Code inside message
Eoin Kim
Eoin.Kim at rcst.com.au
Thu Sep 7 21:07:21 UTC 2017
Thanks Mark,
I'll give a crack. Cheers.
Eoin
-----Original Message-----
From: MailScanner [mailto:mailscanner-bounces+eoin.kim=rcst.com.au at lists.mailscanner.info] On Behalf Of Mark Sapiro
Sent: Friday, 8 September 2017 2:30 AM
To: mailscanner at lists.mailscanner.info
Subject: Re: Code inside message
On 09/07/2017 05:38 AM, M A Young wrote:
> On Thu, 7 Sep 2017, Eoin Kim wrote:
>
>> One of managers in my company is getting Google Alert emails daily. On
>> arrival, the message shows {Disarmed} in the subject. When he opens the
>> message in Outlook, it looks like the whole message content shows up but
>> above it, a bunch of JSON codes are showing as well. Are there any related
>> configuration in MailScanner regarding this or is this an issue with
>> Outlook? Thank you very much.
>
> I suspect the json code is in a <script> block, which Mailscanner disarms
> by renaming it. The result is that the json code becomes visible, but it
> protects against and malicious code in such blocks that might get run.
You can control this in MailScanner via the Allow Script Tags setting
<https://www.mailscanner.info/MailScanner.conf.index.html#Allow%20Script%20Tags>.
You could make a rule set for this which would set "no" for these mails.
E.g., something like
From host:*.google.com no
FromorTo default disarm
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
More information about the MailScanner
mailing list