[Esd-l] Local poisoned list

Graham Dunn gdunn at inscriber.com
Thu Apr 25 07:51:02 PDT 2002


On Wed, Apr 24, 2002 at 08:46:11PM -0700, John D. Hardin wrote:
> On Wed, 24 Apr 2002, John D. Hardin wrote:
> 
> >     wget http://www.aproposretail.com/email-tools/poisoned-files
> 
> Yipe! Ignore that URL. Work finger-macros intruding on my personal
> life...
> 
> Instead:
> 
>     wget http://www.impsec.org/email-tools/poisoned-files
>     cat local-poisoned-files poisoned-files > /etc/procmail/poisoned-files

At present, I'm doing

/usr/bin/fetch -o /etc/procmailrcs http://www.impsec.org/email-tools/poisoned-files  \
&& (echo "*.exe"; grep -v \.exe /etc/procmailrcs/poisoned-files ) > \
/etc/procmailrcs/local-poisoned-files

with

POISONED_EXECUTABLES=/etc/procmailrcs/local-poisoned-files

in procmailrc

My assumption was that shortening the poisoned list getting read into
the sanitizer would be a Good Thing(tm).

Graham



More information about the esd-l mailing list