Mailscanner on Solaris 9 *not* protected from "zip of death"

Jim Levie jim at ENTROPHY-FREE.NET
Thu Nov 28 16:08:01 GMT 2002

On Thu, 2002-11-28 at 04:33, D.M.Chapman wrote:
> Ok, I have been doing some digging following my recent email about
> mailscanner failing to detect a Denial of Service attack and I may have
> turned up a fairly serious issue with solaris 9. Bewarned, this is long :-)
> Executive Summary:
>   If you are running mailscanner on Solaris 9 and you are using the Sun
>   supplied version of perl then you are probably *not* protected against
>   a "zip of death" denial of service attack. We certainly were not :-(
You are filing a bug report with Sun on this, right?
The instructions said to use Windows 98 or better, so I installed RedHat
   Jim Levie                                 email:
jim at

More information about the MailScanner mailing list