Well,
all i want to do is to filter the Mails into a per user quarantine.
We have lost important Emails in the past because of false alarms (mostly
for Macro Viruses).
So my Boss gave me 2 Options:
- Give the Users the Chance to recover false positives by themselves
- Don't run a Virus Scanner on
I was looking through the code on 1.21 and saw that virus scans are
disabled on plain text messages... This can be a problem when a plain
text message with an old style Uuencoded attachment is in-lined into a
message using begin and end statements... Take the following email for
example... (note
I wouldn't necessarily call this a vulnerability. I ran into this when
writting the Regex Scanner for QSQ. Find $skip_text_msgs and set it to 0 so
that all e-mails, including plain text, are scanned.
This only applies to the 1.2x versions, 1.1x don't have this feature.
John Narron|
> PID USERNAME PRI NICE SIZERES STATETIME WCPUCPU
COMMAND
> 3706 spamd1290 420M 300M RUN 12:01 85.21% 85.21% perl
Softlimit your call to spamd... That way it cant use 420M of physical
mem. However, it should never use that much.. Are your bayes databases
large, o
>
> I wouldn't necessarily call this a vulnerability. I ran into
> this when writting the Regex Scanner for QSQ. Find
> $skip_text_msgs and set it to 0 so that all e-mails,
> including plain text, are scanned.
>
> This only applies to the 1.2x versions, 1.1x don't have this feature.
>
You d
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of [EMAIL PROTECTED]
> Sent: Saturday, April 03, 2004 2:37 AM
> To: [EMAIL PROTECTED]
> Subject: [Qmail-scanner-general]g_e_h: no sender and no recips
>
>
> Hello friends,
>
> I am using RH8.0 Linux,
No I don't call it a vulnerability. The skip_text_msgs feature, intended to
skip messages that just seem to be plain text, improves performance by not
scanning messages that don't appear to have binary content. Admittedly,
yes, its not perfect. Not being a user of QSQ 1.2x, I don't know if this
>
> It doesnt need to be addressed at all. It isnt a bug or a
> problem with QS. If you are so worried about it, set
> $skip_text_msgs = 0 and call it a day. This isnt anything
> new. The only argument i see here is that MAYBE this should
> be 0 by default.
>
Call it what you will... I jus
Hello,
Does anyone know of another stats util for qmail-scanner besides QSS,
which is nice but I have to rotate my logs weekly since they grow to fast
and I would like to be able to see historical data.
Thanks
Dinesh Mistry
---
This SF.Net e
At 11:59 -0500 8-04-2004, Dallas L. Engelken wrote:
>
I wouldn't necessarily call this a vulnerability. I ran into
this when writting the Regex Scanner for QSQ. Find
$skip_text_msgs and set it to 0 so that all e-mails,
including plain text, are scanned.
This only applies to the 1.2x version
>
>
> No I don't call it a vulnerability. The skip_text_msgs
> feature, intended to skip messages that just seem to be plain
> text, improves performance by not scanning messages that
> don't appear to have binary content. Admittedly, yes, its
> not perfect. Not being a user of QSQ 1.2x, I
>
> Just tested ripmime and it sees it..
>
> [EMAIL PROTECTED] tmp]# ripmime -v -imsg1
> Decoding filename=textfile0_1
> Decoding filename=Dad, Lavena, Alta.jpg
> Decoding filename=textfile1_1
> Decoding filename=Dad, Lavena, Alta.jpg
>
> reformime does not.
>
> [EMAIL PROTECTED] tmp]# reform
>
> Here is the proof that QS bypasses Virus Scans on it
>
> Thu, 08 Apr 2004 10:14:43 -0500:17737: from=Kathy Scott
> <[EMAIL PROTECTED]>,subj=FW: Mom & Russell,
> x-qmail-scanner-message-id=<[EMAIL PROTECTED]
> nmgi.com> via local process 17737 Thu, 08 Apr 2004 10:14:43
> -0500:17737: Th
Dallas L. Engelken said:
> I was looking through the code on 1.21 and saw that virus scans are
> disabled on plain text messages... This can be a problem when a plain
> text message with an old style Uuencoded attachment is in-lined into a
> message using begin and end statements... Take the foll
14 matches
Mail list logo