-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Fri, 14 Aug 2009, Patrick Nagel wrote:
able to see all attachments of all other mail receivers. So this only works in a cooperative environment.
One can extend that scheme a bit.
In short, a script (implemented as filter, getting called by postfix) extracts all attachments on arrival, using ripmime [1]. The attachments
We use MIMEDefang on the recieving MTA.
There I remove certain MIME parts and put them on a Webspace, the filename (aka URL) is the seeded SHA1 of the content. So it is not easy to guess an URL without already knowing the seed and the content or the mail itself.
However, the reactions to this action is quite wide spread. Some are glad, because they can download attachments on demand, others hate this extra step. Some user think the mail is altered and the copyright of the sender is infringed. In a few cases, I ripped some pictures from a HTML mail, which caused uproar. Also, the S/Mime and PGP signing won't work, if transmitted in a separate MIME part.
Bye,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBSoUwPXWSIuGy1ktrAQI8WAgAmFLqedn6MI900XPx9OcoeK0MONNQ3sRd Yy+FGfiZIQt4BhwyTG5biKrplfBXldz50Gyqf6u6XlOEVmHMR0g8mTw4PGm3GxKi s9FKk4WdqIhmdRDmo81bd+6OgEIIseImYVMHem7p7jMSkIDwUl1wWE35akKT7I0q ns6Npythx7m26urFxR795UU9aFg4ZC1geUsgbd6Q94xPS2f+wXeGFQSBWkpjh+Xh r0tVYRNQHVkcIxStP3ZdD4tDSduhl+OsZ7Y3SsflCOqubC7ROE7n9j6djY1zeJ3+ PUdq8OWj3xikTZFEOuZmcSOBe+KndJKPE47MiIDKasYktsr9HsxyJw== =TITz -----END PGP SIGNATURE-----