So an interesting bug in simscan I noticed when at a clients' today.  
She said that she was getting tons of Spam- a good 20 times what she
should rightfully get.  All obvious Spam as well.  Looking in the headers,
it's not being scanned by spamc, despite the domain being in

The answer?  They were sending mail to [EMAIL PROTECTED]  Sending
mail to [EMAIL PROTECTED] works as expected, but not in all caps.  I'm
assuming this matching is case sensitive, and since qmail and as far as I
know the RFCs for mail, don't distinguish case, shouldn't that mean
that simscan doesn't either?

At present, varying case of the domain can disable virus and spam
scanning.  In theory that could be used to infect PCs who believe that they
are safe (though I'm not overly concerned about the security
implications as much as the effective working of this).

I haven't looked at detail at the code, but will gladly do so first
thing next week, unless someone else knows the easy fix.

I'm guessing we just need to convert the string to lowercase at the top
of per_domain_email_lookup() [and possibly per_domain_lookup() if we
don't lowercase the parameter].  Possibly even just set it in

Haven't looked at the bigger picture as I mentioned, but wanted to
point that one out.  Will investigate and post.  Probably a very easy fix.


Reply via email to