Code inside message

Mark Sapiro mark at msapiro.net
Thu Sep 7 16:30:08 UTC 2017


On 09/07/2017 05:38 AM, M A Young wrote:
> On Thu, 7 Sep 2017, Eoin Kim wrote:
> 
>> One of managers in my company is getting Google Alert emails daily. On
>> arrival, the message shows {Disarmed} in the subject. When he opens the
>> message in Outlook, it looks like the whole message content shows up but
>> above it, a bunch of JSON codes are showing as well. Are there any related
>> configuration in MailScanner regarding this or is this an issue with
>> Outlook? Thank you very much.
> 
> I suspect the json code is in a <script> block, which Mailscanner disarms 
> by renaming it. The result is that the json code becomes visible, but it 
> protects against and malicious code in such blocks that might get run.


You can control this in MailScanner via the Allow Script Tags setting
<https://www.mailscanner.info/MailScanner.conf.index.html#Allow%20Script%20Tags>.
You could make a rule set for this which would set "no" for these mails.
E.g., something like

From	host:*.google.com	no
FromorTo	default	disarm

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan


More information about the MailScanner mailing list