Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Procmail scanning for hostile macros in Microsoft document e-mail

From: jhardin () wolfenet com (John D. Hardin)
Date: Wed, 31 Mar 1999 11:01:37 -0800

I have added some rudimentary scanning for possibly hostile macros in
Microsoft Word and Excel attachments to my Procmail-based email
sanitizer. This scanning is for code fragments that do things that
shouldn't be in document macros rather than any particular variant of
an existing virus or worm, so it should be generally effective.

I'd like to have some third-party comment and beta testing before I
release it. Anyone interested should send me some email at
<jhardin () wolfenet com> and I'll send the html-trap.procmail filter
with the added attachment scanning code.

I hope to publicly release this modification tomorrow or Friday.

For further information on the Procmail e-mail sanitizer, visit
ftp://ftp.rubyriver.com/pub/jhardin/antispam/procmail-security.html

--
 John Hardin KA7OHZ                               jhardin () wolfenet com
 pgpk -a finger://gonzo.wolfenet.com/jhardin    PGP key ID: 0x41EA94F5
 PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76
-----------------------------------------------------------------------
  In the Lion
  the Mighty Lion
  the Zebra sleeps tonight...
  Dee de-ee-ee-ee-ee de de de we um umma way!
-----------------------------------------------------------------------
   48 days until Star Wars episode I
Previous By Date Next
Previous By Thread Next

Current thread: