I just upgraded from ISPConfig 2.2.19 to 2.2.21. There appears to be a change in the way MailScan is working. MailScan is now "defanging" the style of any emails I receive that have an embeded style. If I view the source of the email I can see new tags around the style section that say DEFANGED_STYLE. This prevents the style from being applied. MailScan up through ISPConfig 2.2.19 would "defang" the extensions of file attachments but it did not alter tags within emails...at least not style tags. Was a change made to /root/ispconfig/isp/conf/html-trap.rc.master ? I have disabled MailScan in ISPConfig for now to prevent style defanging.
Yes they are different! I found a copy of html-trap.rc.master from ISPConfig 2.2.19 and compared it to the one in 2.2.21. They are different for sure. 2.2.19 used version 1.138 of the Email Sanitizer for Procmail script. 2.2.21 uses version 1.151 which is the latest version. FYI, you can configure MailScan by downloading this file: Code: /root/ispconfig/isp/conf/local-rules.rc.master making any necessary modifications and uploading it as: Code: /root/ispconfig/isp/conf/customized_templates/local-rules.rc.master It must be placed in the "customized_templates" folder to prevent it from being over-written when ISPConfig is upgraded. For example, I can turn off all HTML defanging entirely by adding the following line: Code: SECURITY_TRUST_HTML=Y OR, I can turn off HTML defanging exclusively for locally generated emails by adding this code: Code: :0 * ^From:.*<[a-z0-9][email protected]> * ^To:.*<[a-z0-9][email protected]> { SECURITY_TRUST_STYLE_TAGS=YES } All of the various options are described HERE. NOTE - Each mail user has a hidden file ".local-rules.rc" that defines the rules for that user. Changes to local-rules.rc.master will not propagate down to each user's ".local-rules.rc" until a modification is made to the user in ISPConfig. The way I have done this is to uncheck MailScan click Save and then check MailScan and click Save for each user.
