[Mimedefang] Who/what considers .eml attachments as harmful/suspect?

Jason Gurtz jason at jasongurtz.com
Tue Nov 6 21:34:19 EST 2007

On 11/6/2007 19:46, Philip Prindeville wrote:
> What about MSOE?  What do they finally do?

It names the attachment with a .eml extension.  Here are some sample
headers created by OE 6.00.2900.2180 when forwarding a message as an
attachment.  I'm not sure if MIMEDefang sanitizes the headers on the way
through, but this is what landed:

----------Headers Start----------
Subject: Testing eml
Date: Tue, 6 Nov 2007 20:54:17 -0500
MIME-Version: 1.0
Content-Type: multipart/mixed;
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-UIDL: onK!!=cn!!US)#!MbO"!
Status: RO

This is a multi-part message in MIME format.

Content-Type: text/plain;
Content-Transfer-Encoding: 7bit

Testing crap mailer hehe
Content-Type: message/rfc822;
	name="Re_ [Eclug] screen rotating without xrandr.eml"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename="Re_ [Eclug] screen rotating without xrandr.eml"

Return-Path: <eclug-bounces at lists.eclug.net>
----------Headers End----------

Lookout 2007 doing native MAPI/Whatever through Expunge 2003 is a little
more broken.  It also names the attachment with a .eml, but unhelpfully
has some semi-random name.  By default the attachment is uuencoded.  The
best one can do is force MIME outgoing on the server, but then that is
base64 encoded...just can't win.  Warning bells going off in my MIMEDefang.



More information about the MIMEDefang mailing list