probably what you want is something like:
- filter out every body part which isn't text/plain, message/rfc822,
image/*, a signature (there are several types), or a multipart/*
(filters apply recursively to components of message/rfc822 and
multipart/*)
- if the resulting filter removes every component of a multipart or
a message/rfc822, also filter the enclosing multipart or message/rfc822.
- if this results in the entire message getting filtered, bounce the message
- otherwise, if any of the filtered contents appear to be critical
(for instance they are marked with content-disposition: inline),
bounce the message.
- otherwise, forward the message with the filtered contents removed
it's not exactly a SMOP.
You probably don't actually advocate such an approach, but simply
point out how ridiculously and unmanageably complex it would be.
Actually, I was advocating such an approach, and I had been designing
a mail filter for my own lists. That doesn't mean that I considered
it either fully specified or ideal in its current form.
For better or worse, MIME wasn't designed to facilitate the easy
filtering of messages that aren't appropriate on mailing lists.
The ``if any of the filtered contents *appear* to be
critical'' (emphasis mine) part is especially flaky.
It was intended to look flaky - Obviously it's lacking a good definition
for what is critical. That was part of the point - it's hard to define
such things.
it might be sufficient to just bounce all mail with objectionable
content. I even like that idea better, if we can make it stick,
because it encourages people to get their broken mailers fixed.
Is the same IETF that would scream when faced with an idea to fix
IP packets so that they carry what the sender has *actually meant*
since when does the network (or any intermediary) know what IP packets
"actually mean"?
Keith