blocking %00 / %01 exploits with mailscanner?
Jan-Peter.Koopmann at SECEIDOS.DE
Mon Jan 19 23:20:57 GMT 2004
> > Have a look at the MCP functionality. It might do the trick. :-)
> err isnt that spamassassin?
That depends on your interpretation of "spamassassin".
> I can't see a way to globally block %00/%01 without forcing
> global usage of spamassassin... or am I mistaken?
>From my point of view: You are. MCP is using the SpamAssassin engine. It
is not using the SpamAssassin rules and ist purpose is not to block spam
but to filter mails due to their content. It is using only the rules you
supply and nothing more.
What do you mean by "the customer does not want spamassassin"? Does he
not want spam being filtered by spamassassin, does he not want to use
the engine (even though the footprint should be minimal with MCP at
least compared to "usual" spamassassin)?
More information about the MailScanner