[Esa-l] Deny ALL HTML
paul at cuenet.com
Sat Apr 21 18:32:19 PDT 2001
On Sun, 22 Apr 2001, Jason Jordan wrote:
> Ok, call me paranoid - but I've had enough.
> I can't see any reason to put myself and my team at risk so I've
> discussed with them the option of simply bouncing all email containing
> HTML of any description.
> We don't want to strip it - we just don't wish to accept it - and we'd
> like to notify the sender that we have refused the email - and why.
> There is too much risk with all the active content these days. I'm not
> prepared to allow for anything we may accidently let slip through.
> I want plain text!
> Any ideas on how to do this?
> I think procmail is the answer but am I reinventing the wheel? Is this
> something John's procmail script can do?
Yes, procmail may be your answer. You could try or start with something
* ^Content-Type: text/html; charset="iso-8859-1"
| cat $HOME/reject-message.txt) | $SENDMAIL -oi -t
"Yesterday's the past and tomorrow's the future. Today is a gift - which
is why they call it the present."
More information about the esd-l