Message contains NUL characters ...

Aleksandar Milivojevic amilivojevic at
Tue May 10 16:33:49 EDT 2005

Douglas K. Fischer wrote:
> John Fawcett wrote:
> | Greg A. Woods wrote:
> |
> |> Stripping NUL bytes modifies the message and that's a _REALLY
> |> BAD_ thing to do.  It is infinitely better to reject than to
> |> arbitrarily modify the message in a destructive manner.
> |
> |
> | Maybe I misunderstood earlier posts which indicated this was ok.
> One area in which such modifications would be very detrimental would
> be in encrypted/signed/hashed messages. Making such modifications to
> the body would break these.

I agree.  However, if one really wants to modify messages, than doing it 
in filter (such as MIMEdefang) is the right way to go.  MIMEdefang can 
be programmed to do it in a smart way.  For example, reject instead of 
modifying encrypted parts, add warnings that messages was modified into 
message body or additional parts, or attempt to do some smart encodings 
(for example base64 the part, if it isn't going to break signatures).

IMAP server isn't really a good tool for this task.

Of course, accepting malformed messages and/or fixing them is usually a 
bad idea.  Most emails with NUL bytes I saw were of viral nature.  In my 
configuration, MIMEdefang is simply instructing my MTA to reject any and 
all emails with NUL bytes (and some other prohibited and/or dangerous 
payload) on the border, before entering the company premises, and before 
they reach any of my internal IMAP servers.  There was that one single 
outside user I stumbled upon that was constantly attempting to deliver 
such emails, but he quickly fixed his configuration once his emails 
started to bounce...

Aleksandar Milivojevic <amilivojevic at>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7
Cyrus Home Page:
Cyrus Wiki/FAQ:
List Archives/Info:

More information about the Info-cyrus mailing list