HTML-exploit issue

[Rose, Bobby]

Forget it.  I found the problem.  It was still the html form check causing it.  I found some commented out stuff that I uncommented to get some extra logging. 

-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Rose, Bobby
Sent: Tuesday, October 21, 2003 5:31 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: HTML-exploit issue

No it is MailScanner.  I remember when they were added back in 3.4.

I know it HTML-form, code, iframe, fragmented messages and eudora long mime boundary tests since they are in the languages code.  But there is some others for Outlook that it checks.


-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Ugo Bellavance
Sent: Tuesday, October 21, 2003 5:23 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: HTML-exploit issue

> -----Message d'origine-----
> De : Rose, Bobby [mailto:brose at MED.WAYNE.EDU] Envoyé : Tuesday, 
> October 21, 2003 5:21 PM À : MAILSCANNER at JISCMAIL.AC.UK Objet :
> HTML-exploit issue
> 
> 
> I have user trying to get these reports being setting from this one 
> service and at first it was being rejected by the HTML Form check.
> After I allowed it, it's now being rejected by the content checking 
> saying that an HTML-Exploit was detected. But I don't know what 
> exploit it is.  It's not iframe or codebase, since I turned that off 
> also for this sender.
> 
> What are the security exploits that MailScanner is looking at?  I need 
> to find that in the html code and compose something to the sender of 
> these messages so that they can be made aware of it.
> 
> -=Bobby Rose
> 

I think that these exploits are found by your virus scanner, not MailScanner.