Outlook Rich Text Format messages - how to let through?

Rick Cooper rcooper at dwford.com
Wed Feb 8 20:00:54 GMT 2006



> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info]On Behalf Of Stephen
> Swaney
> Sent: Wednesday, February 08, 2006 12:21 PM
> To: 'MailScanner discussion'
> Subject: RE: Outlook Rich Text Format messages - how to let through?
>
>
>
[..]
>
> http://ytnef.sourceforge.net/
>
> I quote from the Sourceforge page:
>
> "ytnef is a program to decode TNEF streams (winmail.dat). Unlike other
> similar programs, it can also decode meeting requests and create VCal
> entries for easy import. It can also create vCard entries from
> contact cards
> and vTodo entries from task entries. It also has a Perl script that can be
> used in procmail recipes to automatically reformat incoming mail
> appropriately."
>
> It might be possible rework this code to plug into MailScanner as
> a "Generic
> Virus Scanner".
>
> Steve
>

I looked at this and I don't think it would work as a generic virus scanner
(would be called at the wrong time), but it doesn't look like it would be
too difficult to incorporate into MailScanner. However, the ytnefprocess.pl
has a couple of short commings I can see:
	1. It uses a lot of backticks, they could be replaced by internal perl in
most cases, except the external call to
	   /usr/bin/ytnef. That could be handled by SafePipe easily.
	2. It takes it's input from STDIN and outputs to STDOUT. That could be
changed to file I/O easy enough

Since it would have to be called before the tnef handling it would have to
be called at the top of the explode function so the new attachments could be
extracted and scanned (I assume, Julian?). I would think this would be
better made a function and perhaps it could be used like the unrar where a
check for /usr/bin/ytnef is made and it's used if there and the calling
block is ignored if it's not there. The tests I did seemed to be fast and
created regular attachments from the tnef junk so I am thinking of patching
it in for my own installs but I am wondering what Julian thinks as far as
main-streaming it?

I attached a copy of the perl script I used in testing

Rick

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: ytnefprocess.pl
Type: application/octet-stream
Size: 2295 bytes
Desc: not available
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20060208/708f5318/ytnefprocess.obj


More information about the MailScanner mailing list