Great Circle Associates List-Managers
(August 2003)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: heads up about recent spammer & demime bug
From: Jeff Wasilko <jeffw @ smoe . org>
Date: Sun, 10 Aug 2003 13:14:11 -0400
To: undisclosed-recipients: ;
User-agent: Mutt/1.3.99i

If you're using demime to front-end majordomo, you should patch
it to deal with a problem that was recently discovered.

A spammer is sending out spam that claims to be text/html with a
base64 attachment. However, there is no attachment. This causes
the base64 decoder in demime to go into a loop. In my case, the
demime processes grew to multi-hundred-meg and up to a gigabyte,
while sendmail filled /var/spool/mqueue with the error messages
that demime was emitting.

The patch involves changing the line:

    if(length($dstr) % 4) {

to:

    if(length($dstr) % 4 or length($dstr) == 0) {


Please check the demime list archive at scifi.squawk.com if you
want to get the patch from the author....

Thanks go to Nick (the demime author) for getting a patch out
right away!

-j


Follow-Ups:
Indexed By Date Previous: Re: AOL blocking
From: Bob Bish <bobbish@earthlink.net>
Next: Re: heads up about recent spammer & demime bug
From: "Michael C. Berch" <mcb@postmodern.com>
Indexed By Thread Previous: Re: AOL blocking
From: "Mark J. Bradakis" <mjb@cs.utah.edu>
Next: Re: heads up about recent spammer & demime bug
From: "Michael C. Berch" <mcb@postmodern.com>

Google
 
Search Internet Search www.greatcircle.com