testvirus.org

Julian Field mailscanner at ecs.soton.ac.uk
Sun Mar 21 11:15:32 GMT 2004


It is a MailScanner issue. Well, strictly speaking, it's a MIME-tools
issue. The 3 tests basically involve defining the MIME boundary as one
string and then using something totally different in the message. What
modern mail clients actually successfully handle these tests? It confused
the hell out of my Eudora as the message boundary didn't match what it said
it was going to be. Unless I am very lucky, coping with these broken
messages may cause more trouble than it solves.

At 20:20 20/03/2004, you wrote:
>Hi Victor,
>
>My system failed on exactly the same ones as yours. 19, 20, and 22.
>
>How do we go about closing off these holes? Is it possible that a
>SpamAssassin ruleset could help? Or is this more of a MailScanner issue?
>
>Thanks,
>Chris
>
>Victor DiMichina wrote:
>
>>When doing a checkup of the mail server,  I found that three tests from
>>testvirus.org actually failed:
>>
>>Test #19: Eicar virus within zip file hidden using the "MIME Boundary
>>Space Gap Vulnerability"
>>Test #20: Eicar virus within zip file hidden using the "Long MIME
>>Boundary Vulnerability"
>>Test #22: Eicar virus within zip file hidden using the "Empty MIME
>>Boundary Vulnerability"
>>
>>I am using a Red Hat 8.0 machine with CommuniGate Pro,  MailScanner
>>4.28.6 with Panda and F-secure.
>>Any suggestions,  is this something I should be concerned about?
>>
>>thanks!
>>Vic

--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654



More information about the MailScanner mailing list