Thank you very much! :)
I know that this might adjust my security down a few notches, but it
will still stop most virus mails (as of now at least).
I owe you one! :)
Best regards and thanks
Stian B. Barmen
From: Bjarni R. Einarsson [mailto:firstname.lastname@example.org]
Sent: 15. oktober 2003 15:25
To: Stian B. Barmen
On 2003-10-14, 13:45:37 (+0200), Stian B. Barmen wrote:
> It is rather important to block Microsoft application/ms-tnef files,
> which are usually named "winmail.dat". The TNEF encoding is currently
> not understood by the sanitizer, which means it can easily be used to
> smuggle malicious attachments past the sanitizer unless it is blocked.
> But the problem is when I need to let these trough .. what then?
Then you just let them through and hope nothing bad will happen!
Security is about balancing risk against usability - if blocking
those attachments makes your system too "unusable", then that may
be more important than security. You decide.
Alternately, there is the tnef2multipart.pl script in the
contrib/ directory, which may come in handy. See older messages
in the mailing list archives for instructions on how to use it.
> file_list_1 = (?i)(winmail\.dat
> file_list_1 +=
To allow winmail.dat attachments, change the above two lines to
this (I deleted everything from the 'w' to the '|'):
> file_list_1 =
-- Bjarni R. Einarsson PGP: 02764305, B7A3AB89 email@example.com -><- http://bre.klaki.net/
Check out my open-source email sanitizer: http://mailtools.anomy.net/ Spammers, please send lots of mail to: firstname.lastname@example.org
Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=Juggler