Thank you very much! :)
I know that this might adjust my security down a few notches, but it
will still stop most virus mails (as of now at least).
I owe you one! :)
Best regards and thanks
Stian B. Barmen
-----Original Message-----
From: Bjarni R. Einarsson [mailto:97761@xyz.molar.is]
Sent: 15. oktober 2003 15:25
To: Stian B. Barmen
Cc: 97794@xyz.molar.is
On 2003-10-14, 13:45:37 (+0200), Stian B. Barmen wrote:
> It is rather important to block Microsoft application/ms-tnef files,
> which are usually named "winmail.dat". The TNEF encoding is currently
> not understood by the sanitizer, which means it can easily be used to
> smuggle malicious attachments past the sanitizer unless it is blocked.
>
> But the problem is when I need to let these trough .. what then?
Then you just let them through and hope nothing bad will happen!
:-)
Security is about balancing risk against usability - if blocking
those attachments makes your system too "unusable", then that may
be more important than security. You decide.
Alternately, there is the tnef2multipart.pl script in the
contrib/ directory, which may come in handy. See older messages
in the mailing list archives for instructions on how to use it.
> file_list_1 = (?i)(winmail\.dat
> file_list_1 +=
|\.(exe|com|vb[se]|dll|ocx|cmd|bat|pif|lnk|hlp|ms[ip]|reg|sct|inf
To allow winmail.dat attachments, change the above two lines to
this (I deleted everything from the 'w' to the '|'):
> file_list_1 =
(?i)(\.(exe|com|vb[se]|dll|ocx|cmd|bat|pif|lnk|hlp|ms[ip]|reg|sct|inf
-- Bjarni R. Einarsson PGP: 02764305, B7A3AB89 97761@xyz.molar.is -><- http://bre.klaki.net/Check out my open-source email sanitizer: http://mailtools.anomy.net/ Spammers, please send lots of mail to: 97844@xyz.molar.is
Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=Juggler