hi,
why did the ILOVEYO___U virus passed through?
i sent a mail with the header:
--985893548-832319850-957462939=:25793
Content-Type: TEXT/PLAIN; charset=US-ASCII;
nam___e="LOVE-LETTER-FOR-YO___U.TXT.vbs"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.LNX.3.96.1000504195539.25793B@???>
Content-Description:
-> here follows the uuencoded vb-script
why does it not match TEXT/PLAIN?
robert
PS: ___ = to pass the filter
On Fri, 5 May 2000, Nigel Metheringham wrote:
> I reverted to the original form for various reasons, some of which
> probably would not hold up past a rewritten version message_body that
> is more efficient :-)
>
> The filter is attached.
> Its also at:-
> ftp://ftp.exim.org/pub/filter/system_filter.exim
>
> so you can avoid the mangling that mailers are bound to apply :-)
>
> Seems to work on current tests, no guarantees. It does catch the forms
> I saw yesterday.
>
> It did show up some interesting things about exim's parsing - looks
> like () have to be within quotes or the parser falls over.
>
> Nigel.
>
>
---
di. robert rotman inode.graz
phone -> ++43-(0)316 813141 ++43-(0)316 818600/15 <- fax
rotman@??? http://www.graz.inode.at/
--
this letter was written on recycled bytes used by deleted mail.
