Eudora long-MIME boundary attack

Kevin Miller kevin.miller at
Thu Nov 21 19:50:15 UTC 2019

What is the mechanism for detecting the Eudora long-MIME boundary attack?

I receive multiple instances of emails that trigger that warning daily but I can't discover where it's configured.  Every time it triggers, a message is sent to postmaster.  I previously thought they were being blocked but today noticed that they were getting through.  A warning message is sent to postmaster.  I presumed that indicated that the message was blocked.  Apparently not.  

Apparently they're not flagged as either a virus or spam so this line applies:
  Non Spam Actions = deliver header "X-CBJ-Spam-Status: No" store-nonspam

How can I set MailScanner to flag them as blocked content and not deliver them to my users?  In the event of a false positive I can always release it from quarantine but first I have to quarantine them.


Kevin Miller
Network/email Administrator, CBJ MIS Dept.
155 South Seward Street
Juneau, Alaska 99801
Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357

More information about the MailScanner mailing list