Dangerous html tag?

Remco Barendse mailscanner at BARENDSE.TO
Thu Mar 18 16:28:49 GMT 2004 

How about making it a rule set where all the options are listed?

HTML tags = ruleset

And in the ruleset you can set

some at legitmails.com             allow
iframe                          strip
form                            disarm
object-data                     allow
object-code                     disarm
default                         strip disarm no

And provide a sample list with all the options with MailScanner?

Alternatively put the separate options/actions in MailScanner.conf, this
might be the most transparant way for n00bs with MailScanner so you don't have
to look for any important stuff in the rulesets.

Regarding the banned content in object-data I think we could simply use
the bannedextension and/or content type lists

:)

Remco

On Thu, 18 Mar 2004, Julian Field wrote:

> At 12:33 18/03/2004, you wrote:
> >Remco Barendse wrote:
> >
> >>I haven't got a clue whether Object Tags are ever used for something
> >>legit.
> >>
> >>Could you make the Object Codebase look at the allowed / disallowed
> >>extension list? Any file we do not allow as an attachment form should be
> >>utterly destroyed when in Object Codebase?
> >>
> >>This would allow mails with images and other stuff we may allow but not
> >>objectionable content.
> >>
> >>Just an idea :)
> >>
> >>On Thu, 18 Mar 2004, Julian Field wrote:
> >>
> >>
> >>
> >
> >Julian is it feasible to consider a list of tags that are
> >disarmed/banned/allowed ? So in the future we could just add the tag to
> >an existing list and it will be destroyed? Or something like this
> >similarly modular to save upgrading MS for this same thing (catching
> >tags) in the future?
>
> Certainly feasible. I will take a look, and agree it would be a good idea.
> How would we handle the yes/no/disarm values for each one?
> The yes/no is easy, just block it if it's in the list. But the disarm option?
> And what about being able to use a ruleset? The ruleset would have to apply
> to the whole configuration option, not just the separate bits of it.
> And what about the report message included whenever one or more of these
> tags are found?
>
> Allow HTML tags = iframe=yes form=disarm object/codebase=no object/data=no
>
> So "yes" would be the same as not listing the tag at all, the other
> possibilities would be "no" and "disarm". Complex tags like <Object
> Codebase=...> would be separated with a "/".
>
> That looks ugly. Can someone come up with something better?
> --
> Julian Field
> www.MailScanner.info
> MailScanner thanks transtec Computers for their support
>
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>

More information about the MailScanner mailing list