Sign In Sign Out Mailing Lists Unsubscribe or Change Settings Help

bugzilla.org

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
configset listname attachment_filters <<TAG
[VALUE LINES]
TAG
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Default Value : no default
Data Type     : attachment_filters
Category      : deliver
Password Notes: Visible only with password. 
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

EXAMPLE:
configset listname attachment_filters << ENDTAG
text/plain | allow
text/html  | clean
/.+/       | discard
ENDTAG

The attachment_filters setting contains a table of rules, which describe
how to process the different body parts of a posted message. 

A rule consists of a MIME type (or pattern matching a MIME type) 
and an action to perform when a message with this type or containing 
a part of this type is delivered to the subscribers of a mailing list.  
Each rule looks something like this:

  mime/type | action=argument

Some common MIME types include text/plain, text/html, and image/jpeg.

Possible actions are:

  allow     - Let the body part pass untouched.  Any subparts of 
              this part will be processed as usual.
  clean     - Remove portions of a HTML part that could pose a
              security hazard.
  discard   - Remove the part from the message and pass the rest.
              (This has no effect upon single-part messages.)
  format    - Convert the body part to plain text.  A numerical
              argument will adjust the right margin of the text,
              which occurs at position 72 by default.
  keep      - Let this body part, including any subparts, 
              pass untouched.


Each message that is posted to a mailing list consists of one or more
body parts.  Each body part has a particular type, sometimes called a
"MIME type," which gives some indication about the contents of the part.
For example, a body part containing a WWW document might have a
"text/html" MIME type.  (MIME is an abbreviation for the name of the
Internet standard for giving names to types) 

Most plain text messages consist of one body part whose type is
"text/plain".  When a message has more than one body part, the second
and succeeding parts are usually called "attachments."  The
"attachment_filters" setting is somewhat misnamed, because the allow
and format actions apply to every body part, including the first part.

Each attachment filter occupies one line.  It is possible to place
comments before, between, and after the individual filters, to indicate to
other administrators what each filter is intended to accomplish.
Comments are lines that begin with a '#'.

The first rule that matches a particular body part takes precedence.
For example, in the following two filters:

  text/html | allow
  /^text/i  | discard

any "text/html" body part will not be changed; any other kind of text
body part, for instance "text/plain" or "text/enriched," will be
discarded.  Each part of a message body is examined separately.  If no
rule matches, the part will not be altered.

The type on the left-hand side of an access rule can be an exact MIME
type, or it can be a pattern that potentially matches many different
MIME types (see "help patterns" for an explanation of how to write
patterns).  For example, to discard all GIF images, use the following
filter:

  image/gif | discard

and to discard all images of any type, use this filter:

  /^image/i | discard

Exact MIME type matches are case-insensitive; for instance, "image/jpeg"
and "Image/JPEG" are considered identical.


The allow action
----------------
The allow action causes a body part to be passed untouched.  If the body
part has subparts, they will be checked, and may be altered by the other
rules.


The clean action
----------------
The clean action will remove unwanted elements ("tags") and their
attributes from text/html body parts, to reduce the likelihood that
malicious code appears in the message.  At present, the following
elements and attributes will be removed by this action:

attributes:  background onblur onchange onclick ondblclick onfocus 
  onkeydown onkeypress onkeyup onload onmousedown onmousemove 
  onmouseout onmouseover onmouseup onreset onselect onunload

elements:  applet base embed form frame iframe ilayer img input 
  layer link meta object option script select textarea

These attributes and elements are not configurable.


The discard action
------------------
The discard action causes body parts to be discarded entirely,
from every message posted to a mailing list.  For example, many messages
have "multipart/alternative" bodies, with a "text/plain" part and a
"text/html" part.  Because "text/html" parts can contain a malicious
computer virus, list owners may want to use the following attachment
rule to remove them:

text/html | discard

The discard action only applies to messages with more than one body
part.  As a result, if someone posts a message that consists only of a
"text/html" body part, the discard rule in the previous example will
have no effect.  In the following example, both filters will have an
effect, even though they both match the "text/html" MIME type:

text/html | discard
text/html | format

The first rule will cause text/html parts in multi-part messages to be
removed.  The second rule will cause text/html parts in single-part
messages to have their HTML formatting removed.

For each body part removed due to a discard action, an X-Content-Discarded
header will be added to the message when it is delivered.

The discard action will not remove affect multipart subparts directly.
Instead, the filters will be applied to each body part that is not a 
multipart subpart.  For example, the following rule:

# By design, this rule has no effect.
multipart/alternative | discard

will not work because a multipart/alternative body part cannot be discarded.

The discard action should be used with caution, because it is possible
to discard every individual part of a multipart message.


The format action
-----------------
The format action alters message contents in two ways.  It removes
hypertext markup tags from "text/html" or "text/enriched" body parts,
and converts them into "text/plain" body parts.  It can also establish
the position of the width of the resulting text; by default, the width
of the text is 72 characters.  For example, to turn all rich text
body parts into plain text, use the following rule:

text/enriched | format

To turn all HTML body parts into text with an 80 character width,
use this rule:

text/html | format=80

For each body part changed due to a format action, an 
X-Content-Reformatted header will be added to the message when it is 
delivered.

The reformatted text will be left-justified, regardless of its original
placement.


The keep action
---------------
The keep action causes a body part to be passed untouched.  If the body
part has subparts, those also will remain untouched.  For example,
to allow a signed message to be posted without alterations, use the
following rule:

multipart/signed | keep


Effect upon the archives
------------------------
The attachment_filters setting also filters the copy of each new message
that is stored in the list's archive.  Otherwise, recipients of each
message and recipients of MIME digests would receive different content.


Avoiding the filters
--------------------
If a moderated message is approved by the moderators with the
"accept-intact" command, or if a message is posted with the
"post-intact" command, none of the filters in this setting will be
applied when the message is delivered.


Example - Remove all attachments
--------------------------------
The following filters will remove all attachments that are not
plain text, and convert HTML and enriched-text single-part messages into 
plain text.

text/plain | allow
ALL | discard
text/html | format
text/enriched | format

The second filter will discard all parts that are not plain text from
multipart messages.  The second filter will take precedence for all
message parts that are not plain text.  However, the "discard" action is
ignored for single-part messages, so the third and fourth filters will
affect single-part messages that contain HTML or enriched text.

This example has two potential side effects.  If a single-part message
is posted that is not text/plain, text/html, or text/enriched, it will
not be affected by the filters.  Also, if a multipart message is posted
that does not have a text/plain part, all of its parts will be
discarded, leaving the message blank.


Example - Remove all non-text attachments
-----------------------------------------
The following filters will remove all attachments that are not plain
text, HTML, or enriched-text, and convert HTML and enriched-text parts
into plain text.

text/plain | allow
text/html | format
text/enriched | format
ALL | discard

This example has two potential side effects.  If a single-part message
is posted that is not text/plain, text/html, or text/enriched, it will
not be affected by the filters.  Also, if a multipart message is posted
that has more than one text part, it may continue to have more than
one text part after the message has been filtered.

The best way to cope with messages that might trigger one of these
side effects is to use the attachment_rules setting to restrict access
for messages that do not contain a (plain) text part.  See
"help configset_attachment_rules" for more details.


Unimplemented features
----------------------
The "attachment_filters" setting does not alter portions of text messages
that contain non-MIME attachments, such as uuencoded documents. 


See Also:
   help accept
   help admin_delivery
   help configset_access_rules
   help configset_admin_body
   help configset_attachment_rules
   help configset_taboo_body
   help post

This is the "configset_attachment_filters" help document for 
Majordomo 2, version 0.1201103110.

For a list of all help documents, send the following command:
   help topics
in the body of a message to majordomo@bugzilla.org.

If you need assistance, please contact the bugzilla.org administrators.
Sign In Sign Out Mailing Lists Unsubscribe or Change Settings Help