Eudora long-MIME boundary attack
Kevin Miller
kevin.miller at juneau.org
Thu Nov 21 19:50:15 UTC 2019
What is the mechanism for detecting the Eudora long-MIME boundary attack?
I receive multiple instances of emails that trigger that warning daily but I can't discover where it's configured. Every time it triggers, a message is sent to postmaster. I previously thought they were being blocked but today noticed that they were getting through. A warning message is sent to postmaster. I presumed that indicated that the message was blocked. Apparently not.
Apparently they're not flagged as either a virus or spam so this line applies:
Non Spam Actions = deliver header "X-CBJ-Spam-Status: No" store-nonspam
How can I set MailScanner to flag them as blocked content and not deliver them to my users? In the event of a false positive I can always release it from quarantine but first I have to quarantine them.
Thanks...
...Kevin
--
Kevin Miller
Network/email Administrator, CBJ MIS Dept.
155 South Seward Street
Juneau, Alaska 99801
Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357
More information about the MailScanner
mailing list