whitelist_to getting exploited

uNiXpSyChO marco at uNiXpSyChO.com
Sun Dec 31 20:29:29 CET 2006


Glenn Steen wrote:
> On 30/12/06, Scott Silva <ssilva at sgvwater.com> wrote:
>> Glenn Steen spake the following on 12/30/2006 3:15 AM:
>> > On 29/12/06, Scott Silva <ssilva at sgvwater.com> wrote:
>> >> Ramprasad spake the following on 12/28/2006 11:16 PM:
>> >> > In our setup where we do email scanning for our clients we have a
>> >> > feature by which clients can opt-out some ids from spamscan
>> >> >
>> >> > So I use in Mailscanner.conf
>> >> >
>> >> > Spam Checks = spamcheck.rules
>> >> >
>> >> > This file has
>> >> >
>> >> > To: user-1 NO
>> >> > default YES
>> >> >
>> >> > Now a spammer marks a mail to multiple people with user-1  in BCC 
>> and
>> >> > the mail passes straight
>> >> > How can I get rid of this problem. If I use the user_in_whitelist_to
>> >> > feature at spamassassin then too I would have the same issue
>> >> >
>> >> You need to set up your MTA to split mails to multiple recipients,
>> >> although I
>> >> think it will break the concept of BCC's, as a new copy of the 
>> message is
>> >> generated for each recipient.. So recipient A will get his spam, and
>> >> recipient
>> >> B will get it filtered.
>> >
>> > Um, Scott... Why would splitting break BCC's? Do you mean that the MTA
>> > of your choice would "transform" the BCC to a normal (visible)
>> > recipient? Sounds a bit strange to me... The split should be very
>> > transparent... and the BCC should still be ... "invisible" to all the
>> > rest...
>> >
>> Won't the recipient show up if you have the envelope-to headers enabled?
>> I was just going on memory of past postings. I haven't split messages 
>> yet, as
>>   I haven't seen the need.
>>
> Yes, if you have that on, sure. But that happens _after_ the MTA has
> split them, so... Splitting actually helps there, since every message
> will have only one recipient;-).
> 

now i'm curious...  how are you splitting at the MTA?




More information about the MailScanner mailing list