Detected HTML-specific exploits

Julian Field mailscanner at ecs.soton.ac.uk
Mon May 17 14:24:05 IST 2004


At 14:00 17/05/2004, you wrote:

>I recently had an important email to an exec at my company blocked due to
>html-specific exploits.  The message had a lot of html in it, of which a
>few items did look strange (if its not html 101, it looks strange to me),
>but nothing that I could determine as having any malicious intent.
>
>My logs indicated the message was blocked because...
>
>         Content Checks: Detected HTML-specific exploits in i4C2qdWJ019277
>
>Is there any way for a simpleton like myself to discern what this check
>looks for in a message?  I would like to be able to explain it in a little
>more detail if possible.
>
>Is this just the default output for a message blocked because of the
>Script/Iframe/object codebase/etc rules in MailScanner.conf?  The message
>did contain some javascript elements in it.

You say it had JavaScript elements in it. What is your setting for "Allow
Script Tags"?
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

-------------------------- MailScanner list ----------------------
To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/     and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html



More information about the MailScanner mailing list