- Previous message: Sandy Drobic: "Re: Transaction Time Slow"
- Maybe in reply to: Robert Schetterer: "Re: Postfix 2.3.7 available"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Robert Schetterer (no email)
Date: Thu Feb 01 2007 - 14:05:35 EST
Wietse Venema schrieb:
> Robert Schetterer:
>>> Incompatible changes with Postfix 2.3.7
>>> ---------------------------------------
>>>
>>> Postfix no longer inserts an empty-line header/body separator into
>>> malformed MIME attachments, to avoid breaking digital signatures.
>>>
>>> This change introduces ambiguity. Postfix still treats the remainder
>>> of the attachment as body content; header_checks rules will therefore
>>> not detect forbidden MIME types inside a message/rfc822 attachment.
>>>
>>> With the empty-line header/body separator no longer inserted by
>>> Postfix, other software may process the malformed attachment
>>> differently, and thus may become exposed to forbidden MIME types.
>> Hi @ll
>> please corect me if iam wrong
>> just a small understanding question
>>
>> changes 20070112
>> "will not" break such rules in body_checks
>>
>> /^((Content-(Disposition: attachment;|Type:).*|\ +)| *)(file)?name\ *=\
>> *"?.*\.(lnk|asd|ocx|reg|bat|c[ho]m|cmd|exe|dll|.....etc
>>
>> should i be aware of other bugs with filters like clamsmtp, spampd etc
>> with this change
>
> As documented they DID NOT work in a MALFORMED attachment and they
> STILL DO NOT work in a MALFORMED attachment.
>
> Wietse
>
> --
> Diese Nachricht wurde auf Viren und andere gefährliche Inhalte untersucht
> und ist - aktuelle Virenscanner vorausgesetzt - sauber.
>
Hi Wietse, ok thx to make this clear
-- Mit freundlichen Gruessen Best Regards Robert Schetterer https://www.schetterer.org Munich/Bavaria/Germany -- Diese Nachricht wurde auf Viren und andere gefährliche Inhalte untersucht und ist - aktuelle Virenscanner vorausgesetzt - sauber.
|
|
|