On Thu, 30 Jul 1998 02:36:46 -0400, Walter Dnes
<waltdnes(_at_)interlog(_dot_)com> wrote:
David W. Tamkin wrote:
* ^Content-Disposition:(.*\>)?filename="\/[^"]+
* 1^1 MATCH ?? .
* -63^0
dangerbox
Devil's advocate questions...
1) If there are several short headers, are their lengths
summed up to beat 63?
2) Even worse; if a short header and a long header both
exist, which one will procmail match? First, second,
or longest
No; this will only look at the first matching occurrence of
Content-Disposition.*etc and not see the others.
:0BH
* ^Content-Disposition:(.*\>)?filename=\
.................................................................."
{
:0f
| formail -A "X-Reject: File attachment name greater than 63
characters"
:0
junkmail
}
The obvious problem (the lack of a leading double quote was apparently
intentional, but you should probably be checking whether any of the
intermediate matched characters is a double-quote [properly done, I
believe this should disregard backslash-escaped double-quotes, too])
is that this will look at anything that looks more or less like a
Content-Disposition header, even when it's not in the MIME header of a
MIME body part and thus completely harmless. This should really really
be done with a real MIME tool.
Those of you who counted 66 dots, please note that I'm
allowing for quotes around the filename. Now what about
about Unix/NT/Win95 in terms of filename lengths? The 32-bit
Windows variants should be able to go 255 characters, and
unixes (there are Netscape/unix versions) will probably vary.
I believe that the problem isn't really that the filename is over the
allowed length for some platform (Macintoshes allow something like 27
characters if memory serves) but a bug in how some particular email
clients allocate memory for the file name string (but I am really only
speculating here).
/* era */
--
Paparazzi of the Net: No matter what you do to protect your privacy,
they'll hunt you down and spam you. <http://www.iki.fi/~era/spam/>