Whitelist
Alex Neuman
alex at nkpanama.com
Wed Apr 14 17:33:01 IST 2004
You could set up:
Allow IFrame Tags = %rules-dir%/allowiframes.rules
Allow Form Tags = %rules-dir%/allowforms.rules
Allow Object Codebase Tags = %rules-dir%/allowobjectcodebase.rules
Allow External Message Bodies = %rules-dir%/allowexternal.rules
And in the files mentioned above ending in rules, add a ruleset like this:
FromOrTo: default no
From: mycomicaddress at mycomicdomain.com yes
That way, the default is no (because HTML mail can be dangerous), but mail
from that address will not be tagged as dangerous. Note: This wouldn't stop
someone malicious enough... Someone could (at least in theory) forge the
From: address and send you an e-mail message with an HTML exploit.
-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf
Of Howard Yuan
Sent: Wednesday, April 14, 2004 11:18 AM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: RE : Whitelist
>>> ugob at CAMO-ROUTE.COM 4/14/2004 09:04:21 >>>
The whitelist (/etc/MailScanner/rules/spam.whitelist.rules) is only for
spam.
What you need is rulesets for the settings that strips html and detects html
exploits.
A ruleset, huh? Hum...okie, I'll do some research on that and see what I can
come up with. Thanx.
Howard
More information about the MailScanner
mailing list