Print Page | Close Window

Attachment blocking

Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: http://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=3813
Printed Date: 23 October 2017 at 10:13pm


Topic: Attachment blocking
Posted By: Guests
Subject: Attachment blocking
Date Posted: 22 June 2004 at 9:48am

If you go to http://www.gfi.com/emailsecuritytest" CLASS="ASPForums" TITLE="WARNING: URL created by poster. - http://www.gfi.com/emailsecuritytest" CLASS="ASPForums" TITLE="WARNING: URL created by poster. - http://www.gfi.com/emailsecuritytest
and request GFI to send you these tests by
email to check if your email system is vulnerable, you will see most of them will pass through the email attachment blocking. I highlighted those items with ***.

I know you are not in the antivirus business, but it would make SpamFilter a star product if you can block all the following items.

o VBS file vulnerability test***
o CLSID extension vulnerability test
o MIME header vulnerability test***
o ActiveX vulnerability test
o Malformed file extension vulnerability test (for Outlook 2002 - XP)
o CLSID extension vulnerability test (for Outlook 2002 - XP)
o GFI's Access exploit vulnerability test
o Object Codebase vulnerability test
o Iframe remote vulnerability test
o Eicar anti-virus test***
o Fragmented Message test
o Long Subject Attachment Checking Bypass (for Outlook Express 6)
o Long Subject Attachment Checking Bypass (for Outlook 2000)
o Attachment with no filename vulnerability test
o Long Filename vulnerability test***
o Popup Object Exploit vulnerability test
o Double File extension vulerability test***




Replies:
Posted By: Desperado
Date Posted: 22 June 2004 at 10:09pm

This is interesting but you may want to check your filters .... ALL the messages they sent to me except the comfirmation link, were sent to null by my SpamFilterISP.   Again, check your filters and settings again.

Regards,

Dan S.



Posted By: LogSat
Date Posted: 22 June 2004 at 11:57pm

Benny,

All attachments we chose to block were blocked correctly when running the test. The antivirus we run on the server caught the eicar virus while SpamFilter temporarily spooled the message on the hard drive (the spooling is by design to allow AV check the files). All other vulnerabilities are just that, vulnerabilities. SpamFilter is, as you noticed, immune to all of them. It is not going to block those emails, they are not spam, and SpamFilter is not designed to be an intrusion detection / vulnerability scanner. At least not yet...

Roberto F.
LogSat Software




Print Page | Close Window