V4: 4.00.0a11-1 not including Inline Warning (new tests)
Julian Field
mailscanner at ecs.soton.ac.uk
Thu Oct 10 22:08:50 IST 2002
Can you send me a encrypted zip including the qf and df files for a message?
That's about the only way I can easily get the raw message out.
Set the password to be "jules" so I can decrypt it.
At 20:39 10/10/2002, you wrote:
>Julian Field wrote:
> >
> > I have just tested this with a hand-crafted message containing this:
> > <html>
> > This is <iframe tag><b>HTML</b>.</html>
> > in an HTML multipart/alternative message.
> >
> > The "Allow IFrame tags" switch did exactly what I intended. If it was set
> > to allow them, the message got through untouched (but Eudora was nice
> > enough to rip out the <iframe tag> before displaying it. If it was set to
> > stop them, I got the inline warning and the VirusWarning.txt attachment as
> > I expected.
> >
> > Hmmm....
>
>No problem with that.
>
>What are your results if you Allow IFrame Tags = no and then send a
>message that includes an <IFRAME> pointing to an attached Bugbear
>infected file? This is where I am running into not having the Inline
>Warning (The 'e' in 'iframe' removed in the following example):
>
><ifram src=3Dcid:nHBT78M2Le7jM height=3D0 width=3D0></ifram>
>...
>Content-Type: audio/x-midi;
> name=hosting.ppt.exe
>Content-Transfer-Encoding: base64
>Content-ID: <nHBT78M2Le7jM>
>(INFECTED ATTACHMENT)
>
>
>
>Dustin
>
>--
>Dustin Baer
>Unix Administrator/Postmaster
>Information Handling Services
>15 Inverness Way East
>Englewood, CO 80112
>303-397-2836
--
Julian Field Teaching Systems Manager
jkf at ecs.soton.ac.uk Dept. of Electronics & Computer Science
Tel. 023 8059 2817 University of Southampton
Southampton SO17 1BJ
More information about the MailScanner
mailing list