Re: [exim] mime_filename and &# encoding

Pàgina inicial
Delete this message
Reply to this message
Autor: Jeremy Harris
Data:  
A: exim-users
Assumpte: Re: [exim] mime_filename and &# encoding
On 12/07/14 15:39, toby-exim@??? wrote:
> On 28/06/2014 10:01:06, "Jasen Betts" <jasen@???> wrote:
>
>> On 2014-06-27, Sean Donelan <sean@???> wrote:
>>
>>> It appears the RFC2047 decode in Exim can be tricked, and the spammers
>>> have figured out how to exploit it.
>>>
>>> For example, this is a recent MIME part (I added "_")
>>>
>>>      Content-Type: application/x-zip-compressed;
>>>           name="&_#_1057_;opy_of_Document_ID7851.zip"
>>>      Content-Transfer-Encoding: base64
>>>      Content-Disposition: attachment;
>>>           filename="&_#_1057_;opy_of_Document_ID7851.zip"

>>>
>>> When Exim expands the variable $mime_filename the result
>>> is only "&_#_1057" and nothing else (again _'s added)
>> Still, it looks like a bug in exim. I'm fairly sure the RFCs say that
>> semicolons are not significant inside quoted words.
> I've got some anti-zipfile protection in my config and some zipfiles are
> making
> it through because the filename is like that. This has started happening
> recently, so it's not just you Sean.
>
> My mail client also cuts the filename at the semi-colon, for what it's
> worth.


HEAD now contains a probable fix for this. Confirmation from production
systems exposed to the wild would be very welcome.
--
Cheers,
Jeremy