Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Possible Intrusion Attempt?

From: Lars Duesing <ld () stud fh-muenchen de>
Date: 27 May 2003 10:10:53 +0200
Hi Thomas, Hi List,


mimeDefang? Render to text any and all html mail? Add checks to
SpamAssassin (which destroys html mail when flagged as spam) ... There
are any number of ways to remove[1] html and just get content.

The real question is, will users stand for the loss[2] of html email. 

Thomas

[1] Well, just not render in a meaning full way.
[2] will they notice at all. Sometimes they don't.


They will notice it - but mostly in commercial mails, as they use
html-code and images heavily. But this mails are up to 75% not wanted.
Whether this a good thing or bad thing.. You have to evaluate for
yourself.
I use SpamAssassin in conjunction with a comercial Anti-Virus-Scanner at
the central mailgateway, and this combination is a quite good thing.
(given that av-database is regularly - best daily - updated).


Greetings,

         Lars


----------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: