testvirus.org

[Furnish, Trever G]

> -----Original Message-----
> From: Peter Bonivart [mailto:peter at UCGBOOK.COM]
> Sent: Sunday, March 21, 2004 9:04 AM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: testvirus.org
>
>
> Julian Field wrote:
> > It is a MailScanner issue. Well, strictly speaking, it's a
> MIME-tools
> > issue. The 3 tests basically involve defining the MIME
> boundary as one
> > string and then using something totally different in the
> message. What
> > modern mail clients actually successfully handle these
> tests? It confused
> > the hell out of my Eudora as the message boundary didn't
> match what it said
> > it was going to be. Unless I am very lucky, coping with these broken
> > messages may cause more trouble than it solves.
>
> When I send 20,21 and 23 to my Yahoo account for reference
> they indicate
> attachments but looking at the headers there's just the definition of
> the boundary, there's no boundary with an attachment following it.
>
> I think that's a pretty good way of handling it. If you can't make out
> what to do with it by following standards then just skip it.
>
> It would be wrong to try to deliver non-compliant mail,
> especially since
> it's probably spam and virus (and Microsoft), it would be better to be
> able to block non-compliant mail (or its attachments).

Is it REALLY "non-compliant" though?  If I'm a message and I say I have
attachments and I define a boundary string, but then I don't include the
boundary string in the message, all that really means is that I don't have
attachments, right?  Is it really something worth worrying about?  I would
think if it is, then it's only worth worrying about because of a specific
broken behavior in a specific broken MUA.  Not that those should never be
blocked, but ... anyone know what client this actually represents a
vulnerability for and what the impact is?  I suppose I should stop being
lazy and go look it up somewhere... but it's Sunday and I'm lazy. :-)