HTML images are being removed FIXED - PATCH

Julian Field MailScanner at ecs.soton.ac.uk
Tue Jun 24 13:45:07 IST 2008 

I have already produced a fix for this problem, and am waiting for 
anyone on the mailscanner-beta list to try it out.
If you mangle the URLs on the website to download 4.70.7-1 you will find 
the fix is there. I just didn't want to publish it until someone had 
agreed it fixed it.
But my testers all seem to be on holiday :(

Cheers,
Jules.

Richard Frovarp wrote:
> Richard Frovarp wrote:
>> Richard Frovarp wrote:
>>> I'm having a problem where the img tag in HTML messages is being 
>>> removed. I'm using clamd 0.92.1, SA 3.2.5, and MS 4.70-6.1. What is 
>>> interesting is they aren't being replaced with anything, they're 
>>> just being completely removed.
>>>
>>> I do have this set in MS, plus I would expect it to replace, not 
>>> remove:
>>> Allow WebBugs = yes
>>>
>>> Anyone have any ideas? I did switch to clamd from clamavmodule, so 
>>> that may have something to do with it.
>>>
>>> Thanks,
>>> Richard
>> Okay, it's not clamd. I turned it off and I have the same problem. SA 
>> shouldn't mess with, well anything. So it would appear that something 
>> changed in MS between 4.61.7 and 4.70.6. I've got a diff between what 
>> the MailScanner.conf file looked like before and after the upgrade. I 
>> don't see anything in there that would explain this behavior.
>
> I found the problem. If DisarmWebBug is false, it skips over adding 
> $text to $output, making it completely skip the tag. Since I think the 
> goal of the change is to track if the signature image is found, I 
> stuck an else after the DisarmWebBug test to just dump the text.
>
> --- Message.pm.bak      2008-06-23 09:30:21.000000000 -0500
> +++ Message.pm  2008-06-23 09:36:56.000000000 -0500
> @@ -6612,6 +6612,8 @@
>       } else {
>         $output .= $text;
>       }
> +    } else {
> +      $output .= $text;
>     }
>   } elsif ($tagname eq 'base') {
>     #print STDERR "It's a Base URL\n";
>

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list