[Mimedefang] suspicious characters
Steffen Kaiser
skmimedefang at smail.inf.fh-bonn-rhein-sieg.de
Thu Oct 5 04:41:07 EDT 2017
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 5 Oct 2017, Michael Fox wrote:
> I'm trying to understand what triggers the setting of
> $SuspiciousCharsInHeaders and $SuspiciousCharsInBody? All I can find are
> circular definitions that vaguely mention possible exploits. But no
> specifics are given. Before I use either of these, I'd like to understand
> better what constitutes "suspicious" in both cases.
suspicious :=
If header or body has a \r without \n
If the body has an embedded \0
> Do you bounce every message that for which $SuspiciousCharsInHeaders is
> true?
Yep, but haven't triggered long time now.
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEVAwUBWdXwI1GgR0+MU/4GAQKoEAgAqPr5WQ4e0I+KpsUvIUQ7J5Zi7+IuUkcu
JysdONlSL93FagfeP92+JlU+UE6aeGM9a/Lz2/fS4FRtYV1YUoQlcPuFSOxliyI5
grC9qW2ub8P8ZksHHWPJdALB385fhgsltFGKCiwDC18aQXzB7dO/AjTJyXzGS4lq
UKklpD5GUehjUhWi2811Br/3JkFbRsNkt1C818m21RTF3OWTIoq9n4Myh2HLi29n
C6veIk/IqM8YA6ufGjFFOjalaztqFPTES6TpUWTMh0dch/WJiLQzqjQJWziBIFqo
a/U5RQRb91od4B7BIxlyDYfaPZw5+b+2iO4ywjzBQr4QKvwSB5kvSw==
=HHoI
-----END PGP SIGNATURE-----
More information about the MIMEDefang
mailing list