[Mimedefang] TestVirus.org
David F. Skoll
dfs at roaringpenguin.com
Fri Jul 30 10:50:50 EDT 2004
On Fri, 30 Jul 2004, Paul wrote:
> I just ran it here with MD 2.41 + SA 2.60 + ClamAV 0.67. #5, #8, #23
> and #25 got through.
The MIME continuation vulnerability exploits a bug in Outlook.
MIMEDefang interprets the message correctly according to the MIME
RFCs.
As I wrote before many times, I have no intention of making MIMEDefang
"bug-for-bug" compatible with various buggy MUAs. If you're really
concerned about this thing, the *ONLY* sane response is to canonicalize
every single message coming into your system by using
action_rebuild(). This will ensure that every message handed off by
MIMEDefang is a well-formed MIME message, and should reduce the
likelihood of misinterpretation by buggy MUAs.
Regards,
David.
More information about the MIMEDefang
mailing list