Hi All,
I have been using a combination of ripmime and
altermime in order to remove attachments from some
incoming mails. All exe, com, pif and bat etc files
are removed using due to a threat from viruses.
I use altermime --input=<filename> --removeall
--htmltoo
once I see that after using ripmime any attachment is
of the above type.
One problem I am facing, there are some embedded
scripts in some mails coming from some Outlook Express
clients. There are supposedly scripts pertaining to
Redlof virus.
Is there any way I can disable the script at the
incoming level itself?
Inside the mail body, the virus code starts with :
<SCRIPT language=3Dvbscript>
document.write "<div style=3D'position:absolute;
left:0px; top:0px; =
width:0px; height:0px; z-index:28; visibility:
hidden'><"&"APPLET =
NAME=3DKJ"&"_guest HEIGHT=3D0 WIDTH=3D0 =
code=3Dcom.ms."&"activeX.Active"&"XComponent></APPLET></div>"
</SCRIPT>
<SCRIPT language=3Dvbscript>
ExeString =3D =
Then there is a whole lot of code, which is related to
the virus. Then it ends with </script>
Is there any way, I can remove everything between
<SCRIPT>.....</SCRIPT>
Any help would be highly appreciated,
__________________________________
Do you Yahoo!?
Yahoo! Small Business $15K Web Design Giveaway
http://promotions.yahoo.com/design_giveaway/
I have been using a combination of ripmime and
altermime in order to remove attachments from some
incoming mails. All exe, com, pif and bat etc files
are removed using due to a threat from viruses.
I use altermime --input=<filename> --removeall
--htmltoo
once I see that after using ripmime any attachment is
of the above type.
One problem I am facing, there are some embedded
scripts in some mails coming from some Outlook Express
clients. There are supposedly scripts pertaining to
Redlof virus.
Is there any way I can disable the script at the
incoming level itself?
Inside the mail body, the virus code starts with :
<SCRIPT language=3Dvbscript>
document.write "<div style=3D'position:absolute;
left:0px; top:0px; =
width:0px; height:0px; z-index:28; visibility:
hidden'><"&"APPLET =
NAME=3DKJ"&"_guest HEIGHT=3D0 WIDTH=3D0 =
code=3Dcom.ms."&"activeX.Active"&"XComponent></APPLET></div>"
</SCRIPT>
<SCRIPT language=3Dvbscript>
ExeString =3D =
Then there is a whole lot of code, which is related to
the virus. Then it ends with </script>
Is there any way, I can remove everything between
<SCRIPT>.....</SCRIPT>
Any help would be highly appreciated,
__________________________________
Do you Yahoo!?
Yahoo! Small Business $15K Web Design Giveaway
http://promotions.yahoo.com/design_giveaway/