On 2004-11-15 16:23:19 -0500, Bart Silverstrim wrote: > I find it interesting though that I've yet to hear from anyone > commenting on my proposal to create a filter that will extract and > convert all emails into pure text, or reformat it so only certain > things can get through as an attachment with a pure text message so it > would be "defanged" of scripts, web content, potential scripting > exploits, etc...I'm honestly beginning to wonder how hard that would be > to make and whether it may be of use for some sites. Draconian, yet it > would be extremely handy in stopping the maliciousness of viruses or > spam tricks...dynamically rewriting all email to a "standard" format. > > Anyone? Does this already exist? A prefilter thing...not halfway to > the task, like using MIMEDefang, but a whole "here's the email stripped > of HTML and in a standard format for the mail system" type filter...
I was under the impression that MIMEDefang can do this. But I'm afraid
my users wouldn't like it, so I never looked into it closely. That said
I think this is very easy to implement:
Check if a mime entity is multipart/alternative with a text part: If it
is, replace it with the text part. Otherwise, if it is HTML, filter it
through w3m, lynx, or some other html to text converter. Pass through
other content-types unaltered or strip them according to site policy. I
guess a plugin for qpsmtpd which does this could be written in a day or
so.
hp
--
_ | Peter J. Holzer | Je h�her der Norden, desto weniger wird
|_|_) | Sysadmin WSR | �berhaupt gesprochen, also auch kein Dialekt.
| | | [EMAIL PROTECTED] | Hallig Gr�de ist fast g�nzlich dialektfrei.
__/ | http://www.hjp.at/ | -- Hannes Petersen in desd
pgpVEfRfdzRww.pgp
Description: PGP signature
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
