[Gllug] Forwarded Spam message which SA missed [Fwd: Hey bro,
Nix
nix at esperi.org.uk
Wed Jan 18 00:00:17 UTC 2006
On Mon, 16 Jan 2006, Chris Bell said:
> On Sun 15 Jan, Nix wrote:
>> If that's still not good enough, you can feed a failing message through
>> `spamassassin -D' and I'll have a look at that.
[...]
> Could the following be relevant?
[...]
>> Package : fetchmail
[...]
>> CVE ID : CVE-2005-4348
>>
>> Daniel Drake discovered a problem in fetchmail, an SSL enabled POP3,
>> APOP, IMAP mail gatherer/forwarder, that can cause a crash when the
>> program is running in multidrop mode and receives messages without
>> headers.
No, that bug causes fetchmail to *crash*, so it never delivers the
message to any MTA or delivery agent at all, and it never reaches
SpamAssassin.
(It also only happens if you're POPping from hostile servers, or perhaps
non-hostile but very-badly-written ones. POPping from hostile servers is
probably a lot less common than SMTP reception from hostile servers...)
--
`Logic and human nature don't seem to mix very well,
unfortunately.' --- Velvet Wood
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list