anomy-list

Sanifilter, version 1.48.2, released.

From: Dave Cridland (29909@xyz.molar.is)
Date: Wed 09 Jan 2002 - 23:59:14 UTC

  • Next message: Alexandre Busquets Triola: "?"

    Finally...

    This version is a bugfix from the last available.

    It's also the first one with a version number.

    There were lots of bugs fixed. And I mean lots.

    I've been testing it by using:

    a) Fetchmail directly to LMTP. (Which is how I pick up all my email).

    This sends multiple emails down the same connection.

    b) Multiple concurrent sendmails.

    These send single emails down multiple connections. Sometimes they pick
    up other connections, rather oddly, and so serialize with other emails.

    c) Corrupt emails

    With vast line lengths.

    I now can't find any test case which breaks it. This is a *good* thing.

    I really don't recommend the use of any previous version.

    This is now very comfortably Beta.

    It's linked from http://www.btinternet.com/~davecridland/ as usual.

    A couple of things I noticed while testing:

    1) f-prot will virus check entire RFC822 messages, and identify the
    viruses properly. It actually appears to treat them as archives, which
    is interesting.

    2) However, f-prot didn't get a look-in against all the common, recent
    viruses I threw at my setup. f-prot was run over the HTML files, but the
    binaries were stripped out neatly beforehand, and f-prot couldn't find
    anything wrong. As such, I'll probably change my personal setup so that
    HTML files are simply passed directly through - and cleaned by the
    sanitizer.

    I'd really appreciate some people trying this in an SMTP filtering
    environment, or indeed at all. I'm pretty certain this is reasonably
    stable.

    I suspect it's currently more secure than the standard sanitizer.pl
    front end, now that it handles changin uid/gid and chrooting properly.

    Dave.



    hosted by molar.is