whitelist_to getting exploited

Andrew Hodges ahodges at phenom-networks.com
Sun Dec 31 22:23:49 CET 2006 

Hi,

Try the following link, if you use sendmail that is......

http://wiki.mailscanner.info/doku.php?id=documentation:configuration:mta
:sendmail:how_to:split_mails_per_recipient

Thanks
Andrew Hodges 

-----Original Message-----
From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of
uNiXpSyChO
Sent: 31 December 2006 19:29
To: mailscanner at lists.mailscanner.info
Subject: Re: whitelist_to getting exploited

Glenn Steen wrote:
> On 30/12/06, Scott Silva <ssilva at sgvwater.com> wrote:
>> Glenn Steen spake the following on 12/30/2006 3:15 AM:
>> > On 29/12/06, Scott Silva <ssilva at sgvwater.com> wrote:
>> >> Ramprasad spake the following on 12/28/2006 11:16 PM:
>> >> > In our setup where we do email scanning for our clients we have 
>> >> > a feature by which clients can opt-out some ids from spamscan
>> >> >
>> >> > So I use in Mailscanner.conf
>> >> >
>> >> > Spam Checks = spamcheck.rules
>> >> >
>> >> > This file has
>> >> >
>> >> > To: user-1 NO
>> >> > default YES
>> >> >
>> >> > Now a spammer marks a mail to multiple people with user-1  in 
>> >> > BCC
>> and
>> >> > the mail passes straight
>> >> > How can I get rid of this problem. If I use the 
>> >> > user_in_whitelist_to feature at spamassassin then too I would 
>> >> > have the same issue
>> >> >
>> >> You need to set up your MTA to split mails to multiple recipients,

>> >> although I think it will break the concept of BCC's, as a new copy

>> >> of the
>> message is
>> >> generated for each recipient.. So recipient A will get his spam, 
>> >> and recipient B will get it filtered.
>> >
>> > Um, Scott... Why would splitting break BCC's? Do you mean that the 
>> > MTA of your choice would "transform" the BCC to a normal (visible) 
>> > recipient? Sounds a bit strange to me... The split should be very 
>> > transparent... and the BCC should still be ... "invisible" to all 
>> > the rest...
>> >
>> Won't the recipient show up if you have the envelope-to headers
enabled?
>> I was just going on memory of past postings. I haven't split messages

>> yet, as
>>   I haven't seen the need.
>>
> Yes, if you have that on, sure. But that happens _after_ the MTA has 
> split them, so... Splitting actually helps there, since every message 
> will have only one recipient;-).
> 

now i'm curious...  how are you splitting at the MTA?


--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 

--
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.

More information about the MailScanner mailing list