Testing with TestVirus

Ugo Bellavance ugob at CAMO-ROUTE.COM
Sat May 21 03:37:07 IST 2005


    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Matt Kettler wrote:
> Ugo Bellavance wrote:
>
>>Vladan Nikolic wrote:
>>
>>
>>>>>Hello
>>>>>
>>>>>I have installed MailScanner 4.41.3 and ClamAV 0.84 with spamassassin
>>>>>3.0.3 on my servers. When I run tests from
>>>>>http://www.webmail.us/testvirus everything is detected, except test #23
>>>>>"Empty MIME Boundary Vulnerability".  On MailScanner site I found info
>>>>>that it was resolved in some earlier version... Is anybody else has
>>>>>this
>>>>>issue? How to resolve it?
>>
>>
>>I've re-read all the posts having 'testvirus' in the subject and I got
>>the answer: (quoting Julian)
>>
>>================
>>[...]I have added support for the specific things they claim to exploit
>>in 2 of
>>the cases that weren't already handled.
>>The 3rd one relies on repeating the MIME boundary string, so all you can do
>>is match against the beginning of the boundary string that is actually
>>used. Adding support for that case would break compatibility with many
>>versions of Eudora as it uses the same boundary string throughout a
>>message, just tacking things on the end for when it does things like put in
>>HTML+text versions of the message body.
>>
>>I obviously don't want to break Eudora compatibility just to pass a fairly
>>artificial test.
>>
>>Please remember that testvirus.org is owned by Excedent Technologies who
>>sell email security products.
>>http://www.excedent.com/
>>Don't for a minute think that testvirus.org is independent just because it
>>is a .org domain!
>>=================
>>
>
>
> Ugo, the test in question doesn't involve repeating the mime boundary. It
> involves a null boundary.
>

Thanks for putting me back on track Matt.  Sorry Vladan.

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list