5692 – better support for attachment metadata?

Bug 5692 - better support for attachment metadata?

Summary: better support for attachment metadata?

Status:	NEW

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	Libraries (show other bugs)
Version:	SVN Trunk (Latest Devel Version)
Hardware:	All All

Importance:	P3 enhancement
Target Milestone:	Future
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Duplicates (1):	5541 (view as bug list)
Depends on:
Blocks:

Reported:	2007-10-19 11:03 UTC by Jason Haar
Modified:	2023-05-12 15:45 UTC (History)
CC List:	3 users (show)

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jason Haar 2007-10-19 11:03:52 UTC

Hi there

Justin Mason asked me to put this in.

With things like the current mp3 spam being upon us, one feature that could be
good to have would be the ability for SA to figure out MIME metadata associated
with a particular email. i.e. "this message has 3 attachments,
1:text/plain:0bytes, 2:text/html:334bytes, 3:audio/mpeg:53535353bytes".

If this information was available, we could create a rule for the current mp3
burst that says that emails with mp3 attachments that also contain a text/plain
attachment that is <10bytes in size is probably spam.

Jason

Comment 1 Theo Van Dinter 2007-10-19 11:11:27 UTC

This is trivial in a plugin.

Comment 2 Henrik Krohns 2019-06-26 08:43:42 UTC

It would be handy to have some kind of generic metadata header that could be matched with header rules. I don't think rules can even check attachment size currently.

X-Spam-Mime-Parts: 1 type=text/html size=123 name=
X-Spam-Mime-Parts: 2 type=image/png size=234567 name=foobar.png

Comment 3 Henrik Krohns 2019-07-08 10:53:36 UTC

*** Bug 5541 has been marked as a duplicate of this bug. ***

Comment 4 Henrik Krohns 2022-03-06 10:52:01 UTC

Postponing into future, not sure what would be useful, no one has really asked for this stuff. Could be a new MIMEEval function, but how flexible should it be..

Comment 5 Kent Oyer 2022-09-13 22:27:10 UTC

I have written a plugin to handle this. It allows you to write rules like:

attachment    INVALID_HTML_TYPE       name =~ /\.s?html?/i type != text/html
attachment    GEEKSQUAD_IMAGE_SPAM    name =~ /^geek/i type =~ /^image\//
attachment    TRAILING_DOT            name =~ /\.$/
attachment    DOUBLE_EXTENSION        name =~ /\.[^.\/\s]{2,4}\.[^.\/\s]{2,4}$/i

The plugin is available here:

https://github.com/mxguardian/Mail-SpamAssassin-Plugin-AttachmentDetail

Everything you can do with this plugin, you can do with a mimeheader rule, it just makes writing rules easier. Hopefully someone finds it useful.

Thanks
Kent

Comment 6 Kent Oyer 2023-05-12 15:45:06 UTC

Would it be possible to add this plugin [1] to the wiki [2]?

[1] https://github.com/mxguardian/Mail-SpamAssassin-Plugin-AttachmentDetail
[2] https://cwiki.apache.org/confluence/display/SPAMASSASSIN/CustomPlugins

UNRELATED: While we are at it, can you please add this plugin [3] as well?

[3] https://github.com/mxguardian/Mail-SpamAssassin-Plugin-ScriptInfo

Thanks
Kent