Anyone have a clue what the bad code is, so we could reject mail containing it?
I believe the issue is that IE ignores MIME type inconsistently when deciding what to do with web content. The hostile website hosts a file with a graphic filename extension (eg. .jpg or .gif) but the file is actually HTML with hostile JavaScript capable of downloading and running an executable. IE interprets the HTML, runs the JS and trojans the machine.
I recall bitching at one webmaster last year because his traceroute script output HTML but without a text/html MIME type, and Mozilla displayed the source, not the desired output. The script had obviously been tested only with IE, which "helpfully" interpreted the HTML because it had HTML tags in it.
To effectively block, you'd need to block all links with graphic extensions.
_______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
