[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Re: [MailServer Notification]To recipient: Message matched eManager setting and action was taken.
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Re: [MailServer Notification]To recipient: Message matched eManager setting and action was taken.
- From: Michael Holstein <michael.holstein@xxxxxxxxxxx>
- Date: Thu, 29 Dec 2005 09:25:17 -0500
i believe the fucking word "fuck" triggers some .gov filters in a noisy
way :)
This RegEx method of filtering (alas .. employed all too regularly) is
exactly why we get emails for "C1ali$" or "V1agara" or "Steamy Pr0n".
It's like trying to block attachments based on the extension, while
ignoring the magic bits in the header. The next round of "social
engineering" emails that say :
"rename the attached .fix file to .exe so you can run it correctly"
are just around the corner.
/mike.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/