blocking %00 / %01 exploits with mailscanner?

Julian Field mailscanner at
Mon Jan 19 22:01:09 GMT 2004

At 21:23 19/01/2004, you wrote:
>On Mon, 19 Jan 2004, Julian Field wrote:
> > At 20:52 19/01/2004, you wrote:
> > >Is there a way to get mailscanner to block %00 / %01 uri exploits in the
> > >body of mails the same way mailscanner can block iframe exploits in
> the body?
> > The current best solution is to create a SpamAssassin rule which catches
> > these and assigns a score of 100.
>So basically, "no, mailscanner can't do that"? It can block iframe
>exploits but not URI exploits?

I don't want to get into the game of adding code for every exploit that
ever appears. IFrame tags have been used in a whole bunch of exploits in
the past, and are still considered by many sites to be "dangerous".
Microsoft will eventually fix the bug that created this security hole, at
which point the check won't be needed anyway. Anyone following a link in an
email that has been flagged as spam does so at their own risk, they have
been warned.

I am not going to write and test code, and do an entire release for every
bug that ever appears in every network app in every operating system.

(And that's about the 15th re-write of this email, hopefully it is polite
this time)

Julian Field
Professional Support Services at
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

More information about the MailScanner mailing list