[Esd-l] Stripping Attachments?
John D. Hardin
jhardin at impsec.org
Sun Jan 13 15:16:01 PST 2002
On Sun, 13 Jan 2002, Paul Thomas wrote:
> On Sun, 13 Jan 2002, John D. Hardin wrote:
>
> > NB: .eml is hazardous, as it's typically base64 encoded and thus not
> > (yet) subject to defanging or attachment rules. Also note that .rtf
>
> What do you mean 'attachment rules', it's at least 'mangled'?
Oh, If you're mangling EML you're probably okay then.
Sorry, I wasn't clear. If the EML attachmetn itself has any
attachments, they won't be sanitized.
> How does the sanitizer handle .rtf other than mangling?
If it's actually .DOC format, it scans for macroe if you have macro
scanning enabled.
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org pgpk -a jhardin at wolfenet.com
768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Monty Python's Star Trek Voyager:
A successful trans-warp experiment turns Paris and Janeway into
newts, but they get better.
...wait a minute... It's already been done...
-----------------------------------------------------------------------
6 days until Babylon 5: the Legend of the Rangers
More information about the esd-l
mailing list