anomy-bugs

problems with filenames having "," in it!

From: Manfred Larcher (27882@xyz.molar.is)
Date: Fri 19 Sep 2003 - 09:39:22 GMT

  • Next message: Tom Carr : "Handling of Mac attachments causes filename to get message ID"

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    hi,

    some mail server add an message id to the filename and this id includes a ","
    so the sanitizer checks the part before the "," first and in my case the
    filename get's a domain-name with ".com" at the end added - so .com is
    dropped because of an executeable file :-(

    is it easy to fix?

    thank you
    manfred

    sanitizer.log:
    This message has been 'sanitized'. This means that potentially
    dangerous content has been rewritten or removed. The following
    log describes which actions were taken.

    Sanitizer (start="1063963206"):
      Part (pos="1230"):
        Part (pos="210"):
          SanitizeFile (filename="unnamed.txt", mimetype="text/plain"):
            Match (names="unnamed.txt", rule="1"):
              ScanFile
    (file="/var/spool/filter/anomy/att-unnamed.txt-3f6aca66.W1A"):
                Scan succeeded, file is clean.

              Enforced policy: unknown

            Match (rule="default"):
              Enforced policy: accept

        Part (pos="397"):
          SanitizeFile (filename="unnamed.html", mimetype="text/html"):
            Match (names="unnamed.html", rule="1"):
              ScanFile
    (file="/var/spool/filter/anomy/att-unnamed.html-3f6aca67.MJG"):
                Scan succeeded, file is clean.

              Enforced policy: unknown

            Match (rule="default"):
              Enforced policy: accept

      Part (pos="1838"):
        SanitizeFile (filename="27970@xyz.molar.is, 56
    er Ring 1.jpg", mimetype="image/jpeg"):
          Match (names="27970@xyz.molar.is, 56 er Ring
    1.jpg", rule="1"):
            ScanFile
    (file="/var/spool/filter/anomy/att-10_4EBBE735DFA12DD48f9e8a93df_imp-group.com-3f6aca68.3QD"):
              Scan succeeded, file is clean.

            Enforced policy: unknown

          Match (names="27970@xyz.molar.is", rule="2"):
            Enforced policy: drop

          Replaced mime type with: text/plain
          Replaced file name with: DEFANGED-539.txt

      Total modifications so far: 1

    Anomy 0.0.0 : Sanitizer.pm
    $Id: Sanitizer.pm,v 1.79 2003/06/19 19:22:00 bre Exp $
    - --

    - ------------------------------------
    Pirlo Ges.m.b.H. & Co
    Manfred Larcher

    Hugo Petters Str. 8-14
    A-6333 Kufstein
    Tel. +43 5372 64923 65 oder 35
    Fax +43 5372 64923 61
    mailto:27882@xyz.molar.is
    http://www.pirlo.com
    - ------------------------------------
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)

    iD8DBQE/as7K/ZrEMf+80q8RApqeAJ0Ti1R6AQQDYrnQOkbMnSNjVgNu/wCbBHAl
    q/u24qyeUViYWDt6dHeH8lo=
    =Ktxx
    -----END PGP SIGNATURE-----



    hosted by molar.is