[原文]Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted data in a mail message, which causes the message to be marked as "Clean" instead of "Encrypted".
Clearswift MIMEsweeper for SMTP Encrypted Mail Scanning Bypass
Remote / Network Access
Loss of Integrity
MIMEsweeper contains a flaw that may allow a malicious user to bypass the scanning functionality. The issue is triggered by sending an encrypted email, which is marked "clean" and not "encrypted". It is possible that the flaw may allow an attacker to email malicious code resulting in a loss of integrity.
Upgrade to version 5.0.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.