stored.content.message.txt and {DANGEROUS?} .. foundform

Julian Field mailscanner at
Thu Nov 6 15:59:15 GMT 2003

At 15:38 06/11/2003, you wrote:
>We updated MailScanner from 4.21-9 to 4.24-5 and since then I'm getting a
>lot of complains from users that we are stripping html forms from all valid
>sources like banks, weather networks, etc.
>Is this something about Silent Viruses?  How can I stop it?  How can I let
>MailScanner know that I want those forms to go through. Which forms are
>they?  I did not overwritten MailScanner.conf file, I use the old one from
>4.21-9 version so why the form are stripped now?

For starters, when upgrading use the upgrade_MailScanner_conf script that
comes with the distribution. That will make sure all new settings are put
in your MailScanner.conf file.

When you do that, you will see all the new options and therefore know which
settings you need to adjust for your environment.

>Where the {DANGEROUS?}is coming from?
>I can't see any references about {DANGEROUS?}  and a
>stored.content.message.txt file (which is the warning a user is getting) in
>the MailScanner.conf file so I don't know to which form tag the message is
>attached to.
>Any help?
>Some MailScaner.conf settings:
>Silent Viruses = HTML-IFrame Klez Yaha-E Bugbear Braid-A WinEvar Palyh
>Sobig Fizzer # mnh T136
>#Silent Viruses = HTML-IFrame All-Viruses Klez Yaha-E Bugbear Braid-A
>WinEvar Palyh Sobig Fizzer   # mnh T136
>Still Deliver Silent Viruses = yes
>Allow IFrame Tags = yes       #mnh T116
>Log IFrame Tags = yes      #T116
>Allow Object Codebase Tags = no
>Convert Dangerous HTML To Text = no
>Convert HTML To Text = no

Julian Field
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC  7222 11F6 5947 1415 B654

More information about the MailScanner mailing list