The 'Blank Folding' vulnerability may be allowed by the RFC, but that
doesn't make them the right thing to do. The problem is that virus scanners
don't scan for attachments that could be embedded into the headers in one of
these lines but Outlook would still execute them. Just because no virus
has used this technique yet is not a good reason to continue to leave the
door open.
----- Original Message -----
From: "Mon Mariola - Rubén" <[EMAIL PROTECTED]>
To: <declude.junkmail@declude.com>
Sent: Monday, December 03, 2007 9:40 AM
Subject: Re: [Declude.JunkMail] Outlook 'Blank Folding' Vulnerability
Maybe I explained poorly. I want to send the request to Incredimail
technical support.
My doubt is that the Declude manual says that according to section 3.2.3
of RFC822, it is not valid to
have such lines, and I not located in RFC822 that section.
http://www.faqs.org/rfcs/rfc822.html
After reading the RFC 822, I see that the process "unfolding" allows these
lines, but I do not see where specifies that are invalid. I need this
information for the technical support Incredimail correct this problem.
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
