On Monday 01 March 2004 17:46, Richard Laager wrote: > Is there any harm in doing this? Does it take a lot of CPU?
Probably. > Will it break digital signatures? Yes. Some digital signatures expect unmodified mime headers. > It sounds like a good idea, but I'm afraid > of potential downsides. The most important downside is that malware content will still slip through to the user. The user might then still be able to decode the viral content and run it. Our problem is not so much that some malformed MIME exploits the MUA, but more protecting the user from their own stupidity by running an attachment. See MyDoom: it was one of the worst virus floods in the last few months, and it worked all by itself because people who received the worm email thought that there is something worth executing in the attachment. And it only stopped because the worm author was nice enough to built in an expire date. I'm afraid the unconditional rebuilding of the MIME parts will break a lot of legitimate mail. I've tried doing that for about a day, and then got so many complains about totally garbled legitimate mail (like newsletters) that I had to stop doing it again. It seems in the long run we have to get rid of MIMEDefang. Thats a shame, since it worked so great in all other aspects. Dirk _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
