ripmime

Extract file contents in the current directory

$ ripmime -i [path/to/file]

$ ripmime -i [path/to/file] -d [path/to/directory]

$ ripmime -i [path/to/file] -v

$ ripmime -i [path/to/file] --debug

ripmime [OPTIONS] <input_file>
or
cat <input_file> | ripmime [OPTIONS]

-i <file>
    Specifies the input MIME message file. If omitted, ripmime reads from standard input.

-d <directory>
    Sets the output directory where extracted attachments will be saved.

-v
    Enables verbose output, showing more details about the extraction process.

-q
    Operates in quiet mode, suppressing most messages.

-s
    Sanitizes filenames by replacing potentially problematic characters with underscores to prevent issues like path traversal.

-u
    Ensures unique filenames for extracted attachments by appending a number if a file with the same name already exists.

-e
    Extracts all MIME parts, including those not explicitly marked as attachments (e.g., inline text or HTML bodies).

-I <file>
    Writes an index (log) file detailing the extracted parts and their original properties.

-P
    Preserves original filenames as much as possible, even after sanitization or uniqueness adjustments.

-T
    Prevents the extraction of text/plain parts.

-L
    Prevents the extraction of text/html parts.

-A
    Extracts only parts explicitly identified as attachments by the MIME headers.

ripmime is a command-line utility designed to parse MIME-encoded email messages and extract their attachments. It is commonly used in server-side mail processing applications, such as spam filters or mail archiving systems, to automatically detach files embedded within emails.

It can handle complex MIME structures, various content types (e.g., text, image, application), and different transfer encodings (e.g., Base64, quoted-printable). Users can specify an output directory for attachments, control file naming, and generate an index file listing the extracted parts. It provides a robust way to automate the handling of email attachments without user intervention.

Handling large or deeply nested MIME messages can be resource-intensive.
While ripmime includes filename sanitization (-s), users should still be cautious when processing untrusted input to avoid potential security risks if not properly configured or sandboxed.

When processing email from untrusted sources, it is highly recommended to run ripmime within a sandboxed environment (e.g., chroot, dedicated container) to mitigate potential risks associated with extracting malicious attachments or encountering malformed MIME structures.

ripmime is frequently integrated into mail processing pipelines, such as those powered by procmail or mimedefang. This allows for automated extraction, scanning, and handling of email attachments as part of an overall mail security or archiving strategy.

ripmime has a long history as a specialized tool for automated mail processing, particularly in server-side contexts like spam and virus filtering. Developed by Paul L. Daniels, its evolution has focused on robustness, efficiency, and handling the complexities and malformations often found in real-world email traffic.

munpack(1), mail(1), procmail(1), mimedefang(8)