5224255 2000-06-24 00:03 /41 rader/ Postmaster Mottagare: Bugtraq (import) <11407> Ärende: Free mail scanning tool (was Re: NAI WebShield SMTP does not sca ------------------------------------------------------------ base64 encoding) Approved-By: aleph1@SECURITYFOCUS.COM Delivered-To: bugtraq@lists.securityfocus.com Delivered-To: BUGTRAQ@SECURITYFOCUS.COM X-Accept-Language: en MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <3952B12A.D5C452EE@roaringpenguin.com> Date: Thu, 22 Jun 2000 20:36:58 -0400 Reply-To: dfs@ROARINGPENGUIN.COM Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: "David F. Skoll" <dfs@ROARINGPENGUIN.COM> Organization: Roaring Penguin Software Inc. To: BUGTRAQ@SECURITYFOCUS.COM chris.paget@ANALYSYS.COM wrote: > The actual viruses are being picked up. The problem is that I wish to > block ALL scriptable files, so that in the time between a virus > outbreak and an updated DAT being released, my network is not at risk. I have just released a free tool to do this, at http://www.roaringpenguin.com/mimedefang/ It runs on UNIX/Linux and requires Sendmail. However, if you are using Exchange, you can put a Linux box as a "sentinel" in front of the Exchange server to do the scanning, and then relay the mail to Exchange. If you run DNS on the sentinel box and are creative with DNS MX records, you can even do this with no changes to your Exchange box, and no apparent external changes. MIME Defang is not exactly efficient -- a new Perl process for each incoming message -- but for low-volume sites (< 8000 messages a day), it's not too bad. (I *think* my tool is fairly bullet-proof, but I'm sure BUGTRAQ readers will point out any problems. :-)) -- David. (5224255) ------------------------------------------(Ombruten)