Testing with TestVirus

Matt Kettler mkettler at EVI-INC.COM
Fri May 20 22:36:05 IST 2005


    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Ugo Bellavance wrote:
> Vladan Nikolic wrote:
>
>>>> Hello
>>>>
>>>> I have installed MailScanner 4.41.3 and ClamAV 0.84 with spamassassin
>>>> 3.0.3 on my servers. When I run tests from
>>>> http://www.webmail.us/testvirus everything is detected, except test #23
>>>> "Empty MIME Boundary Vulnerability".  On MailScanner site I found info
>>>> that it was resolved in some earlier version... Is anybody else has
>>>> this
>>>> issue? How to resolve it?
>
>
> I've re-read all the posts having 'testvirus' in the subject and I got
> the answer: (quoting Julian)
>
> ================
> [...]I have added support for the specific things they claim to exploit
> in 2 of
> the cases that weren't already handled.
> The 3rd one relies on repeating the MIME boundary string, so all you can do
> is match against the beginning of the boundary string that is actually
> used. Adding support for that case would break compatibility with many
> versions of Eudora as it uses the same boundary string throughout a
> message, just tacking things on the end for when it does things like put in
> HTML+text versions of the message body.
>
> I obviously don't want to break Eudora compatibility just to pass a fairly
> artificial test.
>
> Please remember that testvirus.org is owned by Excedent Technologies who
> sell email security products.
> http://www.excedent.com/
> Don't for a minute think that testvirus.org is independent just because it
> is a .org domain!
> =================
>

Ugo, the test in question doesn't involve repeating the mime boundary. It
involves a null boundary.

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list