[Esd-l] Stripping Attachments?

John D. Hardin jhardin at impsec.org
Sun Jan 13 15:16:01 PST 2002

On Sun, 13 Jan 2002, Paul Thomas wrote:

> On Sun, 13 Jan 2002, John D. Hardin wrote:
> > NB: .eml is hazardous, as it's typically base64 encoded and thus not
> > (yet) subject to defanging or attachment rules. Also note that .rtf
> What do you mean 'attachment rules', it's at least 'mangled'?

Oh, If you're mangling EML you're probably okay then.

Sorry, I wasn't clear. If the EML attachmetn itself has any
attachments, they won't be sanitized.

> How does the sanitizer handle .rtf other than mangling?

If it's actually .DOC format, it scans for macroe if you have macro
scanning enabled.

 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin at impsec.org                       pgpk -a jhardin at wolfenet.com
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
  Monty Python's Star Trek Voyager:
  A successful trans-warp experiment turns Paris and Janeway into
  newts, but they get better.
  ...wait a minute... It's already been done...
   6 days until Babylon 5: the Legend of the Rangers

More information about the esd-l mailing list