Bugtraq mailing list archives
Re: MIME::Tools Perl module and virus scanners
From: wietse () porcupine org (Wietse Venema)
Date: Tue, 4 Jun 2002 09:08:09 -0400 (EDT)
Having added MIME support to the Postfix MTA recently, allow me to drop in a few cents. Although MIME formats are defined in RFCs, enough variation exists between implementations that even valid messages can have different results depending on what mail (user) agent is used. The result of invalid messages is obviously implementation defined, as is the result of messages that expect standards not implemented by the receiving mail (user) agent. If you're in the content filtering business, then trying to anticipate all the bugs/ambiguities in all the RFCs/implementations is futile. The proper approach is to eliminate such ambiguity, by normalizing data, that is, by transforming messages into a form that avoids all the grey areas where implementations err, or where RFCs are ambiguous. That's not the job of an MTA, at least in my opinion, although an MTA can facilitate detection of attempts to slip through the maze. Wietse David F. Skoll:
Background ---------- MIME::Tools is a very nice Perl module for parsing and constructing MIME-encoded mail messages. The latest stable version is 5.411a. MIME::Tools works very well on valid MIME messages. However, there are a number of problems if you use it to implement server-based mail scanning.
Current thread:
- MIME::Tools Perl module and virus scanners David F. Skoll (Jun 03)
- Re: MIME::Tools Perl module and virus scanners Wietse Venema (Jun 04)
- Re: MIME::Tools Perl module and virus scanners Kee Hinckley (Jun 07)
- Re: MIME::Tools Perl module and virus scanners David F. Skoll (Jun 07)
- Re: MIME::Tools Perl module and virus scanners Kee Hinckley (Jun 07)
- Re: MIME::Tools Perl module and virus scanners Bennett Todd (Jun 04)
- <Possible follow-ups>
- Re: MIME::Tools Perl module and virus scanners David F. Skoll (Jun 04)
- Re: MIME::Tools Perl module and virus scanners Wietse Venema (Jun 04)