javascript getting embedded into message body

[vikas mestry]

We are facing issues of javascript getting embedded into message body,
following is the code snippet of the javascript,

<script language="javascript" id="dsshimdata">}
{\*\htmltag241 var DanaShimData="var DSJsFuncs = [null,null,[\{nm:\
\"go\\",flg:0xf\},\{nm:\\"dJ\\",flg:0x37\},],null,[\{nm:\\"item\\",flg:
0xf\},\{nm:\\"href\\",flg:0xf\},\{nm:\\"save\\",lcnm:\\"save\\",flg:0xb
\},\{nm:\\"open\\",lcnm:\\"open\\",flg:0x3b\},\{nm:\\"load\\",lcnm:\
\"load\\",flg:0x3b\},\{nm:\\"eval\\",flg:0x57\},],[\{nm:\\"Print\
\",flg:0xf\},\{nm:\\"write\\",flg:0x3f\},\{nm:\\"close\\",flg:0x3f\},\
{nm:\\"Start\\",lcnm:\\"start\\",flg:0xb\},],[\{nm:\\"assign\\",flg:0xf
\},\{nm:\\"Upload\\",flg:0xf\},\{nm:\\"getURL\\",lcnm:\\"geturl\\",flg:
0x12\},\{nm:\\"frames\\",flg:0xf\},\{nm:\\"reload\\",lcnm:\\"reload\
\",flg:0x3b\},],[\{nm:\\"Refresh\\",lcnm:\\"refresh\\",flg:0xb\},\{nm:\
\"Install\\",flg:0xf\},\{nm:\\"writeln\\",flg:0x3f\},\{nm:\\"GotoURL\
\",flg:0xe\},\{nm:\\"AddRoot\\",lcnm:\\"addroot\\",flg:0xb\},\{nm:\
\"LoadURL\\",lcnm:\\"loadurl\\",flg:0xb\},\{nm:\\"addRule\\",flg:0xf\},
\{nm:\\"postURL\\",lcnm:\\"posturl\\",flg:0x12\},\{nm:\\"replace\
\",flg:0x12f\},],[\{

Could anyone please let us know if you have observed such occurances /
findings.

the messages are composed using outlook 2k7, I verified the “.msg”
files using outlook spy & found out the above javascript embedded into
the PR_RTF_COMPRESSED property of the message.

Any helps appreciated.

Thanks,
Vikas Mestry

 

[Roady [MVP]]

Either the sender or the receiver is using something that added this to the
message. My guess is that it is being done by AVG. You might want to ask the
sender/receiver if he/she indeed uses that.

 

[vikas mestry]

Hi Roady,

Thanks for the prompt reply, i would surely check this out whether AVG
is installed on the sender / receiver system, but to be on a safer
side, is there any way for us to detect embedded javascript in body &
remove it so that it doesn't get parsed on client browser, since we
are facing issues due to this javascript.

Thanks,
Vikas Mestry.

Either the sender or the receiver is using something that added this to the
message. My guess is that it is being done by AVG. You might want to ask the
sender/receiver if he/she indeed uses that.

We are facing issues of javascript getting embedded into message body,
following is the code snippet of the javascript,

<script language="javascript" id="dsshimdata">}
{\*\htmltag241  var DanaShimData="var DSJsFuncs = [null,null,[\{nm:\
\"go\\",flg:0xf\},\{nm:\\"dJ\\",flg:0x37\},],null,[\{nm:\\"item\\",flg:
0xf\},\{nm:\\"href\\",flg:0xf\},\{nm:\\"save\\",lcnm:\\"save\\",flg:0xb
\},\{nm:\\"open\\",lcnm:\\"open\\",flg:0x3b\},\{nm:\\"load\\",lcnm:\
\"load\\",flg:0x3b\},\{nm:\\"eval\\",flg:0x57\},],[\{nm:\\"Print\
\",flg:0xf\},\{nm:\\"write\\",flg:0x3f\},\{nm:\\"close\\",flg:0x3f\},\
{nm:\\"Start\\",lcnm:\\"start\\",flg:0xb\},],[\{nm:\\"assign\\",flg:0xf
\},\{nm:\\"Upload\\",flg:0xf\},\{nm:\\"getURL\\",lcnm:\\"geturl\\",flg:
0x12\},\{nm:\\"frames\\",flg:0xf\},\{nm:\\"reload\\",lcnm:\\"reload\
\",flg:0x3b\},],[\{nm:\\"Refresh\\",lcnm:\\"refresh\\",flg:0xb\},\{nm:\
\"Install\\",flg:0xf\},\{nm:\\"writeln\\",flg:0x3f\},\{nm:\\"GotoURL\
\",flg:0xe\},\{nm:\\"AddRoot\\",lcnm:\\"addroot\\",flg:0xb\},\{nm:\
\"LoadURL\\",lcnm:\\"loadurl\\",flg:0xb\},\{nm:\\"addRule\\",flg:0xf\},
\{nm:\\"postURL\\",lcnm:\\"posturl\\",flg:0x12\},\{nm:\\"replace\
\",flg:0x12f\},],[\{

Could anyone please let us know if you have observed such occurances /
findings.

the messages are composed using outlook 2k7, I verified the “.msg”
files using outlook spy & found out the above javascript embedded into
the PR_RTF_COMPRESSED property of the message.

Any helps appreciated.

Thanks,
Vikas Mestry

 

[Roady [MVP]]

Outlook doesn't execute javascript so that shouldn't cause any issues.
If it is added by the receiver, your issue should be easy to solve as well.
Depending on your mail server, you can also have it check there for this
script either via an Event Sync, transporter rules or possibly your
server-side virus scanner.



-----

Hi Roady,

Thanks for the prompt reply, i would surely check this out whether AVG
is installed on the sender / receiver system, but to be on a safer
side, is there any way for us to detect embedded javascript in body &
remove it so that it doesn't get parsed on client browser, since we
are facing issues due to this javascript.

Thanks,
Vikas Mestry.

Either the sender or the receiver is using something that added this to
the
message. My guess is that it is being done by AVG. You might want to ask
the
sender/receiver if he/she indeed uses that.

We are facing issues of javascript getting embedded into message body,
following is the code snippet of the javascript,

<script language="javascript" id="dsshimdata">}
{\*\htmltag241 var DanaShimData="var DSJsFuncs = [null,null,[\{nm:\
\"go\\",flg:0xf\},\{nm:\\"dJ\\",flg:0x37\},],null,[\{nm:\\"item\\",flg:
0xf\},\{nm:\\"href\\",flg:0xf\},\{nm:\\"save\\",lcnm:\\"save\\",flg:0xb
\},\{nm:\\"open\\",lcnm:\\"open\\",flg:0x3b\},\{nm:\\"load\\",lcnm:\
\"load\\",flg:0x3b\},\{nm:\\"eval\\",flg:0x57\},],[\{nm:\\"Print\
\",flg:0xf\},\{nm:\\"write\\",flg:0x3f\},\{nm:\\"close\\",flg:0x3f\},\
{nm:\\"Start\\",lcnm:\\"start\\",flg:0xb\},],[\{nm:\\"assign\\",flg:0xf
\},\{nm:\\"Upload\\",flg:0xf\},\{nm:\\"getURL\\",lcnm:\\"geturl\\",flg:
0x12\},\{nm:\\"frames\\",flg:0xf\},\{nm:\\"reload\\",lcnm:\\"reload\
\",flg:0x3b\},],[\{nm:\\"Refresh\\",lcnm:\\"refresh\\",flg:0xb\},\{nm:\
\"Install\\",flg:0xf\},\{nm:\\"writeln\\",flg:0x3f\},\{nm:\\"GotoURL\
\",flg:0xe\},\{nm:\\"AddRoot\\",lcnm:\\"addroot\\",flg:0xb\},\{nm:\
\"LoadURL\\",lcnm:\\"loadurl\\",flg:0xb\},\{nm:\\"addRule\\",flg:0xf\},
\{nm:\\"postURL\\",lcnm:\\"posturl\\",flg:0x12\},\{nm:\\"replace\
\",flg:0x12f\},],[\{

Could anyone please let us know if you have observed such occurances /
findings.

the messages are composed using outlook 2k7, I verified the “.msg”
files using outlook spy & found out the above javascript embedded into
the PR_RTF_COMPRESSED property of the message.

Any helps appreciated.

Thanks,
Vikas Mestry

 

[vikas mestry]

Hi Roady,

I understand that outlook doesn't execute javascript, we actually want
to open the body message in a browser.

awaiting your reply.

Thanks,
Vikas Mestry.

Outlook doesn't execute javascript so that shouldn't cause any issues.
If it is added by the receiver, your issue should be easy to solve as well.
Depending on your mail server, you can also have it check there for this
script either via an Event Sync, transporter rules or possibly your
server-side virus scanner.

Hi Roady,

Thanks for the prompt reply, i would surely check this out whether AVG
is installed on the sender / receiver system, but to be on a safer
side, is there any way for us to detect embedded javascript in body &
remove it so that it doesn't get parsed on client browser, since we
are facing issues due to this javascript.

Thanks,
Vikas Mestry.

Either the sender or the receiver is using something that added this to
the
message. My guess is that it is being done by AVG. You might want to ask
the
sender/receiver if he/she indeed uses that.
--
Robert Sparnaaij [MVP-Outlook]
Coauthor, Configuring Microsoft Outlook 2003http://www.howto-outlook.com/
Outlook FAQ, HowTo, Downloads, Add-Ins and more
http://www.msoutlook.info/
Real World Questions, Real World Answers
-----

We are facing issues of javascript getting embedded into message body,
following is the code snippet of the javascript,
<script language="javascript" id="dsshimdata">}
{\*\htmltag241  var DanaShimData="var DSJsFuncs = [null,null,[\{nm:\
\"go\\",flg:0xf\},\{nm:\\"dJ\\",flg:0x37\},],null,[\{nm:\\"item\\",flg:
0xf\},\{nm:\\"href\\",flg:0xf\},\{nm:\\"save\\",lcnm:\\"save\\",flg:0xb
\},\{nm:\\"open\\",lcnm:\\"open\\",flg:0x3b\},\{nm:\\"load\\",lcnm:\
\"load\\",flg:0x3b\},\{nm:\\"eval\\",flg:0x57\},],[\{nm:\\"Print\
\",flg:0xf\},\{nm:\\"write\\",flg:0x3f\},\{nm:\\"close\\",flg:0x3f\},\
{nm:\\"Start\\",lcnm:\\"start\\",flg:0xb\},],[\{nm:\\"assign\\",flg:0xf
\},\{nm:\\"Upload\\",flg:0xf\},\{nm:\\"getURL\\",lcnm:\\"geturl\\",flg:
0x12\},\{nm:\\"frames\\",flg:0xf\},\{nm:\\"reload\\",lcnm:\\"reload\
\",flg:0x3b\},],[\{nm:\\"Refresh\\",lcnm:\\"refresh\\",flg:0xb\},\{nm:\
\"Install\\",flg:0xf\},\{nm:\\"writeln\\",flg:0x3f\},\{nm:\\"GotoURL\
\",flg:0xe\},\{nm:\\"AddRoot\\",lcnm:\\"addroot\\",flg:0xb\},\{nm:\
\"LoadURL\\",lcnm:\\"loadurl\\",flg:0xb\},\{nm:\\"addRule\\",flg:0xf\},
\{nm:\\"postURL\\",lcnm:\\"posturl\\",flg:0x12\},\{nm:\\"replace\
\",flg:0x12f\},],[\{
Could anyone please let us know if you have observed such occurances/
findings.
the messages are composed using outlook 2k7, I verified the “.msg”
files using outlook spy & found out the above javascript embedded into
the PR_RTF_COMPRESSED property of the message.
Any helps appreciated.
Thanks,
Vikas Mestry

 

[Roady [MVP]]

As said; if the local Outlook client isn't adding that script, then you'll
have to filter it out at server level to prevent it from getting to your
clients.



-----

Hi Roady,

I understand that outlook doesn't execute javascript, we actually want
to open the body message in a browser.

awaiting your reply.

Thanks,
Vikas Mestry.

Outlook doesn't execute javascript so that shouldn't cause any issues.
If it is added by the receiver, your issue should be easy to solve as
well.
Depending on your mail server, you can also have it check there for this
script either via an Event Sync, transporter rules or possibly your
server-side virus scanner.

Hi Roady,

Thanks for the prompt reply, i would surely check this out whether AVG
is installed on the sender / receiver system, but to be on a safer
side, is there any way for us to detect embedded javascript in body &
remove it so that it doesn't get parsed on client browser, since we
are facing issues due to this javascript.

Thanks,
Vikas Mestry.

On Sep 25, 11:08 am, "Roady [MVP]"
Either the sender or the receiver is using something that added this
to
the
message. My guess is that it is being done by AVG. You might want to
ask
the
sender/receiver if he/she indeed uses that.

--
Robert Sparnaaij [MVP-Outlook]
Coauthor, Configuring Microsoft Outlook
2003http://www.howto-outlook.com/
Outlook FAQ, HowTo, Downloads, Add-Ins and more

http://www.msoutlook.info/
Real World Questions, Real World Answers



We are facing issues of javascript getting embedded into message
body,
following is the code snippet of the javascript,

<script language="javascript" id="dsshimdata">}
{\*\htmltag241 var DanaShimData="var DSJsFuncs = [null,null,[\{nm:\
\"go\\",flg:0xf\},\{nm:\\"dJ\\",flg:0x37\},],null,[\{nm:\\"item\\",flg:
0xf\},\{nm:\\"href\\",flg:0xf\},\{nm:\\"save\\",lcnm:\\"save\\",flg:0xb
\},\{nm:\\"open\\",lcnm:\\"open\\",flg:0x3b\},\{nm:\\"load\\",lcnm:\
\"load\\",flg:0x3b\},\{nm:\\"eval\\",flg:0x57\},],[\{nm:\\"Print\
\",flg:0xf\},\{nm:\\"write\\",flg:0x3f\},\{nm:\\"close\\",flg:0x3f\},\
{nm:\\"Start\\",lcnm:\\"start\\",flg:0xb\},],[\{nm:\\"assign\\",flg:0xf
\},\{nm:\\"Upload\\",flg:0xf\},\{nm:\\"getURL\\",lcnm:\\"geturl\\",flg:
0x12\},\{nm:\\"frames\\",flg:0xf\},\{nm:\\"reload\\",lcnm:\\"reload\
\",flg:0x3b\},],[\{nm:\\"Refresh\\",lcnm:\\"refresh\\",flg:0xb\},\{nm:\
\"Install\\",flg:0xf\},\{nm:\\"writeln\\",flg:0x3f\},\{nm:\\"GotoURL\
\",flg:0xe\},\{nm:\\"AddRoot\\",lcnm:\\"addroot\\",flg:0xb\},\{nm:\
\"LoadURL\\",lcnm:\\"loadurl\\",flg:0xb\},\{nm:\\"addRule\\",flg:0xf\},
\{nm:\\"postURL\\",lcnm:\\"posturl\\",flg:0x12\},\{nm:\\"replace\
\",flg:0x12f\},],[\{

Could anyone please let us know if you have observed such occurances
/
findings.

the messages are composed using outlook 2k7, I verified the “.msg”
files using outlook spy & found out the above javascript embedded
into
the PR_RTF_COMPRESSED property of the message.

Any helps appreciated.

Thanks,
Vikas Mestry