Log Entry Explanation

Julian Field mailscanner at ecs.soton.ac.uk
Sat Nov 16 17:58:54 GMT 2002


At 03:19 16/11/2002, you wrote:
>Could someone tell me what this is about.  Thanks.
>
>Nov 15 16:47:36 mx MailScanner[22916]: Content Checks: Detected and
>rejected external message body in gAG0lYl26644

There is a very odd RFC that allows the body of the message to be stored on
an external server and fetched by various methods (including mail and ftp)
by the email client application. Netscape is about the only application
that supports this, and the IETF drafts are the only messages that ever use it.

Because the contents of the message body aren't actually in the message,
they are banned by MailScanner. And having MailScanner fetch the contents
of the body from the remote server won't help either, as it's trivial for
the server holding the body to give the mail server a nice harmless one and
the final client machine a malicious one. There really is just about no
reasonable way of scanning the message contents.
--
Julian Field                Teaching Systems Manager
jkf at ecs.soton.ac.uk         Dept. of Electronics & Computer Science
Tel. 023 8059 2817          University of Southampton
                             Southampton SO17 1BJ



More information about the MailScanner mailing list