DSNs from bigfoot.com are quarantined

Mark Sapiro mark at msapiro.net
Sun Aug 31 01:01:29 IST 2008 

Julian Field wrote:
>
>Mark Sapiro wrote:
>> On Wed, Aug 27, 2008 at 09:41:36PM +0100, Julian Field wrote:
>>   
>>> I am putting out a new beta as I type, with improved message/partial 
>>> code in it. This should solve this problem with bigfoot.com DSNs.
>>>
>>> Please try this out and let me know how you get on.
>>>
>>> Thanks,
>>>
>>> Jules
>>>
>>>     
>>
>>
>> I have just installed the 4.71.8-1 beta, and this is better, but there
>> is now a different problem.
>>
>> The message delivered to the recipient is fine. the message/partial part
>> has been removed and replaced with the attachment warning which says
>>
>> ----------------------------------------------------------------------
>> The original e-mail attachment "msg-26216-5.msg"
>> was believed to be infected by a virus and has been replaced by this warning
>> message.
>>
>> If you wish to receive a copy of the *infected* attachment, please
>> e-mail postmaster at sbh16.songbird.com and include the whole of this message
>> in your request.
>>
>> At Fri Aug 29 10:01:35 2008 the virus scanner said:
>>    Fragmented messages cannot be scanned and are removed
>>
>> Note to Postmaster: Look on the GPC MailScanner in /var/spool/MailScanner/quarantine/20080829 (message 6C1E46900AA.4FC5C).  
>>
>>
>> However, in the quarantine, the directory 20080829/6C1E46900AA.4FC5C is
>> created but it is empty.
>>   
>That's because the part of the message isn't ever actually extracted 
>into an attachment, it is just an "entity" in the MIME structure of the 
>message, as opposed to being a real attachment. So I don't think there's 
>much I can do about this. You could add some text on the end of the 
>"Fragmented messages cannot be scanner and are removed" text that said 
>that it was not quarantined, but I'm not quite sure what else we can do 
>about this particular problem.


I'm not sure I understand the problem. It appears from the attachment
warning, that perl MIME::Tools (MIME::Parser ?) may have parsed this
message and stored the specific message/partial part contents in some
file temporary file named msg-26216-5.msg. Is there some reason that
file, if it exists, can't just be put in the quarantine directory?

Also, perl MIME::Entity objects have print and print_body methods that
could be used to write the part to a file.

If there's some reason why this can't be done, it's not a big deal for
me, but I wonder why not.


>When it comes down to it, bigfoot shouldn't be doing this, they are 
>using a wholly inappropriate message structure for their DSNs.


Inappropriate, yes, but understandable. Actually, their DSN is RFC 3464
compliant. It's just that their choice of message/partial for the
Content-Type of the third part (the headers of the original message)
is not RFC 2046 compliant in its use of the partial sub-type, but it's
easy to see how someone not familiar with what message/partial really
is could think that message/partial was an appropriate Content-Type
for the headers of a message.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the MailScanner mailing list