[Mimedefang] some mime containing messages not detected as such
David F. Skoll
dfs at roaringpenguin.com
Mon Jul 26 11:23:31 EDT 2004
On Mon, 26 Jul 2004, Mark G. Thomas wrote:
> message from a remote mail system where the original message with the
> executable attachment, typically virus containing, are all attached
> as a single mime attachment to the bounce message, and not split up
> by MIMEDefang and detected by the $bad_exts mimedefang-filter configuration.
That is correct. While MIMEDefang tries to deal with malformed MIME,
what you are seeing is correctly-formed MIME whereby the original message
should be interpreted as plain text.
> Being able to catch and deal with $bad_exts in as loose a manner as
> typical user MUAs seems important, since this blocks new executable viruses
> and malware when the virus scanner does not.
We cannot possibly replicate all the bugs in all the MUAs out there.
Regards,
David.
More information about the MIMEDefang
mailing list