IE_VULN rule

Kevin Miller Kevin_Miller at CI.JUNEAU.AK.US
Fri Jun 10 20:12:14 IST 2005


Way back when, this rule was posted to deal w/an IE vulnerability:

# IE explorer spoofing
uri             IE_VULN         /%([01][0-9a-f]|7f).*@/i
score           IE_VULN         100.0
describe        IE_VULN         Internet Explorer vulnerability

Can someone tell me what this rule (in spam.assassin.prefs.conf) is actually
doing?  Is it trapping messages sent from IE or with questional URLs or
what?

It's stepping on some inbound 911 updates going to the local constabulary
and since they're the ones that write parking tickets, etc., I figured it
might be prudent to sorta, er, figure out what's going on...

...Kevin
-- 
Kevin Miller                Registered Linux User No: 307357
CBJ MIS Dept.               Network Systems Admin., Mail Admin.
155 South Seward Street     ph: (907) 586-0242
Juneau, Alaska 99801        fax: (907 586-4500
 

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list