[Mailman-Users] How to strip S/MIME attachments

Mark Sapiro mark at msapiro.net
Fri Nov 4 07:27:52 CET 2011 

Adam Engst wrote:
>
>I'm trying to set my list so that it strips the S/MIME digital
>signature attachments that some mail software adds to every message
>(iOS 5 is a culprit here). However, no matter what I do, Mailman seems
>to see the message as not having content, such that it's forwarded to
>me, the list owner, rather than being sent on to the list. My content
>filtering settings are as follows:
>
>filter_content: Yes
>filter_mime_types: application/pkcs7-signature


The above is superfluous. If pass_mime_types is non-empty, every type
not mentioned there is filtered.


>pass_mime_types: multipart/mixed, multipart/alternative, text/plain


You need at least multipart/signed in the above list. Accepting
text/plain is not sufficient if the text/plain part is a sub-part of a
multipart type (in this case multipart/signed) which is not accepted.


>filter_filename_extensions: exe, bat, cmd, com, pif, scr, vbs, cpl, p7s
>pass_filename_extensions: blank
>collapse_alternatives: Yes
>convert_html_to_plaintext: Yes
>filter_action: Forward to list owner
>
>In particular, note the filter_mime_types and the last entry in
>filter_filename_extensions, which are what I've added to try to get
>rid of these attachments.


filter_filename_extensions is only applied after content type
filtering. In this case, all it does is remove any text/plain parts
which have an associated name with one of those extensions. With your
pass_mime_types, everything other than possibly some elemental
text/plain parts is already removed.


>Any ideas what I might be doing wrong, or if I'm missing something
>that prevents Mailman from handling S/MIME attachments properly?


Since you are collapsing alternatives and converting HTML to plain
text, I suggest

pass_mime_types
    multipart
    text/plain
    text/html

Which will accept all and only text/plain and text/html elemental
parts, then collapse any multipart/alternative parts to the first
sub-part (normally the text/plain alternative) and finally convert any
remaining text/html to text/plain using lynx or whatever the
installation has configured as HTML_TO_PLAIN_TEXT_COMMAND.

If you don't want to bother with converting HTML to plain text, don't
put text/html in pass_mime_types.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list