Convert Dangerous HTML feature

Lancaster, David Matthew dml at UNB.CA
Thu Oct 16 13:59:22 IST 2003


Hrm.
The HTML Forms option is causing a bit of grief here.

I had briefly blocked HTML forms, but a number of users receive legitimate HTML
newsletters with forms in them. (search boxes, etc.)

So I disabled the block HTML Forms option....but now HTML emails with form tags
are converted to text, since I have the "Convert Dangerous HTML To Text" option
set to yes.

Now, I appreciate this feature, since it permits IFRAMES and OBJECT CODEBASE
ridden emails to be passed while mitigating the dangers of such.

So, what I'm wondering is, can the "Allow ..." and "Convert" options be changed
to allow a fine-grain level of control.

Perhaps something like:
Allow Object Codebase Tags = convert
Allow IFrame Tags = convert
Allow Form Tags = yes

D.



More information about the MailScanner mailing list