[Mailman-Users] keep html & scrub attachments

[Mark Sapiro]

Stuart Wyles wrote:
>
>I'm 
>wanting messages arriving both at a subscribers inbox, and in the archive, 
>to look like the original message (html intact) with only difference from 
>the original being url's replacing attachments. I'm using Mailman 2.1.6 + 
>mhonarc.
>
>Is it possible? I can't seem to set the right combination of options. What 
>options should i set?


This is not possible with Pipermail. With Pipermail, the control is
ARCHIVE_HTML_SANITIZER which defaults to 1 meaning save any HTML parts
as HTML-escaped files referenced by URLs in the archive. Other
settings you might want are 2 - Leave it inline, but HTML-escape it or
3 - Remove text/html as attachments but don't HTML-escape them. See
the comments in Defaults.py for further information, particularly
about the danger of allowing links to unescaped HTML - it exposes you
to cross site scripting (XSS) attack.

However, you are using Mhonarc as an external archiver, so this may not
apply to your archives. Do you have your list's scrub_nondigest
attribute set to yes? If so, the message will be scrubbed according to
the above settings before either archiving or non-digest delivery. If
scrub_nondigest is set to no, individual messages will be sent as is
after content filtering, and the same unscrubbed message will be
passed to the external archiver, and from there, what happens is up to
Mhonarc.

If you are saying, you want Mailman to scrub the message (by setting
scrub_nondigest to yes), then you can't have unescaped, inline HTML
without actually modifying the code in Scrubber.py.

-- 
Mark Sapiro <msapiro at value.net>       The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan