[Esa-l] Doing mail filtering in Sendmail itself
Bjarni R. Einarsson
bre at klaki.net
Tue May 1 10:23:54 PDT 2001
On 2001-05-01, 11:30:59 (-0500), Mark A. Hershberger wrote:
>
> I recall that someone here (who, I don't recall) was working on a
> MIME::Stream module for Perl -- it seems like that would fit in
> nicely.
Me, works fine. :) I used it to reimplement most of John's checks and
some new ones of my own in a new email sanitizer which has quite a
few advantages (IMHO) over John's current solution. If you're
interested, find it here: http://mailtools.anomy.net/
> Has anyone thought of this already and rejected it?
Has the following drawbacks from my POV:
1. Sendmail specific - I prefer to write stuff that will work with
Qmail, Postfix and whatever else as well.
2. By definition a security scanner will need to scan the entire
message - letting some other process (e.g. sendmail) take care of
interpreting headers/MIME stuff/etc. means you will miss some
potential bugs/attacks. If you are going to be scanning the
entire message anyway, then the power Milter provides may not help
after all.
Caveat: I haven't examined the Milter stuff, due to reason #1, so my
remarks in #2 may be a little off.
--
Bjarni R. Einarsson PGP: 02764305, B7A3AB89
bre at klaki.net -><- http://bre.klaki.net/
Check out my open-source email sanitizer: http://mailtools.anomy.net/
More information about the esd-l
mailing list