Entire original message with my comments copied to the exim-users
mailing list - thinly veiled lawsuit threats deserve to be made widely
available for appropriate ridicule.
On Tue, 2002-06-11 at 16:07, Chris Drake wrote:
> Hi,
>
> Your "Generic Windows Executable Content" filter is incorrectly
> blocking emails my customers have paid to receive, and probably also
> all RFC compliant notifications which include the original message.
Yup, seems reasonable. [Apart from you seem to have reversed the normal
meaning of "incorrectly". Note that a *correctly* formatted bounce
message will not be touched by the extension handler. Then again if you
are using such RFC non-compliant products as are produced by a large US
monopoly for handling email then you are already in deep trouble.
> Please fix this filter and ensure all users of it are provided with an
> update - or please remove this malfunctioning code completely.
It does precisely what its intended to do.
Its also unmaintained anyhow.
I have no record - nor do I wish to have a record of the users of the
filters.
> Note that interception of personal emails as this filter is doing at
> present may be considered illegal. I will not be responsible for
> direct and/or consequential losses that your code is causing to my
> customers, and I will direct any lawsuits that might arise in this
> matter to you and/or the users of your code.
> The specific error message that occurs is triggered whenever any
> incoming email has an ".eml" attachment (this is an RFC compliant copy
> of an email - such as would be returned when a message bounces):-
>
> MDS> This message was created automatically by mail delivery software (Exim).
>
> MDS> A message that you sent could not be delivered to one or more of its
> MDS> recipients. This is a permanent error. The following address(es) failed:
>
> MDS> salim@???
> MDS> This message has been rejected because it has
> MDS> a potentially executable attachment "Proof-of-Posting.eml"
> MDS> This form of attachment has been used by
> MDS> recent viruses or other malware.
> MDS> If you meant to send this file then please
> MDS> package it up as a zip file and resend it.
>
>
> Here are sample headers which trigger the incorrect detection above:-
> MDS> Content-Type: message/rfc822;
> MDS> name="Proof-of-Posting.eml"
> MDS> Content-Disposition: attachment;
> MDS> filename="Proof-of-Posting.eml"
>
>
> If you want to filter viruses, use a virus scanner. Damaging existing
> services and products by incorrect assumptions as you are now doing is
> not helpful.
It is not a virus scanner. It prevents particular types of content
being delivered. If thats a problem to you then take it up with those
managing the mail server concerned.
> If you want to block emails, you should also provide a contact in the
> rejection notice so the person running the block code can be informed
> by the victims when it is interfering with customer communications.
Up to the person managing the mail server concerned - I'm certainly not
putting my contact details there because it is not my problem.
> Kind Regards,
> Chris Drake
>
Thank you for telling me all the things I should do. I intend to
completely ignore them. Get some real experience of real (not mickey
mouse) mail systems before lecturing.
Nigel.