Re: [exim] options to obsoleted 'demime'?

Top Page
Delete this message
Reply to this message
Author: OpenMacNews
Date:  
To: Tom Kistner, Stephen Gran
CC: exim-users
Subject: Re: [exim] options to obsoleted 'demime'?
hi tom,

>> bad decision to make. If you feel you have to be more cautious, then
>> wish that exim was keeping the demime facility :(
>
> Unpacking MIME and archives for AV checking has very special requirements.
> The optimum being a complete emulation of Microsoft's MIME libraries
> (including emulating all of its bugs). It will always be best-effort for us.
> What I tried with the MIME error checking is to provide some basic sanity,
> but in reality it created too much false positives and confusion.
>
> I recommend NOT to unpack MIME and archives. You can apply some MIME policies
> using the MIME ACL, but I think that may be superflous in practice.
>
> Leave dealing with this stuff to the AV scanners. Their authors have gone
> great lengths to optimize their decoding/unpacking engines. I do not think it
> is worth the effort to reinvent THAT wheel :)


fair point. and the advice i'll follow for now. thx!

BUT ... that said, from _my_ read/understanding of this thread:

(a) Exim's 'demime' works "well" for unpack - possibly "better (safer?)" than
ClamAV, but is going away

(b) one of clamav's maintainers (or were you just 'borrowing' the hat,
stephen?) suggests use of (or at least wish for ...) Exim demime to unpack
rather than clamav.

the message that comes across is, with the 'demise of demime' things get worse,
not better.

now, given the probably sage advice:

> Leave dealing with this stuff to the AV scanners


should there at least be some communication FROM:
those-who-delve-in-Exim's-depths TO: those-who-delve-in-ClamAV's-depths to
facilitate the 'fixing' of any shortcomings that we, as floundering end-users,
might be exposed to?

or, at least, some an appropriate lying-through-its-teeth Exim marketing sheet
that convinces us that we won't be beset upon by untold thousands of virii? ;-)


cheers,

richard