testvirus.org

Chris Yuzik chris at FRACTALWEB.COM
Mon Mar 22 00:43:38 GMT 2004


Peter Bonivart wrote:

> What I meant was that trying to predict how the spammers are gonna break
> the standard is impossible. Let's reverse it instead, attachments with
> non-matching boundaries can be blocked. Am I wrong when I think that
> would have taken care of the three failed tests?

Peter,

No, I think you're right on. If the MIME area specifies a boundary but
then has code where code shouldn't be, then it's suspicious at the very
least. Perhaps this is much like the IFrame tags...perhaps they could be
used for innocent purposes, but they have the potential to be dangerous.

Chris



More information about the MailScanner mailing list