Nmap Development mailing list archives
Changing nmap-dev content filters
From: Fyodor <fyodor () insecure org>
Date: Sun, 31 Dec 2006 13:06:30 -0800
To prevent viruses/worms from reaching the nmap-dev list, mail attachments have traditionally been filtered out unless they have one of the following MIME types: multipart/mixed multipart/alternative multipart/signed text application/x-sh application/x-bzip application/x-bzip2 application/x-gzip Unfortunately, many (stupid) mailers send diff files as application/octet-stream. So we've seen many contributed patches stripped from emails. Then we have to bug the contributor to resend. As a test, I have removed the MIME type restrictions for now. All that remains is that 'text/html' is filtered out, and attachments may not end in exe, bat, cmd, com, pif, scr, vbs, or cbl. We'll try this out. If we start seeing many mail worms on the list, I'll put the restrictions back or maybe try to configure ClamAV. Messages already must pass through Spamassassin in order to get through. As usual, I can't guarantee that no viruses will ever make it through. So be careful what you click on! Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Changing nmap-dev content filters Fyodor (Dec 31)