Date: Fri, 21 Jul 2000 18:34:58 +0200
From: Mark Lastdrager <mark@SECURITY.NL>
Subject: quick Postfix check for Outlook date exploit
To: BUGTRAQ@SECURITYFOCUS.COM
Hi,
With a little help from Koos van den Hout I made a small header_check
for Postfix to prevent people from exploiting the latest Outlook
bug. A quick test shows it works but don't come complaining when it
doesn't ;-)
In your main.cf put this line:
header_checks = regexp:/etc/postfix/header_checks
(path depends on where your postfix config lives)
In header_checks put:
/^Date:.{60,}$/ REJECT
This will reject messages with a date line longer than 60 chars.
Don't forget postfix reload ;-)
Mark Lastdrager
Pine Internet
--
email: mark@lastdrager.nl :: ML1400-RIPE :: tel. +31-70-3111010
http://www.pine.nl :: RIPE RegID nl.pine :: fax. +31-70-3111011
PGP key ID 92BB81D1 :: Dutch security news @ http://security.nl
Today's excuse: because of network lag due to too many people playing
deathmatch
![[LWN Logo]](/images/lcorner.png)
![[Timeline]](/images/Included.png)