On Tuesday 04 February 2003 00:13, Jutta Degener wrote:
<snip :param>
But maybe this is overkill.
It isn't, but this is:
- RFC 2047 prohibits RFC 2047-encoding of filenames.
(They're not the right kind of token.)
In reality, many clients do RFC 2047-encode and -decode names,
and I think sieve code matching against file names in order
to prevent use of certain extensions needs to, ironically,
RFC 2047-decode the wrong tokens in spite of what the RFC itself
says.
<snip>
They should decode rfc2231, of course, but leave rfc2047 alone in
parameters. The only client I am aware of that is so broken to produce
rfc2047 in parameter values is - guess what - Outlook (I think mutt had
this bug in one or two minor revisions, too, but I don't know, so I
won't claim it).
As a general note, this mimeheader searching is of course failing for
encrypted content, so if you try to filter out .vbs (which, I suppose,
are VisualBasic scripts), you're better off hooking up a custom
solution (read: ADKs, bah!) into your Sieve engine's spamtest/virustest
framework.
Marc
--
History teaches that grave threats to liberty often come in times of
urgency, when constitutional rights seem too extravagant to endure.
-- Justice Thurgood Marshall, 1989
pgpu1emcG3gsz.pgp
Description: signature