glenn.steen at gmail.com
Fri Feb 6 12:52:34 GMT 2009
2009/2/6 Michael Mansour <micoots at yahoo.com>:
> I have a client who asked for the disarmed messages to be removed from his emails.
> I searched through the MailScanner config and could only find areas which would remove the disarmed message from the subject line, not the message body.
> Is there a way that the message can continue to be disarmed while not showing the disarmed notification in the message body?
> After discussing this with him, he asked that the "Allow WebBug" feature be enabled for him. After configuring and setting the ruleset:
> To: blah at blah.com no
> FromOrTo: default disarm
> a day went by with that and he then informed me that he was no longer receiving HTML emails, but plain text for emails he knew where originally HTML.
> I tried to reproduce this problem but couldn't, so reverted him back to disarmed emails.
> Does anyone know of any bug with MailScanner that would cause the "Allow WebBug" feature to strip HTML?
> I haven't ruled out the possibility that he has a virus scanner installed on his PC which may be doing this, but I also use MailWatch and when he releases the email from MailWatch it comes through as HTML, while the original send he says is only text based.
> I'm using mailscanner-4.73.1-1
> Any suggestions are appreciated.
Why not set it to use with Jules nice ... replacement gif? If you have
Web Bug Replacement = http://www.mailscanner.tv/1x1spacer.gif
With that, the evil "counters" will be replaced with Jules nice
I've never seen that generating any "Disarmed" notices in the actual code.
What can, and do, happen with the various "disarmaments" MS can do is
that it might invalidate a block av code, so that the code block get
interpreted as plain text. I've mostly seen that with script tags
(which I disarm).
I've never informed my users of disarmament via the Subjetc line
rewriting. It would only cause unwarranted anxiety:-).
I think you should look long and hard at what the implications are of
setting "Convert Dangerous HTML To Text = yes" in conjunction with the
disarm instructions. I have that set to "no", even though that might
open a small window of opportunity for the bad guys.
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
More information about the MailScanner