[Mimedefang] Invalid "mimedefang.pl -structure" output and virus scanning behaviour
Les Mikesell
les at futuresource.com
Mon Mar 1 16:04:31 EST 2004
On Mon, 2004-03-01 at 13:42, David F. Skoll wrote:
> Good idea. But still, the problem remains: No matter what we do,
> there will be some weirdly-malformed MIME that will be innocuous to our
> scanners and hazardous to some set of MUAs.
>
Since the typical reason for running MimeDefang is to protect the
MUA's, the safe approach would seem to be to always split with
your best-guess about the malformed MIME, then reassemble the
parts with correct MIME headers for the way you guessed. I'd have
no qualms about stomping on digital signatures coming from a
source that supplied bad headers.
Reconsider your calculator analogy with a scenario where you
accept and pass through input from other devices. You expect
only numbers but in practice you find that some people type
the letter 'l' instead of the number '1'. Is it better to
ignore the input or let a stock atoi() parser accept it as '0',
teach all your logic to understand that 'l' is a synonym for
'1', or canonicalize it into the legal input so you and the
next handler will treat it the same? I'd have to say the latter.
---
Les Mikesell
les at futuresource.com
More information about the MIMEDefang
mailing list