TIP: Click on subject to list as thread! ANSI
echo: fidosoft.husky
to: JOE DELAHAYE
from: MARK LEWIS
date: 2015-03-15 13:16:00
subject: Unpacking insecure arcmai

 On Sat, 14 Mar 2015, Joe Delahaye wrote to mark lewis:

 JD>> If indeed it would be a mail bomb, then unpacking it first before 
 JD>> tossing would still create problems I would think.

 ML> that's why the tosser simply inspects the bundle to see what the 
 ML> compression ratio is before unpacking... it seems that many 
 ML> developers have forgotten how to do these common things as has 
 ML> been done since at least the 90s...

 JD> I think more likely the thought of mailbonbs as a threat no longer 
 JD> exists.

never let your guard down... we might be smaller than the net was in years past
when two well known folks got into a controversy and one set up their mailer to
send $CLOCK to the other... $CLOCK is a never ending psuedo-file... it was
documented in the snooze IIRC... i know i've read it several times... this was
one of the things that lead to mailer developers to not allow such psuedo-files
to be attached like this...

)\/(ark

* Origin: (1:3634/12)

SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.