Message contains NUL characters ...
amilivojevic at pbl.ca
Tue May 10 16:33:49 EDT 2005
Douglas K. Fischer wrote:
> John Fawcett wrote:
> | Greg A. Woods wrote:
> |> Stripping NUL bytes modifies the message and that's a _REALLY
> |> BAD_ thing to do. It is infinitely better to reject than to
> |> arbitrarily modify the message in a destructive manner.
> | Maybe I misunderstood earlier posts which indicated this was ok.
> One area in which such modifications would be very detrimental would
> be in encrypted/signed/hashed messages. Making such modifications to
> the body would break these.
I agree. However, if one really wants to modify messages, than doing it
in filter (such as MIMEdefang) is the right way to go. MIMEdefang can
be programmed to do it in a smart way. For example, reject instead of
modifying encrypted parts, add warnings that messages was modified into
message body or additional parts, or attempt to do some smart encodings
(for example base64 the part, if it isn't going to break signatures).
IMAP server isn't really a good tool for this task.
Of course, accepting malformed messages and/or fixing them is usually a
bad idea. Most emails with NUL bytes I saw were of viral nature. In my
configuration, MIMEdefang is simply instructing my MTA to reject any and
all emails with NUL bytes (and some other prohibited and/or dangerous
payload) on the border, before entering the company premises, and before
they reach any of my internal IMAP servers. There was that one single
outside user I stumbled upon that was constantly attempting to deliver
such emails, but he quickly fixed his configuration once his emails
started to bounce...
Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus