ad02, #ad1-468x400, #ad1-home, #ad1-placeholder, #ad1-wrapper, #ad1006, #ad101, #ad10Sp, #ad11, #ad11Sp, #ad120x600, #ad120x600container, #ad120x60_override, #ad125B, #ad125BL, #ad125BR, #ad125TL, #ad125TR, #ad125x125, #ad160, #ad160-2, #ad160600, #ad160Container, #ad160Wrapper, #ad160a, #ad160x600, #ad160x600right, #ad180, #ad1Sp, #ad1_holder, #ad1_top-left, #ad2-home, #ad2-label, #ad2-original-placeholder, #ad250, #ad260x60, #ad2CONT, #ad2Sp, #ad2_footer, #ad2_iframe, #ad2_inline { display: none!important; }
this is just part of it. In total there are 3500 lines of this type including some Ad links and so on.
I want to get rid of it but I cannot. because of it it recognizes the email as a phishing scam.
I cannot remove it. Everytime i remove it and save the html it comes again. Has someone run into this problem before.
You've been hacked, or at least get code injected :) Time to re-install your CMS if you cant find the origan and fix the breach. You might edit the current odd css out via the database, but the breach remains existing, so if the bot comes by again (I highly doubt it's a targeted attack, it will come by again), you have this problem again.
Re-install your CMS, but before you do that, check last editted files via the commandline, and see if one stands out. Could be that one php file is altered, then you know where to look for upgrades.
But a warning: In general the rule of thumb is "If you've been hacked, you no longer own the server". This is why it's time for a whipe, a backup and a upgrade.
BTW: if not telling your editor is a part of your security, you need better security.