Re: [Exim] Re: the Klez virus

Top Page
Delete this message
Reply to this message
Author: Matthew Byng-Maddick
Date:  
To: exim-users
Subject: Re: [Exim] Re: the Klez virus
On Fri, May 10, 2002 at 11:36:49AM +0200, Tom Kistner wrote:
> I see what your point is, but it only proves that you can break things
> ON PURPOSE. Big deal. There will never be a real-world file like that, and
> even if there was, noone would like to receive it anyway.


Well, indeed. That wasn't the point. The point is that I can crash your
mailserver with something like that.

> I agree that there may be the possibility of DoS with such files, but that
> will depend on the scanner used, not on exiscan. Most
> scanners (like uvscan) have no problems with such ill-formatted files.


It's not "ill-formatted". That's kind of the point. And anyway, you were
kind of missing the entire point of my post.

> For me, SMTP dialogue time AV scanning works perfectly, and it does
> so for a lot of other people.


Well, I hope that you understand the risk you're taking, and I hope you
never have either (a) a heavily loaded mail server, (b) a heavily loaded
link to the internet or (c) a link that's having packet dropping problems,
because if you get any of these, then you are highly likely to get
duplicate mail.

I keep being scared at the general lack of understanding of SMTP by
supposed mail admins on this list.

MBM

--
Matthew Byng-Maddick         <mbm@???>           http://colondot.net/