Ethereal-users: RE: [Ethereal-users] Virus warning

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Gerald Combs <gerald@xxxxxxxxxxxx>
Date: Tue, 27 Nov 2001 22:15:47 -0600 (CST)
I just finished installing the Anomy sanitizer, which should provide a
workable compromise.  The sanitizer can remove, "defang", or leave
untouched any MIME attachments whose filename matches a specific pattern.
Defanged attachments have their MIME types and filenames changed so that
they can't be executed without some effort on the user's part.

Messages sent to all Ethereal mailing lists are now being processed with
the sanitizer.  It is configured to remove any executable MIME attachment,
e.g. any file ending in .exe, .vbs, .scr, etc.  It will also rewrite any
suspicious-looking HTML.  All other attachments (patches in particular)
should be left untouched.  

So far it seems to be working well.  If it causes trouble for anyone,
please let me know.


In case anyone is interested, more information can be found on the Anomy
site:

    http://mailtools.anomy.net/


On Tue, 27 Nov 2001, Dave Cramer wrote:

> Guy,
> 
> The postgres guys have a patch list. Listen I don't want to beat this to
> death. It was just a suggestion. Virii don't make it past my server, so
> it doesn't really affect me..
> 
> Dave 
> 
> -----Original Message-----
> From: Guy Harris [mailto:guy@xxxxxxxxxx] 
> Sent: Tuesday, November 27, 2001 4:04 PM
> To: dave@xxxxxxxxxxxxx
> Cc: 'Guy Harris'; ethereal-users@xxxxxxxxxxxx
> Subject: Re: [Ethereal-users] Virus warning
> 
> 
> > This of course is a can of worms I wish I hadn't opened at this point.
> 
> > I'm not sure of the value of sending tarballs, capture files, etc to a
> 
> > list.
> 
> Where else should somebody send, say, a patch for Ethereal?  (I sure
> don't want every single patch to be sent to me....)
> 
> > I for one don't want to receive unsolicited attachments on a list.
> 
> I don't see the difference between an attachment and a mail message,
> other than size - and if people "work around" a ban on attachments by
> uuencoding the file and including it in the body of the message, even
> that difference goes away; they are, in effect, sending an attachment,
> only in a form that's more of a pain to extract.
> 
> 
> 
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
>