Bug 5692 - better support for attachment metadata?
Summary: better support for attachment metadata?
Status: NEW
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Libraries (show other bugs)
Version: SVN Trunk (Latest Devel Version)
Hardware: All All
: P3 enhancement
Target Milestone: Future
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
: 5541 (view as bug list)
Depends on:
Blocks:
 
Reported: 2007-10-19 11:03 UTC by Jason Haar
Modified: 2023-05-12 15:45 UTC (History)
3 users (show)



Attachment Type Modified Status Actions Submitter/CLA Status

Note You need to log in before you can comment on or make changes to this bug.
Description Jason Haar 2007-10-19 11:03:52 UTC
Hi there

Justin Mason asked me to put this in.

With things like the current mp3 spam being upon us, one feature that could be
good to have would be the ability for SA to figure out MIME metadata associated
with a particular email. i.e. "this message has 3 attachments,
1:text/plain:0bytes, 2:text/html:334bytes, 3:audio/mpeg:53535353bytes".

If this information was available, we could create a rule for the current mp3
burst that says that emails with mp3 attachments that also contain a text/plain
attachment that is <10bytes in size is probably spam.

Jason
Comment 1 Theo Van Dinter 2007-10-19 11:11:27 UTC
This is trivial in a plugin.
Comment 2 Henrik Krohns 2019-06-26 08:43:42 UTC
It would be handy to have some kind of generic metadata header that could be matched with header rules. I don't think rules can even check attachment size currently.

X-Spam-Mime-Parts: 1 type=text/html size=123 name=
X-Spam-Mime-Parts: 2 type=image/png size=234567 name=foobar.png
Comment 3 Henrik Krohns 2019-07-08 10:53:36 UTC
*** Bug 5541 has been marked as a duplicate of this bug. ***
Comment 4 Henrik Krohns 2022-03-06 10:52:01 UTC
Postponing into future, not sure what would be useful, no one has really asked for this stuff. Could be a new MIMEEval function, but how flexible should it be..
Comment 5 Kent Oyer 2022-09-13 22:27:10 UTC
I have written a plugin to handle this. It allows you to write rules like:

attachment    INVALID_HTML_TYPE       name =~ /\.s?html?/i type != text/html
attachment    GEEKSQUAD_IMAGE_SPAM    name =~ /^geek/i type =~ /^image\//
attachment    TRAILING_DOT            name =~ /\.$/
attachment    DOUBLE_EXTENSION        name =~ /\.[^.\/\s]{2,4}\.[^.\/\s]{2,4}$/i

The plugin is available here:

https://github.com/mxguardian/Mail-SpamAssassin-Plugin-AttachmentDetail

Everything you can do with this plugin, you can do with a mimeheader rule, it just makes writing rules easier. Hopefully someone finds it useful.

Thanks
Kent
Comment 6 Kent Oyer 2023-05-12 15:45:06 UTC
Would it be possible to add this plugin [1] to the wiki [2]?

[1] https://github.com/mxguardian/Mail-SpamAssassin-Plugin-AttachmentDetail
[2] https://cwiki.apache.org/confluence/display/SPAMASSASSIN/CustomPlugins

UNRELATED: While we are at it, can you please add this plugin [3] as well?

[3] https://github.com/mxguardian/Mail-SpamAssassin-Plugin-ScriptInfo

Thanks
Kent