[Mimedefang] Erroneous bad-filename detection in mimedefang-filter

Ole Holm Nielsen Ole.H.Nielsen at fysik.dtu.dk
Mon Sep 15 16:04:01 EDT 2003


I tried Michael's proposal for *not* filtering bad filenames
in case it's an MIME message/rfc822 attachment (a forwarded
E-mail).  It works !  My messages with Subject: lines containing
bad Microsoft extensions (and Mozilla naming the attachments
according to the Subject: line) are now passing through
perfectly.  Thanks a lot for your asistance !!

Can anyone conceive of possible holes opened up for viruses
in this way ?  Otherwise I'd think this code ought to go into
the MimeDefang distribution example for mimedefang-filter.

Michael Sims wrote:
> Perhaps you could check the MIME type inside filter_bad_filename() by
> accessing the MIME::Entity object that is passed to it?
> Something like this:
> 
> --- mimedefang-filter
>   sub filter_bad_filename ($) {
> 
>     my($entity) = @_;
>     my($bad_exts, $re);
> 
> +   return if (defined $entity->mime_type
>                && $entity->mime_type =~ /message\/rfc822/);
> --- mimedefang-filter

Ole Holm Nielsen
Department of Physics
Technical University of Denmark





More information about the MIMEDefang mailing list