On Tue, 17 Dec 2013 21:08:58 Daniel Jitnah wrote: There are ways of altering the binary message which shouldn't change the result when it's decoded. One example is base64 vs mime encoding, one could theoretically write a mail server that converted one to the other with most users not noticing a difference. Messages with DKIM signatures can be checked. So if someone sends you a message from Gmail or any other service that reliably runs DKIM then you can verify the contents. Does anyone know of a good script to check a DKIM message? I've got some hacky ones that I wrote, I could tidy one up and release it if there's nothing better. Historically some relatively popular MTAs altered messages. For example the Netscape iPlanet MTA would remove leading spaces in header fields, so subjects of " test" and "test" would end up the same when the message was delivered. The Qmail POP server would add an extra blank line at the end of each message. When I was writing my Postal mail benchmark program and using it to check message integrity I had special-case code for iPlanet and Qmail to deal with this. While such alterations wouldn't affect an attachment, the people who break such things might break other things, I could easily imagine the authors of either of those programs happily breaking attachments that they considered to be wrong. In regard to the original question if "many ISPs" means "dozens out of tens of thousands in the world" then it's likely to be a correct statement. But if "many ISPs" means and significant fraction of the ISPs or the ISP customer base then I don't think so. Attachments usually work for most people, the vast majority of ISPs get it right - or get it wrong in rare corner cases. Strangely some people think that infected email should be disinfected (modified) and sent on. I think that ideally it should be rejected with a SMTP 55x code and if that fails it should be discarded. If you know the message is bad then the recipient should never see it. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/

I'm way out of touch on this. Is it now so unusual for someone to have problems opening a .doc file that ISPs rather than Microsoft & the sender "up"-grading their application are/is the first to be blamed? Dav(e/id/o/y) I believe it is long overdue for lawyers, economists, writers & politicians to understand that ignorance of the law(s of physics) is no excuse! (BTW I check same title(a)Gmail.com more often) -------------------------------------------- On Wed, 18/12/13, Russell Coker <russell(a)coker.com.au> wrote: Subject: Re: [luv-talk] ISP alters attachments To: luv-talk(a)lists.luv.asn.au Received: Wednesday, 18 December, 2013, 12:42 AM On Tue, 17 Dec 2013 21:08:58 Daniel Jitnah wrote: a few via the original and see for malware etc, There are ways of altering the binary message which shouldn't change the result when it's decoded.  One example is base64 vs mime encoding, one could theoretically write a mail server that converted one to the other with most users not noticing a difference. Messages with DKIM signatures can be checked.  So if someone sends you a message from Gmail or any other service that reliably runs DKIM then you can verify the contents.  Does anyone know of a good script to check a DKIM message?  I've got some hacky ones that I wrote, I could tidy one up and release it if there's nothing better. Historically some relatively popular MTAs altered messages.  For example the Netscape iPlanet MTA would remove leading spaces in header fields, so subjects of " test" and "test" would end up the same when the message was delivered.  The Qmail POP server would add an extra blank line at the end of each message.  When I was writing my Postal mail benchmark program and using it to check message integrity I had special-case code for iPlanet and Qmail to deal with this.  While such alterations wouldn't affect an attachment, the people who break such things might break other things, I could easily imagine the authors of either of those programs happily breaking attachments that they considered to be wrong. In regard to the original question if "many ISPs" means "dozens out of tens of thousands in the world" then it's likely to be a correct statement.  But if "many ISPs" means and significant fraction of the ISPs or the ISP customer base then I don't think so.  Attachments usually work for most people, the vast majority of ISPs get it right - or get it wrong in rare corner cases. Strangely some people think that infected email should be disinfected (modified) and sent on.  I think that ideally it should be rejected with a SMTP 55x code and if that fails it should be discarded.  If you know the message is bad then the recipient should never see it. -- My Main Blog         http://etbe.coker.com.au/ My Documents Blog    http://doc.coker.com.au/ _______________________________________________ luv-talk mailing list luv-talk(a)lists.luv.asn.au http://lists.luv.asn.au/listinfo/luv-talk

On Fri, 20 Dec 2013 18:48:37 David E Payne wrote: Firstly the correct way to quote text is to prepend each line with "> ". If you are using webmail or some other inadequate MUA then you can type them manually, I fixed the above text and you could have done so just as easily. If an MTA rejects mail with a SMTP 55x then the sending MTA will generate a bounce message which informs the sender. Messages that have viruses are not from people and there's no censorship. Even when people manually send malware it's not censorship, please read the Wikipedia page about "censorship" or any other resource that defines it. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/