You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by WiNK / Bor <wi...@connectedserver.com> on 2007/04/23 11:11:48 UTC
PNG vurnability
Hi Guys,
Not sure if this is the right list to ask it, but lots of people with
knowledge about it,
how serious is the PNG file treat, i noticed it is default denied by
mailscanner. However i got some designers behind my mailscanner, which
also want receive png files? So i know i can whitelist these persons by
address and or domain, but i want to know about the severity of
potential treat caused by png files.
Kind Regards
Rob
Re: PNG vurnability
Posted by mouss <mo...@netoyen.net>.
WiNK / Bor wrote:
> Hi Guys,
>
> Not sure if this is the right list to ask it, but lots of people with
> knowledge about it,
>
> how serious is the PNG file treat, i noticed it is default denied by
> mailscanner. However i got some designers behind my mailscanner, which
> also want receive png files? So i know i can whitelist these persons
> by address and or domain, but i want to know about the severity of
> potential treat caused by png files.
http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely5
http://www.securityfocus.com/bid/18913
http://www.securityfocus.com/bid/21920
http://scary.beasts.org/security/CESA-2004-001.txt
http://www.microsoft.com/technet/security/bulletin/ms05-009.mspx
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57683-1
...
RE: PNG vurnability
Posted by "Martin.Hepworth" <ma...@solidstatelogic.com>.
Rob
Might be worthwhile moving this to the MailScanner list as it's nothing
to do with SA per sa.
But what version of MailScanner are you running, as I can't see anything
that would block png files by default.
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
> -----Original Message-----
> From: WiNK / Bor [mailto:wink@connectedserver.com]
> Sent: 23 April 2007 10:12
> To: users@spamassassin.apache.org
> Subject: PNG vurnability
>
> Hi Guys,
>
> Not sure if this is the right list to ask it, but lots of people with
> knowledge about it,
>
> how serious is the PNG file treat, i noticed it is default denied by
> mailscanner. However i got some designers behind my mailscanner, which
> also want receive png files? So i know i can whitelist these persons
by
> address and or domain, but i want to know about the severity of
> potential treat caused by png files.
>
> Kind Regards
> Rob
**********************************************************************
Confidentiality : This e-mail and any attachments are intended for the
addressee only and may be confidential. If they come to you in error
you must take no action based on them, nor must you copy or show them
to anyone. Please advise the sender by replying to this e-mail
immediately and then delete the original from your computer.
Opinion : Any opinions expressed in this e-mail are entirely those of
the author and unless specifically stated to the contrary, are not
necessarily those of the author's employer.
Security Warning : Internet e-mail is not necessarily a secure
communications medium and can be subject to data corruption. We advise
that you consider this fact when e-mailing us.
Viruses : We have taken steps to ensure that this e-mail and any
attachments are free from known viruses but in keeping with good
computing practice, you should ensure that they are virus free.
Red Lion 49 Ltd T/A Solid State Logic
Registered as a limited company in England and Wales
(Company No:5362730)
Registered Office: 25 Spring Hill Road, Begbroke, Oxford OX5 1RU,
United Kingdom
**********************************************************************