script disarming and large javascript messages

Greg Matthews gmatt at nerc.ac.uk
Fri Nov 28 11:52:37 GMT 2008


Steve Freegard wrote:
> Greg Matthews wrote:
>> Is anyone else seeing a problem with disarming scripts within email 
>> resulting in messages containing ~200k of disarmed javascript? This 
>> looks like complete nonsense to the recipient.
> 
> Why are you getting e-mail with Javascript in it in the first place? I 
> can't think any e-mail clients that will run any javascript due to the 
> security issues of doing so.

I really dont know! They come from various locations and to various 
recipients. It is a serious amount of script too.

>> Note that the lines are very long, sometimes over 5000 characters!
> 
> 1000 characters including the CRLF is the maximum line length allowed by 
> the RFC.  Is this the case pre-disarming?

It is very difficult for me to tell as we dont have resources available 
on our relays to archive or store messages for any length of time.

>> Is there any alternative to simply turning off script disarming? Seems 
>> drastic and possibly dangerous.
> 
> I'd definitely be finding out what this stuff is doing in an e-mail in 
> the first place.

thats what I've been trying to do but with no real progress. I was 
hoping that someone might recognise that Dana stuff (is it Outlook Web 
Access by any chance?)

I can tar up an example and send it to you if it would help?

GREG

> 
> Cheers,
> Steve.


-- 
Greg Matthews           01491 692445
Head of UNIX/Linux, iTSS Wallingford

-- 
This message (and any attachments) is for the recipient only. NERC
is subject to the Freedom of Information Act 2000 and the contents
of this email and any reply you make may be disclosed by NERC unless
it is exempt from release under the Act. Any material supplied to
NERC may be stored in an electronic records management system.



More information about the MailScanner mailing list