Flash (SWF) in e-mail
novirus at CARLO65.DE
Wed Nov 13 00:10:58 GMT 2002
AFAIK there are only 2 possibilities: Allow Object Codebase = no or yes.
So far there is no option, to use rulesets or allow only certain
objects. The only thing you can do, is to use a ruleset to allow object
Codebase from certain senders only.
Am Mit, 2002-11-13 um 00.21 schrieb Ivan Mirisola:
> Hi Roland,
> I have seen many e-mail that have SWF attachments and the HTML tag
> <object> calls the filename on the mime part. It would be just like a
> hidden attachment in an e-mail but you would see the SWF within the email.
> I know that there is a virus that could be hidden in a SWF, that's why I
> wanted to remove just the HTML part that reffers to the SWF and make the
> SWF visible as an attachment.
> Is it possible?
> Thanks again
> Roland Ehle wrote:
> >Hi Ivan,
> >Am Die, 2002-11-12 um 23.48 schrieb Ivan Mirisola:
> >>Is there a way to prevent all email containing object tags to go through
> >>except when dealing with flash.
> >>I would like to deliver such messages but not the really dangerous ones.
> >No this is not possible.
> >>If it's not possible, is there a way to deliver the SWF files as
> >>attachments and remove the HTML code that calls it?
> >As the swf files are not attached to the mail, but remain on the
> >website, which is called in the IFrame-tag, there is no possibility.
More information about the MailScanner