Bugtraq mailing list archives
Re: MIME::Tools Perl module and virus scanners
From: wietse () porcupine org (Wietse Venema)
Date: Tue, 4 Jun 2002 09:08:09 -0400 (EDT)
Having added MIME support to the Postfix MTA recently, allow me to
drop in a few cents.
Although MIME formats are defined in RFCs, enough variation exists
between implementations that even valid messages can have different
results depending on what mail (user) agent is used.
The result of invalid messages is obviously implementation defined,
as is the result of messages that expect standards not implemented
by the receiving mail (user) agent.
If you're in the content filtering business, then trying to anticipate
all the bugs/ambiguities in all the RFCs/implementations is futile.
The proper approach is to eliminate such ambiguity, by normalizing
data, that is, by transforming messages into a form that avoids
all the grey areas where implementations err, or where RFCs are
ambiguous.
That's not the job of an MTA, at least in my opinion, although an
MTA can facilitate detection of attempts to slip through the maze.
Wietse
David F. Skoll:
Background ---------- MIME::Tools is a very nice Perl module for parsing and constructing MIME-encoded mail messages. The latest stable version is 5.411a. MIME::Tools works very well on valid MIME messages. However, there are a number of problems if you use it to implement server-based mail scanning.
Current thread:
- MIME::Tools Perl module and virus scanners David F. Skoll (Jun 03)
- Re: MIME::Tools Perl module and virus scanners Wietse Venema (Jun 04)
- Re: MIME::Tools Perl module and virus scanners Kee Hinckley (Jun 07)
- Re: MIME::Tools Perl module and virus scanners David F. Skoll (Jun 07)
- Re: MIME::Tools Perl module and virus scanners Kee Hinckley (Jun 07)
- Re: MIME::Tools Perl module and virus scanners Bennett Todd (Jun 04)
- <Possible follow-ups>
- Re: MIME::Tools Perl module and virus scanners David F. Skoll (Jun 04)
- Re: MIME::Tools Perl module and virus scanners Wietse Venema (Jun 04)