lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20030820200235.M68758-100000@lithagus.turtleshell.net>
From: salgatt at turtleshell.net (Scott M. Algatt)
Subject: SoBig.F strange problem

The infected site could have a content filter on their end that strips
.pif attachments.  We have this running at one of our locations only we
have the mail server send a courtesy message on the E-mail saying that
here is your E-mail but the attachment was removed because blah blah.

Of course with this recent virus we started simply dropping these messages
so that we don't have our users mailbombed.


Regards,

Scott M. Algatt

Behold the turtle. He makes progress only when he sticks his neck out.

On Wed, 20 Aug 2003, Jeremiah Cornelius wrote:

> >>We've noticed a few problems with it as well.  We've received a few e-
> >>mails with one of the typical Sobig subject lines, only no
> >>attachment.  The attachment headers are in the e-mail, so our MUA
> >>thinks there is an attachment, but there is just no "body" to the
> >>attachment.
> >>
> >>Either there are a few broken variants out there sending out e-mail
> >>without the payload, or something in-between us and the sender is
> >>stripping out the attachment.  It isn't our AV system, since it would
> >>quarantine the entire message.
> >>
> >>Has anyone else experienced this?


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ