SUMMARY

It is possible to configure MSW 4.3 so that the adherence to the RFC rules for mail messages can be less strict.

Configuring MSW 4.3 in such away will increase the risk of a potential MIME boundary exploits not being detected.

Clearswift do not recommend making this change and lowering the level of security employed, but does recognise that some customers may deem this type of exploit to be of minimum risk and would rather the security reduced.

 

WARNING - By making this change some security exploits maybe passed.

 

To make this change:

1. Stop the Mailsweeper Services

2. Make a backup copy of the [x:]\ format.cfg

3. Add the following Lines in the [Format\SMTP Messages]

 

[Format\SMTP Messages]

v:AllowTrailingData=$Btrue

v:IgnoreMissingBoundaryTerminator=$Btrue

 

Ensure you read the relevent section below

 

AllowTrailingData

The RFC standards state that any data after a terminating boundary at the end of a message should be ignored. However, just using notepad to examine the message data will allow the user to get at any data posted after this point in the message. MSW v4.3 will issue a bad data response if there is any data in this situation. Setting this config parameter to true will not issue this bad data response.

Default: False

 

IgnoreMissingBoundaryTerminator

Multipart Mime messages have boundaries for the parts. Lines beginning with - and the boundary value are the separators. At the end of parts for that section, the line should also end with --. This is the boundary terminator. If there is not a terminating boundary, the format manager will issue a bad data response. Setting this value to true will mean that it will not issue this bad data response.

Default: False

 

Back