Messages being disarmed

[Jason Waters]

I thought that I had disabled everything that would mark the subject as
disarmed but I keep getting emails like this and can not see what is in
them.  Also the file that it says is on the server is not there.

Subject: {Disarmed} RE: Service





MailScanner was attacked by a Denial Of Service attack, and has therefore
deleted this part of the message. Please contact your e-mail providers for
more information if you need it, giving them the whole of this report.
Attack in: /var/spool/MailScanner/incoming/6797/25ACEE03FD.
AE977/nmsg-6797-37.html


Here is the log file(cat /var/log/mail.log|grep "25ACEE03FD.AE977" -B5 -A5)



Dec  7 12:59:47 mailscanner MailScanner[6797]: <A> tag found in message
25ACEE03FD.AE977 from user at remoteemail.com

Dec  7 12:59:47 mailscanner MailScanner[6797]: HTML Img tag found in
message 25ACEE03FD.AE977 from user at remoteemail.com

Dec  7 12:59:47 mailscanner MailScanner[6797]: Whitelist refresh time
reached

Dec  7 12:59:47 mailscanner MailScanner[6797]: Starting up SQL Whitelist

Dec  7 12:59:47 mailscanner MailScanner[6797]: Read 66 whitelist entries

Dec  7 12:59:56 mailscanner MailScanner[6797]: HTML disarming died, status
= 13

Dec  7 12:59:56 mailscanner MailScanner[6797]: Content Checks: Detected and
have disarmed KILLED tags in HTML message in 25ACEE03FD.AE977 from
user at remoteemail.com

Dec  7 12:59:56 mailscanner MailScanner[6797]: Requeue: 25ACEE03FD.AE977 to
B27BCE0403

Dec  7 12:59:56 mailscanner postfix/qmgr[1738]: B27BCE0403: from=<
user at remoteemail.com>, size=17598, nrcpt=2 (queue active)

Dec  7 12:59:56 mailscanner MailScanner[6797]: Uninfected: Delivered 1
messages



Thanks

Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20161207/ef3f98e6/attachment.html>