I have a user complaining about the fact that MIMEDefang strips .vcf's from
emails, and I'm not sure what answer to give. Are .vcf's a vector for some
kind of attack? Or is there a knowledgebase article somewhere that
describes problems with allowing .vcfs in emails?
Thanks, all. :)
Ken
Cormack, Ken wrote:
I have a user complaining about the fact that MIMEDefang strips .vcf's from
emails, and I'm not sure what answer to give. Are .vcf's a vector for some
kind of attack? Or is there a knowledgebase article somewhere that
describes problems with allowing .vcfs in emails?
--On Thursday, February 09, 2006 5:21 PM -0500 Dirk the Daring
[EMAIL PROTECTED] wrote:
Mailman has a web-based interface and a lot of features that
MajorDomo lacks, but relies on Python (as opposed to Perl) and is harder
to set up (IMHO, having done both). Of the two, I prefer Mailman (I
On Thu, Feb 09, 2006 at 05:21:14PM -0500, Dirk the Daring wrote:
Its called an Internet Mailing List. I would suggest that, instead of
re-inventing this functionality in MIMEDefang, you use either
MajorDomo or Mailman. The former is probably easier to set up and like
MIMEDefang it uses Perl,
Ken Cormack wrote:
You're right, David...
I compared my list of forbiddeen filename extensions to the one in the
sample filter. My list has grown over time, and I see that .vcf's
were added to our filter by our information security group a few
years ago, when they added most of the list of
Matthew.van.Eerde wrote:
There was an exploit in Outlook...
http://www.microsoft.com/technet/security/bulletin/MS01-012.mspx
Which was actually used...
http://vil.nai.com/vil/content/v_99020.htm
Oh, wait, no it wasn't.
--
Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902
I'm seeing a lot of the following messages:
...
Feb 10 10:51:38 mail mimedefang-multiplexor[27593]: Killing idle slave 0
(pid 10777): New generation -- forcing reread of filter rules
Feb 10 10:55:51 mail mimedefang-multiplexor[27593]: Killing idle slave 1
(pid 10791): New generation -- forcing
Philip Prindeville wrote:
I'm seeing a lot of the following messages:
Feb 10 10:51:38 mail mimedefang-multiplexor[27593]: Killing idle slave 0
(pid 10777): New generation -- forcing reread of filter rules
Hmm... I'm seeing that too, and I can't for the life of me track it down.
I built a
David F. Skoll wrote:
Hmm... I'm seeing that too, and I can't for the life of me track it down.
I built a version with some more debugging code and I'll try to nail down
what's happening.
FWIW: I didn't see this with 2.54.
-Philip
___
NOTE:
More detective work. Same system as with the last problem:
Centos 3.6 Linux box, and some version information relevant to this problem:
mimedefang-2.55
Mail-SpamAssassin-3.1.0
MIME-tools-5.419
MIME::QuotedPrint 3.07
MIME-Base64-3.07
I have mimedefang up and running on the test box. I
David Eisner wrote:
/usr/lib/perl5/site_perl/5.8.0/MIME/Base64.pm --- VERSION 2.12
/usr/lib/perl5/5.8.0/i386-linux-thread-multi/MIME/Base64.pm --
VERSION 3.07
Remove the older version (the one in site_perl)... oh, you
already discovered that...
OK, I lied, I deleted the older
Philip Prindeville wrote:
FWIW: I didn't see this with 2.54.
That's odd, because the bug was present in 2.54.
The problem is an off-by-one error in the function
set_slave_status_from_command. The patch below should fix it.
Please note that the error is not exploitable for the purpose of
12 matches
Mail list logo