Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Resend: Sendmail filter to prevent SMTP exploitation of the Guninski hole
From: "John D. Hardin" <jhardin () WOLFENET COM>
Date: Thu, 21 Sep 2000 19:59:08 -0700

On Wed, 20 Sep 2000, Bennett Samowich wrote:

Perhaps it is time to revisit the content filters on our mail
servers before the inevitable exploit is released and until proper
resolution can be made.  By using sendmail's libmilter, it is
possible to reject messages with .dll attachments (see below).  I
am sure that there are other methods as well (e.g. procmail,
etc.).

Let me chime in here:

  http://www.impsec.org/email-tools/procmail-security.html

--
 John Hardin KA7OHZ   ICQ#15735746   http://www.wolfenet.com/~jhardin/
 jhardin () wolfenet com      pgpk -a finger://gonzo.wolfenet.com/jhardin
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
  does quite what I want. I wish Christopher Robin was here."
                                -- Peter da Silva in a.s.r
-----------------------------------------------------------------------
   38 days until Daylight Savings Time ends


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]