GFI MailSecurity, 25-49, 2 Year SMA Installation Manual download pdf (Page 103)

GFI MailSecurity for Exchange/SMTP The HTML Sanitizer  95

The HTML Sanitizer

Introduction to the HTML Sanitizer

The HTML Sanitizer scans and cleans from scripting code the email

body parts that have the MIME type set to “text/html” and all the

attachments that have an extension of “.htm” or “.html”. The HTML is

cleaned from all the scripts, rendering it harmless. The HTML

sanitization process is an automated process, which does not require

administrator intervention.

Why remove HTML scripts?

The introduction of HTML mail has allowed senders to include scripts

in email that can be triggered automatically upon opening mail. HTML

scripts are used in a number of headline hitting viruses, such as the

KAK worm. Moreover, HTML scripts are often utilized in one-off

attacks directed towards particular users and particular companies.

Consequently, it is best if all scripts are removed from within HTML

emails.

The HTML Sanitizer included in GFI MailSecurity provides automated

protection against HTML scripting threats.

Configuring the HTML Sanitizer

Screenshot 82 - HTML Sanitizer configuration page

Configure the HTML Sanitizer as follows:

1. Click the GFI MailSecurity  HTML Sanitizer node.

2. From the HTML Sanitizer configuration page, select the Enable

the HTML Sanitizer check box to enable the HTML Sanitizer.

1 2 ... 98 99 100 101 102 103 104 105 106 107 108 ... 199 200

No comments

GFI MailSecurity, 25-49, 2 Year SMA Installation Manual Page 103