Detected HTML-specific exploits

Jason Burzenski jburzenski at AMERICANHM.COM
Mon May 17 14:00:23 IST 2004


I recently had an important email to an exec at my company blocked due to
html-specific exploits.  The message had a lot of html in it, of which a few
items did look strange (if its not html 101, it looks strange to me), but
nothing that I could determine as having any malicious intent.

My logs indicated the message was blocked because...

        Content Checks: Detected HTML-specific exploits in i4C2qdWJ019277

Is there any way for a simpleton like myself to discern what this check
looks for in a message?  I would like to be able to explain it in a little
more detail if possible.

Is this just the default output for a message blocked because of the
Script/Iframe/object codebase/etc rules in MailScanner.conf?  The message
did contain some javascript elements in it.

Thanks,

Jason


-------------------------- MailScanner list ----------------------
To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/     and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20040517/4ae6593b/attachment.html


More information about the MailScanner mailing list