[Mimedefang] Unintended consequences

David F. Skoll dfs at roaringpenguin.com
Thu Dec 28 08:15:00 EST 2006

John Rudd wrote:

> Frankly, making the message subject be the "file name" is itself "total
> braindeath".

Indeed... I go crazy when software does that.  If you know you will be
running on totally broken platforms that encode metadata into the file name,
it's highly irresponsible to let an attacker choose the file name.



More information about the MIMEDefang mailing list