On 2004-11-15 16:23:19 -0500, Bart Silverstrim wrote: > I find it interesting though that I've yet to hear from anyone > commenting on my proposal to create a filter that will extract and > convert all emails into pure text, or reformat it so only certain > things can get through as an attachment with a pure text message so it > would be "defanged" of scripts, web content, potential scripting > exploits, etc...I'm honestly beginning to wonder how hard that would be > to make and whether it may be of use for some sites. Draconian, yet it > would be extremely handy in stopping the maliciousness of viruses or > spam tricks...dynamically rewriting all email to a "standard" format. > > Anyone? Does this already exist? A prefilter thing...not halfway to > the task, like using MIMEDefang, but a whole "here's the email stripped > of HTML and in a standard format for the mail system" type filter...
I was under the impression that MIMEDefang can do this. But I'm afraid my users wouldn't like it, so I never looked into it closely. That said I think this is very easy to implement: Check if a mime entity is multipart/alternative with a text part: If it is, replace it with the text part. Otherwise, if it is HTML, filter it through w3m, lynx, or some other html to text converter. Pass through other content-types unaltered or strip them according to site policy. I guess a plugin for qpsmtpd which does this could be written in a day or so. hp -- _ | Peter J. Holzer | Je höher der Norden, desto weniger wird |_|_) | Sysadmin WSR | überhaupt gesprochen, also auch kein Dialekt. | | | [EMAIL PROTECTED] | Hallig Gröde ist fast gänzlich dialektfrei. __/ | http://www.hjp.at/ | -- Hannes Petersen in desd
pgpVEfRfdzRww.pgp
Description: PGP signature
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users