georgy7/extract_mbox_attachments.py

I noticed this script doesn't appear to support non-multipart emails that just have a file attachment and nothing else in them, so it ignores them starting at the process_message stage.

It appears that Outlook loved to send those types of emails as I found I have a number of files that can't be extracted.

Date: Mon, 4 Nov 2013 12:21:01 -0500
MIME-Version: 1.0
Content-Type: application/pdf;
        name="filename.pdf"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
        filename="filename.pdf"
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
Thread-Index: (removed)
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
X-Antivirus: avast! (VPS 140715-1, 07/15/2014), Outbound message
X-Antivirus-Status: Clean

<... base64 text here until end of email...>

The following appears to resolve this although I don't know if this is the best method

def process_message(extractor, mid):
    msg = extractor.mbox.get_message(mid)
    attachments_counter = {
            'value': 0,
            'inline_image': 0,
            'file_paths': []
    }
    if msg.is_multipart():
        for part in msg.get_payload():
            check_part(extractor, mid, part, attachments_counter)
    else:
        for part in msg.walk():
            check_part(extractor, mid, part, attachments_counter)

Hi,

I am not a Python user, so I am about to make a very stupid question. But first, thank you a lot for sharing this code, I have been banging my head around to find a way to extract attachments in bulk.
Now the question: I have been trying to use the code you provide to extract attachments from a MBOX file from google takeout. However, as soon as I launch the script from Anaconda Prompt I get the following error

(base) C:\Users\fsanti\Dropbox\0_EUI\PUBLIC_PROCUREMENT_EU\1_DATA\EUI ORBIS-TED Procurement Dataset\202212_NewVariables> [7600:0106/225316.205:ERROR:cache_util_win.cc(20)] Unable to move the cache: Access is denied. (0x5) [7600:0106/225316.228:ERROR:cache_util.cc(145)] Unable to move cache folder C:\Users\fsanti\AppData\Roaming\Code\Cache\Cache_Data to C:\Users\fsanti\AppData\Roaming\Code\Cache\old_Cache_Data_000 [7600:0106/225316.228:ERROR:disk_cache.cc(196)] Unable to create cache
I could not find a solution (and probably, I would have not been able to implement it either). Could you give me some hint at why python is returning this error? Thanks!

Thanks, @SantiFilippo, for sharing your error messages. Running this on google Takeout mbox files seems like a great idea, making this a more valuable tool than I had thought.

But I don't use Windows myself and haven't run into that problem.

I see some similar reports here:

• electron/electron#2157
• https://www.edureka.co/community/55079/error-cache-util-win-unable-move-the-cache-access-denied-0x5

Do those tips help?

It may well work to do what @Hr0bar suggests, but I'd warn you that running things as Administrator is very risky in general, so I'd suggest that you look for other solutions, and ask a windows expert to look at exactly what you're doing and probably find a much better solution. That could help others also, and I'd love to see this made more widely usable.

Thnaks both @Hr0bar and @nealmcb for your answer.

Eventually, I tried to run it from Spyder (within Anaconda) but now it gives me a different error:

assert os.path.isfile(options.input) AssertionError
This should mean that the logic statement fails, but I do not understand why. Should I change the option.input witin parentheses with the path to the folder i am working from? It does not seem to me it is the case, but I cannot see why it tells me so...

Please read the code, how to run it, u r not giving arguments

Hi,
I managed to run this script, though I am not a Python user. It seemed to wirk fine, but there were some file types missing. Most importantly *.dxf drawings. I did my best to google it but no luck. Anyone able to help?

Amazing work @georgy7, script works perfect.

Thanks @georgy7

This fork attempts to modify the date of the saved file to match the date of the message:

https://gist.github.com/janko-js/d61cd1cd41c094905c9f5fb6fb55fca0

It was harder than I thought as the formatting of the date can vary.

Thank you all for your feedback. Unfortunately, I don't have enough free time, and it's unlikely that I'll be able to figure out the intricacies of various email formats in the coming weeks. When I started writing this script, I had no idea that they could be so different.

I haven't expected from you to do anything, it worked for my case, and I've posted that change here for anybody who can find that modification useful. It's most probably not a perfect solution, but for the use case simpler to or comparable to that which I've had could be enough.

Maybe @georgy7 or someone else (if he doesn't have the free time) can put it into a regular repository and we can get some group development/collaboration going.

I used it recently and made a modification for my use case, I don't think I will need some changes soon, but if I do I'll check here for the most recent version.

Then, there's also:

https://devblogs.microsoft.com/oldnewthing/20110118-00/?p=11733

@janko-js I meant, in general. For instance, about what is described in the @ChrisCheney message.

Also, I had plans to make another script based on this, indexing an mbox file into an SQLite database. It will be difficult if such a simple thing as the date of the message can be recorded in several ways.

It will be difficult if such a simple thing as the date of the message can be recorded in several ways.

It seems it is so. My solution was very "ad hoc". But apparently there is a recommended way. The RFC that covers the Date format is

https://datatracker.ietf.org/doc/html/rfc2822#section-3.3

My way to cope with some e-mails that I've wanted to process was to eventually, if nothing else worked, call "dateutil.parser.parse" with the initialization for the zones I've seen. That RFC seems to recommend to ignore "obsolete" tz names which aren't EDT EST CDT CST MDT MST PDT PST but my case was none of these but another few, so now I'd personally, if I'd now try to make a general solution, try to correctly initialize all from: https://www.timeanddate.com/time/zones/ for such cases. Note that a good initialization can probably use same tzinfo for both DST and non-DST version, and that the tzinfo data which can be used with ".parse" are potentially "smarter" than a simple offset. The good thing is that the e-mails which most will ever have to process are never older than e.g. 1990 so all differences in time zones before are for most scenarios irrelevant.

Also, thanks for mentioning that, it seems I haven't used the fix by @ChrisCheney , thinking for some reason that your version was recent enough and missed that.

or someone else

@michealespinola, perhaps this is the best solution if you are interested in fast progress. Although I'm a little sorry to lose control of the project, the truth is that in the near future I won't even be able to delve into pull requests and make meaningful decisions on them.

Or I can create a project in my account, but give admin rights to someone who wants to maintain it.

Regarding the license: I vote for zlib/libpng.

Now that I've checked, it seems there is some code which is less ad-hoc and which hopefully covers at least exactly that what's described in RFCs:

https://docs.python.org/3/library/email.utils.html

email.utils.parsedate

which I haven't tried, but it can still be that some senders constructed their date times differently than what's handled there. I still believe the careful checks and covering the cases which exist in "real life" as found in the collected e-mails through the different years/decades are important.

I've created the repository. I sent out invitations to, as far as I understand, direct access to the repository to several people at once. Hopefully it won't cause too much chaos.

I didn't mention at least @dasebasto and @janko-js in the authors, because your changes are not included yet.

@marcbelmont, @ChrisCheney, @michealespinola, @nealmcb and others,
please let me know if you agree with its license. Perhaps you would prefer something else.

@georgy7 Wow, I completely forgot that once upon a time I wrote this. Thanks for making all those changes. I'm glad there's now a repository.

thanks for the invitation @georgy7 . I'm assigning any possible copyright of my modifications of your script to your new project, in case you use anything of these modifications -- I consider them only as good enough for somebody who is willing to modify the code, if needed, while using it, not as any "final just use and don't care" solution in any way. The reason: The modifications aren't covering all the possible formats per RFCs: I personally think whoever agreed with that specification at that time was very unreasonable(1) Additionally as far as I understand there are some clients which are not following even these RFCs. I've had e-mails with the date times like

Sat Apr 11 20:22:37 CEST 2015

and if I understand that is not covered per RFCs, but a date that can be clearly interpreted. On another side RFCs allow something like

Mon (Lundi), 4(quatre)May (Mai) 1998(1998-05-04)03 : 04 : 12 +0000

that I haven't seen and I hope I will not. And if I understand the RFCs it's even worse, like even something similar to this is acceptable per RFCs:

Mon (Lundi
), 4(
quatre)May (Mai) 1998(1998-05-04)03
(bla) :
(bla)04 (bla):
12 +0000

As it's potentially to much work to try to solve "everything forever", I plan to modify my version "with dates" only to adjust to the formats actually seen in my own mails, the next time I process them. My current guess is that email.utils.parsedate should be used as much as possible (as it probably solves the "comments"?), but if it's not covering what is sometimes actually used it's still not enough, and that when it fails even dateutil.parser.parse would not cover the allowed comments and the possible new lines(?!) in the body of the date, so probably email.utils.parsedate would have to improve to cover whatever really exists and not only what is recommended in RFCs. Which I believe won't be an accepted attitude in Python circles which traditionally prefer prescriptions to making life easier by covering and cleaning up the real life cases, which also fits with RFC suggesting discarding the info about the time zone even if it is to the common knowledge unique enough to be clear which it is (which is the opposite of what I'd do to resolve the content of my own inboxes, like I've done with using dateutil (and it worked there!) ).

So my impression at the moment is that if one would like a "very robust" Date solution I guess somebody would have to make a local routine that does much of the email.utils.parsedate and, just in case (to filter out all the possible new lines and comments), and then even more to cover the formats actually produced but maybe not handled by parsedate if that one sticks to RFCs. Maybe I'm wrong but I believe I don't have enough examples to verify -- as in, only people with an access to enough gigabytes of mails spanning from different times and locations would have the enough real life test cases. Which to me says: without the resources like in some big company, solving "ad hoc" and accumulating improvements slowly, at the times somebody has some new problematic input is the "cheapest" way for a script like this.

I liked it as a gist, it told me that it shouldn't be considered "too serious" as a big project would (i.e that I will probably need to adjust it for my own purposes). Once one makes a "project" then it can potentially come "out of control" with trying to solve more than is manageable? So to sum, I assign my modifications to that gist to you, if you use them, please use/distribute them without even mentioning me or asking me for a permission. I'll do the same (gift you the changes) in case your project takes off and I make any modification of it.

1. "If you're a new implementor, you'll be shocked at how badly 822 was designed. Extracting even the simplest information from a message---the author's address, for example, or the sending date---is excruciatingly painful. And I see no sign that we'll ever be rid of the horrors of 822 syntax", djb : https://cr.yp.to/immhf.html

Maybe I'm wrong but I believe I don't have enough examples to verify

@janko-js
Recently, I found out that there are mbox files called "mime-torture", small sets of extremely diverse examples.
For instance, Mark Crispin's MIME torture test

Although I'm a little sorry to lose control of the project

Please don't be sorry, @georgy7. What you have done here has been extremely help for many of us, and I for one am very grateful to you. Projects running away or just becoming too intrusive on our personal lives is a real thing. Its nothing to be sorry about. Its precisely why most GitHub projects have multiple collaborators.

Recently, I found out that there are mbox files called "mime-torture", small sets of extremely diverse examples.
For instance, Mark Crispin's MIME torture test

@georgy7 thanks for that. My guess is that the python libraries on which your project depends would fail most of the real "torture" tests -- I've tried to process that one with your script and it exited before seeing a single message? Thunderbird, unless I've made some error trying, also wasn't able to see any. There, the dates appear relatively comparable to what I've seen in my "normal" messages, but that specific "torture" doesn't try to cover what the RFCs clearly consider acceptable (comments even inside of the time part, new lines!) . Seeing that, I suspect the tests actually used, even for the bigger projects, also aren't exhaustive, and more "has anybody complained".

(I knew about https://en.wikipedia.org/wiki/Qmail and djb, but only after I've seen the details of how "illogical" the RFCs are I've understood why it was clearly hard to make a secure e-mail infrastructure.)

Just work! Thanks a lot

@georgy7 thank you for this, extremely usefull

@georgy7 Thank you! This is just what I needed.

thank you , amazing, extracted 150ish excel files in seconds.
My own attempt in swift failed and i ended up with 800k files. lol. THank you again

@georgy7 Thank You! It took out 30000+ files in just 5 mins