Outlook Rich Text Format messages - how to let through?

Rick Cooper rcooper at dwford.com
Wed Feb 8 20:52:18 GMT 2006

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info]On Behalf Of Randall
> Hand
> Sent: Wednesday, February 08, 2006 3:33 PM
> To: mailscanner at lists.mailscanner.info
> Subject: Re: Outlook Rich Text Format messages - how to let through?
> Rick Cooper <rcooper <at> dwford.com> writes:
> >
> >
> > > -----Original Message-----
> > >
> > I looked at this and I don't think it would work as a generic
> virus scanner
> > (would be called at the wrong time), but it doesn't look like
> it would be
> > too difficult to incorporate into MailScanner. However, the
> ytnefprocess.pl
> > has a couple of short commings I can see:
> > 	1. It uses a lot of backticks, they could be replaced by
> internal perl in
> > most cases, except the external call to
> > 	   /usr/bin/ytnef. That could be handled by SafePipe easily.
> > 	2. It takes it's input from STDIN and outputs to STDOUT.
> That could be
> > changed to file I/O easy enough
> >
> > Since it would have to be called before the tnef handling it
> would have to
> > be called at the top of the explode function so the new
> attachments could be
> > extracted and scanned (I assume, Julian?). I would think this would be
> > better made a function and perhaps it could be used like the
> unrar where a
> > check for /usr/bin/ytnef is made and it's used if there and the calling
> > block is ignored if it's not there. The tests I did seemed to
> be fast and
> > created regular attachments from the tnef junk so I am thinking
> of patching
> > it in for my own installs but I am wondering what Julian thinks
> as far as
> > main-streaming it?
> >
> > I attached a copy of the perl script I used in testing
> >
> >
> Just saw this pop up on my BlogLines search feed, I'm the
> developer of ytnef.
> A friend of mine, Viraj Alankar (www.viraj.org) helped me
> develope yTnef and is
> an avid fan of Communigate.  If you check his website, towards
> the bottom you'll
> see a set of scripts he put together to use ytnef & Clam antivirus with
> Communigate.  You might find those a better starting point that the meager
> ytnef_process.pl .
> I'm not a perl guru, I'll freely admin that, so the
> ytnef_process.pl is really
> not much more than a "proof of concept".  I've been meaning to
> revisit the code
> for ytnef for a while, & make it a little more "library
> friendly".  Would any of
> you be willing to lend some expertise?

It looked like something put together to demonstrate it's purpose but it
certainly provides a basic framework. I would be happy to give you anything
I can, but while I will code it perl it's not my favorite either. Have to
look at the perl/C frame work used in things like Mail::ClamAV as that uses
the clamav libs and the perl c glue IIRCC.

Thanks for noticing the thread!


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list