Log Entry Explanation

Steve Evans sevans at FOUNDATION.SDSU.EDU
Sat Nov 16 18:21:37 GMT 2002


Just curious.  Thanks a lot.

Steve Evans
SDSU Foundation
(619) 594-0653 

-----Original Message-----
From: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK] 
Sent: Saturday, November 16, 2002 9:59 AM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Log Entry Explanation


At 03:19 16/11/2002, you wrote:
>Could someone tell me what this is about.  Thanks.
>
>Nov 15 16:47:36 mx MailScanner[22916]: Content Checks: Detected and 
>rejected external message body in gAG0lYl26644

There is a very odd RFC that allows the body of the message to be stored
on an external server and fetched by various methods (including mail and
ftp) by the email client application. Netscape is about the only
application that supports this, and the IETF drafts are the only
messages that ever use it.

Because the contents of the message body aren't actually in the message,
they are banned by MailScanner. And having MailScanner fetch the
contents of the body from the remote server won't help either, as it's
trivial for the server holding the body to give the mail server a nice
harmless one and the final client machine a malicious one. There really
is just about no reasonable way of scanning the message contents.
--
Julian Field                Teaching Systems Manager
jkf at ecs.soton.ac.uk         Dept. of Electronics & Computer Science
Tel. 023 8059 2817          University of Southampton
                             Southampton SO17 1BJ




More information about the MailScanner mailing list