[Mimedefang] Erroneous bad-filename detection in mimedefang-filter
James Ralston
qralston+ml.mimedefang at andrew.cmu.edu
Tue Sep 30 02:13:08 EDT 2003
On 2003-09-15 at 09:12:46-0500 Michael Sims <michaels at crye-leike.com> wrote:
> I just tested this myself by forwarding some emails from Outlook to
> myself (one of which contained the string "test.com"). I think I
> see why this hasn't come up very often before. In Outlook, the
> message/rfc822 attachment is unnamed. It looks like Mozilla's mail
> client gives the attachment the same name as the Subject header. In
> your example:
>
> -----
> Content-Type: message/rfc822;
> name="Rejected sshd network connection from host server2.gimnet.com
> (212.131.211.131)"
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline;
> filename="Rejected sshd network connection from host
> server2.gimnet.com (212.131.211.131)"
> -----
It's not just Mozilla; I know of other mail clients that set the
filename of a message/rfc822 part to the Subject of the message that
the message/rfc822 part contains.
IMHO, I don't see any reason to test the filename in
filter_multipart(). If you test and reject bogus filenames, the vast
majority of the time, all you're going to do is reject perfectly valid
mail. (And it'll frustrate the hell out of your users, because
figuring out why the message was rejected isn't trivial.)
--
James Ralston, Information Technology
Software Engineering Institute
Carnegie Mellon University, Pittsburgh, PA, USA
More information about the MIMEDefang
mailing list