[urq] The MIME epidemic
isham-research.freeserve.co.uk at pop.pol.net.uk
isham-research.freeserve.co.uk at pop.pol.net.uk
Mon Feb 12 14:50:35 EST 2001
> why exactly is mime email a security risk?
Well, I _did_ include a link. Here it is again, with a couple more:
http://www.wired.com/news/technology/0,1282,41686,00.html?tw=wn20010208
http://lwn.net/2001/0208/a/htmlprivacy.php3
http://channel.nytimes.com/2001/02/05/technology/05JAVA.html
It's not specifically MIME per se, but multi-part MIME. I pull email
in two stages (I get a LOT of it) and look at the headers before
downloading the bodies. The headers tell me whether a post is
single-part ASCII - which I usually accept - single-part non-ASCII or
multi-part. The latter two are deleted from the spool without ever
being downloaded _unless_ they come from a 'trusted' domain or
individual. There's a table of both of these in the code. Even then,
I sometimes get questionable stuff, so it all goes into a 'dirty'
directory to be examined manually before it gets near the system.
As a matter of interest only - downloading the headers now takes almost
twice as long as downloading the bodies. It takes the quattro list
server about 2m 10s to deal with a single post - on average, 60% of this
is headers. Of the headers, over 40% is originated by mailman and is
of no conceivable use - an extra 573 bytes of overhead per post:
X-BeenThere: quattro at audifans.com
X-Mailman-Version: 2.0beta6
Precedence: bulk
List-Help: <mailto:quattro-request at audifans.com?subject=help>
List-Post: <mailto:quattro at audifans.com>
List-Subscribe: <http://www.audifans.com/mailman/listinfo/quattro>,
<mailto:quattro-request at audifans.com?subject=subscribe>
List-Id: The main audifans.com quattro list <quattro.audifans.com>
List-Unsubscribe: <http://www.audifans.com/mailman/listinfo/quattro>,
<mailto:quattro-request at audifans.com?subject=unsubscribe>
List-Archive: http://www.audifans.com/pipermail/quattro/
Does anyone have an email client that actually uses this stuff? It
accounts for over 20% of the lists's total bandwidth.
--
Phil
More information about the quattro
mailing list