Fri, 18 Jan 2002 14:45:30 -0500
|
At 14:06 01/18/2002 Friday, Kathy Montgomery wrote:
>A list owner reported to me that one of his subscribers succeeded in
>sending a virus to the list. Indeed, I was able to download the .BAT
>attachment from the archives, which contained W32.Magistr.39921@mm,
>according to my antivirus software. The list was set to
>"Attachments=No" and "Language=NoHTML." The message itself as it
>appears in the archives looks like it has a "Content-Type:
>multipart/mixed;" header. I don't know how to attempt to duplicate what
>happened.
>
>How did this file get through? Knowing that LISTSERV can't actually
>scan for viruses, is there any way to prevent this in the future?
Attachments=No
http://www.lsoft.com/manuals/1.8d/owner/appendb.html#keyAttachments
Language= NoHMTL
http://www.lsoft.com/manuals/1.8d/owner/appendb.html#keyLanguage
My synopsis:
the plain ASCII text attachments ARE allowed; multipart MIME are stipped.
BAT files being plain ASCII are thus transmitted. Though I haven't
tested this, setting subscriber options to SHORT might foil any MIME
attachment, but certainly not the inclusion of UUENCODE within the body.
If I am not mistaken (check the lstown-l and lstsrv-l archives), there
has been mentioned by L-Soft of future LISTSERV(R) enhancements in this arena.
/Pete
|
|
|