[Mimedefang] message/partial

David F. Skoll dfs at roaringpenguin.com
Tue Nov 30 18:30:14 EST 2004


On Wed, 1 Dec 2004, Rolf wrote:

> what is the security risk with message/partial?

Search the list archives.

Basically, you can split a virus into parts, none of which will trigger
a signature-based scan.  Unless the virus-scanner on the server
reassembles the parts, it can't properly scan for viruses.  If it
*does* reassemle the parts, it's vulnerable to DoS attacks.

message/partial was a huge mistake.

--
David.



More information about the MIMEDefang mailing list