Still catching "Possible Microsoft security vulnerability attack"

John Hanks john.hanks at USU.EDU
Mon Oct 7 17:49:17 IST 2002


Ok, looks like I have overcome my source of confusion. This works (at least
nothing has been caught in the last 10 minutes or so)

Allow IFrame Tags = yes
Allow Codebase Tags = yes

Earlier when Julian was correcting my spelling I thought the use of "= yes"
was wrong. Head is extracted from rear now, thanks for the help.

jbh


----- Original Message -----
From: "Mike Kercher" <mike at CAMAROSS.NET>
To: <MAILSCANNER at JISCMAIL.AC.UK>
Sent: Monday, September 09, 2002 10:28 AM
Subject: Re: Still catching "Possible Microsoft security vulnerability
attack"


> Allow IFrame Tags = No <?>
>
>
> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
> Behalf Of John Hanks
> Sent: Monday, October 07, 2002 11:23 AM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Still catching "Possible Microsoft security vulnerability
> attack"
>
>
> I must still be doing something wrong, I now have in my mailscanner.conf
> file the following lines:
>
> Allow IFrame Tags
> Allow Codebase Tags
>
> but I am still catching messages with this report. Am I missing something
> obvious again? Most of the messages quarantined have had iframe tags.
There
> was one that I couldn't locate either an iframe tag or object codebase tag
> in, but it had some encoded areas that may have contained them and I
didn't
> dig that deep yet.
>
> Thanks,
>
> jbh
>



More information about the MailScanner mailing list