IE vulnerability

Tue Aug 2 14:35:33 IST 2005

On Tue, 2005-08-02 at 13:42 +0100, Julian Field wrote:
> Please do not send mail to the list with the Reply-To set to be just  
> you. Half the point of having a list is to allow other people to see  
> the solutions.

beg pardon - didnt realise it was set at all until now....!

> I wrote that rule quite a long time ago now, and I believe that  
> Microsoft patched the hole. You should be able to delete it now. If  
> it is causing problems, I'll remove it from the distribution.

great - I'll lower the score for now with a view to discontinuing it.
Thanks for the quick response.

GREG

> 
> On 2 Aug 2005, at 13:10, Greg Matthews wrote:
> 
> > I have this in my MailScanner.conf which I think was put in by my
> > predecessor:
> >
> > # IE explorer spoofing
> > uri             IE_VULN         /%([01][0-9a-f]|7f).*@/i
> > score           IE_VULN         100.0
> > describe        IE_VULN         Internet Explorer vulnerability
> >
> > I think this is stopping some legit mail and I cant find much  
> > regarding
> > this from google. Does anyone else use this? is it (still) necessary?
> 
-- 
Greg Matthews           01491 692445
Head of UNIX/Linux, iTSS Wallingford

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!