[Spambayes] Spambayes pwning me?
skip at pobox.com
skip at pobox.com
Mon Aug 18 02:13:50 CEST 2008
fu> To clarify, I'm not concerned about SpamBayes having malignant code
fu> in it, but if it has a DEP issue, that issue could be exploited to
fu> create an email worm that replicated without me ever having to open
fu> the email. Microsoft enabled DEP in Windows to protect us from
fu> flaws in software that could lead to this type of situation.
fu> Suggesting that users disable DEP is irresponsible. If there is a
fu> DEP issue in SpamBayes, fix it. If there is a DEP issue in Outlook
fu> when dealing with add-ins, if enough people report it, Microsoft
fu> will fix it.
I'm not a Windows person, but it would appear that DEP is a fairly common
cause of software installation problems:
In part, it says:
If Vista (and actually this has been around since Windows Server 2003)
sees that a process is being spawned that "could" be unwanted, DEP shuts
it down. This is especially common in some application installations: if
a Windows Installer setup (MSI) calls an executable in Vista, DEP could
very well put a stop to it. If you are trying to run an installation or
other executable being stopped by DEP, it could save you some trouble so
turn it off while you attempt to give it another shot&
The SpamBayes FAQ suggests listing Outlook as a safe application:
5.8 After installing SpamBayes, Outlook crashes and then asks for the
plug-in to be disabled.
Are you using an Athlon 64 or Core 2 Duo with DEP? There are issues with
DEP and Outlook with a SpamBayes-based plug-in. Listing Outlook as a
safe application on these processors should "solve" the problem.
Also, this has been a known issue for quite awhile:
If Mark Hammond hasn't figured out a way around the problem short of
disabling DEP for Outlook my guess is it's not a trivial problem.
More information about the SpamBayes