[Mimedefang] suspicious characters
Michael Fox
news at mefox.org
Thu Oct 5 03:43:59 EDT 2017
I'm trying to understand what triggers the setting of
$SuspiciousCharsInHeaders and $SuspiciousCharsInBody? All I can find are
circular definitions that vaguely mention possible exploits. But no
specifics are given. Before I use either of these, I'd like to understand
better what constitutes "suspicious" in both cases.
So, can someone provide a concrete/specific definition of "suspicious"
characters in headers? In the body?
Also, what do others do?
Do you bounce every message that for which $SuspiciousCharsInHeaders is
true?
How about every message for which $SuspiciousCharsInBody is true?
Thanks,
Michael
More information about the MIMEDefang
mailing list