From owner-freebsd-security Thu Dec 6 2:31:21 2001 Delivered-To: freebsd-security@freebsd.org Received: from gramsc1.dyndns.org (h00609774e769.ne.mediaone.net [24.91.224.187]) by hub.freebsd.org (Postfix) with ESMTP id 6B91837B41A for ; Thu, 6 Dec 2001 02:31:18 -0800 (PST) Received: from there (tr0tsky [10.0.0.4]) by gramsc1.dyndns.org (8.12.1/8.12.1) with SMTP id fB6AV6Fp016959 for ; Thu, 6 Dec 2001 05:31:07 -0500 (EST)?g (envelope-from resopmok@gramsc1.dyndns.org)œ Message-Id: <200112061031.fB6AV6Fp016959@gramsc1.dyndns.org> Content-Type: text/plain; charset="iso-8859-1" From: Chris Thomas Reply-To: resopmok@gramsc1.dyndns.org To: freebsd-security@freebsd.org Subject: Re: (WOT) Re: the best edited picture ever Date: Thu, 6 Dec 2001 05:31:06 -0500 X-Mailer: KMail [version 1.3.1] References: <20011206044206.GD12011@hq.newdream.net> <20011206054226.GA20863@hq.newdream.net> In-Reply-To: <20011206054226.GA20863@hq.newdream.net> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org folks- I'm very sorry to have spammed the list, and I certainly did not mean to incite a flame war over it. It was purely an accident on my part; I meant to send this email to a friend of mine and didn't notice I had done the wrong thing until I came back and saw 20 messages on the topic. I receive lots of valuable information through this list, and an incident such as this will not happen again. My deepest apologies. -chris On Thursday 06 December 2001 12:42 am, you wrote: > Ian Smith wrote: > > [on topic? I'd actually like to know what can be done with majordomo > > to accomplish it; we're having just this problem with a list run from > > here] > > well it looks like hub.freebsd.org is running postfix according to the > smtp banner, so assuming no one at freebsd wants to receive this type of > thing, it would be pretty trivial to block most (but not all) of this > type of stuff with regex checks. this has the advantage of getting rid > of this junk as early as possible. > > assuming pcre body_checks, something like this might work (this is just > from the postfix-users list; i haven't tested it personally, but > something like this should work). something similar could be done if > POSIX regexes are used instead.... > > (sorry for the long line) > > /^(Content-Disposition: attachment;.*| > Content-Type:.*|(\t|)+)(file)?name="?.*\.(lnk|hta|com|pif|vbs|vbe|js|jse|ex >e|bat|cmd|vxd|scr|shm|dll)"?$/ REJECT > > however this would apply to all mail coming into the server... (although > god knows why anyone at freebsd.org would want to receive this type of > attachment, especially not zipped or tarred /gzipped. > > obviously this would be up to whoever admins the freebsd mail servers... > > i haven't used majordomo, so i'm not sure how to do this specifically > with that software. > > > I don't agree that these lists need the large overhead of moderation, > > if a (hopefully) simple technical fix can drastically reduce the > > volume of this crap in any and all freebsd lists - including stripping > > HTML mail. > > hopefully so. who is 'officially' in charge of this list? perhaps they > could let us know if anything can be done regarding this? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message