[Mimedefang] Interesting anti-HTML filter side-effect
David F. Skoll
dfs at roaringpenguin.com
Sat Sep 20 23:16:04 EDT 2003
On Sat, 20 Sep 2003, G. Roderick Singleton wrote:
> Care to post the rules? I for one am struggling to find a solution in a
> hurry.
The filter looks something like this (edited to protect the innocent/guilty).
Not all functions are included; you'll have to figure out how to implement
the missing stuff. This (very complicated) filter_begin function sets
$HTMLOK to 1 if we'll accept HTML, or 0 otherwise. Later on, in filter,
if we find a text/html part and $HTMLOK is 0, we bounce the message.
Note: Believe it or not, this is a *simplified* version of the actual
filter. :-)
Regards,
David.
sub filter_begin {
$ToRoaringPenguin = 0; # Is it to someone @roaringpenguin.com?
$ToMDList = 0; # Is it to the MIMEDefang list?
$ToCanitAnnounce = 0; # Is it to the CanIt-Announce list?
$ToAFS = 0; # Is it for my sister's domain?
# I never *send* mail as postmaster. Therefore, postmaster should
# never *receive* bounce messages.
if ($Sender eq "<>") {
foreach $recip (@Recipients) {
if ($recip =~ /^<?postmaster\@/i) {
action_bounce("Mail from <> not accepted to $recip");
return;
}
}
}
foreach $recip (@Recipients) {
# to_rp() returns true if arg is to a roaringpenguin.com address
if (to_rp($recip)) {
$ToRoaringPenguin = 1;
}
if ($recip =~ /artandframingsolutions/i) {
# For my sister
$ToAFS = 1;
}
if ($recip =~ /mimedefang\@lists\.roaringpenguin\.com/i or
$recip =~ /canit\@lists\.roaringpenguin\.com/i) {
# For the MIMEDefang or CanIt mailing list
$ToMDList = 1;
}
if ($recip =~ /canit-announce\@lists\.roaringpenguin\.com/i) {
# For the CanIt-Announce mailing list
$ToCanitAnnounce = 1;
}
}
# Only David can post to CanIt-Announce, and he has to do it from
# a specific machine.
if ($ToCanitAnnounce) {
if ($Sender ne '<dfs at roaringpenguin.com>' or
$RelayAddr ne "xxx.yyy.zzz.aaa") {
action_bounce("Not allowed to post to canit-announce");
return;
}
}
# Certain senders are permitted to send HTML, no matter what.
if ($Sender eq '<xxxxxx1 at dfsdfsd.com.sg>' || $Sender =~ /list1/ || $Sender =~ /xxlist2/ || $Sender =~ /xlist3/ || $Sender =~ /xlist4/ || $Sender =~ /\@xlist5xx/) {
$HTMLOK = 1;
} else {
$HTMLOK = 0;
}
$OnlyToMySister = 1;
foreach $recip (@Recipients) {
if ($recip =~ /^<?.*\@artandframingsolutions\.com>?$/) {
next;
}
$OnlyToMySister = 0;
last;
}
# Accept HTML if we appear in the To: field
if (open(HDRS, "<./HEADERS")) {
while(<HDRS>) {
if (/^To:.*\@.*roaringpenguin\.com/i) {
$HTMLOK = 1;
}
if (/^Cc:.*\@.*roaringpenguin\.com/i) {
$HTMLOK = 1;
}
if (/^To:.*\@.*canit\.ca/i) {
$HTMLOK = 1;
}
if (/^Cc:.*\@.*canit\.ca/i) {
$HTMLOK = 1;
}
if (/^To:.*\@artandframingsolutions\.com/i) {
$HTMLOK = 1;
}
if (/^Cc:.*\@artandframingsolutions\.com/i) {
$HTMLOK = 1;
}
}
close(HDRS);
}
if ($OnlyToMySister) {
$HTMLOK = 1;
}
}
More information about the MIMEDefang
mailing list