Re: [AMaViS-user] winmail.dat BANNED errors
This is a discussion on Re: [AMaViS-user] winmail.dat BANNED errors within the Amavis User forums, part of the Anti-Spam and Anti-Virus Related Forums category; Bryan wrote: > People seem to all of a sudden be getting errors when sending > messages. Some of them ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-26-2006
|
|||
|
|||
Re: [AMaViS-user] winmail.dat BANNED errors
Bryan wrote:
> People seem to all of a sudden be getting errors when sending > messages. Some of them seem to be getting it when someone sends a > message that has the "notify upon receipt" thingy checked in MS > Outlook, others I have quite figured out yet. > I tried setting the amavisd.conf file back to it's default settings > (copied directly from the sample directory and unedited) and > restarting amavis, but the problem continues. > Here's a sample bounce message with the usual things obfuscated. > ---Start of bounce message--- > Received: from somehost.subdomain.domain.com (unknown [10.0.x.x]) > by mail.ourdomain.net (Postfix) with SMTP id 35E03176989C > for <remote.client@theirdomain.net>; Thu, 26 Jan 2006 11:42:13 -0800 (PST) > From: "our user" <ou.user@ourdomain.com> > To: "remote client" <remote.client@theirdomain.net> > Subject: Read: re proof > Date: Thu, 26 Jan 2006 11:34:15 -0800 > Message-ID: <001501c622af$7de1a980$1c04000a@somehost.subdomain .ourdomain.com> > MIME-Version: 1.0 > Content-Type: application/ms-tnef; > name="winmail.dat" > Content-Transfer-Encoding: base64 > Content-Disposition: attachment; > filename="winmail.dat" > X-Priority: 3 (Normal) > X-MSMail-Priority: Normal > X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 > X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 > Importance: Normal > X-MS-TNEF-Correlator: 0000000012888C0EA097F14D98EB5B1D7136CFB5047B2200 > ---end of bounce message--- I would tell my users to not use "Rich Text" format. Use HTML if they have to. If you have banned tnef file types, you may have to edit that out if you want these files to pass. qr'^\.(exe|lha|tnef|cab|dll)$', # banned file(1) types ^^^^^ The thing is, there is a: "Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution (902412)" so IMHO it would be a better planet if the entire world turned this MS junk off. http://www.microsoft.com/technet/sec.../MS06-003.mspx http://support.microsoft.com/kb/290809/ Many users don't understand that not everyone they send mail to use Outlook like they do, so many people can't read the files anyway. With vulnerabilities the way they are, more and more admins may reject this stuff in the future, just like WMF, so I for one would like to see everyone get away from tnef. Gary V ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=...486&dat=121642 _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/...fo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ 
|
Linear Mode
