Hi,
The sanitizer appears to be using the content-id of attachments in
multipart/related messages as the attachment's filename. The problem is
that content-ids end with the sender's domain name, which (for users under
the .com TLD) causes the sanitizer to incorrectly treat all attachments as
.com files.
For example:
...
--------------020800090702060102090700
Content-Type: multipart/related;
boundary="------------080709050006060104040903"
...
--------------080709050006060104040903
Content-Type: image/jpeg;
name="ishkabibblerv.jpeg"
Content-Transfer-Encoding: base64
Content-ID: <28549@xyz.molar.is>
Content-Disposition: inline;
filename="ishkabibblerv.jpeg"
...
The attachment is a jpeg file, yet it is treated as a .com file and
subsequently removed.
I'm running the 1.63 version of the Sanitizer.
Best regards,
Martijn de Vries