email module in 2.2
Angles Puglisi
angles at aminvestments.com
Sun May 26 03:49:34 EDT 2002
Matthew Dixon Cowles (matt at mondoinfo.com) wrote*:
>
>>I've encountered messages where there's a multi-part alternative
>>message that's wrapping both text/plain and text/html versions of a
>>message. I really don't want the HTML part (security problems
>>galore), so I just want to kick back the text/plain sub-sections in
>>this case.
>
>That's not uncommon in my experience. And I agree with you about the
>security problems. A more difficult question is what to do with mail
>that has only an HTML part.
This is not a plug, but for the past year+ I've been writting an email app for a
web based groupware product. The email code is available at:
www.anglemail.com/files
Why bother mentioning this?
1. I've been through many of these same (email) issues before, and I put extensive
documentation in the (php) code that is available, including references to chapters
in RFC's. Email code is not "rocket science" and I was sick of the learning curve,
so part of my goal was to have the code be almost like a quick study tutorial for
any other developer ever burdened with email development.
2. When I contributed some patches to the author of Getmail (a python project) last
year, I also noticed the lacking capability in the python email classes, ON A VERY
BASIC LEVEL. In my experience, the python library responsible for grabbing
all "Received" headers stopped after the first one, as an example.
3. I finally tried mod_python and though how cool it would if all that php email
code was really python. Perhaps some one may be inspired to port :)
SPECIFICS:
html only email is a blatant violation of RFC standards. Any part of a message that
is not text is supposed to have a less complicated MIME part in the mail, before
the more complicated part. That said, you can regex scan html only mail for some
typical "bad stuff" such as the "IFRAME" trick, MIME parts that indicate normal
filenames like "image.gif" but when base64 decoded, actually have file names ending
in bat, exe, inf, and such.
MULTIPART/RELATED
More clients use this now, Evolution does quite a bit, whereas before mostly MS
email clients sent out this kind of mail. Quite simply, it's "RELATED" because
there is an HTML part of the message that has, for example, IMG html tags that
refer not to an external URL but to another "RELATED" MIME part of the message. One
way to handle this is to swap the image ID tag in the html part with a URL to the
specific image MIME part it is referring to, which I can do because my request goes
thru a web server which grabs the image part from the email server.
Hope some of that helps.
--
That's "angle" as in geometry.
More information about the Python-list
mailing list