[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Sendmail Log Message

Subject: Re: [cobalt-security] Sendmail Log Message
From: Jaana Jarve <netcat@xxxxxxxxx>
Date: Fri, 27 Jun 2003 17:12:00 +0300 (EEST)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Fri, 27 Jun 2003, Admin wrote:

> At 02:28 PM 6/27/2003 +0100, you wrote:
>
> >Recently I have started to get this log report
> >
> >sendmail: Truncated MIME Content-Disposition header due to field size
> >(possible
> >attack)
> >
> >Is this something that I can prevent and stop? I'm running fully patched raq3
> >and raq4r and message appears in both logfiles.
>
> It is the SoBig.E virus being sent to user's mailboxes.

actually, this sort of log entry would occur every time someone sends you
something that has MIME headers longer than specified in
MaxMimeHeaderLength, whether it's an actual attack, virus or entirely
accidental.

rgds,
netcat

References:
- Re: [cobalt-security] Sendmail Log Message
  - From: Admin

Prev by Date: Re: [cobalt-security] Sendmail Log Message
Next by Date: Re: [cobalt-security] Sendmail Log Message
Previous by thread: Re: [cobalt-security] Sendmail Log Message
Next by thread: Re: [cobalt-security] Sendmail Log Message

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index