I've been using Anomy Sanitizer for quite some time, and I'm also
the maintainer of the pkgsrc package for it (http://www.pkgsrc.org/).
According to the CHANGELOG.sanitizer.txt in version 1.61 a change
was made that causes the Content-Id header to be interpreted as
a (possible) filename for the attachment.
The problem with this is that the Content-Id is often formed with
the FQDN of the machine appended, such as "beowulf.gw.com". When
most people (me included) filter all ".com" attachments, then all
messages from ".com" domains would also get dropped, when the
sender uses an MUA adding Content-Id headers.
I think the change is in bin/Anomy/MIMEStream.pm the line that
$reader->ParseContentHeader("; _id=", "content-id", $header_log);
What would you think about removing that call altogether (thus
reverting this part of version 1.61)? Alternatively, it could be
made optional, perhaps? (Although I think most people would need
to disable this in practice.)