script disarming and large javascript messages
Greg Matthews
gmatt at nerc.ac.uk
Fri Nov 28 08:52:49 GMT 2008
Is anyone else seeing a problem with disarming scripts within email
resulting in messages containing ~200k of disarmed javascript? This
looks like complete nonsense to the recipient.
The script contains lots of references to Dana<foo>, here is a typical
first chunk:
var DanaShimData="var DSJsFuncs =
[null,null,[{nm:\"go\",flg:0xf},{nm:\"dJ\",flg:0x37},],null,[{nm:\"item\",flg:0xf},{nm:\"href\",flg:0xf},{nm:\"save\",lcnm:\"save\",flg:0xb},{nm:\"open\",lcnm:\"open\",flg:0x3b},{nm:\"load\",lcnm:\"load\",flg:0x3b},{nm:\"eval\",flg:0x57},],.......
Note that the lines are very long, sometimes over 5000 characters!
Is there any alternative to simply turning off script disarming? Seems
drastic and possibly dangerous.
GREG
--
Greg Matthews 01491 692445
Head of UNIX/Linux, iTSS Wallingford
--
This message (and any attachments) is for the recipient only. NERC
is subject to the Freedom of Information Act 2000 and the contents
of this email and any reply you make may be disclosed by NERC unless
it is exempt from release under the Act. Any material supplied to
NERC may be stored in an electronic records management system.
More information about the MailScanner
mailing list