Send Web pages

Julian Field mailscanner at ecs.soton.ac.uk
Tue Nov 26 15:15:03 GMT 2002


What I have done is stop the iframe and codebase checks from being done to 
attachments. After all, it is only in inline content that they are dangerous.
(Unless someone has thoughts to the contrary?)

The fix will be in the next release. But if you need it now, it's a dead 
simple patch to SweepContent.pm:

--- 
/root/unstable/mailscanner/mailscanner/bin/MailScanner/SweepContent.pm 
Sun Nov 24 12:40:17 2002
+++ SweepContent.pm     Tue Nov 26 15:27:15 2002
@@ -223,7 +223,10 @@

    # Look for text/html sections
    my $type = $entity->head->mime_attr('content-type');
+  my $disposition = $entity->head->mime_attr('content-disposition');
+  $disposition = 'inline' unless $disposition;
    if ($type && $type =~ /text\/html/i &&
+      $disposition !~ /attachment/i &&
        defined($entity->body) && defined($entity->bodyhandle->path)) {
      $counter += SearchHTMLBody($message, $id, $entity->bodyhandle->path,
                                 $allowiframes, $allowobjects,


At 13:54 26/11/2002, you wrote:
>Jim,
>
>No it isn't.  If you send the page (not a link to one) you receive HTML
>code.
>
>I have just tested it (send page and send link) and the link came OK but
>the page was rejected because of an "Object Codebase" in it.
>
>That was fine except for the sending of an email saying that my PC was
>probably infected and should be checked.
>
>People shouldn't receive notifications if they send HTML attachments
>with "Object Codebase" in them (this is not a virus).
>
>Julian, how could we add them to the "Silent Viruses" rule?
>
>Denis
>
>Le lun 25/11/2002 à 17:32, Jim Levie a écrit :
> > On Mon, 2002-11-25 at 11:28, Miguel Fernando Montoya Martinez wrote:
> > > Hi, i can´t send web pages from Outlook express because my e-mail server
> > > return: Warning: E-mail viruses detected, I have mailscanner + 
> sendmail, and
> > > the same page can to send from other e-mail server (mailscan (mcfee) +
> > > exchange) with the same dat version.
> > >
> > MailScanner is objecting to OutLook is "sending the webpage" as a .lnk
> > file. You can allow that by editing the filename rules.
>--
>Denis Beauchemin, analyste
>Université de Sherbrooke, S.T.I.
>T: 819.821.8000x2252 F: 819.821.8045

-- 
Julian Field                Teaching Systems Manager
jkf at ecs.soton.ac.uk         Dept. of Electronics & Computer Science
Tel. 023 8059 2817          University of Southampton
                             Southampton SO17 1BJ




More information about the MailScanner mailing list