procmail
[Top] [All Lists]

Re: More quoting issues affecting MIME header exploits

1998-08-02 11:54:52
I wrote to John Hardin,

| > If you're doing it within procmail, procmail considers continuation lines
| > in headers as if the embedded newline were a space, and it will match .
| > in a regexp condition.

John replied.

| ...yes, but: in a MIME attachment header, which appears in the RFC-822
| message *body*?

Oops.  You're absolutely right.  I forgot that we were looking at the body.
So one has to match on (.|^[    ]) instead of just . as in a header.

Sorry for missing that.

Too dang bad these multi-part chimeras can't be split into components with
some variation on formail -s so that they can then be processed as individual
messages, and each part's inner header lines will look like a header.

| I'm running procmail-3.10-10 - perhaps a newer release does indeed unwrap
| MIME attachment headers within the RFC822 body.

No, not yet.