Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: MIME::Tools Perl module and virus scanners
From: wietse () porcupine org (Wietse Venema)
Date: Tue, 4 Jun 2002 09:08:09 -0400 (EDT)

Having added MIME support to the Postfix MTA recently, allow me to
drop in a few cents.

Although MIME formats are defined in RFCs, enough variation exists
between implementations that even valid messages can have different
results depending on what mail (user) agent is used.

The result of invalid messages is obviously implementation defined,
as is the result of messages that expect standards not implemented
by the receiving mail (user) agent.

If you're in the content filtering business, then trying to anticipate
all the bugs/ambiguities in all the RFCs/implementations is futile.

The proper approach is to eliminate such ambiguity, by normalizing
data, that is, by transforming messages into a form that avoids
all the grey areas where implementations err, or where RFCs are
ambiguous.

That's not the job of an MTA, at least in my opinion, although an
MTA can facilitate detection of attempts to slip through the maze.

        Wietse

David F. Skoll:
Background
----------

MIME::Tools is a very nice Perl module for parsing and constructing
MIME-encoded mail messages.  The latest stable version is 5.411a.

MIME::Tools works very well on valid MIME messages.  However, there
are a number of problems if you use it to implement server-based mail
scanning.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]