Found a small bug in MailScanner.pm
James Gray
james at grayonline.id.au
Fri Sep 22 00:52:15 IST 2006
On 22/09/2006, at 9:37 AM, Scott Silva wrote:
> Holger Gebhard spake the following on 9/21/2006 3:00 PM:
>> Hi Julian,
>>
>> i found a small bug in MailScanner.pm (sub HandleSpamBounce)...
>> With the current code no Spambounce can be send... Results in a
>> malformed message ;-)
>>
>> Current:
>>
>> # Boring untainting again...
>> /(.*)/;
>> $emailmsg .= MailScanner::Config::DoPercentVars($line) . "\n";
>> $line = eval "\"$1\"";
>>
>> Must be:
>>
>> # Boring untainting again...
>> /(.*)/;
>> $line = eval "\"$1\"";
>> $emailmsg .= MailScanner::Config::DoPercentVars($line) . "\n";
>>
>>
>> Regards
>>
>> Holger
>>
> Since spam bouncing is a BAD idea, I don't think that Julian is in
> a real
> hurry to fix that one ;-)
We use it for outgoing mail. IOW, if an internal user sends a
"spammy" message, it will get quarantined, the sender notified but
NOT the recipient. The sales and marketing guys hated it at first
but when I told them if our filters don't flag it as spam, there's
very little chance any one else's will either. They decided it was a
Good Thing(tm); they get more marketing delivered to more people with
a higher degree of success.
Spam bouncing has its uses, but certainly NOT for incoming mail from
untrusted networks.
Cheers,
James
More information about the MailScanner
mailing list