On June 1, 2005 at 17:48, East Coast Coder wrote:
Has anyone found a good solution for attachments & security?
Exclude them all :)
Limit the types of attachments you allow. What you limit depends
on the types of lists you plan to archive. Normally, you can be
very restrictive without limiting the usability of the archives.
Will restrict most nasty things, but allow images (the most
common attachment). Attachments like zip files will also be
excluded since they fit under the application media-type.
It is common for some MUAs (and you can guess which ones) to mislabel
the content-type of an attachment. For example, an image is labeled
as application/octet-stream. Personally, you can just ignore such
problems since users should be using a well-behaved MUA. Why should
you compromise your security due to bugs in other people software?
The m2h_external::filter has some options that may make things
more secure for you if you do not want to deny to much. For example:
Any attachment with a filename (as specified in the message itself)
that has any of the above extensions will not be written. You can
add more extensions to suit your tastes.
If you use the ATTACHMENTDIR and ATTACHMENTURL resources, you can
further control the handling of attachments via server configuration.
In general, attachments are not much of a major problem. MHonArc,
by default, uses random filenames and will not use filenames that
may conflict with HTTP server configuration. If a reader notifies
you of a questionable file, you can always delete it.
The more immediate security threat is HTML messages since attacks
through them require no user interaction. See the Security section
of the FAQ for more information.