RE: Blocking all inline GIF or JPG Images
--On Tuesday, June 27, 2006 5:10 PM -0400 Dave Koontz [EMAIL PROTECTED] wrote: Unfortunately, in our environment, inline images do get extensive use from our users (College Students, Faculty). Much of their email is for entertainment value, and many email jokes make use of Inline images of a variety of file types. GIF and JPG are just two types, you will also see PNG, BMP, etc. My company manufactures and assembles products and inspects items on receipt at the dock. When damage is found, including quality issues from our vendors, we photograph the item and email it to them so that they can immediately start to address the issue and get it fixed before the next day's shipment leaves their facility. Often a message requires a series of photos and explanatory text. Photographic email is a real requirement of business correspondence. I'm no fan of HTML in email, because it's so easy to use it to hide spam and malicious material in. I advocate strict syntax checking (which alas would fail the most common HTML-generating MUA's), and restriction of HTML to the subset needed to do this kind of job. Others have mentioned needing to include an HTML part to contain the image part. I personally attach my images to a text/plain part with a multipart/mixed, with the image set to disposition:inline. No HTML part is included, but I can see how one might need one for multiple images with interleaved comments, as a text/plain part has no mechanism to do that. My question is how to smack the biggest supplier of MUA's (the one in Redmond) to produce a sufficiently limited subset of HTML so that we as email admins can properly do our job while still allowing users to use a reasonable subset of markup.
Re: Blocking all inline GIF or JPG Images
Matt wrote: Hi, What would I need to do to just outright block all e-mail that has an inline gif or jpg (or multiple ones)? You should do this in whatever program you have calling SA/AV/etc.. SA itself doesn't block anything. -Jim
Re: Blocking all inline GIF or JPG Images
From: Matt [EMAIL PROTECTED]
Hi,
What would I need to do to just outright block all e-mail that has an
inline gif or jpg (or multiple ones)?
1) Be willing to accept a large number of lost legitimate emails.
2) If you use procmail it's quite easy to look for files with a large
number of different suffixes and do what you want with them.
3) Don't ask SpamAssassin to do anything with them other than install
a large spam score on them.
{^_^}
RE: Blocking all inline GIF or JPG Images
-Original Message- From: jdow [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 27, 2006 08:09 To: users@spamassassin.apache.org Subject: Re: Blocking all inline GIF or JPG Images From: Matt [EMAIL PROTECTED] Hi, What would I need to do to just outright block all e-mail that has an inline gif or jpg (or multiple ones)? 1) Be willing to accept a large number of lost legitimate emails. personally i would disagree... i seldom get 1 legit message a day with with inline-gif's, and its always newsletters that either a) i can do without or b) i can whitelist if need be. now i'm not saying i'd throw that policy down the throat of all my lusers, but a per-user rule to stop it for yourself may be just what you need. d
Re: Blocking all inline GIF or JPG Images
1 - No legit e-mail should have in-line gifs.. they should be attached. 2 - I don't 3 - Right, and that's what I'm asking how to do. On 6/27/06, Dallas L. Engelken [EMAIL PROTECTED] wrote: -Original Message- From: jdow [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 27, 2006 08:09 To: users@spamassassin.apache.org Subject: Re: Blocking all inline GIF or JPG Images From: Matt [EMAIL PROTECTED] Hi, What would I need to do to just outright block all e-mail that has an inline gif or jpg (or multiple ones)? 1) Be willing to accept a large number of lost legitimate emails. personally i would disagree... i seldom get 1 legit message a day with with inline-gif's, and its always newsletters that either a) i can do without or b) i can whitelist if need be. now i'm not saying i'd throw that policy down the throat of all my lusers, but a per-user rule to stop it for yourself may be just what you need. d
Re: Blocking all inline GIF or JPG Images
Matt wrote: 1 - No legit e-mail should have in-line gifs.. they should be attached. I guess I'm missing something. What is the difference between an inline gif and an attached gif?
Re: Blocking all inline GIF or JPG Images
An inline gif is INLINE with HTML.. an attached GIF is attached to the message and the message is in MIME-text format. HTML does not belong in e-mails. On 6/27/06, Stuart Johnston [EMAIL PROTECTED] wrote: Matt wrote: 1 - No legit e-mail should have in-line gifs.. they should be attached. I guess I'm missing something. What is the difference between an inline gif and an attached gif?
Re: Blocking all inline GIF or JPG Images
On Tue, 27 Jun 2006, Stuart Johnston wrote: Matt wrote: 1 - No legit e-mail should have in-line gifs.. they should be attached. I guess I'm missing something. What is the difference between an inline gif and an attached gif? inline is an HTML-format email with text and images interspersed. When the message is rendered the images will be embedded in the message body text. attached is the images attached like any other type of file. I have had exactly one instance to use inline images in the last five years. -- John Hardin KA7OHZICQ#15735746http://www.impsec.org/~jhardin/ [EMAIL PROTECTED]FALaholic #11174pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Senator, when you took your oath of office, you placed your hand on the Bible and swore to uphold the Constitution. You didn't place your hand on the Constitution and swear to uphold the Bible. -- Jamie Raskin, Professor of Law at American University, testifying before the Maryland Senate --- 7 days until The 230th anniversary of the Declaration of Independence
Re: Blocking all inline GIF or JPG Images
Matt wrote: An inline gif is INLINE with HTML.. an attached GIF is attached to the message and the message is in MIME-text format. HTML does not belong in e-mails. Well, that's easy then. If you want to block all html messages, just score up: HTML_MESSAGE If you want to only hit those with html inline images (attached or remote), use: __HTML_LINK_IMAGE
RE: Blocking all inline GIF or JPG Images
John D. Hardin Wrote: inline is an HTML-format email with text and images interspersed. When the message is rendered the images will be embedded in the message body text. attached is the images attached like any other type of file. I have had exactly one instance to use inline images in the last five years. Just a For What It's Worth... Unfortunately, in our environment, inline images do get extensive use from our users (College Students, Faculty). Much of their email is for entertainment value, and many email jokes make use of Inline images of a variety of file types. GIF and JPG are just two types, you will also see PNG, BMP, etc. So, while I don't condone the usage, it does get used by a large percentage of other typical users Most of whom would not be too happy to have their email flagged as spam soley because it contained an inline image. Your network usage may vary Personally, I wish HTML/UU/MIME type message formats had never been implemented! ;-)
Re: Blocking all inline GIF or JPG Images
On Tue, 27 Jun 2006, Kelson wrote: Until something comes along that (a) handles all the formatting that people want to be able to do, including adding silly backgrounds, changing the font or color for no reason, Why in the world do we need to support/encourage *that* nonsense? and embedding images in a layout such that they can be captioned One argument (only one) for accepting HTML email. :) -- John Hardin KA7OHZICQ#15735746http://www.impsec.org/~jhardin/ [EMAIL PROTECTED]FALaholic #11174pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- The problem is when people look at Yahoo, slashdot, or groklaw and jump from obvious and correct observations like Oh my God, this place is teeming with utter morons to incorrect conclusions like there's nothing of value here.-- Al Petrofsky, in Y! SCOX --- 7 days until The 230th anniversary of the Declaration of Independence
RE: Blocking all inline GIF or JPG Images
John, if you have absolute authority to your network and what format your users can receive/send email, then you may want to look at the 'DEMIME' project. Perhaps you can use it to convert all user email to plain text and remove any and all attachments as a part of your filtering. I use this tool to filter various addresses that need to receive ONLY plain text emails. Works well. -Original Message- From: John D. Hardin [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 27, 2006 5:28 PM To: Kelson Cc: SpamAssassin Users Subject: Re: Blocking all inline GIF or JPG Images On Tue, 27 Jun 2006, Kelson wrote: Until something comes along that (a) handles all the formatting that people want to be able to do, including adding silly backgrounds, changing the font or color for no reason, Why in the world do we need to support/encourage *that* nonsense? and embedding images in a layout such that they can be captioned One argument (only one) for accepting HTML email. :)
Re: Blocking all inline GIF or JPG Images
John D. Hardin wrote: On Tue, 27 Jun 2006, Kelson wrote: Until something comes along that (a) handles all the formatting that people want to be able to do, including adding silly backgrounds, changing the font or color for no reason, Why in the world do we need to support/encourage *that* nonsense? Because people will find ways to do it anyway, like sending Microsoft Word documents or PDF files. Better to come up with something that satisfies the demand, but isn't as easy to exploit for nefarious purposes (tracking, malware delivery, obfuscation) as HTML is, than leave things as a choice between HTML and plain text. There are plenty of options for simple markup languages more limited in their potential for abuse (unless you consider formatting itself an abuse) -- Wiki code, or BBcode, or the rich-text format that Eudora generates -- just none of them have the critical mass among email clients (I don't think anything will display formatted Wiki or BBCode, for instance) to be worth using except in small circles. -- Kelson Vibber SpeedGate Communications www.speed.net
