Possible Microsoft security vulnerability attack
David Closson
davidclosson at MSN.COM
Thu Oct 3 16:28:21 IST 2002
Can this setting be made with 3.23-4?
IFrame Tags = yes
>From: Matt Kettler <mkettler at EVI-INC.COM>
>Reply-To: MailScanner mailing list <MAILSCANNER at JISCMAIL.AC.UK>
>To: MAILSCANNER at JISCMAIL.AC.UK
>Subject: Re: Possible Microsoft security vulnerability attack
>Date: Wed, 2 Oct 2002 21:13:50 -0400
>MIME-Version: 1.0
>Received: from cpimssmtpa31.msn.com ([207.46.181.71]) by
>mc2-f41.law16.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Wed, 2 Oct
>2002 18:14:32 -0700
>Received: from smtp.jiscmail.ac.uk ([130.246.192.48]) by
>cpimssmtpa31.msn.com with Microsoft SMTPSVC(5.0.2195.4905); Wed, 2 Oct 2002
>18:11:22 -0700
>Received: from LISTSERV.JISCMAIL.AC.UK (jiscmail.ac.uk) by
>smtp.jiscmail.ac.uk (LSMTP for Windows NT v1.1b) with SMTP id
><7.0012B8EE at smtp.jiscmail.ac.uk>; Thu, 3 Oct 2002 2:12:31 +0100
>Received: from JISCMAIL.AC.UK by JISCMAIL.AC.UK (LISTSERV-TCP/IP release
>1.8e) with spool id 14355100 for MAILSCANNER at JISCMAIL.AC.UK; Thu,
>3 Oct 2002 02:12:30 +0100
>Received: from 130.246.192.52 by JISCMAIL.AC.UK (SMTPL release 1.0f) with
>TCP; Thu, 3 Oct 2002 02:12:30 +0100
>Received: from xanadu-int.evi-inc.com
>(208-39-141-94.isp.comcastbusiness.net [208.39.141.94]) by
>ori.rl.ac.uk (8.11.1/8.11.1) with ESMTP id g931CTX16601 for
><MAILSCANNER at JISCMAIL.AC.UK>; Thu, 3 Oct 2002 02:12:29 +0100
>Received: from mkettler-xpmain.evi-inc.com (tcp-4-021.evi-inc.com
>[10.0.4.21]) by xanadu-int.evi-inc.com (8.11.6/8.11.6) with ESMTP
>id g931BIl27762; Wed, 2 Oct 2002 21:11:18 -0400
>X-Sender: mkettler at 192.168.50.2
>X-Mailer: QUALCOMM Windows Eudora Version 5.1.1
>X-MailScanner: Found to be clean
>Message-ID: <5.1.1.6.0.20021002211155.01c01218 at 192.168.50.2>
>Sender: MailScanner mailing list <MAILSCANNER at JISCMAIL.AC.UK>
>In-Reply-To: <F1618j7nqqKgWRjfXr60000cd38 at hotmail.com>
>Precedence: list
>Return-Path: owner-mailscanner at JISCMAIL.AC.UK
>X-OriginalArrivalTime: 03 Oct 2002 01:11:22.0711 (UTC)
>FILETIME=[C9AF9670:01C26A79]
>
>Very rapidly this is becoming a FAQ..
>
>Your most likely candidate is Iframe tags:
>
>Allow IFrame Tags = yes
>
>There are two other causes of this message, but they shouldn't occur and
>you'd have to modify the mailscanner code to allow em thru.
>
>Search the list archives. there's lots of instances of this question.
>
>At 03:58 PM 10/2/2002 -0700, David Closson wrote:
>>Using Mailscanner 3.23-4 (with McAfee AV)
>>-Upgraded from 3.22-14
>>-Install method: RPM
>>
>>I am getting quite a few users that are reporting false virus reports:
>>"Possible Microsoft security vulnerability attack"
>>
>>The messages are common mail list HTML messages that may or may not be
>>pulling content from another location.
>>
>>
>>_________
>>Sincerely,
>>David Closson
>>209-728-8199
_________
Sincerely,
David Closson
209-728-8199Allow
_________________________________________________________________
MSN Photos is the easiest way to share and print your photos:
http://photos.msn.com/support/worldwide.aspx
More information about the MailScanner
mailing list