testvirus.org

[Chris Yuzik]

Peter Bonivart wrote:

> What I meant was that trying to predict how the spammers are gonna break
> the standard is impossible. Let's reverse it instead, attachments with
> non-matching boundaries can be blocked. Am I wrong when I think that
> would have taken care of the three failed tests?

Peter,

No, I think you're right on. If the MIME area specifies a boundary but
then has code where code shouldn't be, then it's suspicious at the very
least. Perhaps this is much like the IFrame tags...perhaps they could be
used for innocent purposes, but they have the potential to be dangerous.

Chris