-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Kenneth Porter wrote: > --On Friday, August 25, 2006 12:05 AM -0700 Plenz > <[EMAIL PROTECTED]> wrote: > >> I disagree. To check out what happens I converted a JPG picture >> into a GIF >> file >> and sent it to myself. One time I converted it with IrfanView and the >> second time with PaintShop Pro. Both GIF files had the result >> "giftopnm: EOF or error reading data portion..." So I produced a >> corrupt >> (?) image, but it was not spam. > > I think we should discourage all broken content in email and on the > web. > > At one time we could assume that broken content was an honest > mistake and make an attempt at fixing it. But with the rise of > malicious content attempting to exploit bugs in content handlers > (like overruns in image libraries), we should simply reject anything > that fails to pass validation, on the assumption that's it out to > get us. > > This includes not just broken images but also broken HTML, which is > so commonly used to conceal spam. > > We need to stop giving a free pass to broken content creation > software just because it's popular. When someone sends you broken > content, you should react the same way you would if they sent you > documents on dirt-smeared paper. Stop letting your emperor walk > around naked.
I completely agree, the problem is, some implementations makes this impossible. For example MailScanner. I've heard that it truncates the mail at 30kb, no matter if that is within a MIME block or not... So my plugin gets a broken image.. though it was not broken originally... Chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE705eJQIKXnJyDxURAiGZAJ4q2f5KIxWjrYN3U6vB4kFhLbZ2igCfVM1l n13w21PXoSH7IethDVc3uio= =IWPe -----END PGP SIGNATURE-----
