-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Rick Cooper wrote: > >> -----Original Message----- From: decoder >> [mailto:[EMAIL PROTECTED] Sent: Friday, August 25, 2006 2:24 >> PM To: users@spamassassin.apache.org Subject: Re: Discourage >> broken content >> >> >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >> >> Kenneth Porter wrote: >>> --On Friday, August 25, 2006 12:05 AM -0700 Plenz >>> <[EMAIL PROTECTED]> wrote: >>> >>>> I disagree. To check out what happens I converted a JPG >>>> picture into a GIF file and sent it to myself. One time I >>>> converted it with IrfanView and the second time with >>>> PaintShop Pro. Both GIF files had the result "giftopnm: EOF >>>> or error reading data portion..." So I produced a corrupt (?) >>>> image, but it was not spam. >>> I think we should discourage all broken content in email and on >>> the web. >>> >>> At one time we could assume that broken content was an honest >>> mistake and make an attempt at fixing it. But with the rise of >>> malicious content attempting to exploit bugs in content >>> handlers (like overruns in image libraries), we should simply >>> reject anything that fails to pass validation, on the >>> assumption that's it out to get us. >>> >>> This includes not just broken images but also broken HTML, >>> which is so commonly used to conceal spam. >>> >>> We need to stop giving a free pass to broken content creation >>> software just because it's popular. When someone sends you >>> broken content, you should react the same way you would if they >>> sent you documents on dirt-smeared paper. Stop letting your >>> emperor walk around naked. >> I completely agree, the problem is, some implementations makes >> this impossible. For example MailScanner. >> >> I've heard that it truncates the mail at 30kb, no matter if that >> is within a MIME block or not... So my plugin gets a broken >> image.. though it was not broken originally... >> > > That is patently false. I have a graphics design/advertising > department at one of my locations and these fellas send huge > graphics files back and forth when they have emergency > proofs/changes and MailScanner has *never* damaged anything, ever, > anywhere. Now, there is a setting for scanning (much like exiscan > IIRCC) that allows you to truncate the message and only scan xxx > amount, it's optional and doesn't modify the actual message in > anyway. > > Rick I did not say it damages the mail. I said it feds only a given amount of the message to SpamAssassin and THAT breaks plugins requiring the whole message, especially when MailScanner breaks messages in the middle of attachments.
And as far as I know, it is the default setting of mailscanner to feed only a given amount of kb to SpamAssassin. That does not mean it truncates the message before delivering it. Chris > > > -- This message has been scanned for viruses and dangerous content > by MailScanner, and is believed to be clean. > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE71wLJQIKXnJyDxURAtxUAJ9/O5F4cC/1vlsE6EsRb6vLcepH+ACfcTCA x4CmnLDyZbUFtAr2kWK9koY= =Ckpc -----END PGP SIGNATURE-----
