Closed catap closed 8 months ago
I can easy reproduce that issue by sending this zip from icloud to dmarc's report domain.
The problem is not the zip file. It’s not being recognized as an attachment. So: what does the email look like? Maybe you could save it as a .eml
file and attach it here. Alternatively, email source code starting with the Content-Type
header and ending at the beginning of the ZIP attachment should also do.
Sure, here the email: Report domain korins.ky Submitter google.com Report-ID_ 440465233067844141.zip
(github asked me to make a zip from it)
Yes, I can confirm that this message cannot be processed correctly. But that’s a message sent by your iCloud account, with complicated structure and multiple nested parts. A regular Google message looks very differently and at least for me is always processed correctly.
I’m looking into whether the parsing logic can be adapted, but I don’t think that this use case justifies making it considerably more complicated than it is now.
Indeed it's more complicated.
I simple tried to test that filter O:-)
Turned out to be fairly simple after all. I think that it should work even with those iCloud mails now.
Something still doesn't right. I've attached resulted email and screenshot how I see it via mail.app:
Report domain korins.ky Submitter google.com Report-ID_ 440465233067844141.zip
and Thunderbird show it as it should
I suspect that your email client has trouble displaying a multipart/alternate
message structured like this. I pushed one more change, feel free to try it.
Well... it doesn't help. I still see Content-Type: multipart/alternative
header:
qqq.zip
Thus, the right structure should be something like this: https://stackoverflow.com/a/66551704
My bad. I trusted the documentation here and didn’t actually test. Yet the documentation appears to be incorrect and multipart/alternative
isn’t actually being converted.
Actually: no, I made a mistake testing this. When testing correctly, the message being produced for me has Content-Type: multipart/mixed
. In fact, the email.message
code being called here has no code path where Content-Type
would remain unchanged. So maybe check again whether you are running the latest version of the code?
an example of real life dmarc report with quite complicated strucutre: Report Domain korins.ky Submitter protection.outlook.com Report-ID_ 3fcd42495e724333a793ad0ca6b4950f.zip
Not really, these were processed correctly before this change as well – they have multipart/mixed
at the top level, so the attachment is found without any trouble. The problem only occurred when the attachment was hidden within a nested structure.
as
on attached zip from google
google.com!korins.ky!1703548800!1703635199.zip