Blocking the VML Internet Explorer exploit

Folks, add this to your Postfix servers ASAP.  Microsoft’s unpatched VML vulnerability will probably be exploited via email within the next couple of days:

  body_checks =

  /<v:rect/       REPLACE <safety: MS VML tag removed>
  /<v:fill/       REPLACE <safety: MS VML tag removed>


The exploit:

Leave a Reply

Your email address will not be published. Required fields are marked *