Detected Microsoft-specific exploits
Julian Field
mailscanner at ecs.soton.ac.uk
Fri Oct 4 21:38:23 IST 2002
At 20:58 04/10/2002, you wrote:
>I've followed the thread on this and added Allow IFrames Tags = yes, but I
>am still removing message bodies with the only reason given being:
I assume you mistyped that as the option is "Allow IFrame Tags". The other
test is for "<object>" tags with a "codebase" attribute inside them.
Take a look at the quarantine for your message. I would be interested to
see it if it is a genuine "safe" message.
>Oct 4 13:41:33 noturus mailscanner[24009]: Detected Microsoft-specific
>exploits in g94JfRZ32214
>Oct 4 13:41:33 noturus mailscanner[24009]: Found 1 viruses in messages
>g94JfRZ32214
>
>In my environment (.edu) the complaint of a single faculty member that they
>didn't receive some daily comic strip is enough to bring a hail of bullets
>my way, so I really need to let these through unless I can show there is an
>actual exploit involved. Are there plans to make this an optional thing
>that I can (sadly) disable?
I'll add it for you. Do I need to back-port it to V3 or just V4?
--
Julian Field Teaching Systems Manager
jkf at ecs.soton.ac.uk Dept. of Electronics & Computer Science
Tel. 023 8059 2817 University of Southampton
Southampton SO17 1BJ
More information about the MailScanner
mailing list