Hi All,
I recently got an email that passed through Sanitizer with everything
on except for feat_paranoid, which contains some code that is clearly
up to no good. I'm looking for suggestions on how to configure Sanitizer
to stop thing like this from getting through. I would hate to simply
disable all cid: urls, since that would kill all embedded pictures.
But killing all "iframe" tags seems like a good idea in general. Here
is the offending snippet from the mail that suggested this:
===
Received message is available at:<br>
<a href="cid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re" height=0
width=0>www.entertech.com/inbox/belswick/read.php?sessionid-29144</a>
</SAFE_span></font></p>
<iframe src="cid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re" height=0 width=0>
</iframe>
===
Any suggestions would be appreciated.
Thanks!
--Bill