On Fri, May 10, 2002 at 11:36:49AM +0200, Tom Kistner wrote:
> I see what your point is, but it only proves that you can break things
> ON PURPOSE. Big deal. There will never be a real-world file like that, and
> even if there was, noone would like to receive it anyway.
Well, indeed. That wasn't the point. The point is that I can crash your
mailserver with something like that.
> I agree that there may be the possibility of DoS with such files, but that
> will depend on the scanner used, not on exiscan. Most
> scanners (like uvscan) have no problems with such ill-formatted files.
It's not "ill-formatted". That's kind of the point. And anyway, you were
kind of missing the entire point of my post.
> For me, SMTP dialogue time AV scanning works perfectly, and it does
> so for a lot of other people.
Well, I hope that you understand the risk you're taking, and I hope you
never have either (a) a heavily loaded mail server, (b) a heavily loaded
link to the internet or (c) a link that's having packet dropping problems,
because if you get any of these, then you are highly likely to get
duplicate mail.
I keep being scared at the general lack of understanding of SMTP by
supposed mail admins on this list.
MBM
--
Matthew Byng-Maddick <mbm@???> http://colondot.net/