> The anser's in the question, as my teachers used to say at school. :-)
>
> > # Any attachment not listed above gets renamed.
>
> You haven't told Anomy to accept .html - which is the invented filename
> it uses for rule checking HTML.
>
> Therefore it will defang the part, renaming it, according to your
> default policy.
I tried adding htm and html to the accepted list and setting feat_html 0
with the same results...
Here is my latest (failed) attempt to make this work-- I've even turned off
mime checking/replacement, etc. but still having the same results. It
doesn't make sense. At this point I have just disabled anomy altogether...:
# Do not log to STDERR:
feat_log_stderr = 0
# Don't insert log in the message itself:
feat_log_inline = 0
# Advertisement to insert in each mail header:
header_info = X-Sanitizer: Advosys mail filter
header_url = 0
header_rev = 0
# Enable filename based policy decisions:
feat_files = 1
# Protect against buffer overflows and null values:
feat_lengths = 1
# Replace MIME boundaries with our own:
feat_boundaries = 0
# Fix invalid and ambiguous MIME boundaries, if possible:
feat_fixmime = 0
# Trust signed and/or encrypted messages:
feat_trust_pgp = 1
msg_pgp_warning = WARNING: The following text was not screened for viral
content.\n
# Defang shell scripts:
feat_scripts = 0
# Defang active HTML:
feat_html = 0
# Defang UUEncoded files:
feat_uuencoded = 0
# Sanitize forwarded content too:
feat_forwards = 1
# Testing? Set to 1 for testing, 0 for production:
feat_testing = 0
# # Warn user about unscanned parts, etc.
feat_verbose = 1
# Force all parts (except text/html parts) to
# have file names.
feat_force_name = 0
# Disable web bugs:
feat_webbugs = 1
# Disable "score" based mail discarding:
score_panic = 0
score_bad = 0
msg_file_drop = \n*****\n
msg_file_drop += NOTE: An attachment named %FILENAME was deleted from
msg_file_drop += this message because was a windows executable.
msg_file_drop += Contact the system administrator for more information.
##
## File attachment name mangling rules:
##
file_name_tpl = /var/quarantine/att-$F-$T.$$
# Number of rulesets we are defining:
file_list_rules = 2
file_default_policy = defang
# Delete probably nasty attachments:
file_list_1 = (?i)(winmail.dat)|
file_list_1 +=
(\.(vb[se]|exe|com|cab|dll|ocx|msi|cmd|bat|pif|lnk|hlp|ms[ip]|reg|asd))$
file_list_1_policy = drop
file_list_1_scanner = 0
# Allow known "safe" file types and those that can be
# scanned by the downstream virus scanner:
file_list_2 =
(?i)\.(html|htm|doc|dot|rtf|xls|ppt|xlw|jpg|gif|png|tiff?|txt|zip|tgz|gz|mp3
)
file_list_2_policy = accept
file_list_2_scanner = 0
# Any attachment not listed above gets renamed.