Re: [exim] 8BITMIME

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Michael Deutschmann
Date:  
À: exim-users
Sujet: Re: [exim] 8BITMIME
Ah, 8BITMIME. Several years ago, I looked into adding proper support to
Exim, but after reading the RFCs came to the conclusion that the
standard was irredeemably broken. A new 8BITMIME RFC was published
since then, but still has the same flaws.

First, to do what Exim does now when 8BITMIME is "enabled", is
explicitly forbidden by the RFC:

>From RFC 6152, page [4]:

# If a server SMTP does not support the 8-bit MIME transport extension
# (either by not responding with code 250 to the EHLO command, or by
# not including the EHLO keyword value 8BITMIME in its response), then
# the client SMTP must not, under any circumstances, attempt to
# transfer a content that contains characters outside of the US-ASCII
# octet range (hex 00-7F).

It gets worse from there. Not all 8-bit messages can be downconverted
-- such as any "just-pass-8" non-MIME message.

And some arrogant lazy imbecile MUA author, wanting a guarantee that his
mailer would never have to deal with nested encodings, got a rule passed
in MIME itself that said no "message/*" type object could ever have a
nontrivial encoding.

>From RFC 2046, page [29]:

# No encoding other than "7bit", "8bit", or "binary" is permitted for
# the body of a "message/rfc822" entity. The message header fields are
# always US-ASCII in any case, and data within the body can still be
# encoded, in which case the Content-Transfer-Encoding header field in
# the encapsulated message will reflect this. Non-US-ASCII text in the
# headers of an encapsulated message can be specified using the
# mechanisms described in RFC 2047.

This means that a valid 8-bit MIME message could contain an attached
e-mail (or usenet posting) that is neither 7-bit clean nor valid MIME.
The outer message would be then be impossible to convert to valid 7-bit
MIME -- "7bit" CTE is insufficent, "8bit" CTE is forbidden by the
transport, and QP/B64 are both barred by RFC 2047.

That troubles me, because it means illegal 8bit messages leave my site
whenever I forward an 8bit spam to an abuse contact. To avoid this, if
Exim had an option to *enforce* 7bit, I would turn it on to ensure that
I am only ever called upon to forward pure 7bit mails.

---- Michael Deutschmann <michael@???>