Google Alerts getting Mangled

Report bugs and workarounds
Post Reply
mmcnally
Posts: 12
Joined: 04 Sep 2016 00:51

Google Alerts getting Mangled

Post by mmcnally » 10 Jul 2017 18:45

Hi!

Having a problem with Google Alerts getting the formatting messed up when going through the gateway. I'm on 3.0.2.3, but it's been like this for several versions.
I attached a screencap from Mailwatch, where the bottom pane shows the problem. Also one email without the EFA gateway and one with the gateway.

When I removed the gateway and went direct to the mail server, the email formatting was normal.

I turned off HTML signitures and several other options in mailwatch.conf, even renamed the inline sig files.

Any ideas?


Thanks.

Mark
Attachments
No EFA Gateway.PNG
No EFA Gateway
No EFA Gateway.PNG (36.29 KiB) Viewed 2092 times
EFA Gateway.PNG
With Gateway
EFA Gateway.PNG (61.75 KiB) Viewed 2092 times
Capture.JPG
Mailwatch View
Capture.JPG (227.81 KiB) Viewed 2092 times

User avatar
shawniverson
Posts: 2821
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: Google Alerts getting Mangled

Post by shawniverson » 13 Jul 2017 23:06

Look in /etc/MailScanner/MailScanner.conf:

Code: Select all

# Do you want to allow <IFrame> tags in email messages? This is not a good
# idea as it allows various Microsoft Outlook security vulnerabilities to
# remain unprotected, but if you have a load of mailing lists sending them,
# then you will want to allow them to keep your users happy.
# Value: yes     => Allow these tags to be in the message
#        no      => Ban messages containing these tags
#        disarm  => Allow these tags, but stop these tags from working
# This can also be the filename of a ruleset, so you can allow them from
# known mailing lists but ban them from everywhere else.
Allow IFrame Tags = disarm

# Do you want to allow <Form> tags in email messages? This is a bad idea
# as these are used as scams to pursuade people to part with credit card
# information and other personal data.
# Value: yes     => Allow these tags to be in the message
#        no      => Ban messages containing these tags
#        disarm  => Allow these tags, but stop these tags from working
#                   Note: Disarming can be defeated, it is not 100% safe!
# This can also be the filename of a ruleset.
Allow Form Tags = disarm

# Do you want to allow <Script> tags in email messages? This is a bad idea
# as these are used to exploit vulnerabilities in email applications and
# web browsers.
# Value: yes     => Allow these tags to be in the message
#        no      => Ban messages containing these tags
#        disarm  => Allow these tags, but stop these tags from working
#                   Note: Disarming can be defeated, it is not 100% safe!
# This can also be the filename of a ruleset.
Allow Script Tags = disarm

# Do you want to allow <Img> tags with very small images in email messages?
# This is a bad idea as these are used as 'web bugs' to find out if a message
# has been read. It is not dangerous, it is just used to make you give away
# information.
# Value: yes     => Allow these tags to be in the message
#        disarm  => Allow these tags, but stop these tags from working
#                   Note: Disarming can be defeated, it is not 100% safe!
# Note: You cannot block messages containing web bugs as their detection
#       is very vulnerable to false alarms.
# This can also be the filename of a ruleset.
Allow WebBugs = disarm

Code: Select all

# Do you want to allow <Object Codebase=...> or <Object Data=...> tags
# in email messages?
# This is a bad idea as it leaves you unprotected against various
# Microsoft-specific security vulnerabilities. But if your users demand
# it, you can do it.
# Value: yes     => Allow these tags to be in the message
#        no      => Ban messages containing these tags
#        disarm  => Allow these tags, but stop these tags from working
# This can also be the filename of a ruleset, so you can allow them just
# for specific users or domains.
Allow Object Codebase Tags = disarm

And /var/www/html/mailscanner/conf.php:

Code: Select all

// List of allowed tags - set as blank to strip everything
define('ALLOWED_TAGS', '<a><br><b><body><div><font><h1><h2><h3><h4><head><html><i><li><ol><p><small><span><strong><table><title><tr><td><th><u><ul>');
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

mmcnally
Posts: 12
Joined: 04 Sep 2016 00:51

Re: Google Alerts getting Mangled

Post by mmcnally » 14 Jul 2017 22:09

Thanks Shawn!

Changing the first three options from disarm to yes got it working properly!


Thanks,

Mark

User avatar
shawniverson
Posts: 2821
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: Google Alerts getting Mangled

Post by shawniverson » 14 Jul 2017 23:01

Just keep in mind that disabling these lowers your security to an extent. Just be aware.
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

mmcnally
Posts: 12
Joined: 04 Sep 2016 00:51

Re: Google Alerts getting Mangled

Post by mmcnally » 15 Jul 2017 01:07

Hard to justify to users why Google Alerts get messed up for "security reasons"

Just a part of life!


Mark

User avatar
pdwalker
Posts: 1137
Joined: 18 Mar 2015 09:16

Re: Google Alerts getting Mangled

Post by pdwalker » 21 Jul 2017 03:33

unfortunately, html mail serves as a vector for malware, and less than aware users are more likely to do something stupid.

however, if the bosses fully understand the risks, then go for it.

oh, is it possible to whitelist the sending address so it avoids the checks all together?

hmmm... worth investigating.

Post Reply