[nSLUG] Re: [Somewhat OT] MTA changes header, mssg body lines. What?

Mike Spencer mspencer at tallships.ca
Wed Feb 16 02:49:15 AST 2011

I inquired about my observation that a handcrafted "boundary"
parameter to the Content-Type: header line in a sent message had been
changed in the received message.

Aaron Spanik replied:

> Whatever Eastlink's mail system is using to scan the mail for
> viruses and/or SPAM is the likeliest culprit.


> The reason you're MIME encoding in the first place is because what
> you're trying to send to the other end isn't (all) naturally 7-bit
> ASCII text (the encoding technically still at the heart of the SMTP
> standard).

Yes.  My script explicitly runs known binary data through mmencode
and inserts it within appropriate MIME boundaries and (sub)headers.

> In order to scan it, the scanner has to decode it to whatever its
> declared natural form is...


> ...and scan that.  It can then either rebuild the message, which it
> appears to be doing, or it can pass on the original.

Ah-ha!  Let's check that.  Instead of running the binary data through
mmencode on the fly, we'll manually run it through mmencode > file;
manually edit the file to insert some chars illegal in base64 
(tr a+ :_); tell the script to cat that file into the mssg body as the
base64-encoded block.

You must be right, Aaron.  Because the base64 data block received is
different from the one sent. They must be unpacking it, presumably
ignoring the illegal chars (per RFC 1521) and re-encoding it without
the ignored chars.

They (apparently Eastlink) do insert header lines:

    X-Sieve: CMU Sieve 2.3
    X-CMAE-Analysis: .....

in addition to the ClamAV header inserted by Tallships.

Thanks, Aaron,

- Mike

Michael Spencer                  Nova Scotia, Canada       .~. 
mspencer at tallships.ca                                     /( )\
http://home.tallships.ca/mspencer/                        ^^-^^

More information about the nSLUG mailing list