Feature request: HTML Content Checks
Quentin Campbell
Q.G.Campbell at NEWCASTLE.AC.UK
Tue Jan 18 15:13:20 GMT 2005
ulian
Is it possible to add to the logged "Content Checks: Detected
HTML-specific exploits in ..." messages the actual HTML exploit that
caused the message?
That is, I am asking for one of the strings "HTML-Iframe",
"HTML-Codebase", "HTML Object", "HTML-Script" or "HTML-Form" to be added
as appropriate to the message.
At present we only have info on IFrame exploits through the separate
logging facility for that tag. I would like this additional info for the
same reason you provided the IFrame logging - to identify the
envelope-From address that may need to be added to the rules file to
exempt that address from the actions normally applied to that exploit.
Thanks
Quentin
---
PHONE: +44 191 222 8209 Information Systems and Services (ISS),
University of Newcastle,
Newcastle upon Tyne,
FAX: +44 191 222 8765 United Kingdom, NE1 7RU.
------------------------------------------------------------------------
"Any opinion expressed above is mine. The University can get its own."
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list