Am Dienstag, den 08.02.2005, 21:53 +1300 schrieb Jason Haar:
> Werner Fleck wrote:
>
> >I attached an email showing the error. The critical lines are:
> >
> >Content-Type: application/octet-stream;
> > name="=?koi8-r?B?NC5wZGYuZXhl?=&
There is an error in qmail-scanner which I consider critical. I have QS
configured to block emails which have executable content attached, e.g.
*.exe, *.bat and so on. Unfortunately it is possible for an attacker to
bypass this. This happens when the name of the attachment itself is
encoded. This h
Recently I got many mails with executable attachments although qs is
configured to block them. The problem seems to be that the filename of
the attachment ist encoded so qs does not notice that it is "4.pdf.exe".
This is nasty because the executable loads a virus which tries to spy
bancing passwor
