IP: stupid email filter tricks

[Dave Farber <farber () cis upenn edu>]

> From: "George Feil" <hacker () stardragon com>
> To: "Dave Farber" <farber () cis upenn edu>
> Subject: stupid email filter tricks
> Date: Wed, 21 Feb 2001 23:50:12 -0800
>
> Dave,
>
> I received a notice from two different mail servers warning me of a virus
> that had been enclosed in an message sent through a mailing list that I
> host.  I was quite surprised by the warnings, given that I am a subscriber
> on the list, and received the message without a peep from my trusty
> anti-virus program.  Fortunately, one of the warning messages included  a
> log file diagnosing the problem.
>
> It turned out that the offending message didn't contain a virus at all, but
> it did contain a phrase that was used as a subject line for a recent email
> worm (I won't repeat it here so it doesn't trip any filers used by your list
> subscribers).
>
> We've all long known of the flaws in content filtering programs in locking
> out access to legitimate sites.  But this is a new one:  overzealous mail
> sentries crying wolf over suspected email.  It's amazing how these filters
> were not even smart enough to look for VBS attachments or JavaScript code in
> the message...
>
> [By the way, one of the programs that notified me was called "MailMarshal".]
>
> George Feil
> Chief Hacker
> Stardragon Consulting Inc.
> http://www.stardragon.com



For archives see: http://www.interesting-people.org/