Detected HTML-specific exploits
Julian Field
mailscanner at ecs.soton.ac.uk
Mon May 17 14:24:05 IST 2004
At 14:00 17/05/2004, you wrote:
>I recently had an important email to an exec at my company blocked due to
>html-specific exploits. The message had a lot of html in it, of which a
>few items did look strange (if its not html 101, it looks strange to me),
>but nothing that I could determine as having any malicious intent.
>
>My logs indicated the message was blocked because...
>
> Content Checks: Detected HTML-specific exploits in i4C2qdWJ019277
>
>Is there any way for a simpleton like myself to discern what this check
>looks for in a message? I would like to be able to explain it in a little
>more detail if possible.
>
>Is this just the default output for a message blocked because of the
>Script/Iframe/object codebase/etc rules in MailScanner.conf? The message
>did contain some javascript elements in it.
You say it had JavaScript elements in it. What is your setting for "Allow
Script Tags"?
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-------------------------- MailScanner list ----------------------
To leave, send leave mailscanner to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/ and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html
More information about the MailScanner
mailing list