LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: Virus got through

Pete Weiss <[log in to unmask]>

Fri, 18 Jan 2002 14:45:30 -0500

text/plain (34 lines)

At 14:06 01/18/2002 Friday, Kathy Montgomery wrote:
 >A list owner reported to me that one of his subscribers succeeded in
 >sending a virus to the list.  Indeed, I was able to download the .BAT
 >attachment from the archives, which contained W32.Magistr.39921@mm,
 >according to my antivirus software.  The list was set to
 >"Attachments=No" and "Language=NoHTML."  The message itself as it
 >appears in the archives looks like it has a "Content-Type:
 >multipart/mixed;" header.  I don't know how to attempt to duplicate what
 >happened.
 >
 >How did this file get through?  Knowing that LISTSERV can't actually
 >scan for viruses, is there any way to prevent this in the future?

Attachments=No

http://www.lsoft.com/manuals/1.8d/owner/appendb.html#keyAttachments

Language= NoHMTL

http://www.lsoft.com/manuals/1.8d/owner/appendb.html#keyLanguage

My synopsis:

the plain ASCII text attachments ARE allowed; multipart MIME are stipped.

BAT files being plain ASCII are thus transmitted.  Though I haven't
tested this, setting subscriber options to SHORT might foil any MIME
attachment, but certainly not the inclusion of UUENCODE within the body.

If I am not mistaken (check the lstown-l and lstsrv-l archives), there
has been mentioned by L-Soft of future LISTSERV(R) enhancements in this arena.

/Pete

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM