Code inside message

Eoin Kim Eoin.Kim at
Thu Sep 7 21:07:21 UTC 2017

Thanks Mark,

I'll give a crack. Cheers.


-----Original Message-----
From: MailScanner [ at] On Behalf Of Mark Sapiro
Sent: Friday, 8 September 2017 2:30 AM
To: mailscanner at
Subject: Re: Code inside message

On 09/07/2017 05:38 AM, M A Young wrote:
> On Thu, 7 Sep 2017, Eoin Kim wrote:
>> One of managers in my company is getting Google Alert emails daily. On
>> arrival, the message shows {Disarmed} in the subject. When he opens the
>> message in Outlook, it looks like the whole message content shows up but
>> above it, a bunch of JSON codes are showing as well. Are there any related
>> configuration in MailScanner regarding this or is this an issue with
>> Outlook? Thank you very much.
> I suspect the json code is in a <script> block, which Mailscanner disarms 
> by renaming it. The result is that the json code becomes visible, but it 
> protects against and malicious code in such blocks that might get run.

You can control this in MailScanner via the Allow Script Tags setting
You could make a rule set for this which would set "no" for these mails.
E.g., something like

From	host:*	no
FromorTo	default	disarm

Mark Sapiro <mark at>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

MailScanner mailing list
mailscanner at

More information about the MailScanner mailing list