On Wed, 4 Feb 2004, Jon R. Kibler wrote: > According to this article, AMaViS is susceptible to this tactic. The > article says nothing about MIMEDefang... is it also susceptible?
If your virus scanner is susceptible, then yes. If your virus scanner isn't, then no. MIMEDefang doesn't try to uncompress anything. It leaves it up to the virus scanners to be that smart (or stupid, depending on your viewpoint...) Clam has options for the maximum size of an archive to open, and a hard-coded "maximum compression ratio" setting, but it really should have an option that says "bail if you're uncompressing the file and the *uncompressed* data grows to X megabytes..." Regards, David. _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
