[Esd-l] Did this get through?
mike at ascendency.net
Sun Jan 12 18:38:01 PST 2003
-----BEGIN PGP SIGNED MESSAGE-----
On Sunday, January 12, 2003 5:56 PM John D. Hardin <mailto:jhardin at impsec.org> wrote:
> 1.136 should also process it properly. The last time a problem was
> fixed in the filename-quoting code was in 1.135.
I just sent a message to myself with an attachment. It was a copy of the PuTTY program but with the name claire.doc.scr. Sanitizer picked it up perfectly, quarantined and sent the appropriate messages.
I have my procmailrc set to have SpamAssassin scan first and Sanitizer second. What appears to have happened is that SA broke the message...nothing was actually attached to the email so there wasn't really anything for sanitizer to sanitize.
Still I'm curious as to how this message works...or was intended to work. Was this "file" embedded witin the email, or was it an attachment at one point. SA doesn't, AFAIK, strip or remove attachements. How did all of this happen?
Here is the header information:
<DEFANGED_iframe src=3Dcid:9TVTBIpfz5zzi height=3D0 width=3D0>
Mike Loiterman wrote:<br>
> This is strange. When I do:<br>
> [11:49:09 root at fat_man: /var]# du -sh<br>
> 7.0M .<br>
> but when I do:<br>
> [11:49:18 root at fat_man: /var]# df -h<br>
> Filesystem Size Used Avail Capacity Mounted on<br>
> /dev/ad0s1a 97M 55M 34M 62% /<br>
> /dev/ad0s1f 1.7G 1.2G 403M 75% /usr<br>
> /dev/ad0s1e 19M 8.6M 9.2M 48% /var<br>
> procfs 4.0K 4.0K 0B
name=10th July 2002 claire.doc.scr
In any event I appreciate your time an helping me sort this issue out.
Randomly Generated Quote:
You can tune a guitar, but you can't
PGP Key 0xD1B9D18E
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
Comment: This message has been digitally signed by Mike Loiterman
-----END PGP SIGNATURE-----
More information about the esd-l