This recipe is a great start! However, there are a few potential improvements. First, it doesn't recognize tabs as whitespace or handle optional whitespace in a few places where MIME would allow it. Second, it invokes Perl on any message with a MIME attachment, which could slow the mail server greatly. It would be preferable to detect the exploit in procmail and only invoke Perl to "cleanse" the message if that were necessary. Alternatively, it could redirect the mail to the postmaster so he or she would know that users were under attack. Finally, there are other possible exploits, like a very long content type, that might also lead to buffer oveflows in mail clients. These should be checked too. Can people suggest improvements to John's recipes that solve these problems? Greg Sutter and Chris Lindsey have both come up with patterns that do more of the matching within procmail, but they still need a little refinement. In any event, this is a great start. It's fantastic that someone who had most of the needed recipe already written was on the list.... This is what's great about the Net! --Brett Glass At 11:33 AM 7/29/98 -0700, John D. Hardin wrote: >A procmail recipe that will (hopefully) prevent the long-filename problems >in various mailers is available at: > > http://www.wolfenet.com/~jhardin/procmail-kit.html > >Comments are solicited. > >-- > John Hardin KA7OHZ jhardinat_private > pgpk -a finger://gonzo.wolfenet.com/jhardin PGP key ID: 0x41EA94F5 > PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76 >----------------------------------------------------------------------- > Your mouse has moved. Windows NT must be restarted for the change > to take effect. Reboot now? [ OK ] >----------------------------------------------------------------------- > 88 days until Daylight Savings Time ends >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:10:45 PDT