[Mimedefang] exe gets past Mimedefang
David F. Skoll
dfs at roaringpenguin.com
Tue Sep 30 12:04:01 EDT 2003
On Tue, 30 Sep 2003, Joseph Brennan wrote:
> Imagine a university so decentralized that it's impossible to
> require people to use or not use any particular MUA.
I hear you. But imagine a poor software author trying to keep up
with 1001 ways to misinterpret MIME. :-(
Actually, MIMEDefang has a routine called action_rebuild() that forces
it to rebuild the MIME message, canonicalizing it, which should eliminate
the problem of bad MIME. However, action_rebuild() can introduce
problems of its own, and will slow down mail processing quite a bit.
> > (Didn't the file-content "MZ" trick work for you?)
> Whatever that one is slipped past me, David!
I thought you posted a routine that looked for MS executables by examining
the first few bytes of each attachment, regardless of filename. Maybe
someone else posted it.
Regards,
David.
More information about the MIMEDefang
mailing list