On Tue, 11 Aug 1998 09:36:18 -0700 (PDT), Joe Pruett <joey(_at_)q7(_dot_)com>
wrote:
i looked at various versions of solutions to this problem and found them
all too complicated. so i wrote the following /etc/procmailrc file. the
basic theory is to just rewrite the mime headers to be disabled whenever
something fishy comes through. i defined fishy to be 80 chars or more in
any mime header or any wrapped mime header in the body of the message (to
avoid trying to figure out the length of a wrapped line). am i missing
any other cases that people have seen?
What you're doing is dangerous, IMHO. It can and will wreak havoc on
quite legitimate MIME messages.
DROPPRIVS=yes
:0fw
* HB ?? 9876543210^0
^Content-[^:]*:................................................................................
* B ?? 9876543210^0 ^Content-[^:]*:[ ]*\/.*(^[ ].*)+
| /bin/sed 's/^Content-/X-Content-/'
In the absence of Content-Xxx but in the presence of Mime-Version: 1.0,
the MIME spec says the contents are unambiguously 7-bit us-ascii. This
might not be on par with reality.
Content-Description can and will reasonably contain longish strings
without being a threat of any sort (to any reasonable MIME client).
I'm not sure I get the matching against the body. Why do you grab
stuff into MATCH, and shouldn't the first character after \/ be a
non-blank? Perhaps the intent was really to have the same sort of
condition as on the first line? (And, aren't you risking grabbing
something bigger than LINEBUF, in which case you can get Procmail to
crash if and when you use $MATCH?)
If you do decide to go with this, perhaps the sed clause should be a
bit more restricted, so as not to gratuitously change stuff like
Content-based filtering is not problem-free <-- at the beginning of a line
Personally, I liked the earlier solutions better. If there is a
problem, fix it, otherwise don't muck with people's mail. (A real
MIME-capable filter program is probably the best thing to use, but
Procmail is a good vehicle for determining when it's needed.)
/* era */
--
Bot Bait: It shouldn't even matter whether (`') Just (`') http://www.iki
I am a resident of the State of Washington \/ Married! \/ .fi/~era/