Koozali.org: home of the SME Server

Obsolete Releases => SME Server 7.x => Topic started by: hanscees on January 05, 2007, 08:14:30 PM

Title: email gif file blocking in 7.1?
Post by: hanscees on January 05, 2007, 08:14:30 PM

Hi,
I see that 7.1 has gif file content blocks in the list of blackable attachments.
What is the reason for this?

Hans-Cees

Title: Re: email gif file blocking in 7.1?
Post by: hanscees on January 05, 2007, 08:21:19 PM

Quote from: "hanscees"

Hi,
I see that 7.1 has gif file content blocks in the list of blackable attachments.
What is the reason for this?

Hans-Cees

that an oops. These are pif files......

I was hoping you found a way to get rid of gif-files to block spam..

Hans-Cees

Title: email gif file blocking in 7.1?
Post by: kruhm on January 07, 2007, 07:24:34 AM

Hi hanscees,

You do great work. This is a great question.

I don't see why this wouldn't be possible. We have to find the base64 pattern, add it to the db and signal-event.

=============================
::Find the base64 pattern. If I:
perl -MMIME::Base64 -0777 -ne 'print encode_base64($_)' <mitel_logo.gif | head -1
::I get:
R0lGODlhhwAoAOYAAFs3Ff79/fr5+Orqw87Mcr+8ReLirLy6PcTCVczKa/Py3MrJZtzbm+TjsbOx
::Looks like the pattern is:
R0lGODlh

::add the pattern to the db with:
R0lGODlh=pattern|Body|R0lGODlh|Description|GIF file (R0lGODlh)|Glob|yes|LineStart|yes|Status|enabled

::expand template and restart service:
/sbin/e-smith/signal-event email-update

Check it over and see if you think it'll work. RayMitchell may have something to add.

Title: email gif file blocking in 7.1?
Post by: hanscees on January 07, 2007, 11:32:19 AM

Quote from: "kruhm"

Hi hanscees,

You do great work. This is a great question.

I don't see why this wouldn't be possible. We have to find the base64 pattern, add it to the db and signal-event.

=============================
::Find the base64 pattern. If I:
perl -MMIME::Base64 -0777 -ne 'print encode_base64($_)' <mitel_logo.gif | head -1
::I get:
R0lGODlhhwAoAOYAAFs3Ff79/fr5+Orqw87Mcr+8ReLirLy6PcTCVczKa/Py3MrJZtzbm+TjsbOx
::Looks like the pattern is:
R0lGODlh

::add the pattern to the db with:
R0lGODlh=pattern|Body|R0lGODlh|Description|GIF file (R0lGODlh)|Glob|yes|LineStart|yes|Status|enabled

::expand template and restart service:
/sbin/e-smith/signal-event email-update

Check it over and see if you think it'll work. RayMitchell may have something to add.

We can probably make that work.
But you will end up blocking both spam, plus people who use gif-files as authograph.
But one migh make it possible by making gif-blocks possible (adding them but not enabling them by default)

hc

Title: email gif file blocking in 7.1?
Post by: gordonr on January 08, 2007, 01:00:20 PM

Quote from: "hanscees"

We can probably make that work.
But you will end up blocking both spam, plus people who use gif-files as authograph.

As well as a huge number of mails from sites all around the world which send legitimate emails containing GIFs for pretty page markup.

You can't win. If they use remote images, you can't trust them as they might be web bugs. If they send the GIFs, it might be GIF-based SPAM.

Of course the correct fix is to stop sending images and HTML email and focus on the content rather than the pictures :-(

As much as I would like to block all GIFs, I think this is more promising:

http://bugs.contribs.org/show_bug.cgi?id=1985