Question
I have performed a set of tests for known vulnerabilities in mail clients which I want my mail server to block. Why does GMS fail to block all these messages?
Answer
GMS can correctly block against all the tests in the GFI vulnerability
list.
GMS as shipped is secure and does not have vulnerabilities. Whether or
not the issues raised by GFI are vulnerabilities are debatable so Gordano
gives you the choice of whether (or not) to deny some messsages. However,
we take the attitude that an informed decision should be made about each
issue taking into account the pitfalls and benefits.
The “See Also” section lists links to articles on each of the GFI tests, which give an explanation
and details of how you can set GMS to stop such messages should you choose to.
See Also:
- How do I pass the GFI “CLSID extension vulnerability test”?
- How do I pass the GFI “Fragmented message vulnerability test (for Outlook Express)”?
- How do I pass the GFI “Iframe remote vulnerability test”?
- How do I pass the GFI “MIME header vulnerability test”?
- How do I pass the GFI “VBS attachment vulnerability test”?
- How do I pass the GFI “Eicar anti-virus software test”?
- How do I pass the GFI “Malformed file extension vulnerability test”?
- How do I pass the GFI ActiveX vulnerability test?
- How do I pass the GFI “Object Codebase vulnerability test”?
- How do I pass GFI’s Access exploit vulnerability test?
Keywords:GFI Security Test CLSID IFRAME Malformed Object CodeBase