V4: 4.00.0a11-1 not including Inline Warning (new tests)
Dustin Baer
dustin.baer at IHS.COM
Thu Oct 10 20:39:14 IST 2002
Julian Field wrote:
>
> I have just tested this with a hand-crafted message containing this:
> <html>
> This is <iframe tag><b>HTML</b>.</html>
> in an HTML multipart/alternative message.
>
> The "Allow IFrame tags" switch did exactly what I intended. If it was set
> to allow them, the message got through untouched (but Eudora was nice
> enough to rip out the <iframe tag> before displaying it. If it was set to
> stop them, I got the inline warning and the VirusWarning.txt attachment as
> I expected.
>
> Hmmm....
No problem with that.
What are your results if you Allow IFrame Tags = no and then send a
message that includes an <IFRAME> pointing to an attached Bugbear
infected file? This is where I am running into not having the Inline
Warning (The 'e' in 'iframe' removed in the following example):
<ifram src=3Dcid:nHBT78M2Le7jM height=3D0 width=3D0></ifram>
...
Content-Type: audio/x-midi;
name=hosting.ppt.exe
Content-Transfer-Encoding: base64
Content-ID: <nHBT78M2Le7jM>
(INFECTED ATTACHMENT)
Dustin
--
Dustin Baer
Unix Administrator/Postmaster
Information Handling Services
15 Inverness Way East
Englewood, CO 80112
303-397-2836
More information about the MailScanner
mailing list