At 22:31 2001-11-30 +0000, John Conover wrote:
Unfortunately, there is a problem with the way Microsoft Outlook
parses e-mail headers. For example, in BadTrans.B:
Correction: don't you mean, "unfortunatley, there's a problem with how MS
OutBreak (or at least the virus) _sends_ messages? Being more lenient with
interpreting something isn't inherently a problem -- failing to adhere to
the spec when writing it is quite another (and is something microsoft will
always be guilty of).
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="====_ABC1234567890DEF_===="
Why don't you use this to your advantage? If the malformed headers are
characteristic of only viral messages, you're good to go:
:0H
* ^type="mutipart/alternative";
flakey.mime.header
Otherwise, if you were interested in _fixing_ them (so that other tools and
rules could deal with the messages properly), you could detect and fix
messages with:
# save the value in another variable
savemetas=$SHELLMETAS
# disconnected variable name unsets it
SHELLMETAS
:0Hhf
* ^Content-Type:
* ^(type|boundary)=
|sed -e 's/^\(type\|boundary\)\(="\)/ \1\2/'
# restore original value and clear the save copy
SHELLMETAS=$savemetas
savemetas
(one could of course copy the SHELLMETAS near the top of your procmailrc,
then it'd be a matter of disabling them and reseting them around individual
rules which might contain metas) The SHELLMETAs stuff is entirely optional
here - it merely makes the invocation of sed less costly by removing a
shell which would otherwise be wrapped around it.
THEN, following rules and tools would interpret it properly.
BTW, NAI WebShield SMTP for NT parses the BadTrans.B headers,
correctly, and determines that the message is not a MIME message,
allowing it, incorrectly, to pass.
My heart bleeds for the NT users. They're better off setting up a *nix box
and routing email through there seeing as NT mail solutions are some
combination of overpriced, non-compliant, and lacking in features.
But that's just my opinion.
- Sean ( crawling back under my rock ) Straw
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail