[Mimedefang] javascript in html attachments
Lucas Albers
admin at cs.montana.edu
Mon Aug 9 13:28:24 EDT 2004
I couldn't find your javascript post in teh archive, could you provide
more information on what you tags you stript from html via mimedefang?
Joseph Brennan said:
>
>
> --On Friday, March 5, 2004 1:54 PM -0500 Paul Whittney
> <pwhittney at net.bacconsulting.com> wrote:
>
>> I've recently seen an email (only one though, which is odd), with spam
>> in it, but hidden inside a javascript message. The email body seems very
>> light, just a simple subject, and simple "you file attached" in it.
>
>
>
> I reported this a week or two ago, and followed up with mimedefang
> code to disable script tags, which I really recommend doing. They
> do not belong in email. Also iframe and object. There has already
> been a virus (Klez) that used iframe to load html from the next part
> that then did something else. This stuff does not belong in email.
>
>
> Joseph Brennan
> Academic Technologies Group, Academic Information Systems (AcIS)
> Columbia University in the City of New York
>
>
>
> _______________________________________________
> Visit http://www.mimedefang.org and http://www.canit.ca
> MIMEDefang mailing list
> MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>
--
Luke Computer Science System Administrator
Security Administrator,College of Engineering
Montana State University-Bozeman,Montana
More information about the MIMEDefang
mailing list