Bugtraq mailing list archives
Re: Bypassing SMTP Content Protection with a Flick of a Button
From: "Steven M. Bellovin" <smb () research att com>
Date: Fri, 13 Sep 2002 23:19:38 -0400
It turns out that this isn't new. I forwarded the note to Ned Freed, one of the authors of RFC 2046. He showed it to Kristin Hubner, who found the following text from the manual on using PMDF in a firewall that she had written in 1996: Note that when you are using the conversion channel to check message parts on the PMDF firewall system, you are likely to want the defragment channel keyword on outgoing channels, particularly channels that send to internal systems. The MIME format allows for messages to be split into multiple pieces, which are normally not reassembled until arrival at the final destination system. However, if you want the intermediate PMDF firewall system to check the message content, you will want to reassemble the message parts on the PMDF firewall system, so that the message content (rather than message content fragments) can be checked. --Steve Bellovin, http://www.research.att.com/~smb (me) http://www.wilyhacker.com ("Firewalls" book)
Current thread:
- FW: Bypassing SMTP Content Protection with a Flick of a Button Menashe Eliezer (Sep 13)
- <Possible follow-ups>
- Re: Bypassing SMTP Content Protection with a Flick of a Button Steven M. Bellovin (Sep 17)