procmail
[Top] [All Lists]

generic executable recipes go to trash?

2003-01-06 06:17:20
recently I read an article at VirusBulletin about JunkMail virus.

it seems that comments can be added to MIME headers and nothing stops that.

for example (from the article:
http://www.virusbtn.com/resources/viruses/indepth/junkmail.xml )

a header like that:
----------------
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary=TFICLMGJ
----------------

could be altered to that:
----------------
M(F)IM(])E-(*/
*)V(y)e(7)r(*)s(U*0)i(*LZ)o(H)n(.):(l)
1(:*=).0
Content-Type: mul(26)t(fH*)ip(|*)a(***)rt(*)/
mi(/*j)x(8)e('M)d;
(<|)bo(*,)u(1**)nda(D)r(L+K)y=TFICLMGJ
----------------

bad isn't it? all the () do the trick..

any ideas..??

could the classic:
* ^Content-Transfer-Encoding[  ]*:.*base64

be transormed to this: * ^Content-Transfer-Encoding[  ]*:.*[base64]

or the * ^Content-Type[  ]*:.*(application|audio) to *
Content-Type[  ]*:.*[aplictonud]
in order to maintain functionality?


-----------------------------------------------------
signature text:
  Nikos K. Kantarakias
  URLs:  http://www.nikant.tk/
         http://www.skiathos.tk/
         http://agriroot.aua.gr/



_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>