On Sep 12, 2006, at 6:38 AM, ???? wrote: > Tokio Kikuchi wrote: > >> ToDigest.send_digests() can block regular delivery. We put the >> send_digests() calling part in a try/except clause and leave a >> message >> in the error log if something happened in send_digests(). >> Daily call of >> cron/senddigests will provide more detail to the site >> administrator. > > I noticed this may lead to yet another DoS for digest delivery. The > malicious (non-compliant MIME) message may cause other digest > deliveries > to stop as long as the malicious message remains in the digest.mbox > file. I created a patch for this situation and uploaded in the patch > area of SF: > http://sourceforge.net/tracker/index.php? > func=detail&aid=1556858&group_id=103&atid=300103 > > I think I will commit in the Release-2.1-maint branch and include > in the > 2.1.9 final release. I appreciate anyone can review the patch.
Let's wait for 2.1.10, because otherwise we're really going to need another release candidate and another week or so of testing. -Barry _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
