[ILUG] [OT] FYI: Don't trust MIMEsweeper
Lars Hecking
lhecking at nmrc.ie
Wed Jun 14 12:32:15 IST 2000
Justin Mason writes:
> > Previous messages to this list indicate that some sites are using
> > MIMEsweeper to scan outgoing messages for viruses. I just wanted
> > to let everyone know that my hacked-up postfix/amavis-perl/sophos
> > config caught a copy of the 'Troj/Knijpme' trojan in a mail message
> > signed by MIMEsweeper.
>
> And the amavis stuff doesn't append obnoxious 10-line sigs while it's at
> it!
amavis appends an X-AntiVirus: header if configured so.
Attaching a 10-line sig is technically possible, but not recommended,
as it would break MIME and digital signatures. The mail system must
not modify mail messages (ugly hacks like stuffing the old message
into message/rfc822 and wrap a multipart/mixed layer around it don't
count :)
More information about the ILUG
mailing list