Changing nmap-dev content filters

[Fyodor <fyodor () insecure org>]

To prevent viruses/worms from reaching the nmap-dev list, mail
attachments have traditionally been filtered out unless they have one
of the following MIME types:

multipart/mixed
multipart/alternative
multipart/signed
text
application/x-sh
application/x-bzip
application/x-bzip2
application/x-gzip

Unfortunately, many (stupid) mailers send diff files as
application/octet-stream.  So we've seen many contributed patches
stripped from emails.  Then we have to bug the contributor to resend.

As a test, I have removed the MIME type restrictions for now.  All
that remains is that 'text/html' is filtered out, and attachments may
not end in exe, bat, cmd, com, pif, scr, vbs, or cbl.

We'll try this out.  If we start seeing many mail worms on the list,
I'll put the restrictions back or maybe try to configure ClamAV.
Messages already must pass through Spamassassin in order to get
through.

As usual, I can't guarantee that no viruses will ever make it through.
So be careful what you click on!

Cheers,
-F


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org