The mailing list for listmasters using Sympa

[Sven Hartge <address@concealed>]

On 25.01.22 14:33, Sven Hartge wrote:

> I worked around my issue by matching on the type of the message part 
> instead of trying to match on the Content-Type header:
>
> ---------8<------------
> title.gettext THM Newsletter
>
> match([msg_part->type],/image/) smtp,dkim,md5,smime    -> 
> reject(reason='send_multipart')
> match([msg_part->type],/application/)   smtp,dkim,md5,smime    -> 
> reject(reason='send_multipart')
> true()                             smtp,dkim,smime,md5        -> editorkey
> ---------8<------------

Well, I celebrated too early, as this will also deny anything with 
"application/pkcs7-signature" as well.

My new, better tested solution now looks like this:

---------8<------------
title.gettext THM Newsletter

match([header->Content-Type],/multipart\/mixed/) smtp,dkim,md5,smime 
-> reject(reason='send_multipart')
match([msg_part->type],/multipart\/mixed/)      smtp,dkim,md5,smime -> 
reject(reason='send_multipart')
match([msg_part->type],/image/)      smtp,dkim,md5,smime    -> 
reject(reason='send_multipart')
true()                             smtp,dkim,smime,md5        -> editorkey
---------8<------------

The first match on header->Content-Type is necessary for unsigned mails 
with an attachment.

The second match then catches any multipart/mixed types nested deeper, 
like inside a multipart/signed container.

And the last match is for inlined images in multipart/related containers.

Hopefully this will be the last iteration. If anyone has any 
optimizations, please send them along as well.

Mit freundlichen Grüßen,
Sven Hartge

--
Dipl.-Inform. (FH) Sven Hartge
Technische Hochschule Mittelhessen
- University of Applied Sciences  -
     IT-Services Bereich Gießen
Server-, Dienst- und Netz-Administration

Postanschrift: Wiesenstraße 14, 35390 Gießen
Tel.: +49 641 309-1291
Fax: +49 641 309-1288
Web: www.its.thm.de, E-Mail: address@concealed

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature