I recently installed Anomy to replace John Hardin's procmail
tools on the mailserver for an academic research dept. We have
about 300 users and receive about 2000 messages/day. We run
sendmail 8.9 on Solaris 2.6 (and, yes, we are moving to 8.11 on Sol 8).
While I'm very pleased with the design and execution of anomy,
there are a few hiccups and suggestions I thought I'd share.
1) /etc/procmailrc failed until I added:
PATH="/bin:/usr/bin:/usr/local/bin:$PATH"
SHELL=/bin/sh
2) I think the stderr logging would be more useful if Time-date,
sender and recipient were included.
3) Attachments that have NO extension get defanged, which completely
hosed our Mac clients until I caught it. Macs were particularly
problematic because Eudora (at least) sends the resource fork
and data fork as separate attachments (e.g, '%test' and 'test').
It seems that once these got renamed ('%test.DEFANGED-001',
'test.DEFANGED-002') the clients couldn't do anything with them.
4) 'DEFANGED-nnnn' isn't, by default, an accepted extension, so
as a message got bounced around it would become
test_DEFANGED-001_DEFANGED-002_DEFANGED-003.DEFANGED-004
5) Shell script defanging also resulted in a cascade of
echo DEFANGED; exit; commands it forwarded multiple times.
Would it be sufficient to prepend a '%' or someother
character to the shebang., e.g.
%#!/bin/sh
6) I'm surprised that " " (space) is converted to _. I didn't
know that it was a 'scary character'. I'm curious as to the
reason for that.
That's about it. Hate to sound like I'm carping -- rather,
I think that Anomy is so excellent that it should be made as
good as it can be.
I've included some of my config file for dealing with
points 3 and 4 above.
Cheers,
Peter
-- from /etc/anomy.cfg --
#
# RULES to accept .DEFANGED-nnnnn extensions
#
# We use ruleset 4, since default rulesets 1-3 in
# bin/sanitizer.pl are okay:
# expand list of file rules to five:
file_list_rules=5
# now, define the rule, and the policy
file_list_4 = (?i)\.defanged-\d+$
file_list_4_policy = accept
file_list_4_scanner = 0
# RULE to accept extensionless filenames
#
file_list_5_policy = accept
file_list_5_scanner = 0
file_list_5 = ^[^\.]*$
__________________________________________________________________________
Peter Burkholder Senior Computer Specialist
Applied Physics Lab email: 12666@xyz.molar.is
Distributed Computer Services helpdesk: help@apl or 543-7845
TELEWORK:
2229 S. Gilpin St. voice: (303) 282-7738
Denver, CO 80210-4616 dept: (206) 543-1300
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
THIS WEEK'S WORK SCHEDULE in Pacific Daylight-savings Time:
Mon. (8) Tues. (8) Weds. (6) Thurs. (8) Fri. (8) Wkend(2)
[ mostly 6 a.m until 11 a.m, and 2 p.m to 5 p.m. ]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~