blocking %00 / %01 exploits with mailscanner?
Jan-Peter Koopmann
Jan-Peter.Koopmann at SECEIDOS.DE
Mon Jan 19 23:55:51 GMT 2004
> spamassassin"? Does he
> > not want spam being filtered by spamassassin
>
> exactly.
Then you could/should use MCP to block the IE vulnerability. It will do
what you want without using the spamassassin rules. BTW: Talk to your
customer again. Depending on your setup all spamassassin (with
MailScanner) does is mark spam (in the Subject or in the header). I
usually set it up so that spam is tagged in the headers only. Users
wanting SpamAssassin then can create a suitable rule. Users who do not
want SpamAssassin simply do not and never really notice it. The only
reason against SpamAssassin could be horsepower... :-)
Regards,
JP
More information about the MailScanner
mailing list