Just to keep correctness. Colsaire could provide better service to it's customers by better researching available information on researched topic. Most of reported content filtering bypassing techniques are already known and described in [1] with credentials believed to be valid. MIME RFC2231 encoding issue - David F. Skoll MIME RFC2047 encoding issue - different authors (different problems were discovered, information from Colsaire advisory is not enough). Content-Transfer-Encoding mechanism issue - different authors MIME field multiple occurrence issue - 3APA3A MIME separator issue - 3APA3A MIME field whitespace issue - 3APA3A MIME RFC822 comment issue (at least partially) - 3APA3A There is also a _lot_ of different bypass techniques Colsaire failed to discover. [1] 3APA3A, Bypassing content filtering whitepaper http://www.security.nnov.ru/advisories/content.asp -- http://www.security.nnov.ru /\_/\ { , . } |\ +--oQQo->{ ^ }<-----+ \ | ZARAZA U 3APA3A } You know my name - look up my number (The Beatles) +-------------o66o--+ / |/
