On Wed, Apr 27, 2011 at 06:42:55PM +0400, Michael Tokarev wrote:
> 27.04.2011 15:44, Noel Jones wrote:
> []
> > regexp and pcre compatible expression:
> >
> > /^Subject: +[^[:space:]]{60}/ REJECT no spaces
> >
> > matches Subject: followed by one or more spaces, followed by 60 or more
> > non-space characters.
>
> This will reject mime-encoded quoted-printable subjects.
RFC 2047 sets a maximum size of 75 octets on each chunk of the encoded
text. While not all encoding applications abide by the limit, something
longer than 75 octets should encounter fewer false positives.
http://tools.ietf.org/html/rfc2047#section-2
An 'encoded-word' may not be more than 75 characters long, including
'charset', 'encoding', 'encoded-text', and delimiters. If it is
desirable to encode more text than will fit in an 'encoded-word' of
75 characters, multiple 'encoded-word's (separated by CRLF SPACE) may
be used.
A safer pattern may be:
if /^Subject:/
if !/=\?\S+\?=(\s|$)/
/\S{60}/ REJECT no spaces
endif
endif
Otherwise, this check can be moved to a pre-queue filter or milter that
decodes RFC 2047 encoding, and applies the test on the "plaintext".
--
Viktor.
