Re: qmail-scanner

Mon, 12 Jul 2004 10:44:07 -0700 

> > Nice.  I have a question about it, though.  Why do you only process
> > messages that are multipart?  What if there's a message (not
> > attachment) with content-type audio/x-wav that's really an exe?
> 
> Hmmm - no very good reason at all, now you mention it. Got a patch? :-)

Here you go.  I don't have the resources at present to test this properly,
but I've attached a couple of test messages.

Brian

--- exe_filter  2004-07-06 23:46:42.000000000 -0600
+++ exe_filter.brian-001        2004-07-12 11:08:04.000000000 -0600
@@ -119,24 +119,48 @@
   }
   return DECLINED unless keys %sig;
 
-  # Ignore non-multipart emails
+  # Ignore non-MIME emails
   my @boundary = ();
+  my $boundary;
   my $content_type = $transaction->header->get('Content-Type');
-  $content_type =~ s/\s/ /g if defined $content_type;
-  unless ($content_type && $content_type =~ m!\bmultipart/.*\bboundary="?([^"]+)!i) {
-    $self->log(4, "non-multipart mail - skipping");
+  my $mail_header = undef;
+  my $mime_header = undef;
+  my $mime_lines = -1;
+  if (!defined $content_type) {
+    $self->log(4, "non-MIME mail - skipping");
     return DECLINED;
   }
-  my $boundary = $1 || '';
-  $self->log(7, "header boundary: $boundary");
-  push @boundary, $boundary;
+  else {
+    $content_type =~ s/\s/ /g;
+    if ($content_type =~ m!\bmultipart/.*\bboundary="?([^"]+)!i) {
+      $boundary = $1 || '';
+      $self->log(7, "header boundary: $boundary");
+      push @boundary, $boundary;
+    }
+    elsif ($content_type =~ m!\bmessage/rfc822!i) {
+         # Turn mail_header on
+         $mail_header = '';
+         $mime_lines = undef;
+         $mime_header = undef;
+      $boundary = undef;
+       }
+    elsif ($content_type !~ m!\bmultipart/!i) {
+      $mail_header = undef;
+      $mime_header = undef;
+      $mime_lines = 0;
+      $boundary = undef;
+    }
+       else {
+         $self->log(4, "unintelligible multipart mail - skipping");
+         return DECLINED;
+      # $self->log(4, "unintelligible multipart mail - refusing");
+         # return (DENY, "badly formed multipart MIME.");
+    }
+  }
 
   # Make sure we read from the beginning;
   $transaction->body_resetpos;
-  
-  my $mail_header = undef;
-  my $mime_header = undef;
-  my $mime_lines = -1;
+
   while ($_ = $transaction->body_getline) {
     # Embedded mail headers
     if (defined $mail_header) {

Attachment: sample.message.0
Description: Binary data

Attachment: sample.message.1
Description: Binary data

Reply via email to