whitelisting "read" DSNs

Georg Graf georg.graf@wu-wien.ac.at
Fri Sep 9 10:31:20 UTC 2005


Hi,

Today I am trying to whitelist the (bulk) "read" or "Gelesen:" mails.

Many of them have the header:

   "Content-class: urn:content-classes:mdn"

I use dccm, so I could add

   "-S Content-class"

to dccm_args and put

   "ok substitute Content-class urn:content-classes:mdn"

in my whiteclnt file.

These Mails also set the "Content-Type" in slightliy differing
ways. Some examples:

'multipart/report;\n\tboundary="----_=_NextPart_001_01C5B451.56E2E754";\n\treport-type=disposition-notification'
'multipart/report;\n\tboundary="----_=_NextPart_001_01C5B45B.A25118BF";\n\treport-type=disposition-notification'
'multipart/report;\n\tboundary="----_=_NextPart_001_01C5B467.CED28D4D";\n\treport-type=disposition-notification'
'multipart/report;\n\tboundary="----_=_NextPart_001_01C5B479.3450C97E";\n\treport-type=disposition-notification'
'multipart/report;\n\treport-type=disposition-notification;\n\tboundary="----_=_NextPart_001_01C5ABC1.2D0E3390"'
'multipart/report;\n\treport-type=disposition-notification;\n\tboundary="----_=_NextPart_001_01C5AC04.5C1D2CD1"'
'multipart/report;\n\treport-type=disposition-notification;\n\tboundary="----_=_NextPart_001_01C5AC59.6D8697F2"'

Since I think I remember to have read that the entries in the whiteclnt
file have to be exact matches, my question is whether it is true I
cannot use the Content-Type header for this. If I can use the
Content-Type header, I would consider to run dccm with

   -S Content-class -S Content-Type

and have this in the whiteclnt file:

   ok2 substitute Content-class urn:content-classes:mdn
   ok2 substitute Content-Type multipart/report; report-type=disposition-notification

(but this would most likely not match my examples). Does dccm strip away
newlines and tabs if matching agains multi-line headers?

Maybe we need a feature like this?

   ok2 regex substitue Content-class "multipart/report.*report-type=disposition-notification"

Please give some comments on this topic. It hurts somehow that
spammers would be able to circumvent my dcc installation by
adding these headers, so I think two ok2 lines are always safer
than one ok line.

Or do you think I am only paranoid and should be happy with my
urn:content-classes:mdn match?

greetings from Vienna,

  George

--
Vienna University of Economics and Business Administration
Central and Internet Services Section
Center for Computer Services
UNIX Server Administration
PGP/GPG Key ID: 0xa5232ad5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://www.rhyolite.com/pipermail/dcc/attachments/20050909/c9204ee3/attachment.bin>


More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.