MIME epidemic

[QSHIPQ at aol.com]

The security concerns regarding MIME format have been around for a long 
while, mostly do to the ignorance of the user as Bob pointed out.  Not to 
mention many servers routinely mime encode text only posts anyway.  Phil, 
*YOU* can do 1 of a few things (and I wholly consider this *your* problem, 
not these lists or any listers):
1) get the digest version of posts which has been firewalled and decoded
2) get the archive version of posts which have been firewalled and decoded
3) contact Dan S directly to see if he's willing to accomodate *your* concern 
(I personally don't see why given 1 and 2)
4) Get Bob or someone to help you, since your expertise in this area is 
obvious to many of us that deal with MIME encoding daily here in the cellular 
impaired (relevence?) USA.
...then maybe
5) the "20%" of *your* problem doesn't become the 20% of the posts on these 
lists, making it our problem.  Where's the audi content in that?  

Unbelievable.  Get help now Phil, nothing we do on these lists *for you* is 
going to change the problem with MIME encoding, it's here to stay, clearly 
not a cellular (or singular) problem, as Bob pointed out.

SJ
Phil writes:
>       why exactly is mime email a security risk?

>>Well, I _did_ include a link.  Here it is again, with a couple more:

>>http://www.wired.com/news/technology/0,1282,41686,00.html?tw=wn20010208
>>http://lwn.net/2001/0208/a/htmlprivacy.php3
>>http://channel.nytimes.com/2001/02/05/technology/05JAVA.html

>>It's not specifically MIME per se, but multi-part MIME.  I pull email
>>in two stages (I get a LOT of it) and look at the headers before
>>downloading the bodies.  The headers tell me whether a post is
>>single-part ASCII - which I usually accept - single-part non-ASCII or
>>multi-part.  The latter two are deleted from the spool without ever
>>being downloaded _unless_ they come from a 'trusted' domain or
>>individual.  There's a table of both of these in the code.  Even then