gfi virus/exploits test (fwd)

Robin M. robin at PRIMUS.CA
Tue Nov 25 18:32:06 GMT 2003

On Tue, 25 Nov 2003, Jan-Peter Koopmann wrote:
> >
> > Hi GFI has a virus exploits page which tests the security of
> > your email scanning software.
> > -------- -----
> > Some of the tests are not caught by mailscanner. Specifically
> > it seems that attachments without filnames are able to make
> > it past. This means that vb scripts can make it past mailscanner.
> > I have tested anomy and was able to prevent this by forcing
> > all files to have a default name and then in turn deleting
> > all files which had the default name.
> > Is there any way to configure mailscanner to do the same, or
> > is it possible to use anomy with mailscanner ?
> >
> Hm. Those did not make it through here. Only the ActiveX one and that
> did not work out... I therefor cannot reproduce your problem here.

The email with the subject "hide.hta..." contains an attachment called
"untitled" which contains vb script, and another email with the subject
"Attachment with no filename vulnerability test" contains an attachment
called untitled.hta which is also a vb script. Please double check your
results and get back to me, maybe I have misconfigured something

More information about the MailScanner mailing list