[Mimedefang] Re: Filesystem based greylisting URL

Matthew.van.Eerde at hbinc.com Matthew.van.Eerde at hbinc.com
Mon Aug 30 14:56:53 EDT 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Atanas wrote:
> On Fri, 27 Aug 2004, David F. Skoll wrote:
>  > MAIL FROM:<foo///../../../../../../../../etc/mischief at domain.net>

> > Slashes should be already taken care of ($file =~ s/\///g;).
> Correct me
> if I'm wrong, but I couldn't think about any other characters
> that would
> be invalid in a UFS filename.

I worry about Unicode overlong representations of otherwise normal
characters like slash.  It could easily be that they will pass the perl
s/// but be interpreted by the shell.

I've found that it is better to specify characters that are OK rather
than try to think of every possible bad character.  Something like

if ($alias =~ /^[a-z0-9\-_.=]+$/mi)
{	# do_greylisting
} else
{	# log failure
}

run this for a while and then parse the failures to see if any other
characters should be added to the class.

Matthew.van.Eerde at hbinc.com                      805.964.4554 x902
Hispanic Business Inc./HireDiversity.com         Software Engineer
perl -e"map{y/a-z/l-za-k/;print}shift" "Jjhi pcdiwtg Ptga wprztg,"
-----BEGIN PGP SIGNATURE-----
Comment: pub key http://matthew.vaneerde.com/pgp-public-key.asc

iD8DBQFBM3hvUQQr0VWaglwRAiDtAJ9FUAVivIOzFwSp4c9sFdAkOooWigCg2RqB
M7WRgZR/0hm0GQlMYbnveW0=
=vwGa
-----END PGP SIGNATURE-----



More information about the MIMEDefang mailing list