anomy-list

sample configuration files

From: mark david mcCreary (04080@xyz.molar.is)
Date: Þri 03 Okt 2000 - 01:01:35 UTC


I would be interested in seeing some other configuration files that people
are using.

I have included two configuration files I am currently using for a mailing
list.

This is my translation of John Hardin's procmail suite rules.

The first one is try to eliminate viruses, etc.

The second configuration file will only be invoked on HTML email.

Feedback welcome.

Thanks

mark

# Configuration File #1 - Sanitize

score_bad = 100
score_panic = 100

feat_verbose = 1 # Warn user about unscanned parts and Other
Stuff.
feat_log_inline = 0 # Attach log to message.
feat_log_stderr = 1 # Print log to stderr.
feat_files = 1 # Enable filename-based policy decisions.
feat_boundaries = 1 # Replace all boundary strings with our own.
feat_lengths = 1 # Protect against buffer overflows.
feat_scripts = 1 # Defang incoming shell scripts.
feat_html = 0 # Defang active HTML content.
feat_trust_pgp = 0 # Do not trust PGP signed messages
feat_uuencoded = 1 # Sanitized UU encoded attachments.
feat_forwards = 1 # Sanitize forwarded messages.

header_info = 0
header_url = 0
header_rev = 0

file_name_tpl = attachment-$F-$T-$P.$$

file_list_rules = 6
# make sure sanitizer.pl has been tweaked to allow 6 sets of rules

# allow files thru, but lightly screw up the file name
file_default_policy = defang

# delete known poisoned files
# exit with non zero return code

file_list_1_scanner = 0
file_list_1_policy = save!
file_list_1 =
((IBMls|babylonia|badass|buhh|chocolate|compu_ma|happy99|i-watch-u|ie0199|jesus|
photos17|picture|prettypark|setup|surprise!|x-mas|y2kcount|yahoo|zipped_files).e
xe)'

# delete troublesome file name suffixes

file_list_2_scanner = 0
file_list_2_policy = save!
file_list_2 =
(?i)\.(htm?|exe|com|cmd|bat|pif|sc[rt]|lnk|dll|do[ct]|xl[swt]|p[po]t|rtf|vb[se]?
|hta|p[lm]|sh[bs]|hlp|chm|eml|ws[cfh]|ad[ep]|jse?|md[abew]|ms[ip]|reg|asd|cil)
# too many file extensions in name

file_list_3_scanner = 0
file_list_3_policy = save!
file_list_3 = (?i)\.([a-z][a-z][a-z0-9].[a-z0-9][a-z0-9][a-z0-9])
file_list_4_scanner = 0
file_list_4_policy = save!
file_list_4 = (?i)\.([a-z][a-z][a-z0-9].[a-z0-9][a-z0-9])
file_list_5_scanner = 0
file_list_5_policy = save!
file_list_5 = (?i)\.([a-z][a-z].[a-z0-9][a-z0-9][a-z0-9])
file_list_6_scanner = 0
file_list_6_policy = save!
file_list_6 = (?i)\.([a-z][a-z].[a-z0-9][a-z0-9])

# Configuration File #2 - Defang HTML

score_bad = 9999
score_panic = 9999

feat_verbose = 1
feat_log_inline = 0 # Attach log to message.
feat_log_stderr = 1 # Print log to stderr.
feat_files = 0 # Enable filename-based policy decisions.
feat_boundaries = 0 # Replace all boundary strings with our own.
feat_lengths = 0 # Protect against buffer overflows.
feat_scripts = 0 # Defang incoming shell scripts.
feat_html = 1 # Defang active HTML content.
feat_trust_pgp = 1 # Do not trust PGP signed messages
feat_uuencoded = 0 # Sanitized UU encoded attachments.
feat_forwards = 1 # Sanitize forwarded messages.

header_info = X-Security: Defanged active HTML commands in body of message
header_url = 0
header_rev = 0

file_name_tpl = defanged-$F-$T-$P.$$

file_list_rules = 0
file_default_policy = defang

-- 
This mailing list's home page is: http://mailtools.anomy.net/archives/anomy-list/
There you can find subscription instructions and possibly an archive.
Molar.is is a free Icelandic mailing list service.



hosted by molar.is