anomy-list

Sanitizing iframe and cid

From: Bill Elswick (135084@xyz.molar.is)
Date: Fri 03 Dec 2004 - 21:45:43 GMT

  • Next message: 135178@xyz.molar.is: "Swedish & French Characters"

    Hi All,

    I recently got an email that passed through Sanitizer with everything
    on except for feat_paranoid, which contains some code that is clearly
    up to no good. I'm looking for suggestions on how to configure Sanitizer
    to stop thing like this from getting through. I would hate to simply
    disable all cid: urls, since that would kill all embedded pictures.
    But killing all "iframe" tags seems like a good idea in general. Here
    is the offending snippet from the mail that suggested this:
    ===
    Received message is available at:<br>
    <a href="cid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re" height=0
    width=0>www.entertech.com/inbox/belswick/read.php?sessionid-29144</a>
    </SAFE_span></font></p>

    <iframe src="cid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re" height=0 width=0>
    </iframe>
    ===

    Any suggestions would be appreciated.

    Thanks!
    --Bill



    hosted by molar.is