G'Day, 

I email to bugs however I figured I should email here too.

I've upgraded to 1.48 from 1.45. since then I've found that some
UUencoded attachments are being corrupted.
 
Note the DEFANGED_ in bold.
 
Example email source provided.
 
----- Original Message -------
From: 12476@xyz.molar.is (Informix User)
X-Mailer: SCO OpenServer Mail Release 5.0
To: 12476@xyz.molar.is, 12524@xyz.molar.is
Subject: GMA Print
Date: Wed, 6 Feb 2002 12:11:12 EDT
X-Sanitizer: This message has been sanitized!
X-Sanitizer-URL: http://mailtools.anomy.net/
X-Sanitizer-Rev: $Id: Sanitizer.pm,v 1.51 2002/01/04 19:55:10 bre Exp $
 
begin 0 p.21464.Z
M'YV0&XIL,&$F!HP8>6!@&<@FQD(3#9$PE&$C"$,83RYJN5CE(I.+ G,,# ,#
 <mailto:MR@85<&+@D)$#CPP864[*@6'D))T9,&!(D2FCA@TJ,FD>
MR@85<&+@D)$#CPP864[*@6'D))T9,&!(D2FCA@TJ,FD<G"(SAD458F T.2FF
M1HPK *)*G4JUJM6K6*LR=0HUJ]>O8*=N?1JVK%FM2+F>76MV;%>V<+.ZC4OW
MZMRZ>*7>S8MW+U^Z?O_"#2QX+>'";=.213Q8\5O&9P_7!=2XZ>*_"!!(8"N9
,""D+:\F.^A'>M+F4@AAU#YBQ:,(BXG <mailto:M+F4@AAU#YBQ:,(BXG>
>,""D+:\F.^A* .)W8=6%^ 6A'+OV71.[6:@63 *2[
M=G"^ @@ *UXV]5D" (@"$. ^5?G9P5DD <mailto:^5?G9P5DD&I@MVW> &I@MVW(
KP?']V<=][P $( &W\
M<EX@($ 3*&!=KOG"0(:7_RX80>7Q?%$& 'K[ 1@7@0(* 8" <mailto:8&$7E@>
8&$7E@<!$!<5
M@P6Z5Y=_ %0G@! -'F88/WT<7">04.B5@W%!T-YK <mailto:04.B5@W%!T-YK>
>-'F88/WT<7 ;JQ1D*%),*E'@@@$"!B
M(3",B-E4#(3 <mailto:3&'WEA@0A7?5@)Z=5I> &'WEA@0A7?5@)Z=5I& 8 @(A(P,B7!
SD)@ 0! 0"@!).XJ7D
M5$JR=F*1*7H&6)AQ;9EA=#D&2>9STDEU&C 1X)$E7T2(&)4 $>@S9UU;VBD5
M$WO6!5U5? 2*6)-J_E@7! H"$5A5'>HAX@@""*HJ) <mailto:HAX@@> >$5A5
!10-D!4A#"PC*%U94(A
M>Y,:2!>1B9JZ(ZAK#0I$!(-F2 :K:RE)2 0#G&9""$30JEJ; !2:JH6(D7K=
MFG%AB*I=R)Z%@)(,0A#KL92RA1YK0H!@2 "0?,ELM73! AT"OI)K:I_6?IA
MLW%!-Z6O<.6">8$@X@!@P%M6 <mailto:8$@X@!@P%M6> >.6 (("\ $0@AKUF32M$
-.N"RY=[ DP T AS4M
M=!/ TC!;0 S@K55 <mailto:S@K55&8H4> &8H4>( D@ <mailto:D@<5H0(Q> <5H0(Q
S,5CA^8>!NN<2VY^.A5UL,+IPB7C:
MLABS:Q:'Z:4W LM:1A5A )TQS-C& X;8XG J5P7>BB_K+2Q82&@(#A 0""(
MN2D?S2<D@HBG])!3N5SSP6P!HB3-W\+L;%3^B3VVVF;Y!P%[<, Q-%Z;Y3>@
M5$7;1_;27FM](=I494R>X5]!8.;==7$(%02$_*=R'>#!@.0)TU8TU/#N3(0"*
<mailto:#!@.0)TU8TU/#N3(0> >%02$_*=R
MCY>C]7?H>ME,NN:,$1: 'I*:H'P">DAD@T <mailto:DAD@T> >'I*:H'P
#.G/'//_D00CAJ*9KY@3,( ,(!
M)2(0X+;G6F.P@S=H &)!+;(0D$D*J:_YP3ZW_S/#.?_0TT_V]IS#>5Z=_?#/
M#\]D/\\-Z=].@Q\S$ (,( KR3JGL">PS P_#P.//%[?+Q#_ \8=GD,,3?_C'
M /YQO+=]S5/_<,8?T/<-8SSA'_S@@SW^\(A] <mailto:-8SSA'_S@@SW^\(A]<,\3>
<,\3:; ?NBR B 0(0,_4,87
M#*"%:]""#>,PP3-VP8I-F".$R*-*K"9@IT#@0P]?L( <)G (<"3#%&_8! XR
M@4016BA6,Z@7 )X!#P#D81SGX,?M\H&[3YS@'[]@8 ZODH%91<<?LS/;)/P!
M! 08X0_CD$<^_,$&)VKM!U)<4G0HDP%#R"<!D! !,F2P.P>2B#T7J&)41!0A
M &2#%E%1CE1T0(,&B@Y=$K!;5#"0Q@!@,"H'4"0 <mailto:0Q@!@,> ?L
/2Q8N16F"01X929E/
M#DB3 )B &)/V&$Y*Y0/DD H/TAA+!L'2 ;#TT7@"0*H9,(@% VJE*&'Y 32.
MT2H3 (54W$69=$BL*AEP@1VG8JX!@$./=Z),
<mailto:54W$69=$BL*AEP@1VG8JX!@$./=Z),&KX4> &KX4 &0^<TD,>@%E.,E)BP7@
M!<"0"BS_4,IS4B4'D )WMD +.)L4E^>L \3"D6\RRND?[ID0 HPX$O12 3
MV[Q* *3I'_\L% !>8)!N<I -J1"T,R_X)@< 8%'*_"&>.4*!5,P7R6O.:7$
M4*<^ :#0J'R ,B)*P#<1,,%(=HV;3GL+3'E F1Z-] !1$1>W /"!>HV@&>F(
MI(>F=:*]P/0'591;)_^!TE'6ZP+]>$=4A#85FG4F 931*GI\ !H11>"K94#&
MG83Y-;1*A9/HV24 \OE6 %B@# *R)5:J:A[!CO*;207 <PVT+T>%@ V^$.W
M2.H5K <mailto:&@,RSPT*8> &@,RSPT*8"\ G*5#$"H/F .0"0H\IYE&VE.Q@+XHG:\ 1
K_G<0%0\
M4*BVTE5K+F M %3J6AN AC(?D.8%:CM3L/BI?+I]T6(#,(]XQO,!W[P!/P"P
M![^2M&U4:20 *)#:XZB+J&Z:771^8+8JVM4#]=H4!<"! !%1HBJL/6YI$*"N
MD$H%!]&)#CPHDT_R B #\3P$ !KZ V(PP!( P*]_I2)?U4HQ /A0;'3$6,4<
M?!.K !CH2!G0HTCL%@ B<&YBH^(7<]D J$H*P TH0YD$D+A>2P!$17TVF]R
MID9G(O&:C,G@/0: QY1YP"9A3-F^@> W " != C GKU #0;?A, 3JHA4YE+F
MFQ8&0 ZJN _VGNE-*@W!L\ A,CDTF3=] P /OCF!<D0XQ9Q@
<mailto:D0XQ9Q@<4PIXP&[?6> <4PIXP&[?6#
MI$UP5%"@) X$0,G@O.R:) :"Y0 '?EEZC%;',\%"&BD4E'IDG(#G0:CZP*@
MN<"A =" J'S#;/5R@317 T +$":E 4-,%!0@$G3IFB=N4&]?O ';' Z*N_X
MS"@I\P*[59>3_L$O(&"@I$%M"M8[KI</_H")1(]SI90!)@"6 0A.0B='@ @F
M!([=W:_]H5X?^$>SA3R ?$0'RUB.YQ^DDJ,S_ 8$$"JL,.3)D$?+(H N($_
MY%3E3T0EGOY-0(27T.,8* ?;^0V/I;\F@7K=P RE;C4 [ H:&Z25&P"()W=%
M9">$*TE=3J8*!.IE Q/D<TLI,%M2*<,)9B19CQQ/K 04M[>"\J=^4OG#-^_@
MBT().0"Y#@# *<.'?YR)DR)29(ZF$!U@; J_.N:/=J.2@M">(\(^RP=EX@F'
M;X(U$M^L]&P2&X6$%]?>Z$H!R?V09@;QF ;-R.==QRX5T"AI4S9/>SSOX >Y
M(D@J%J ,';I1ZIER4M(UO_LI^:.N!P#\'X@F*X,X\,TW_$.12"^NGR*$]VYW
M)0#RH(KCF0KY6$I%MWQXKBLS;TL1V5W">?\:/[[)A'E$^,Y-E\H< -X/1&\W
MS]L!!@P.\(]G 2,\@BT?9<S7[ F<7BH#!, =^B'IC>=WV (P[, T?FHHTNF
M:_A%J3LOH !$("IW& +4N00=W:1X\>AZ V62X LJGS8Z=K*!$&Q=63,A^V 6
M!@$_8 L <mailto:YVXWQ1@5@#,'OYY@^&=14>
""HY7U?\PZ'">YVXWQ1@5@#,'OYY@^&=14>L""HY7U?\PZ', %:! \$\(#1,5W1,0DF
M=7E?@2'0@0!G)G7%P0*$\ G/( ]^8 :;$1V@$P 0!0 .< 2<D!4*0%E\4X+H
MX@*Q\ _LH OW8 =S0 B8$ -0!D%D WU\@)'@'$:HX.7=!E0XP2[< KTX OS
MT O_\ Y=\ /]$$]=\ _2] /^0 U943)I0X4ZM DC0 [^\ ><$$$7Q _ E/
MH'6>Y ^6-15"EF:>5W=4,0?I\P"71P[A%@]:] ^?D#W^T(A8=Q53TH"!>!5S
M<$'_\#W_D D_D _SP _YT(CYP _^D ]9E(90T&R&Q"4XV (DT 4R4 O9L C$
MD VP( 5,Y'M8(07>4F)'0@!- .'D U)0 0?( A"D FZ@ 81%1UR9Q41 @)"
M 0SX ]Y@ -_($#GD FSP X1!0$29Q;$( IS8 !X\ S^@'C1(3E@PA^@DQU1
MT49"P(Q204R8<SBF$S.,(Q@0H%N6$Q6%!!8%\(RE\C5:4F\%*3BD4XGWMY"Q
<mailto:Q@0H%N6$Q6%!!8%\(RE\C5:4F\%*3BD4XGWMY>
M]QH$)5&))"Q&4X]_ 0*4@%0\ U-U09 5R1B0P"_W&!8ON(]\ 02F%!B >!9I
M(C6!0Q4)$)!8X9(F>1XO&3;I<I,>Q8YE433_<C>"P)-@$0#4$Q7O^)%[$Y%3
M02I"IY,.N8:O43 !4Q>!,2@RF6.">#>5)I,$@WTB\E$ITEY<:3PX:9)7V1<I
M,C-/B7;$<I8UUXP6&8\.\R;K84\35Y=*"9<TMI9LJ9 .B3I285I.B953AQ4D
DEFANGED_M $*@Y;5(IA4 <mailto:$*@Y;5(IA4<1J,B919P9%N(IFT=>
<1J,B919P9%N(IFT="2)1A7HX6+DTRQ$(I6*:2!FP@ 8@ /L
DEFANGED_M 08" ATXX):K^!6FI2]\ 2(<^9B#215)(I>Z5AB=,2W^H6K0^)D&N2\6( N
M!@2L10 #X">JR9!602!G0YN"83AY^8]E01F>297YB)=8"8&^J9 +10 ) ;$
M20J0D1IRMAXW-I[7F3GIB8]D4YWH.3H+Z1R4>9FON9ZC 9BXF9XD^)YP$Y_V
MR9\&^93X^9S_63WP"3L'&CH#^A<+6I\)>CD-NID/JIX3RI[]B: 7JJ %BA@1
MNIU\"94?NIHA6E!R( 0;@ (XT!$H, <Q <R( ,ND!-V$ -S, DEFANGED_-B0 ,Q0 ,X
DEFANGED_M !0HP1)XH!(P401X =O( =T<!(NVA(4 1-$4 DEFANGED_9LD
DEFANGED_9V4 DEFANGED_9RD <@0 1O, DEFANGED_9K
DEFANGED_M4 9'BJ(JRJ)P@ ,Q"@,S.@<P<*,\FA(S< ,MH:,UD 5/4 =R )24 9F@*0Q
MD*8M40,XP*1A0 <mailto:=E8*=XB@> =E8*=XB@<V< -M.@1/6@9N0 <@,
DEFANGED_1O0 9_VJ,M<0,OD05#
M$ 9 <mailto:9&&@9G4> &&@9G4 :+^@9M =AX 9Y@*0S$*DY !-0D 98"@)5 <@$
DEFANGED_1D0 DEFANGED_9R4 DEF
ANGED_9S
M, =(ZJ,W8 ,P<1)C$ ,& 0-A( ,FJ@)C4!*U&JFX&A/"*@._BJO!.JPF@1(Q
M( -JB@=JRJ1E0*1T\ )7@ :66J?02A'&FJO"F@,O\:O-2JS?:@/ABJQCH*Q+
DEFANGED_M>J[/FJ0_&@,UT*93@ 9IP*HOT*II( =C( =A8 9'FJXMP:OUF@5'\ :-.@=5
M*JMC4*P_VA-!2@5$ +%W6@,P,01UH*A/8 9F4*5]^J@I :X_.@,8FP6G6@9C
M(*L6.ZJ%^@9N, =I< 9N4 8B&ZWJ6K(YT*974 8SBP8#.[(YFZ-"D056\ 9L
M4 =M(+(^2K2F6J2*^@8?2P1I, =CP*URD*EV2K(YB@-MB@1AH >62@9O4 >T
M"JTU,*U=VZ994 1$ :V#6K T<+*ZJJQ" :]V&K<_.K?B.@9"8:ZZBJXIH
<mailto:_.K?B.@9> ;==
MBP/L^K? <mailto:&KCQ&@,WP+A[2[?)&@9WJ[AVB@-JRZ99X>
&KCQ&@,WP+A[2[?)&@9WJ[AVB@-JRZ99X 09 :TY<+F0VZZ2"P-X
MR[F>V[>(.[HIT;ERBP.&JZNG2[D]>A W\+A]:[>B"[OR2J\YP:XR@!.^FKC"
M2JQ<>J)>"J8R2J,V2@-GVK1I"Q-!P 9L )CP 9AD 9MP+!M8+:**@::Z@9O
M0 =I8 9I4 9D )IX 8@< =RD ;@ZP9GD+[LBZ_H>P,@0 9AD =GF[LV8!!9
M8 9RP*GU&[(@(+4@$*LKFZ]TX (GFJ+$VZ+&*Z8T6J;*:[$V<*P]"P*6VKW?
MB\'2RZEM +/2:ZGK*Z48[ ;E&P;0"P)B8+;G*ZL,6[4@0 < &[-A, 9^6KYU
M8,(D3 =HP+0%>P.[RZB=^JEY< (,.P=T\*GV*P?E*\-A0 ;G^[YC +-0#+XP
M.P<LD+[X>K48'*L@ ?KFZCD.\#H&ZM1*@=S4 8*/+PKZL!A.J;)N[P%NZ<9
MZP)4X (@8 2Q^K-;RL!M_*5O',%F:K%>Z[PN, 0NX 1XG!.$I*,Y ) 7 ,6
MFP.ERKN^"[C!:Q)L7+R!7*.##*TTX*,O@1.4"K-)W,)QZ@1*R[UHO,!=ZL;'
M2Z:?+*\ONJ=9, 4SZP9]"J<^[!*^FP4N$,S"/,S$7,S&?,S(G,S*O,S,;,P0
M*P,T4+1.$ 9+F\5PP 9E$ 9I_,5A'+2B3 /'VLSB/,[D7,[E_,RXRJ=^BLZ3
M:L[N_,[P/,[/?*LP0076V\O2:LOQO,_\W,^NW," ',MQO+5*B@.DW*1/>L94
MZ@3?R[($81 (X1 #41 'D0<&\1 4C1 RL!";# ,I 0-AB@;1^L8P(,LS(,=X
MH*,TD 4TTM(N_=(P'=,R/=,TW=(L 0,UD*8@, 5N6],T K%Z"A,^/=1$7=0M
M#0,V\ (P( -*34A$#;&#:@,L;=147=4O+0124 100 6W/-5##;&2NM(TG1,Y
M"@);S=),0+%6O=96#;$X8 .&Z])8701-D 1#L 1FS=4@D-9$P-8O3=8TD-=H
MK=9^#;$Y$ -2[=)08-=+4 50T*I$0 19/053$ -^[=)' 5/((U/@ 4@D*.Z
M6]B0B@<Y8 -BW=)!$-F3/05.?=DRW01%P 1"\ 15( 5.4 2+F@1ZW01#4-46
M>Q RX-5[G02W/0.N[=.P+=NT;=NX;05V#0)T;-E&_=O'ZM),0-Q%$-C'3=-!
M4 7;'=,6:Q!QW=+7[00U\-WH3=7A[1/"+=-$D 19/014 )*$ 1" -_>?=PO
M:M9!P 1,4 14, 4[305#L -//=K1"@.G3=.F#0/I'=-6$ 12D 2T+>!&$ 13
M0 5%<-M2(. U;;$]$=P^_:)*'0,O\!)+_>#HW;(ZVMXQS;@E?N*,G-[[O=TM
M6]HN#M-S7==WK>*?'<D@G1,@L 1'X-L('LT+/M/=?==,$ 1.T-</SK@Q>MY#
MD-]MO<FP#,&R/,$$^Z,V,*DRT *!C=6I;01/( 5]G>%9#> ^O;5#6\&&V]]%
M@ 5.+ME)$ 0Q[013< 4@\!+T"M-N_L.(G054X*0@@ )+G0+0/0,ZS;JL^]5=
MSKBFG05&$ 9X<.B)#@*EG0/&[1- _-4=_=$A/=(R6M)E>M*![A(P8,M,\ )4
M 5(4 4T<-B=:P/G[>-%G>HR$*V&V^I4\-]5@!/TVN"XGNM=ONNWF@6M/@12
6@ 55\*([.P-_7NQ#S0 3#='7N!!% .I4
 
end

------- Cfg file --------
#
# These are the default values for all feature switches.
#
feat_verbose = 1 # Warn user about unscanned parts, etc.
feat_log_inline = 0 # Attach log to message
feat_log_stderr = 1 # Print log to standard error
feat_force_name = 0 # Force all parts (except text/html parts) to
                    # have file names.
feat_files = 1 # Enable filename-based policy decisions.
feat_boundaries = 0 # Replace all boundary strings with our own
                    # NOTE: Always breaks PGP/MIME messages!
feat_lengths = 1 # Protect against buffer overflows and null
                    # values.
feat_scripts = 1 # Defang incoming shell scripts.
feat_html = 1 # Defang active HTML content.
feat_trust_pgp = 0 # Don't scan PGP signed message parts.
feat_uuencoded = 1 # Sanitize inline uuencoded files.
feat_forwards = 1 # Sanitize forwarded messages
feat_testing = 0 # This isn't a test-case configuration.
feat_fixmime = 1 # Fix invalid MIME, if possible.
##
## These are the default scoring thresholds.
##
#score_bad = 100 # Any message exceeding this value will cause
# # the sanitizer to return a non-zero exit
# # code after processing the entire message.
#
#score_panic = 0 # If the sanitizer's internal score exceeds
# # this value, the sanitizer will terminate
# # immediately with a non-zero exit code.
# # Setting to 0 disables this feature.
#
# You may need to increase the following if you have a very
# complex configuration split between multiple files.
#
# max_conf_recursions = 5 # The default is 5.
#
# Create temporary or saved files using this template.
# An attachment named "dude.txt" might be saved as
#
# /var/quarantine/att-A9Y-dude.txt
#
# Note: The directory must exist and be writable by
# the user running the sanitizer.
#
file_name_tpl = /var/quarantine/$$$-$F
 
# We have three policies, in addition to the default which is
# to defang file names.
#
file_list_rules = 1
file_default_policy = accept
file_default_filename = unnamed.file
 
# Delete obviously executable attachments. This list is VERY
# incomplete! This is a perl regular expression, see "man
# perlre" for info. The (?i) prefix makes the regexp case
# insensitive.
#
# There is only one policy, since we aren't using an external
# scanner. The file list is split accross two lines, for fun.
#
#file_list_1 = (?i)\.(exe|com|lnk
#file_list_1 += |cmd|vbs|pif|bat)$
#file_list_1_policy = save
#file_list_1_scanner = 0
 
# Files we absolutely don't want (mostly executables).
#
file_list_1_scanner = 0:2:3:/usr/local/bin/check_for_virus %FILENAME
%REPLY_TO v
irusmanager 12566@xyz.molar.is %HEADER(to) %HEADER(subject)
file_list_1_policy = unknown:mangle:save:save
file_list_1 = (?i)(winmail\.dat
file_list_1 +=
|\.(exe|vb[es]|zip|lnk|cmd|c(om|hm)|bat|pif|s(ys|cr))
file_list_1 += (\.g?z|\.bz\d?)*)$
 
# Scan mp3 files for Evil Viruses, using the imaginary mp3virscan
# utility. Always define FOUR potential policies, which depend on the
# exit code returned by the scanner. Which code means what is
# defined in the scanner line, which must contain THREE entries.
# The fourth policy is used for "anything else".
#
# "accept" if the file is clean (exit status 0 or 1)
# "mangle" if the file was dirty, but is now clean (2 or 4)
# "drop!" if the file is still dirty (66)
# "save" if the mp3virscan utility returns some other exit code
# or an error occurs.
#
#file_list_2_scanner = 0:2:3:/usr/local/bin/check_for_policy %FILENAME
%REPLY_TO
 virusfound 12613@xyz.molar.is %HEADER(to) %HEADER(subject)
#file_list_2_policy = unknown:mangle:save:save
#file_list_2 = (?i)\.(mp3|mp2|mpg|mpeg|mpe|avi)$
 
# Scan WinWord and Excel attachments with built-in macro scanner.
# We consider anything exceeding the score of 25 to be dangerous,
# and save it in the quarantine.
#
#file_list_2 = (?i)\.(doc|dot|xls|xlw)$
#file_list_2_policy = accept:accept:save:save
#file_list_2_scanner = 0:1:2:builtin 25
#