[Esa-l]Help with hybris getting thru filters
Rick Thompson
rthompson at motleypc.com
Wed Jun 6 06:15:12 PDT 2001
One of my users received an email this morning that bypassed the procmail
filter altogether. The headers didn't have the "sanitized on" info.
From the sendmail log:
Jun 5 08:30:10 prometheus sendmail[7640]: f55CTwA07640: from=<>,
size=31779, class=0, nrcpts=1,
msgid=<200106051229.f55CTwA07640 at prometheus.motleypc.com>, proto=SMTP,
daemon=MTA, relay=[206.99.228.55]
Jun 5 08:30:11 prometheus sendmail[7641]: f55CTwA07640:
to=<gmcallister at motleypc.com>, delay=00:00:13, xdelay=00:00:01,
mailer=local, pri=61629, dsn=2.0.0, stat=Sent
Notice the "from=<>"
The attachment was a .scr, which is supposed to be mangled and poisoned
(neither of which happened in this case).
From my procmailrc if it helps:
:0
* ^(From|Message-ID|Sender): .*@([^>, ]+\.)*motleypc\.com([>, ].*)*$
$DEFAULT
:0
* ^X-MS-TNEF-Correlator:
* ^Subject:.*homepage
{
SECURITY_STRIP_MSTNEF=YES
}
# Uncomment the following line to troubleshoot problems
#
Everything else about my installation is absolutely stock from the tarball
(1.129).
--
Rick Thompson <mailto:rthompson at motleypc.com>
Webmaster / Network Administrator
Motley + Associates, P.C. <http://www.motleypc.com>
More information about the esd-l
mailing list