[Mimedefang] Re: Problem on attachment name
Kees Theunissen
theuniss at rijnh.nl
Sat Jan 13 15:04:51 EST 2007
On Sat, 13 Jan 2007, Ing. Andrea Vettori wrote:
> I've searched the rfcs.
>
I didn't. I'll base my conclusions on the information that
you supplied.
> From rfc2183 :
>
> disposition := "Content-Disposition" ":"
Rest of your rfc2183 quote snipped. The definition of the
"Content-Disposition" header is not relevant in this case.
Your problem was an unquoted name value in the "Content-Type"
header.
> and from rfc2045 :
>
> content := "Content-Type" ":" type "/" subtype
> *(";" parameter)
> ; Matching of media type and subtype
> ; is ALWAYS case-insensitive.
[ ... ]
> parameter := attribute "=" value
>
> attribute := token
> ; Matching of attributes
> ; is ALWAYS case-insensitive.
>
> value := token / quoted-string
>
> token := 1*<any (US-ASCII) CHAR except SPACE, CTLs,
> or tspecials>
>
> tspecials := "(" / ")" / "<" / ">" / "@" /
> "," / ";" / ":" / "\" / <">
> "/" / "[" / "]" / "?" / "="
> ; Must be in quoted-string,
> ; to use within parameter values
>
>
> So it seems to me that unless the file name contains tspecials,
> it's legal to have the filename as a quoted string on the name
> parameter of Content-Type and unquoted string on filename parameter
> of Content-Disposition.
Your problem was _not_ an unquoted string in the filename parameter
of the Content-Disposition header, but an unquoted string in the name
parameter of the Content-Type header.
Below is the relevant part of your first message.
--Apple-Mail-25--1005158849
Content-Transfer-Encoding: base64
Content-Type: application/zip;
x-unix-mode=0644;
name=PULSANTI E FRECCE ACCESE.zip
Content-Disposition: attachment;
filename="PULSANTI E FRECCE ACCESE.zip"
According to rfc2045 must the value of the "name" parameter be
a token or a quoted-string. And a token cannot contain SPACE, CTLs
or tspecials.
So the only possible conclusion is that this unquoted string with
spaces is _not_ valid.
> So I think it's a mimedefang/MIME handling bug that when unquoted
> string are used on Content-Disposition filename parameter they are
> truncated...
I don't think it's a bug to reject an invalid message.
And I'm not convinced that the handling of the mime-parts by
MimeDefang is causing the trouble. It can also be the virusscanner
when scanning the whole message.
>
> Who should I contact to solve this bug ?
Did you try to contact the sender of the invalid message?
Regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rijnhuizen, Nieuwegein, Netherlands
E-mail: theuniss at rijnh.nl, Tel: (+31|0)306096724, Fax: (+31|0)306031204
More information about the MIMEDefang
mailing list