Outlook Rich Text Format messages - how to let through?

Rick Cooper rcooper at dwford.com
Wed Feb 8 20:52:18 GMT 2006



> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info]On Behalf Of Randall
> Hand
> Sent: Wednesday, February 08, 2006 3:33 PM
> To: mailscanner at lists.mailscanner.info
> Subject: Re: Outlook Rich Text Format messages - how to let through?
>
>
>
>
> Rick Cooper <rcooper <at> dwford.com> writes:
>
> >
> >
> > > -----Original Message-----
> > >
> > I looked at this and I don't think it would work as a generic
> virus scanner
> > (would be called at the wrong time), but it doesn't look like
> it would be
> > too difficult to incorporate into MailScanner. However, the
> ytnefprocess.pl
> > has a couple of short commings I can see:
> > 	1. It uses a lot of backticks, they could be replaced by
> internal perl in
> > most cases, except the external call to
> > 	   /usr/bin/ytnef. That could be handled by SafePipe easily.
> > 	2. It takes it's input from STDIN and outputs to STDOUT.
> That could be
> > changed to file I/O easy enough
> >
> > Since it would have to be called before the tnef handling it
> would have to
> > be called at the top of the explode function so the new
> attachments could be
> > extracted and scanned (I assume, Julian?). I would think this would be
> > better made a function and perhaps it could be used like the
> unrar where a
> > check for /usr/bin/ytnef is made and it's used if there and the calling
> > block is ignored if it's not there. The tests I did seemed to
> be fast and
> > created regular attachments from the tnef junk so I am thinking
> of patching
> > it in for my own installs but I am wondering what Julian thinks
> as far as
> > main-streaming it?
> >
> > I attached a copy of the perl script I used in testing
> >
> >
>
> Just saw this pop up on my BlogLines search feed, I'm the
> developer of ytnef.
>
> A friend of mine, Viraj Alankar (www.viraj.org) helped me
> develope yTnef and is
> an avid fan of Communigate.  If you check his website, towards
> the bottom you'll
> see a set of scripts he put together to use ytnef & Clam antivirus with
> Communigate.  You might find those a better starting point that the meager
> ytnef_process.pl .
>
> I'm not a perl guru, I'll freely admin that, so the
> ytnef_process.pl is really
> not much more than a "proof of concept".  I've been meaning to
> revisit the code
> for ytnef for a while, & make it a little more "library
> friendly".  Would any of
> you be willing to lend some expertise?
>

It looked like something put together to demonstrate it's purpose but it
certainly provides a basic framework. I would be happy to give you anything
I can, but while I will code it perl it's not my favorite either. Have to
look at the perl/C frame work used in things like Mail::ClamAV as that uses
the clamav libs and the perl c glue IIRCC.

Thanks for noticing the thread!

Rick


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.




More information about the MailScanner mailing list