[Mimedefang] Unintended consequences
philipp_subx at redfish-solutions.com
Thu Dec 28 13:45:59 EST 2006
David F. Skoll wrote:
>John Rudd wrote:
>>Frankly, making the message subject be the "file name" is itself "total
>Indeed... I go crazy when software does that. If you know you will be
>running on totally broken platforms that encode metadata into the file name,
>it's highly irresponsible to let an attacker choose the file name.
Ok, ok... I will open a bug when I have time...
More information about the MIMEDefang