Hi,

On Tue, Sep 23, 2003 at 07:50:56PM +0300, Alexander Ogol wrote:
> decision in all situations. Some mailing lists (debian-russian, for example)
> add some 7bit information after letter body while re-forwarding, regardless
> of was the letter base64/QP encoded or not, resulting of such malformed

Then this software is severly broken (MIME-wise), imho, and needs to be
updated/changed/dumed.

> So I think that the right solution (before antivirus software would be
> rewritten) is to write filters by yourself - decode base64 as that do
> popular mail clients and give them to antivirus.

With this approach, you are always on the "one step behind" side of
the problem. It's only a matter of time that someone finds out that
(made up example:) you can use a UTF8-mis-encoded "=" in Microsoft's
base64-decoder... The only sane way is to check if it's in the
standard-form ("abcABC=") and reject or convert if it's not.

99.99% of all software should create the standard form, so please
let the tiny fraction of users with broken software suffer
when their mails get rejected.

(Note: this of course applies not only to Base64 but to all aspects
of header-parsing, file-format guessing etc...)

Chris

--
01234567 <- The amazing* indent-o-meter!
^ (*: Indent-o-meter may not actually amaze.)
-- stolen from Nick Moffitt nick(at)zork.net

[ reply ]