The RFC does declare an = to indicate that the end of the data stream has been reached, further data should be truncated, though it seems each email client actually handles this differently. Take the low road catchall, and simply reject them as a matter of course.
-Eric Stevens mightye a@t mightye d.o.t org
Christian Vogel wrote:
Hi,
On Tue, Sep 23, 2003 at 07:50:56PM +0300, Alexander Ogol wrote:
decision in all situations. Some mailing lists (debian-russian, for example)
add some 7bit information after letter body while re-forwarding, regardless
of was the letter base64/QP encoded or not, resulting of such malformed
Then this software is severly broken (MIME-wise), imho, and needs to be updated/changed/dumed.
So I think that the right solution (before antivirus software would be
rewritten) is to write filters by yourself - decode base64 as that do
popular mail clients and give them to antivirus.
With this approach, you are always on the "one step behind" side of the problem. It's only a matter of time that someone finds out that (made up example:) you can use a UTF8-mis-encoded "=" in Microsoft's base64-decoder... The only sane way is to check if it's in the standard-form ("abcABC=") and reject or convert if it's not.
99.99% of all software should create the standard form, so please let the tiny fraction of users with broken software suffer when their mails get rejected.
(Note: this of course applies not only to Base64 but to all aspects of header-parsing, file-format guessing etc...)
Chris
