Testing with TestVirus -- fixed
Vladan Nikolic
vladan at NIKOLIC.HOMEIP.NET
Mon May 23 16:40:10 IST 2005
[ The following text is in the "iso-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
I would be glad to try it on some of my secondary servers...
>If I put out a beta to for you to test my fix, will someone install it
>and test it for me?
>
>Julian Field wrote:
>
>> Matt,
>>
>> You are absolutely right, this is a bug.
>>
>> It detects the null MIME boundary just fine. However, the latest
>> MIME-tools no longer parses the message correctly (that must have been a
>> bug-fix of mine which never got into the main MIME-tools code, ho hum).
>> It produces a multi-part message with no parts, but with a body
>> containing all the testvirus text. A multipart entity shouldn't have a
>> body, it should just contain a list of parts. This one breaks the rule
>> by having a body and no list of parts.
>>
>> I now check for this situation occurring and force it to be a correct
>> structure.
>>
>> This will be in the next release.
>>
>> Matt Kettler wrote:
>>
>>> Ugo Bellavance wrote:
>>> > Please search the archives for 'testvirus'. You'll find your
>>> answer as
>>>
>>>
>>>> it's been asked many times.
>>>>
>>>>
>>>
>>>
>>> Ugo, AFAIK this is now a real bug in Mailscanner.
>>>
>>>
>>> Flashback to the past:
>>> http://article.gmane.org/gmane.mail.virus.mailscanner/18726/match=testvirus
>>>
>>>
>>> To which Julian replied with:
>>> http://article.gmane.org/gmane.mail.virus.mailscanner/18748/match=testvirus
>>>
>>>
>>> Thus, any implication that the Empty Mime boundary bug is a vendor
>>> "made up"
>>> issue is bogus and was based on tests using the wrong mail client.
>>>
>>> Any implication that this issue should be ignored is bogus, it would
>>> appear to
>>> be a real issue for users of some versions of outlook.
>>>
>>> I just tested my copy of MailScanner-4.42.1-1 and it found it, but
>>> only because
>>> bitdefender decoded it. ClamAV, and command AV didn't hit.
>>> MailScanner said
>>> nothing about it.
>>>
>>> This would appear to be a real vulnerability, and a real bug in
>>> MailScanner
>>> since this should have already been fixed.
>>>
>> --
>> Julian Field
>> www.MailScanner.info
>> Buy the MailScanner book at www.MailScanner.info/store
>> Professional Support Services at www.MailScanner.biz
>> MailScanner thanks transtec Computers for their support
>>
>> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>>
>> ------------------------ MailScanner list ------------------------
>> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>> 'leave mailscanner' in the body of the email.
>> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
>> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>>
>> Support MailScanner development - buy the book off the website!
>>
>
>--
>Julian Field
>www.MailScanner.info
>Buy the MailScanner book at www.MailScanner.info/store
>Professional Support Services at www.MailScanner.biz
>MailScanner thanks transtec Computers for their support
>
>PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
>------------------------ MailScanner list ------------------------
>To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>'leave mailscanner' in the body of the email.
>Before posting, read the Wiki (http://wiki.mailscanner.info/) and
>the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
>Support MailScanner development - buy the book off the website!
>
= = = = = = = = = = = = = = = = = = = =
Vladan Nikolic
vladan at nikolic.homeip.net
2005-05-23
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list