[Mimedefang] Unintended consequences
Philip Prindeville
philipp_subx at redfish-solutions.com
Thu Dec 28 13:45:59 EST 2006
David F. Skoll wrote:
>John Rudd wrote:
>
>
>
>>Frankly, making the message subject be the "file name" is itself "total
>>braindeath".
>>
>>
>
>Indeed... I go crazy when software does that. If you know you will be
>running on totally broken platforms that encode metadata into the file name,
>it's highly irresponsible to let an attacker choose the file name.
>
>Regards,
>
>David.
>
>
Ok, ok... I will open a bug when I have time...
-Philip
More information about the MIMEDefang
mailing list