MIME::Tools Perl module and virus scanners

Nick Phillips nwp at LEMON-COMPUTING.COM
Tue Jun 4 04:03:12 IST 2002

On Mon, Jun 03, 2002 at 09:18:02PM -0500, Mike Kercher wrote:
> Anyone see this one Bugtraq?  Does this apply to Mailscanner?

We've had a bit of a discussion about this before; essentially there is no
way to be sure that you are decoding everything that *any* MUA will decode
in a similar way to that in which they will decode them. You basically have
a few options:

1) Reject anything that appears to have attachments of any kind;
2) Decode and scan as much as you are able to and accept that some MUAs
may decode things that you do not - try to fix your system to catch these
when you find them;
3) Reject anything that appears to violate the standards for MIME in
any way whatsoever, aggressively reporting bugs against agents that
create it.

Currently we do 2). ISTR it is, or would be, fairly simple to do something
more like 3), although this would likely annoy a whole lot of people.

Some people like to do 1). I'm not sure how easy it is to do that with
mailscanner at the moment.

Has anyone out there tried the patched MIME tools?



Nick Phillips -- nwp at lemon-computing.com
Let me put it this way: today is going to be a learning experience.

More information about the MailScanner mailing list