Detected Microsoft-specific exploits

Julian Field mailscanner at
Fri Oct 4 21:38:23 IST 2002

At 20:58 04/10/2002, you wrote:
>I've followed the thread on this and added Allow IFrames Tags = yes, but I
>am still removing message bodies with the only reason given being:

I assume you mistyped that as the option is "Allow IFrame Tags". The other
test is for "<object>" tags with a "codebase" attribute inside them.

Take a look at the quarantine for your message. I would be interested to
see it if it is a genuine "safe" message.

>Oct  4 13:41:33 noturus mailscanner[24009]: Detected Microsoft-specific
>exploits in g94JfRZ32214
>Oct  4 13:41:33 noturus mailscanner[24009]: Found 1 viruses in messages
>In my environment (.edu) the complaint of a single faculty member that they
>didn't receive some daily comic strip is enough to bring a hail of bullets
>my way, so I really need to let these through unless I can show there is an
>actual exploit involved. Are there plans to make this an optional thing
>that I can (sadly) disable?

I'll add it for you. Do I need to back-port it to V3 or just V4?
Julian Field                Teaching Systems Manager
jkf at         Dept. of Electronics & Computer Science
Tel. 023 8059 2817          University of Southampton
                             Southampton SO17 1BJ

More information about the MailScanner mailing list