anomy-list

Comments on 1.35

From: Peter Burkholder (12666@xyz.molar.is)
Date: Tue 24 Apr 2001 - 20:31:32 UTC

  • Next message: Ewald Beekman: "Re: Comments on 1.35"

    I recently installed Anomy to replace John Hardin's procmail
    tools on the mailserver for an academic research dept. We have
    about 300 users and receive about 2000 messages/day. We run
    sendmail 8.9 on Solaris 2.6 (and, yes, we are moving to 8.11 on Sol 8).

    While I'm very pleased with the design and execution of anomy,
    there are a few hiccups and suggestions I thought I'd share.

    1) /etc/procmailrc failed until I added:

    PATH="/bin:/usr/bin:/usr/local/bin:$PATH"
    SHELL=/bin/sh

    2) I think the stderr logging would be more useful if Time-date,
    sender and recipient were included.

    3) Attachments that have NO extension get defanged, which completely
    hosed our Mac clients until I caught it. Macs were particularly
    problematic because Eudora (at least) sends the resource fork
    and data fork as separate attachments (e.g, '%test' and 'test').
    It seems that once these got renamed ('%test.DEFANGED-001',
    'test.DEFANGED-002') the clients couldn't do anything with them.

    4) 'DEFANGED-nnnn' isn't, by default, an accepted extension, so
    as a message got bounced around it would become
            test_DEFANGED-001_DEFANGED-002_DEFANGED-003.DEFANGED-004

    5) Shell script defanging also resulted in a cascade of
    echo DEFANGED; exit; commands it forwarded multiple times.
    Would it be sufficient to prepend a '%' or someother
    character to the shebang., e.g.
    %#!/bin/sh

    6) I'm surprised that " " (space) is converted to _. I didn't
    know that it was a 'scary character'. I'm curious as to the
    reason for that.

    That's about it. Hate to sound like I'm carping -- rather,
    I think that Anomy is so excellent that it should be made as
    good as it can be.

    I've included some of my config file for dealing with
    points 3 and 4 above.

    Cheers,

    Peter

    -- from /etc/anomy.cfg --
    #
    # RULES to accept .DEFANGED-nnnnn extensions
    #
    # We use ruleset 4, since default rulesets 1-3 in
    # bin/sanitizer.pl are okay:

    # expand list of file rules to five:
    file_list_rules=5

    # now, define the rule, and the policy
    file_list_4 = (?i)\.defanged-\d+$
    file_list_4_policy = accept
    file_list_4_scanner = 0

    # RULE to accept extensionless filenames
    #
    file_list_5_policy = accept
    file_list_5_scanner = 0
    file_list_5 = ^[^\.]*$

    __________________________________________________________________________
    Peter Burkholder Senior Computer Specialist
    Applied Physics Lab email: 12666@xyz.molar.is
    Distributed Computer Services helpdesk: help@apl or 543-7845
    TELEWORK:
    2229 S. Gilpin St. voice: (303) 282-7738
    Denver, CO 80210-4616 dept: (206) 543-1300
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    THIS WEEK'S WORK SCHEDULE in Pacific Daylight-savings Time:
       Mon. (8) Tues. (8) Weds. (6) Thurs. (8) Fri. (8) Wkend(2)
            [ mostly 6 a.m until 11 a.m, and 2 p.m to 5 p.m. ]
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    hosted by molar.is