Hi everyone,
I've uploaded a new revision of the sanitizer to the web site,
http://mailtools.anomy.net/.
>From the change log:
Fixed a bug which caused HTML to be sanitized in message headers, no
matter what the configuration said.
Fixed a problem with inline uuencoded attachments that had spaces or
other weird characters in their names. This could lead to
HTML-defanging of uuencoded stuff, which is bad.
Added protection against empty boundary string attacks against
Exchange Server 5.5. Also fixed a bug in the feat_boundaries
feature.
Thanks to a Kim Johnny Mathisen for the bug reports - this release
should address all the issues he has mentioned to me to date. If not,
then just keep 'em coming Kim. :-)
Kim also suggested that I add a feature to collect statistics about
the processed mail. This probably falls into the category of
"improving the logging features", and I think it is a good idea. So
it's on the TODO lists, any related suggestions (or unrelated for that
matter) are most welcome.
-- Bjarni R. Einarsson PGP: 02764305, B7A3AB89 03552@xyz.molar.is -><- http://bre.klaki.net/Netverjar gegn ruslpósti: http://www.netverjar.is/baratta/ruslpostur/
-- This mailing list's home page is: http://mailtools.anomy.net/archives/anomy-list/ There you can find subscription instructions and possibly an archive. Molar.is is a free Icelandic mailing list service.