Why do malformed MIME messages pass the GMS Anti-Spam attachment blocking?
Gordano Limited has been made aware of the existence of specific malformed MIME content that successfully causes email messages to bypass the attachment blocking features of the GMS Anti-spam module. This MIME formation is very specific and Gordano has only been made aware of one message formatted in this manner.
A fix for this exploit of the GMS Anti-Spam module has been produced and is available for download from the locations specified below. Gordano Limited recommends that any customers relying on the Anti-spam module to block certain attachment types (e.g. exe files which may contain malicious content) download and install the hotfix according to the instructions available in additional Knowledge Base entry below.
This exploit only affects customers using the GMS Anti-Spam options to ban certain attachment types from their servers.
Customers who have also enabled the GMS Anti-Virus module continue to be protected from any malicious content contained in the attachment. Gordano Limited recommends that all customers take advantage of the protection facilities provided by the GMS Anti-Virus module. This module provides comprehensive protection from viruses and other malicious content. Virus definition files can be automatically updated every 15 minutes using Gordano’s patent pending, firewall friendly, update mechanism. There is no interruption to service while the update occurs.
Keywords:Malformed Mime attachment blocking files