gep2(_at_)terabites(_dot_)com wrote:
1) Are such uuencoded viruses (in the absence of being indicated as encoded
attachments) actually picked up by these antivirus programs?
Not sure what you mean by 'these', but I know that ClamAV detects them.
The ones I mentioned are part of the test samples for my clamassassin
filter.
2) If the recipient software doesn't recognize them as an encoded attachment,
and doesn't offer them enticingly as something for clueless users to click on,
does it really matter very much?
It is not as common as it once was, but there are mail readers which
automatically decode uuencoded emails, with the user presented with a
file icon they can click on. Uuencoding was the main method of sending
files by email before MIME got more popular.
While uuencoded attacks will probably not be viable enough in the
current environment, your theory that plain text emails are 'safe' is
just not true. There's also the issue of malformed headers which have
in the past have been able to exploit bugs in some software. My point
is that even plain text emails have risks associated with them. ANY
data you receive from the net could potentially be harmful.
--
James Lick -- 黎建溥 -- jlick(_at_)jameslick(_dot_)com -- http://jameslick.com/
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg