On Sat, 2013-03-09 at 09:23 -0800, John Hardin wrote: > Regarding that analogy, SA is not an antivirus tool, and any attempt to > make it one would be met with resistance. SA is also not an email > *security* tool. > Agreed. If I thought I needed an antivirus tool I's run Clamav.
> An email security tool which has been around for a lot more than a decade > and which stops attacks like this is the Email Sanitizer, which I wrote: > > http://www.impsec.org/email-tools/procmail-security.html > > If you're worried about javascript attacks via email, this has prevented > them for a long time. > Bookmarked for future reference. Martin