Mailscanner does not identify attachment in mail

[Kai Schaetzl]

Jan-Peter Koopmann wrote on Fri, 5 May 2006 13:02:36 +0200:

> The bug-reports for SpamAssassin suggest that uudecoded 
> mail bodies are just treated as text and therefore all those rules should 
> apply unfortunatly. Unless I got this the wrong way and it should not be 
> scanned at all there is not much we could do. 
>  
> MailScanner could decide not to send mail-bodies consisting of only 
> uuencoded text to SpamAssassin but I am not sure it is 
>  
> A) feasable 
> B) worth the effort.

Since MS unpacks and scans the attachment (I assume), anyway, I agree 
something could be done at this stage. AFAIK a uuencoded attachment normally 
doesn't get displayed inline, not even by MS software. So, it won't be 
displayed even if it is a spam html page or so.
What does MS do with attachments in general? I've been assuming that it only 
gives the first x bytes (there's a setting for that) to SA and no 
attachments at all. When I encountered the uu problem the first time last 
year I didn't think about MS in this regard at all I just thought about the 
fact that SA didn't refuse scanning it and decided against a bug report for 
SA. (One of the things why SA can't refuse that is that it might not get the 
end of the attachment, so it cannot guarantee it's really an attachment I 
guess.)
But you are right, something could be done here by MS. Maybe it's that 
special case here that the body contains only that attachment and nothing 
else which makes it pipe the body to SA?
In general I think it should be safe to exclude uuencoded attachments from 
spam scanning if the detection of that attachment is reasonably safe.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com