Bugtraq mailing list archives
Free mail scanning tool (was Re: NAI WebShield SMTP does not scan base64 encoding)
From: dfs () ROARINGPENGUIN COM (David F. Skoll)
Date: Thu, 22 Jun 2000 20:36:58 -0400
chris.paget () ANALYSYS COM wrote:
The actual viruses are being picked up. The problem is that I wish to block ALL scriptable files, so that in the time between a virus outbreak and an updated DAT being released, my network is not at risk.
I have just released a free tool to do this, at http://www.roaringpenguin.com/mimedefang/ It runs on UNIX/Linux and requires Sendmail. However, if you are using Exchange, you can put a Linux box as a "sentinel" in front of the Exchange server to do the scanning, and then relay the mail to Exchange. If you run DNS on the sentinel box and are creative with DNS MX records, you can even do this with no changes to your Exchange box, and no apparent external changes. MIME Defang is not exactly efficient -- a new Perl process for each incoming message -- but for low-volume sites (< 8000 messages a day), it's not too bad. (I *think* my tool is fairly bullet-proof, but I'm sure BUGTRAQ readers will point out any problems. :-)) -- David.
Current thread:
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd), (continued)
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Helmethead (Jun 29)
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Hugo.van.der.Kooij () CAIW NL (Jun 29)
- CONECTIVA LINUX SECURITY ANNOUNCEMENT - WU-FTPD Security (Jun 23)
- Security Update: wu-ftpd vulnerability Technical Support (Jun 23)
- Re: NAI WebShield SMTP does not scan base64 encoding Andre Albsmeier (Jun 21)
- Bruce 1.0 EA3: Networked Host-Vulnerability Scanner for Solaris & Linux Keith A. Watson (Jun 21)
- NetBSD Security Advisory 2000-007 security-officer () NETBSD ORG (Jun 21)
- Re: NAI WebShield SMTP does not scan base64 encoding Elias Levy (Jun 22)
- Security Bulletins Digest patrick () PINE NL (Jun 22)
- Re: NAI WebShield SMTP does not scan base64 encoding chris.paget () ANALYSYS COM (Jun 22)
- Free mail scanning tool (was Re: NAI WebShield SMTP does not scan base64 encoding) David F. Skoll (Jun 22)
- NetWin dMailWeb Denial of Service Chris Wolfe (Jun 21)
- [RHSA-2000:037-01] New Linux kernel fixes security bug bugzilla () REDHAT COM (Jun 21)