Hi !!
> I found some useful MIME checks on the exim list (see the attached file mime_acl.cf),
> but there are certainly more. If you do MIME checking with Exims new MIME-ACL,
> please have a look at the attached file and post your increments or improvements
> to the list.
# Bounday Space Gap
deny condition = ${if match{$mime_boundary}{^( |\t)}{yes}{no}}
message = Broken MIME container (Boundary Space Gap)
# Empty MIME Boundary Vulnerability
deny condition = $mime_is_multipart
condition = ${if eq{$mime_boundary}{}{yes}{no}}
message = Broken MIME container (Empty MIME Boundary)
# Long MIME Boundary Vulnerability
deny condition = ${if >{${strlen:$mime_boundary}}{70}{yes}{no}}
message = Broken MIME container (Long MIME Boundary)
--
Best regards ...
It's a fine line between fishing & standing still
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david@???
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------
