[Mimedefang] newbie: virus-scanning

[Steffen Kaiser]

On Wed, 26 Jun 2002, David F. Skoll wrote:

Hallo,

thanks all, the replys cleared up my clouds.

> > 2) Some Mailclients automatically opens certain compressions, such as .gz
> > or .bz2, or encodings, such as uuencode, and present the contents as
> > attachement. Is this performed by MIMEDefang, too implicitly?
>
> No; opening compressed files (or in general, trying to be too clever) can
> lead to DoS attacks if you are not very careful.  If you want this
> functionality, you have to code it yourself.

Yes, I know. This is one of the most complains about Amavis; it scans, I
think, about 20 levels of compressed files ... .

I'm actually thinking about gzipped HTML attachments, that are happily
automatically uncompressed by Mozilla and displayed without writing the
file onto disk - it least I haven't found none in the moz-cache nor /tmp.
They would pass any checks and Anomy::HTMLCleaner, then.
I would disable HTML at all, but as other people already said: Scientists
and those folks are touchy about Freedom of Speech (and Freedom of
how-to-format-my-damn-mail).

Bye,

-- 

Steffen Kaiser