[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Researching spamblock/antivirus/attachment filters on mail servers

When Sobig.F hit the local MTA, I started to look for a filter to block
it. I looked at some common approaches, and my first impression was that
the filters would be pretty easy to bypass. Which again means that lot's
og MTA's may be vulnerable for the next attachment plague. 

In order to research this theory, I need access to email accounts[1] on
mail-servers that has applied filters to block suspect attachment types
like "*.pif". The findings will be published on my home-page (and
possible on BUGTRAQ if I find anything serious), along with tools to
verify if an MTA indeed stop masqueraded attachments, or stop valid
emails in error.

If you have a mail-server that is supposed to block such attachments,
and are willing to help me in my research, please drop me a note. I'm
looking for anything from simple perl scripts to commercial filters.

[1] The email-accounts will only be used for this purpose. 
Jarle Aase                      email: jgaa@jgaa.com
Author of freeware.             http://www.jgaa.com

War FTP Daemon:     http://www.warftp.org
War FTP Daemon FAQ: http://www.warftp.org/faq/warfaq.htm
Jgaa's PGP key:     http://war.jgaa.com/pgp
NB: If you reply to this message, please include all relevant
information from the conversation in your reply. Thanks. 
<<< no need to argue - just kill'em all! >>> 

Reply to: