Bugtraq mailing list archives

Re: Resend: Sendmail filter to prevent SMTP exploitation of the Guninski hole

From: "John D. Hardin" <jhardin () WOLFENET COM>
Date: Thu, 21 Sep 2000 19:59:08 -0700

On Wed, 20 Sep 2000, Bennett Samowich wrote:

Perhaps it is time to revisit the content filters on our mail
servers before the inevitable exploit is released and until proper
resolution can be made.  By using sendmail's libmilter, it is
possible to reject messages with .dll attachments (see below).  I
am sure that there are other methods as well (e.g. procmail,
etc.).


Let me chime in here:

  http://www.impsec.org/email-tools/procmail-security.html

--
 John Hardin KA7OHZ   ICQ#15735746   http://www.wolfenet.com/~jhardin/
 jhardin () wolfenet com      pgpk -a finger://gonzo.wolfenet.com/jhardin
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
  does quite what I want. I wish Christopher Robin was here."
                                -- Peter da Silva in a.s.r
-----------------------------------------------------------------------
   38 days until Daylight Savings Time ends

Current thread:

Resend: Sendmail filter to prevent SMTP exploitation of the Guninski hole Bennett Samowich (Sep 21)
- Re: Resend: Sendmail filter to prevent SMTP exploitation of the Guninski hole David F. Skoll (Sep 21)
  - (Yet) Another open source email filtering tool Bjarni Runar Einarsson (Sep 22)
- Re: Resend: Sendmail filter to prevent SMTP exploitation of the Guninski hole John D. Hardin (Sep 22)