procmail
[Top] [All Lists]

Re: simple mime security filter

1998-08-12 11:32:36
here's my latest version.  of course, now it is starting to be complex.
it only changes lines that are long, rather than changing all lines.  this
is going on the assumption that in order to inject runnable code is going
to involve a fairly long string.  just crashing the reader isn't as big a
deal to these folks.  and again, this is just a temporary measure until
netscape releases a fix.

/etc/procmailrc:
DROPPRIVS=yes

:0fw
* HB ?? 9876543210^0
^Content-[^:]*:................................................................................
* B ?? 9876543210^0 ^Content-[^:]*:.*$[         ]
| /usr/bin/perl /etc/mail/mime.pl

/etc/mail/mime.pl:
while ($line = <>) {
        leftover:
        if ($line =~ /^Content-[^:]*:/) {
                while ($nextline = <>) {
                        if ($nextline =~ /^[ \t]/) {
                                $line .= $nextline;
                                $nextline = "";
                        } else {
                                last;
                        }
                }
                if (length($line) > 128) {
                        $line = "X-" . $line;
                }
        }
        print $line;
        if ($nextline ne "") {
                $line = $nextline;
                $nextline = "";
                goto leftover;
        }
}



<Prev in Thread] Current Thread [Next in Thread>