[Mimedefang] scanning message body
Rick Mallett
rmallett at ccs.carleton.ca
Fri Mar 19 14:34:57 EST 2004
On Fri, 19 Mar 2004, Joseph Brennan wrote:
>
>
> --On Friday, March 19, 2004 10:24 AM -0600 Matthew Simpson
> <matthew at symatec-computer.com> wrote:
>
> > I need some quick help scanning the message body for URLs and certain HTML
> > tags.
>
>
> We do this, in filter(), to catch tags. It changes <object to
> <no-object, etc, disabling it.
>
>
> # Check for bad code in HTML parts
> if ($type eq "text/html") {
> my($bla,$badtag);
etc. etc. Have to end the quoted material here so that this message
won't bounce like the last one.
Does anyone know if this code posted by Joseph will prevent the Bagle.Q
virus from infecting machines running an unpatched version of Outlook/IE?
I realize that modifying the object tag will disarm the virus in message
parts of type text/html, but I seem to recall that Outlook will interpret
HTML constructs in plain text messages with a single non MIME body part,
and if that is the case then the code won't help prevent infection.
Does anyone know if Outlook will act on HTML constructs in non HTML
messages?
- rick
More information about the MIMEDefang
mailing list