what was that?
Jacques A. Vidrine
nectar at FreeBSD.org
Mon Mar 31 12:06:12 PST 2003
On Mon, Mar 31, 2003 at 02:39:49PM -0500, Mike Tancsa wrote:
> Actually, will not some MS email clients (e.g. lookOUT) honor attachments
> that begin in the headers ? I recall a discussion similar to this on email
> AV scanner lists... Because MS would decode an attachment crammed in the
> subject line, this could be a way to bypass email scanners and cram viruses
> in the subject... Combined with the fact that there are many unpatched
> email clients out there, this would be a nice way to spread an email worm.
>
> Perhaps the MS client would try and decode an attachment in the messageID ?
That would explain why someone was sending such a Message-ID header,
and I guess I would not be surprised that some Microsoft MUA would do
something bone-headed like that.
Cheers,
--
Jacques A. Vidrine <nectar at celabo.org> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
jvidrine at verio.net . nectar at FreeBSD.org . nectar at kth.se
More information about the freebsd-security
mailing list