John, > It's not completely clear to me. If I understand things correctly, this > patch makes it possible for amavisd to detect the RIFF ani exploit. > But I asume a entry in amavisd.conf is nessecary for blocking this. What > option to amavisd.conf should be added to block the RIFF ani exploit?
Certainly. Something like the following, placed at a strategic point in a $banned_filename_re list: qr'^\.ani$', # banned animated cursors to block on short file(1) type, assuming the Henrik Krohns' addition is in place; or to block on a file name (i.e. the tail of its name): qr'.\.(ani|cur|ico)$'i, # banned cursors and icons Mark ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
