[Esa-l] Doing mail filtering in Sendmail itself

Bjarni R. Einarsson bre at klaki.net
Tue May 1 10:23:54 PDT 2001

On 2001-05-01, 11:30:59 (-0500), Mark A. Hershberger wrote:
> I recall that someone here (who, I don't recall) was working on a
> MIME::Stream module for Perl -- it seems like that would fit in
> nicely.

Me, works fine. :) I used it to reimplement most of John's checks and
some new ones of my own in a new email sanitizer which has quite a
few advantages (IMHO) over John's current solution.  If you're
interested, find it here: http://mailtools.anomy.net/

> Has anyone thought of this already and rejected it?

Has the following drawbacks from my POV:

1. Sendmail specific - I prefer to write stuff that will work with
   Qmail, Postfix and whatever else as well.

2. By definition a security scanner will need to scan the entire
   message - letting some other process (e.g. sendmail) take care of
   interpreting headers/MIME stuff/etc. means you will miss some
   potential bugs/attacks.  If you are going to be scanning the
   entire message anyway, then the power Milter provides may not help
   after all.

Caveat:  I haven't examined the Milter stuff, due to reason #1, so my 
remarks in #2 may be a little off.

Bjarni R. Einarsson                           PGP: 02764305, B7A3AB89
 bre at klaki.net                -><-              http://bre.klaki.net/

Check out my open-source email sanitizer: http://mailtools.anomy.net/

More information about the esd-l mailing list