[Mimedefang] strip invalid IMG tag

Kevin A. McGrail kmcgrail at pccc.com
Mon Nov 29 09:42:26 EST 2004


Marco,

On my list of projects to-do is this exact task.  Last revised 5/21/2004 so
it's a bit stale but I mapped out my "plan" and here are my notes so that
they might help you begin the task:

MIMEDefang To-Do:

change all img src tags that are non-attached will be modified or disabled.

convert img src tags so they have to be clicked on instead of opening inline

search for <img src=(http|https)(.*)>

replace with

  <a href=$1$2><img
src=http://mydomain.com/image_describing_click_here_to_view_possibly_unsafe_
image></a>

Put image on a webserver or have the original, unmodified email attached ala
SpamAssassin report

perform this action on BOTH text/plain and text/html parts using
HTML::Parser for the html and perl for the text/plain.

HTML::Parser examples from Josh

I put some programs that I wrote using it at
http://www.jbc.edu/~josh/perl; hopefully these can be of some use to you
as examples.

Regards,
KAM

> I am tring to make Mimedefang work just like eSafe does, and it works
> great for attachments, except that the eSafe will strip invalid IMG
> tages in text/html mime parts,



More information about the MIMEDefang mailing list