Reject Bad Body Lines

One form of virus that spread rapidly during the writing of this book looked, in part, like this:

Content-Type: audio/x-wav;
        name=na tla.exe
Content-Transfer-Encoding: base64
Content-ID: <GxPtp514A04SX3089G>

 etc. for many lines

This message body could be easily screened and rejected using the MILTER interface (Section 7.6) supplied with sendmail. Some sites, however, do not run versions of Unix that support POSIX threads (pthreads). At such sites, the MILTER interface is not available, so instead such screening must be done inside the checkcompat( ) routine.

The method we chose to illustrate here is based on the idea that parts of a message are separated from the headers, and from each other, by one or more blank likes:

Content-ID: <GxPtp514A04SX3089G>
                                   a blank line

By looking at just the first line of each part, we should be able to determine if the message should be rejected. To perform this examination, we decided to arbitrarily limit the length of the line we examine to the first 15 characters.[2]


Get Sendmail, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.