|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Message-ID: <3CD7FDFE.18FA16DE@algroup.co.uk> Date: Tue, 07 May 2002 17:17:02 +0100 From: Ben Laurie <ben@algroup.co.uk> MIME-Version: 1.0 To: Bugtraq <BUGTRAQ@securityfocus.com> Cc: Black Helicopters <mib@aldigital.co.uk> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit The widely used mailing list manager, EZMLM (http://cr.yp.to/ezmlm.html), when sending mails for moderation, sets a reply-to address which, if responded to, will cause the mail to be accepted for distribution. MessageLabs (http://www.messagelabs.com/) offer an email virus scanning service which, unfortunately, sends virus alerts to, amongst others, the reply-to address. This causes email bearing viruses to be automatically accepted even when sent to a moderated list. MessageLabs have, in a telephone conversation earlier today, acknowledged this problem and anticipate a fix in the near future. In the meantime, we advise all moderators of ezmlm mailing lists to not use MessageLabs vetted email addresses for moderation, or to temporarily disable the list pending a fix. Stop Press ---------- I have heard that some people within MessageLabs think that they should argue about the RFCs rather than fix this problem, so MessageLabs customers might care to inform them directly of their own opinions. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |