IFRAME

Rose, Bobby brose at MED.WAYNE.EDU
Sun Feb 23 15:51:25 GMT 2003


Most of the ones I see are from Klez messages.  Some virus scanners out
there remove the infected attachment and send the message on which in
the case for Klez, still contains the IFRAME markup to klez.

-----Original Message-----
From: Paul Welsh [mailto:paul at ESPMAIL.CO.UK] 
Sent: Sunday, February 23, 2003 8:59 AM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: IFRAME


----- Original Message -----
From: "Julian Field" <mailscanner at ECS.SOTON.AC.UK>
To: <MAILSCANNER at JISCMAIL.AC.UK>
Sent: 23 February 2003 12:41
Subject: Re: IFRAME


> Try setting
>
> Allow Object Codebase Tags = yes
>
> as well, as both it and the iframe check are Microsoft security 
> vulnerability checks.
>
Thanks, Julian.  I see you say in the comments:

# This is a very bad idea as it allow various Microsoft vulnerabilities
# to go unprotected.

Do you still believe this is "a very bad idea"?  What it leads to is a
lot of virus warning messages clogging up my mailq and a fair number of
clearly false alarms.




More information about the MailScanner mailing list