[Mimedefang] HTML Exploits

Jonas Eckerman jonas_lists at frukt.org
Mon May 7 07:00:15 EDT 2007


Daniel Aquino wrote:

> Has "Anomy HTML Cleaner" or any other such type of system been

I tried using the Anomy cleaner a couple of years ago, but it was 
way to heavy handed for our users.

Instead, our filter now has custom code that deals with some 
stuff using HTML::Parser and CSS::Tiny.

You can check it out at
http://whatever.frukt.org/mimedefangfilter.text.shtml
(search for "HTML CLeaning").

I welcome comments/thoughts on that hack.

> I would really like to protect Outlook clients from exploits...

Then you need more than HTML cleaning. You also need to remove 
all binary content (there has been vulnerabilities in Windows 
JPEG and WMF decoding, in Word, etc, etc).

> Perhaps a simple blocking of JS code ?

Personally I think EcmaScript and other active content should 
never be allowed in an mail body.

Regards
/Jonas
-- 
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/




More information about the MIMEDefang mailing list