Eric Wong [Fri, 4 Apr 2014 00:39:41 +0000 (00:39 +0000)]
filter: use regexp to check multipart bodies
This should be safer than running file(1), which has had its share
of vulnerabilities this year (early 2014) We really only care about
diffs and maybe short log files, here.
Eric Wong [Fri, 28 Mar 2014 08:22:45 +0000 (08:22 +0000)]
filter: use file(1) to detect mime type if octet-stream
Some mailers do not correctly detect/set the Content-Type header; so
attempt to keep messages based on our server-detected MIME type if
application/octet-stream was specified.
Eric Wong [Fri, 10 Jan 2014 23:50:16 +0000 (23:50 +0000)]
reject messages if ORIGINAL_RECIPIENT is not specified
SpamAssassin doesn't seem to have this heuristic, but the lack of
the intended email address in To:/Cc: headers cannot be a good
sign (especially when this is a _public_ inbox).