1 Reply Latest reply on Feb 2, 2007 5:28 PM by burkep

    cfmail multipart treated as a virus


      I have created a multipart message using cfmail and cfmailpart, there's a text part and an html part that includes inline images. The messages are being caught by our email antivirus (declude). The antivirus message states that the message contains "the [Outlook 'Space Gap' Vulnerability]"

      The vulnerability can be defined as:

      This vulnerability occurs when there is a space in one of the MIME
      headers where there is not normally a space (such as "Content-Type
      :" instead of "Content-Type:"). This is not RFC-compliant, but
      Outlook will treat it as valid and be able to see a virus that
      virus scanners will not usually see. There is no legitimate reason
      for an email to be formed like this.

      When I look at the source of the email message, it appears that coldfusion does the following to the mime headers:

      Mime-Version: 1.0
      Content-Type: multipart/related;

      I think the newline and tab before the boundry declaration are creating the problem.

      Any help would be much apprecitated.