[Esd-l] Stripping Attachments?
paul at cuenet.com
Sun Jan 13 15:49:01 PST 2002
On Sun, 13 Jan 2002, John D. Hardin wrote:
> On Sun, 13 Jan 2002, Paul Thomas wrote:
> > On Sun, 13 Jan 2002, John D. Hardin wrote:
> > > NB: .eml is hazardous, as it's typically base64 encoded and thus not
> > > (yet) subject to defanging or attachment rules. Also note that .rtf
> > What do you mean 'attachment rules', it's at least 'mangled'?
> Oh, If you're mangling EML you're probably okay then.
So then to strip alot of file extentions, but allow eml files and
have them mangled, I should exclude .eml from /etc/procmail/stripped
rather than from MANGLE_EXTENSIONS?
> Sorry, I wasn't clear. If the EML attachmetn itself has any
> attachments, they won't be sanitized.
Even if the .eml is mangled?
> > How does the sanitizer handle .rtf other than mangling?
> If it's actually .DOC format, it scans for macroe if you have macro
> scanning enabled.
I guess my above mangling question applies here also. But, are you
saying if a .rtf file comes along, the Sanitizer checks to see if
it is really a .DOC format then does the macro scan (if enabled)
but if it fails to be a .DOC, goes ahead and mangles according to
the MANGLE_EXTENSIONS list?
"Yesterday's the past and tomorrow's the future. Today is a gift - which
is why they call it the present."
More information about the esd-l