RE: broken virus / worm email has attachment not found by grisoft proxy scanner

["Todd Towles" <toddtowles () brookshires com>]

I have seen this type of e-mail on my yahoo account at home. I just guessed
it was a corrupt e-mail put out by some e-mail virus circling the internet.
It wouldn't by the first time or the last.


-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Denis McMahon
Sent: Tuesday, August 03, 2004 6:39 AM
To: fd
Subject: [Full-disclosure] broken virus / worm email has attachment not
found by grisoft proxy scanner

Hmm

I've had a couple of suspicious emails this week with headers, blank 
line, a line of text, mime headers.

Thunderbird doesn't see the mime attachment due to the broken headers, 
which is good, but nor does the grisoft email proxy scanner, which is 
bad, especially as I guess that certain broken applications (no I don't 
have outlook [express] on my system) might try and be snart and find the 
attachment.

This might be broken malware sending unusable stuff out, but my worry is 
that somene may have found a technique that will sneak an attachment 
past some a-v scanners in a "broken" format that certain popular email 
apps will try and fix, possibly putting active malware on the hard disk.

I tried to talk to grisoft about this, but all I get back is "you have 
to pay to talk to us cheapskate" ... whilst I can agree that they might 
not want to provide tech support to users of their free scanner, does 
anyone have an email address at grisoft for submitting suspicious items 
that have got past their proxy scanner?

Denis

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html