1. Welcome to the new MacRumors forums. See our announcement and read our FAQ

Outlook 'CR' Vulnerability

Discussion in 'General Mac Discussion' started by MacMaelstrom, Jul 23, 2003.

  1. macrumors member

    Just wondering :confused: if anyone else has experianced emails form MacRumors.com being blocked by your ISP's virus scanning due to Outlook 'CR' Vulnerability. It appears that MacRumor's email client uses CR in the messages, where it should use CRLF. I don't see the problem in this, but apparantly my ISP thinks their doing me quite a favor by blocking this. They've also kindly notified me that they cannot and will not turn the virus scanning off on my account. Some crap about then I could hold them liable for damage to my machine. My machines are all Linux and Mac. Therefore, I really don't care. And even if it did take out either computer, I've got backups and Master Disks. :rolleyes: EV1....
  2. macrumors 68000


    Link to explanation of flaw/feature.
    Link to a Test

    Working backwards:
    2.) A CR is just fine. To state that somebody must use a linefeed after a carriage return is stupid. There are patches out there, and this is just another example of IT going way to far. That said- Send an email to Arn and see what he can do about it. It's a simple request. Here is a Link that explains why people should send a line feed after a carriage return.

    The org I work for filters out HTML links and pictures, not because of bandwidth, but because somebody could potently do something that could crash the system. Three cheers for the nerf world!

    1.) This is your ISPs/hosts damage. Luckily, they don't block this site. I understand their fear of lawsuit, but they also know that nobody could possibly win against them.

    Additionally, from what I understand, this kind of flaw (a hidden executable) only works with attachments and an HTML formatted email and are not self extracting, executing or spawning. I could be wrong about this, but that's how the articles read to me.

    If you don't want to use M$ Outlook then try Eudora
  3. macrumors 6502a


    Sue your ISP for hindering you from accessing vital information.
  4. macrumors 603


    So, yeah, you have no concept of Terms of Service and Service Agreement contracts? They can do whatever they want, as long as they didn't promise him something else. doesn't matter how crappy it is. A lawsuit would be thrown out the moment it went before a judge.

  5. macrumors member

    Oh yes, and that's the beauty of it all... I don't use Outlook. Nor Eudora. I use a simple linux client called Evolution. That said, if I sue them and they go out of business, ( :p ) I've just lost about the only ISP in my area. I'll email arn though and ask him about it.
    thanks all!
  6. macrumors member

    Well, it appears that I'll be getting a free Email account at some place that has POP service. I've found just about every email sent to me from Claris Emailer and Netscape (under 4.0 Versions) is getting blocked. This makes up a good 1/8 of people I know.
  7. macrumors regular

    Outlook 'CR' Vulnerabilty emails now "We blocked a virus..."

    Well, I too have been getting Outlook 'CR' Vulnerability emails. Except the latest email I've gotten from the board is now "WARNING: We blocked a virus that was sent to you".

    Oh brother.

    Damn college email filtering! I'll have to get on their butts about this one. When I get back to campus in the Winter.

  8. macrumors regular

    'CR' Vulnerabilty: Response

    'CR' Vulnerability:

    A response from my postmaster/admin:

  9. macrumors regular

    My emails are coming in a virus warnings now.

    I am a man of action - so what should I do now?

Share This Page