Outlook Rich Text Format messages - how to let through?

Randall Hand randall.hand at gmail.com
Wed Feb 8 20:32:49 GMT 2006



Rick Cooper <rcooper <at> dwford.com> writes:

> 
> 
> > -----Original Message-----
> > 
> I looked at this and I don't think it would work as a generic virus scanner
> (would be called at the wrong time), but it doesn't look like it would be
> too difficult to incorporate into MailScanner. However, the ytnefprocess.pl
> has a couple of short commings I can see:
> 	1. It uses a lot of backticks, they could be replaced by internal perl in
> most cases, except the external call to
> 	   /usr/bin/ytnef. That could be handled by SafePipe easily.
> 	2. It takes it's input from STDIN and outputs to STDOUT. That could be
> changed to file I/O easy enough
> 
> Since it would have to be called before the tnef handling it would have to
> be called at the top of the explode function so the new attachments could be
> extracted and scanned (I assume, Julian?). I would think this would be
> better made a function and perhaps it could be used like the unrar where a
> check for /usr/bin/ytnef is made and it's used if there and the calling
> block is ignored if it's not there. The tests I did seemed to be fast and
> created regular attachments from the tnef junk so I am thinking of patching
> it in for my own installs but I am wondering what Julian thinks as far as
> main-streaming it?
> 
> I attached a copy of the perl script I used in testing
> 
>

Just saw this pop up on my BlogLines search feed, I'm the developer of ytnef.

A friend of mine, Viraj Alankar (www.viraj.org) helped me develope yTnef and is
an avid fan of Communigate.  If you check his website, towards the bottom you'll
see a set of scripts he put together to use ytnef & Clam antivirus with
Communigate.  You might find those a better starting point that the meager
ytnef_process.pl .

I'm not a perl guru, I'll freely admin that, so the ytnef_process.pl is really
not much more than a "proof of concept".  I've been meaning to revisit the code
for ytnef for a while, & make it a little more "library friendly".  Would any of
you be willing to lend some expertise?



More information about the MailScanner mailing list