>>>>> "IT" == Ilya Teterin writes: [kham-kham-kham....argh....] IT> How to solve this issue? I believe we should rewrite at least IT> filtering systems to block malformed base64-encoded data because we IT> don't know is it malicious or not. Otherwise, we can meet new powerful IT> e-mail worm. Rewriting filtering systems for rejecting malformed mail couldn't be good decision in all situations. Some mailing lists (debian-russian, for example) add some 7bit information after letter body while re-forwarding, regardless of was the letter base64/QP encoded or not, resulting of such malformed mail (and if your mail server recodes all 8bit mail to base64, you have no way to write to those mail lists without creating malformed mail at result). So I think that the right solution (before antivirus software would be rewritten) is to write filters by yourself - decode base64 as that do popular mail clients and give them to antivirus. Of course, it's somehow more hard than just filtering up all those letters. -- Sincerely yours, Alexander Ogol, happy GNU/Linux user.
