|
BugTraq
base64 Sep 22 2003 12:49PM "Ilya Teterin" (alienhard mail ru) (5 replies) Re: base64 Sep 23 2003 04:18PM Birl (sbirl temple edu) (1 replies) Re: base64 Sep 23 2003 06:10PM Lothar Kimmeringer (bugtraq kimmeringer de) (2 replies) |
|
Privacy Statement |
[kham-kham-kham....argh....]
IT> How to solve this issue? I believe we should rewrite at least
IT> filtering systems to block malformed base64-encoded data because we
IT> don't know is it malicious or not. Otherwise, we can meet new powerful
IT> e-mail worm.
Rewriting filtering systems for rejecting malformed mail couldn't be good
decision in all situations. Some mailing lists (debian-russian, for example)
add some 7bit information after letter body while re-forwarding, regardless
of was the letter base64/QP encoded or not, resulting of such malformed
mail (and if your mail server recodes all 8bit mail to base64, you have no
way to write to those mail lists without creating malformed mail at
result).
So I think that the right solution (before antivirus software would be
rewritten) is to write filters by yourself - decode base64 as that do
popular mail clients and give them to antivirus.
Of course, it's somehow more hard than just filtering up all those
letters.
--
Sincerely yours, Alexander Ogol, happy GNU/Linux user.
[ reply ]