 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
17 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Re: feature reque...| From | Sent On | Attachments |
|---|---|---|
| Andrew Newton | May 6, 2002 1:55 pm | |
| Sam Varshavchik | May 6, 2002 4:29 pm | |
| Andrew Newton | May 7, 2002 7:32 am | |
| Sam Varshavchik | May 7, 2002 2:22 pm | |
| Andrew Newton | May 7, 2002 3:51 pm | |
| Sam Varshavchik | May 7, 2002 4:55 pm | |
| Chad Leigh -- Shire.Net LLC | May 7, 2002 7:08 pm | |
| Chad Leigh -- Shire.Net LLC | May 7, 2002 8:10 pm | |
| Sam Varshavchik | May 7, 2002 8:24 pm | |
| Richard Worwood | May 8, 2002 7:07 am | |
| Tim Hosking | May 8, 2002 7:08 am | |
| Graham Leggett | May 8, 2002 7:34 am | |
| Andrew Newton | May 8, 2002 9:08 am | |
| Tim Hosking | May 8, 2002 9:09 am | |
| Tim Hosking | May 8, 2002 9:11 am | |
| Bill Michell | May 8, 2002 11:50 am | |
| Marc Lindahl | May 8, 2002 8:22 pm |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | Re: [courier-users] Re: feature request: x-header for wrappedmessages | Actions... |
|---|---|---|
| From: | Andrew Newton (anew...@ecotroph.net) | |
| Date: | May 8, 2002 9:08:04 am | |
| List: | net.sourceforge.lists.courier-users | |
Just so I'm not misstepping here: the argument against the X- header is that virus generators will pick up on it and start using the X- header to avoid detection. Is this right?
Therefore, the filters have to check for a multipart/mixed message with part 1 being the courier warning and part two being text/plain. However, can't the virus generators also wrap their messages to look like courier corruption messages to also avoid detection?
If the X- header was configurable, then it would be site dependent and the virus generators would have to specifically target a particular site/server to take advantage of it. Perhaps even making it default to the hash of the servers name plus current time at installation would mean that out-of-the-box installations of courier all have different values.
The X header would also allow users to unwrap the messages if they feel they have nothing to be afraid of. I have one user screaming about this, but I refuse to turn wrapping off as I believe it is the right thing to do. With the X header, he can easily write his own filter to much with his mail as he sees fit.
Does this sound workable?
-andy
Tim Hosking wrote:
I hear what you are saying Sam, and you make some valid points, but could you add the x-header as a convenience. This does not remove the responsibility from the sys admin for protecting the system from viruses, but it would help when writing mail filters as we could easily deliver any messages with that header to a sandbox folder or simply flag the message in some way (e.g. manipulate the subject in some way). How we check/handle them from there is our problem, but at least we could easily identify messages that Courier _may_ have manipulated in some way.
I see a lot of messages from the BBC news service, and every so often Courier will wrap one because of a single accented character, making it a pain to read. Not surprisingly, reporting the problem to the BBC has received no response. It would really help me if I could tell Courier not to wrap any messages, but to simply flag with an x-header messages which it considers to be suspect or have bad mime formatting.
on 7/5/02 7:55 pm, Sam Varshavchik at mrs...@courier-mta.com wrote:
Yes. I'm completely convinced that virus generators are definitely on the ball. The mime-rewriting code is being borrowed by a couple of fairly popular virus scanners, and there's a record of at least one virus attempting to avoid detection by exploiting a now-closed weakness in handling corrupt MIME mail.