nned if $skip_text_msgs is on. By all reasonable logic, the message
is "plain text" and viruses aren't found in "plain text". In reality, we
see this logic isn't completely accurate.
John Narron| "Sacrifice, they always say
Network Administ
I wouldn't necessarily call this a vulnerability. I ran into this when
writting the Regex Scanner for QSQ. Find $skip_text_msgs and set it to 0 so
that all e-mails, including plain text, are scanned.
This only applies to the 1.2x versions, 1.1x don't have this feature.
J
By request, I've put both add-ons online. You can now get them at:
http://noaa.cdsinet.net/qsq/
John Narron| "Sacrifice, they always say
Network Administration | Is a sign of nobility
CDS/CDSinet, LLC | But where does one draw the line
http://www.cdsinet.net | I
Thanks to Mike Edwards at Rutgers University for testing regex_scanner. We
did find a feature in QSQ 1.2x that, if used, bypasses this and other
scanners. So to use this regex scanner, set $skip_text_msgs to 0;
John Narron| "Sacrifice, they always say
Network Administration |
(
{ Name => "W32/Bagle-Q/R(regex)",
Data => "(?i)\http://.*:81/.*\"\>"},
{ Name => "OBJECT tags not allowed",
Data => "(?i)\"}
);
Enjoy, and if you have problems, you know where to find me (hiding under
yonder large boulder
Support Request on the SF.net
webite.
So no joy, just a regular .pl file :)
John Narron| "Sacrifice, they always say
Network Administration | Is a sign of nobility
CDS/CDSinet, LLC | But where does one draw the line
http://www.cdsinet.net | In the face of injury?&qu
is a suggestion
:)
John Narron| "Sacrifice, they always say
Network Administration | Is a sign of nobility
CDS/CDSinet, LLC | But where does one draw the line
http://www.cdsinet.net | In the face of injury?"
(660) 886 4045 | - Queensryche
- Original Mess
$ffs_time variable and somehow $ffs got seperated from _time)..
John Narron| "Sacrifice, they always say
Network Administration | Is a sign of nobility
CDS/CDSinet, LLC | But where does one draw the line
http://www.cdsinet.net | In the face of injury?&q
My bad!
I seem to forget from time to time that I'm still running QSQ 1.16
Attached is a version of FFS that should work with 1.20
John Narron| "Sacrifice, they always say
Network Administration | Is a sign of nobility
CDS/CDSinet, LLC | But where does one draw the
queue.pl
...
#Array of virus scanners used must point to subroutines
my @scanner_array=("fileformat_scanner", ... );
John Narron| "Sacrifice, they always say
Network Administration | Is a sign of nobility
CDS/CDSinet, LLC | But where does one draw th
le show an interest in it, I'll work with it more.
To manually add this, just add the PERL code at the bottom of this message
to the qmail-scanner-queue.pl file, and add "fileformat_scanner" to
@scanner_array.
John Narron| "Sacrifice, they always say
Network Admini
This is because
http://prdownloads.sourceforge.net/qmail-scanner/qmail-scanner-1.20rc3.tgz.asc?download
(note the .asc) is the PGP signature.
It may be a mistyped link somewhere but try:
http://prdownloads.sourceforge.net/qmail-scanner/qmail-scanner-1.20rc3.tgz?download
John Narron
er");
Add "sophienet_scanner" to the list (or if you're daring, replace the
existing one):
#Array of virus scanners used must point to subroutines
my @scanner_array=("sophienet_scanner", "sophie_scanner");
7) Save qmail-scanner-queue.pl and watch your SMTPD logs clo
ar/qmail/log/sophie
END /service/sophie/log/run --
Change paths as needed
John Narron - [EMAIL PROTECTED] |
Network Administration |"Who wants to live forever
CDS/CDSinet, LLC http://www.cdsinet.net| When love must die"
122 N. Lafay
Well I'm not sure of what you guys do (haven't been watching this
thread too closely), but I just hacked up the is_replyable_email()
function to return 1 on certain viruses like Illegal MIME Headers
(which just turn out to be spam from address that don't work any
way), and certain viruses like Kle
15 matches
Mail list logo
