Nigel,
> should decode as
> foo bar xyzzy plugh
> NOT
> foo barxyzzy plugh
Yes, that's my interpretation too. The "exploit" aspect of the whole
debate came from the characters /after/ the
terminating '=' being used to poison the decoded attachment.
Regards.
--
PLDaniels - Software -
On Tue, 14 Dec 2004 11:39:16 +0100
Bogus³aw Brandys <[EMAIL PROTECTED]> wrote:
> There is some product called CanIt.
>
> http://www.roaringpenguin.com/anti_spam/options.php
>
> Does somebody know if CanIt is using clamscan or directly libclamav ?
It depends on clamd, IIRC.
> Is this Open Sourc
I've been thinking long and hard about this.
The original code was correct, and the exploit is wrong.
The sentence from RFC1521 (now RFC2045) that was quoted originally
needs to be read in the context of the entire paragraph.
So in this example
foo bar =
xyzzy plugh=
should decode as
foo bar x
There is some product called CanIt.
http://www.roaringpenguin.com/anti_spam/options.php
Does somebody know if CanIt is using clamscan or directly libclamav ? Is
this Open Source like MIMEDefang ?
Regards
Boguslaw Brandys
___
http://lists.clamav.net/cgi-
