anomy-list

Sanitizer HTML spew coming out in-line

From: Jim Rosenberg (34442@xyz.molar.is)
Date: Fri 01 Feb 2002 - 18:06:36 UTC

  • Next message: Bjarni R. Einarsson: "Re: Sanitizer HTML spew coming out in-line"

    Last night I just upgraded to 1.48 from a much older version. I got
    one complaint from a user who got a huge piece of sanitizer log "in-
    line" -- visually it looks like it's inside a box. This is a heavily
    forwarded E-mail, and it looks like it was originally edited in Word
    as HTML. It is a prodigious amount of defanging.

    This is one of those users who insists he "must" ("as a matter of
    record") print and file every E-mail on certain matters, and he is
    not amused at having all this stuff in his E-mail.

    I'm not amused at the thought of turning off feat_html. (I did read
    about the uuencode issue. We should have feat_uuencode on, I don't
    think that's the problem. [It's kind of hard for me to capture his
    message raw, so I don't really know how the original message was
    coded.])

    It seems to me I recall reading in the change log (or somewhere) that
    there's now some finer grain control over HTML defanging. Is there
    somewhere I can read up on this?

    I don't know how other people feel, but as a workaday system
    administrator, I'm more thankful for Anomy than just about any other
    tool I can think of. It means the difference between being able to
    get my work done and being in a panic to update virus definitions
    everywhere every time some new critter comes out. Which these days
    is *OFTEN*. Anomy is doing more to make my life sane than any other
    anti-malware weapon I've got. So, I really don't want my users to be
    mad at it ...

    Any advice on how to tone down the defanging of Microsoft {X,HT}ML
    crapola?

    ---
    #include <disclaimer.h>
    Jim Rosenberg
    Ross Mould
    E-mail: 34529@xyz.molar.is
    



    hosted by molar.is