At 02:28 PM 6/27/2003 +0100, you wrote:
Recently I have started to get this log report
sendmail: Truncated MIME Content-Disposition header due to field size
(possible
attack)
Is this something that I can prevent and stop? I'm running fully patched raq3
and raq4r and message appears in both logfiles.
It is the SoBig.E virus being sent to user's mailboxes. It hit my mail
server as quickly as I read the news about it yesterday and numerous
times. Interestingly, the news about the virus does not report that it is
sending an oversize mail header. Is this an indication that it was
designed to take advantage of the sendmail vulnerability that we patched a
few months ago? You did patch for the oversized header vulnerability
didn't you?