David,
You are going to need to use the B flag since the Mime fields we want to check
are embedded in the body of the messages and therefore you can't use formail
to truncate them. We can either run the message through sed or nawk or perl
or dump these messages into a holding bin.
This will possible stop the particular buffer overrun but it would still be
possible to overrun other mime fields. I think that the best way to fix this
is to check the header to see if it is a mime message and then run the message
through a true mime interpreter that would truncate any huge field values.
geoff