Potential Postfix CentOS message unpacking bug

Julian Field MailScanner at ecs.soton.ac.uk
Mon Sep 15 08:48:28 IST 2008


As some of you may have already realised, a few people are having a 
problem on particular OS's when using Postfix, where a message generated 
by a particular Trojan are not being unpacked properly.

So Postfix users on CentOS, please can you check your logs for any 
16-17Kb spams which could possibly containing an attachment called 
"start.zip" (grep should find it in raw queue files, if you're wondering 
how to do that for raw queue files), which have not always been detected 
as infected.

You might want to use the "Archive Mail" feature of MailScanner.conf for 
a while to see if you're getting anything like that, in case you are 
suffering the problem.

We would very much like to know how widespread this problem is, so 
please report back with your findings and we'll take a straw poll of the 
respondents.

Thanks folks!

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list