Can you read this email? (second attempt)
C de-Avillez
hggdh2 at ubuntu.com
Thu Mar 9 01:11:55 UTC 2017
On Wed, 8 Mar 2017 18:24:24 -0600
Kevin Godby <godbyk at gmail.com> wrote:
<snip/>
> Right.. well, that raises a question, I guess.
>
> While the attachments will be stripped, the message body should still
> come through okay now. The message body has a content type of
> multipart/signed and the attachment would be one of
> application/pkcs7-signature or application/pgp-signature.
>
> If we want to allow the signature attachments to come through, I can
> add those content types to the whitelist.
I would suggest you should. Without the actual signature, there is no
way to verify it. Yes, there is an attachment that will state the
message is signed, but not with what key. Taking out the actual
signature completely defeats signing.
>
> Any content type not on the whitelist (whether the full message or
> individual attachments) will be stripped away. If all the content in a
> multipart message is removed and nothing remains, or if the top-level
> message itself has a content type other than those whitelisted, then
> the entire message will be discarded.
> • multipart/mixed
> • multipart/alternative
> • multipart/signed
> • text/plain
May I also suggest that you forward messages worked by the content
filter to list owner? This would be temporary, but would allow you to
monitor how aggressive the filter is (and, perhaps, save the eventual
message that would be lost).
Cheers,
..C..
More information about the ubuntu-doc
mailing list