cwieland at uci.edu
Wed Apr 16 18:28:50 CEST 2008
On Apr 15, 2008, at 4:07 PM, Mark Sapiro wrote:
> Con Wieland wrote:
>> On Apr 15, 2008, at 2:58 PM, Mark Sapiro wrote:
>>> Con Wieland wrote:
>>>> My questions are, why am I getting the html attachments?
>>> Because the sender's MUA is sending them and your content
>>> filtering is
>>> either not on or is not removing HTML and not collapsing
>> Correct it was not on for this example but when I turn it on and
>> Remove message attachments that have a matching content type. text/
>> I lose the pdf too. How can I configure it to just remove the text/
>> html and leave the text/plain and application/pdf ?
> It depends on how you want to approach things. You can either specify
> what you want to accept and filter the rest, or specify what you don't
> want and accept the rest. This means you want to specify only one of
> filter_mime_types and pass_mime_types and the other should be empty.
> If you want to accept any text/plain parts from the message or an
> attached (forwarded as attachment) message and likewise for PDFs and
> not accept anything else, set filter_mime_types empty and
> pass_mime_types to
I must be missing something here because as soon as I turn on content
filtering no matter what I try in pass_mime_types (with above) or
filter_mime_types, I lose everything but the text
> If you want to accept everything except html, you would put text/html
> in filter_mime_types and leave pass_mime_types empty, but this is
> probably a very bad idea. The first problem that comes to mind is you
> will pass the plain text from a multipart alternative message and also
> pass the stationery background/watermark image file but remove the
> html that references the image leaving it as a simple attachment.
>>>> and why
>>>> are they jibberish?
>>> They are not gibberish. They are HTML shown to you as raw rather
>>> rendered HTML.
>> Yes, gibberish was not the right word. But why aren't they rendered
>> when I click on the link. I am used to just being able to open the
>> link and have them rendered.
> Because you don't want a list member posting an HTML message with evil
> There is an mm_cfg.py setting to allow this, but here's what we say
> about it in Defaults.py.
>> # This variable defines what happens to text/html subparts. They
>> can be
>> # stripped completely, escaped, or filtered through an external
>> program. The
>> # legal values are:
>> # 0 - Strip out text/html parts completely, leaving a notice of
>> the removal in
>> # the message. If the outer part is text/html, the entire
>> message is
>> # discarded.
>> # 1 - Remove any embedded text/html parts, leaving them as HTML-
>> # attachments which can be separately viewed. Outer text/html
>> parts are
>> # simply HTML-escaped.
>> # 2 - Leave it inline, but HTML-escape it
>> # 3 - Remove text/html as attachments but don't HTML-escape them.
>> Note: this
>> # is very dangerous because it essentially means anybody can
>> send an HTML
>> or other
>> # nasty things, and folks viewing your archives will be
>> susceptible. You
>> # should only consider this option if you do heavy moderation
>> of your list
>> # postings.
>> ARCHIVE_HTML_SANITIZER = 1
> Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
> San Francisco Bay Area, California better use your sense - B. Dylan
> Mailman-Users mailing list
> Mailman-Users at python.org
> Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
> Searchable Archives: http://www.mail-archive.com/mailman-users%
> Unsubscribe: http://mail.python.org/mailman/options/mailman-users/
> Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?
More information about the Mailman-Users