Bill Cole:
> On 9 Apr 2016, at 9:00, Wietse Venema wrote:
>
> > Unfortunately, I don't have time to decode this discussion. Can
> > someone post a tested diff, someone maybe post a revised version,
> > and when there is agreement, then I can adopt it.
>
>
> Simplest fix: prevent *that* class of
On 9 Apr 2016, at 9:00, Wietse Venema wrote:
Unfortunately, I don't have time to decode this discussion. Can
someone post a tested diff, someone maybe post a revised version,
and when there is agreement, then I can adopt it.
Simplest fix: prevent *that* class of false positives by narrowing t
On 4/9/2016 8:00 AM, Wietse Venema wrote:
> Unfortunately, I don't have time to decode this discussion. Can
> someone post a tested diff, someone maybe post a revised version,
> and when there is agreement, then I can adopt it.
>
> Wietse
>
Does someone have a full, unmodified offending he
Unfortunately, I don't have time to decode this discussion. Can
someone post a tested diff, someone maybe post a revised version,
and when there is agreement, then I can adopt it.
Wietse
> On Apr 6, 2016, at 10:02 PM, Laz C. Peterson wrote:
>
> It's very odd ... Apple has been responsible for the foundation of quite a
> few RFC's but in our experience has actually made it difficult for our
> software to both comply with the RFC as well as Apple's client software.
The fault he
Curtis Villamizar wrote:
> Since pcre evaluates in order you could add>
> /^Content-(Disposition|Type).*;??x-apple-part-url="[^"]+"$/x DUNNO
>
> before the pcre that does the rejection.
That's one possibility, but:
(a) you probably won't want the '??' qualifying the ';'. '??' in the
Postfix lo
Since pcre evaluates in order you could add
/^Content-(Disposition|Type).*;??x-apple-part-url="[^"]+"$/x DUNNO
before the pcre that does the rejection.
Since "." is commonly "%2E" you could also change the "\." in the RE to
"(\.|%2E)".
That doesn't solve base64 encoding.
Disclaimer: I have
This is great information.
It's very odd ... Apple has been responsible for the foundation of quite a few
RFC's but in our experience has actually made it difficult for our software to
both comply with the RFC as well as Apple's client software.
Thank you Cedric.
~ Laz Peterson
Paravis, LLC
>
The documentation for header_checks includes an example to "block
attachments with bad file name extensions", and I expect many
installations have a similar rule to cut down on malware. This reads:
/^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(
ade|adp|asp|bas|bat|chm|cmd|com|cpl|cr
