procmail
[Top] [All Lists]

Re: MIME attachment killer won't work

2000-01-11 00:19:31
On Mon, 10 Jan 2000 20:18:16 -0500, Jon Walthour <jonw(_at_)one(_dot_)net> 
wrote:
I'm sorry if this question has been asked a million times, but I'm
new to this list and really need an answer. Like I'm sure many
other Unix mail users, I'm constantly getting these WINMAIL.DAT
email attachment from Microsoft Mail users. I'm trying to get
procmail to simply cut them out. According to Jari Aalto's website,
it's possible with his recipes--especially pm-jamime-kill.rc.

If it's a WINMAIL.DAT file, my guess would be that it's not a MIME
attachment at all. Microsoft has changed this a few times and I've not
really been paying attention, but my picture of the Criminal History
of the Redmond Juggernaut goes something like this:

  1995  "tnef" data in an uuencoded WINMAIL.DAT "attachment"
  1996  "tnef" data as application/octet-stream MIME attachment
  1997  "tnef" data as application/ms-tnef (or whatever) MIME attachment

The years are probably wrong, but roughly correspond to different
releases of -- in this respect -- increasingly less broken (but my
ghod, are they still broken) versions of M$ Mail and Outkook and
Outkook Pro or whatever the even more broken version is called.

A MIME attachment, which is what Jari's module can handle (as far as I
know) looks roughly like this:

    --0123456789stringofgibberish
    Content-Type: application/x-ms-brokenness
    Content-Transfer-Encoding: base64

    ZXZlbiBtb3JlIGdpYmJlcmlzaCwgdG8gYm9vdA== ...

whereas a uuencode "attachment" is just smack dab somewhere in the
middle of the rest of the message, althought the WINMAIL.DAT thing
will always be at the end, but still not structurally in its own MIME
part.

    begin 600 WINMAIL.DAT
    ?06YO=&AE<B!T>7!E(&]F(&=I8F)E<FES:"!H97)E"@`` ...

As you can see, the character sets used in the different encodings are
slightly different, too.

Anyway, if this diagnosis looks like it's a move in the right
direction, try this recipe:

    :0BD fwb
    * ^begin 600 WINMAIL\.DAT$
    | sed -e '/^begin 600 WINMAIL\.DAT$/,/^end$/d'

Perhaps you also want to add some sort of logging which details what
happened to this wonderful "tnef" data and who did it.

(For what it's worth, I believe it's some sort of overlay which lets
you render the text in richtext format -- fonts, sizes, etc -- if you
can decode the gibberish. I have a hunch it doesn't have decent
documentation, though, and of course, it's still annoying if you don't
have a client which can use this information, or oppose the tendency
to send all sorts of fluff instead of plaintext mail messages the way
ghod intended.)

Incidentally, you may also want to look for old messages about this in
at <http://www.rosat.mpe-garching.mpg.de/mailing-lists/procmail/>
which is Achim Bohnet's searchable archive of this list.

(Actually, a quick search for winmail.dat didn't turn up anything for
killing uuencoded attachments, only base64 MIME attachments.)

Hope this helps,

/* era */

-- 
 Too much to say to fit into this .signature anyway: <http://www.iki.fi/era/>
  Fight spam in Europe: <http://www.euro.cauce.org/> * Sign the EU petition