Re: Office XP SP3 breaks 3rd-party junk email filter
From: Mark Medici (mark_at_DBMA.COM)
Date: 03/12/04
- Previous message: Mark Medici: "Office XP SP3 breaks 3rd-party junk email filter"
- Maybe in reply to: Mark Medici: "Office XP SP3 breaks 3rd-party junk email filter"
- Next in thread: Russ: "Re: Office XP SP3 breaks 3rd-party junk email filter"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 11 Mar 2004 19:28:55 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
I have now received over two dozen reports that Office XP SP3
breaks at least two well-known junk email filtering products.
Everyone whom reported the problem has installed the full SP3,
as opposed to the individual Outlook XP/2002 update. That is
NOT to say the individual update is safe, just that nobody
has reported just installing the individual update.
Sunbelt Software's "iHateSpam" is affected. The vendor is
aware of the problem and is working on a solution.
Cloudmark "Spamnet" is also affected. The vendor is aware
of the problem and is working on a solution.
Two suggested work-arounds are:
1. If using Windows XP, perform a System Restore to a
restore point prior to installing Office XP SP3. Of
course, you will loose the security benefits of the
service pack.
2. You can try "Express ClickYes" from:
http://www.express-soft.com/mailmate/clickyes.html,
which is supposed to automatically dismiss the
Security Warning dialog, but I have no reports of
anyone experimenting with this software, and cannot
vouch for its integrity or effectiveness.
I have two reports that the open-source SpamBayes is not
adversely affected by the installation of Office XP SP3.
Server-based email filters are not affected.
What appears to be happening is that certain junk email
filters access the Outlook contacts folder (address list)
to see if the incoming email's sender is known, as a
supplement to the software's whitelist. Apparently part
of the update is protection of the contacts folder to
prevent email worms from harvesting addresses for use
when they try to send out copies of themselves. It
Seems that SpamBayes does not use the existing contacts,
or at least does not do so on a message-by-message basis.
I just setup a test system. Hopefully, I'll be able to
narrow-down the circumstances tomorrow.
-----
NTBugtraq Editor's Note:
Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you''ll have to copy their email address out of the message and place it in your TO: field.
-----
- Previous message: Mark Medici: "Office XP SP3 breaks 3rd-party junk email filter"
- Maybe in reply to: Mark Medici: "Office XP SP3 breaks 3rd-party junk email filter"
- Next in thread: Russ: "Re: Office XP SP3 breaks 3rd-party junk email filter"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
