SAP Knowledge Base Article - Public

2784869 - Ticket E-Mail Interactions Shows Message Related to Harmful Content

Symptom

In the ticket interaction you see that, one of the mails display a message as below:

Warning! This e-mail may contain harmful content. If it is trustworthy, select View Original Content from the options menu

Environment

SAP Cloud for Customer

Reproducing the Issue

  1. Go to Service work center.
  2. Go to Tickets view.
  3. Select Show all and for ticket ABC (ABC represents the ticket ID).
  4. Go to Interactions facet.

For the email received here, you can see the afore mentioned error in the email content.

Cause

Your e-mail has active content which is not allowed by SAP Cloud for Customer.

Resolution

All content that is scanned is based on a scan profile that is present in the SAP scanner frequently.
This will scan through the body of the incoming e-mail and will check for not allowed tags and active content/script in the body of the e-mail and marks it as unsafe with the warning message, which is based on the logon language of the user.

Whenever, there is any active content exists in the e-mail mime, we mark that mail as harmful content and display only plain-text in the ticket interactions. Therefore, none of the rich text or inline images are shown in the interaction.

Below are some of the examples of not allowed tags:

<BGSOUND>
<EMBED>
<FORM>
<IFRAME>
<INPUT>
<OBJECT>
<SCRIPT>

** As well as the above listed Tags please note that any reference to JavaScript Code in the MIME sent Inbound can also trigger the Warning message so this should be avoided (See examples below)**

<a href="javascript:void(0);">
<a onclick="javascript:handleMailto('mailto:email');">


We do support images and all other tags but our security scans are more stringent. Security is something that cannot be compromised and there is always the option to download the original content which opens outside if Cloud for Customer application, in case the agents still wants to view it. You can do that by following the steps below

  1. Go to Service work center.
  2. Go to Ticket view.
  3. Open Ticket ABC (ABC represents the ID of the ticket).
  4. Select the interaction, where you see the afore mentioned error
  5. Select the option View Original Content.

To check if the e-mail contains tags that are considered not safe, you can use the SAP HTML Sanitizer. To use the tool, you need to paste the E-mail HTML file and check the Sanitize box. This will show how the e-mail should look like after the cleaning.

Please note that security fixes are always applied to our product regularly to make the application more safer.

Keywords

Ticket, Email, Interactions, Harmful Content, virus , KBA , ticket , interactions , original content , harmful , safe , blacklisted , LOD-CRM-SRP , Service Request Processing , LOD-CRM-SC-EML , Email , Known Error

Product

SAP Cloud for Customer add-ins all versions ; SAP Cloud for Customer core applications all versions