[Mimedefang] MIMEDefang 2.9 Beta 1 is available
David F. Skoll
dfs at roaringpenguin.com
Fri Apr 26 17:11:13 EDT 2002
Hi,
MIMEDefang 2.9-BETA-1 is at:
http://www.roaringpenguin.com/mimedefang/mimedefang-2.9-BETA-1.tar.gz
DO NOT UPGRADE until you have read this entire e-mail.
The handling of message/rfc822 parts is problematic for MIMEDefang up
to 2.8. Consider something like this:
--sep1
Content-Type: message/rfc822; name="bad.exe"
From: <me at here.com>
To: <you at there.com>
MIME-Version: 1.0
Subject: Test
Content-Type: multipart/mixed; boundary="sep2"
This is a MIME message
--sep2
Content-Type: text/plain; name="good.txt"
Hello
--sep2--
--sep1--
The message/rfc822 headers conflict with the headers of the contained
message. So I have added a NEW function that you put in your filter
called "filter_multipart".
The flow now goes like this:
For each LEAF part of the mail message, "filter" is called with four
arguments: entity, a MIME::Entity object; fname, the suggested
filename taken from the MIME Content-Disposition header; ext, the file
extension, and type, the MIME Content-Type value.
For each NON-LEAF part of the mail message, "filter_multipart" is called
with the same four arguments as filter. A non-leaf part of a message
is a part which contains nested parts. Such a part has no useful
body, but you should still perform filename checks to check for
viruses which use malformed MIME to masquerade as non-leaf parts (like
message/rfc822). In general, any action you perform in
filter_multipart applies to the part itself and any contained parts.
For the example above, filter_multipart would be called with a name
of "bad.exe", and then filter would be called with a name of "good.txt"
See mimedefang-filter(5) for more details. Also, please read
the examples/suggested-minimum-filter-for-windows-clients.
Finally, the 2.9-BETA-1 tar file contains a patch against pristine
MIME-Tools-5.411a which does NOT break any regression tests.
I apologize for the many quick changes. I promise to slow down
and think more carefully in the future. :-)
Regards,
David.
More information about the MIMEDefang
mailing list