Bugtraq mailing list archives

Re: Bypassing SMTP Content Protection with a Flick of a Button

From: "Steven M. Bellovin" <smb () research att com>
Date: Fri, 13 Sep 2002 23:19:38 -0400

It turns out that this isn't new.  I forwarded the note to Ned Freed, 
one of the authors of RFC 2046.  He showed it to Kristin Hubner, who 
found the following text from the manual on using PMDF in a firewall
that she had written in 1996:

   Note that when you are using the conversion channel to check message parts
   on the PMDF firewall system, you are likely to want the defragment channel
   keyword on outgoing channels, particularly channels that send to internal
   systems. The MIME format allows for messages to be split into multiple
   pieces, which are normally not reassembled until arrival at the final
   destination system. However, if you want the intermediate PMDF firewall
   system to check the message content, you will want to reassemble the message
   parts on the PMDF firewall system, so that the message content (rather than
   message content fragments) can be checked.




                --Steve Bellovin, http://www.research.att.com/~smb (me)
                http://www.wilyhacker.com ("Firewalls" book)

Current thread:

FW: Bypassing SMTP Content Protection with a Flick of a Button Menashe Eliezer (Sep 13)
- <Possible follow-ups>
- Re: Bypassing SMTP Content Protection with a Flick of a Button Steven M. Bellovin (Sep 17)