-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I'm not sending this e-mail shown below, Klez running on some
clients, digging through all the local mail storage.
But it looks like that the majordomo is not very Klez-resistant, it
tries to understand each line from begin to end of the HTML message
(and the MIME part, too). This results in a 328 kByte big e-mail
response.
Is this majordomo's default behavior? Perhaps it should stop after
around 20 lines of "Command not recognized"....
If majordomo is uptodate, imho this is a candidate for a bugtraq
posting.
Peter
- ---------- Forwarded Message ----------
Date: Saturday, May 11, 2002 10:50:28 PM -0700
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Majordomo results: How are you
> Received: (qmail 11195 invoked from network); 12 May 2002 05:50:39
> -0000 Received: from pheriche.sun.com (192.18.98.34)
> by mail.bieringer.de with SMTP; 12 May 2002 05:50:39 -0000
> Received: from engmail4.Eng.Sun.COM ([129.144.134.6])
> by pheriche.sun.com (8.9.3+Sun/8.9.3) with ESMTP id XAA06389
> for <[EMAIL PROTECTED]>; Sat, 11 May 2002 23:50:35 -0600 (MDT)
> Received: from sunroof.eng.sun.com (sunroof.Eng.Sun.COM
> [129.146.168.88]) by engmail4.Eng.Sun.COM
> (8.9.3+Sun/8.9.3/ENSMAIL,v2.1p1) with ESMTP id WAA06006 for
> <[EMAIL PROTECTED]>; Sat, 11 May 2002 22:50:34 -0700 (PDT) Received:
> from sunroof.eng.sun.com (localhost [127.0.0.1])
> by sunroof.eng.sun.com (8.12.3+Sun/8.12.3) with ESMTP id
> g4C5oUrP004263 for <[EMAIL PROTECTED]>; Sat, 11 May 2002 22:50:30
> -0700 (PDT) Received: (from majordomo@localhost)
> by sunroof.eng.sun.com (8.12.3+Sun/8.12.3/Submit) id
> g4C5oSl7004262; Sat, 11 May 2002 22:50:28 -0700 (PDT)
> Date: Sat, 11 May 2002 22:50:28 -0700 (PDT)
> Message-Id: <[EMAIL PROTECTED]>
> X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender
> to [EMAIL PROTECTED] using -f To: [EMAIL PROTECTED]
> From: [EMAIL PROTECTED]
> Subject: Majordomo results: How are you
> Reply-To: [EMAIL PROTECTED]
>
> --
>
>>>>> --AW4V32232m0lC5aW7x17iOk7UMmF6u431
> **** Command '--aw4v32232m0lc5aw7x17iok7ummf6u431' not recognized.
>>>>> Content-Type: text/html;
> **** Command 'content-type:' not recognized.
>>>>> Content-Transfer-Encoding: quoted-printable
> **** Command 'content-transfer-encoding:' not recognized.
>>>>>
>>>>> <HTML><HEAD></HEAD><BODY>
> **** Command '<html><head></head><body>' not recognized.
>>>>> <iframe src=3Dcid:R4NOn3Uaod height=3D0 width=3D0>
> **** Command '<iframe' not recognized.
>>>>> </iframe>
> **** Command '</iframe>' not recognized.
>>>>> <FONT></FONT></BODY></HTML>
> **** Command '<font></font></body></html>' not recognized.
>>>>>
>>>>> --AW4V32232m0lC5aW7x17iOk7UMmF6u431
> **** Command '--aw4v32232m0lc5aw7x17iok7ummf6u431' not recognized.
>>>>> Content-Type: audio/x-midi;
> **** Command 'content-type:' not recognized.
>>>>> name=Options.exe
> **** Command 'name=options.exe' not recognized.
>>>>> Content-Transfer-Encoding: base64
> **** Command 'content-transfer-encoding:' not recognized.
>>>>> Content-ID: <R4NOn3Uaod>
> **** Command 'content-id:' not recognized.
>>>>>
>>>>> TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
>>>>> AAAAAAAAA
> **** Command
> 'tvqqaamaaaaeaaaa//8aalgaaaaaaaaaqaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
> aaaaaa' not recognized.
>>>>> AAAAAAAA2AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSB
>>>>> ydW4gaW4g
> **** Command
> 'aaaaaaaa2aaaaa4fug4atannibgbtm0hvghpcybwcm9ncmftignhbm5vdcbizsbydw
> 4gaw4g' not recognized.
>>>>> RE9TIG1vZGUuDQ0KJAAAAAAAAAAYmX3gXPgTs1z4E7Nc+BOzJ+Qfs1j4E7Pf5B2
>>>>> zT/gTs7Tn
- ---------- End Forwarded Message ----------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
iD8DBQE83hyde1eqe5WPQi0RAq6zAJ431+M3HeYQftl+VYxxwiwZurFWBwCgza/1
ZtjFH6uM4RARHcWxnTTFEyw=
=os4S
-----END PGP SIGNATURE-----
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
