anomy-list

• Next in thread: Brian Schonecker: "Re: Bypassing SMTP Content Protection with Multi-Part Messages"
• Reply: Brian Schonecker: "Re: Bypassing SMTP Content Protection with Multi-Part Messages"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Has anyone seen the issues listed at:
http://www.securiteam.com/securitynews/5YP0A0K8CM.html
and
http://www.theregister.co.uk/content/55/27095.html

To summarise, messages can be fragemented using RFC 2046 message fragmentation, and while each part will not have enough
information to be detected with a virus signature, the whole can still be
dangerous.

This looks like a real security threat to Outlook users.

I am guessing that Anomy will not be able to reassemble these messages,
but is there a good way to at least block partial MIME attachments?
And, is this even something I would want to do?

  _______________________________________
 /\ \
| |\ Robert C. Litman \
| | | |
\/__| http://www.rlitman.com |
    | ftp://ftp.rlitman.com |
  __| |
 /\ | Desk: (631) 501-2572 |
| | | Fax: (631) 514-6626 |
| |/ 51427@xyz.molar.is /
\/_______________________________________/

Attachments:
 + http://mailtools.anomy.net/archives/anomy-list//19/78/3d80f9a9/01.unnamed.html

• Next message: Brian Schonecker: "Re: Bypassing SMTP Content Protection with Multi-Part Messages"
• Next in thread: Brian Schonecker: "Re: Bypassing SMTP Content Protection with Multi-Part Messages"
• Reply: Brian Schonecker: "Re: Bypassing SMTP Content Protection with Multi-Part Messages"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]