anomy-list

Re: leave HTML alone

From: Chris Lott (48780@xyz.molar.is)
Date: Thu 20 Jun 2002 - 20:02:57 UTC

  • Next message: 48918@xyz.molar.is: "fork problem under load"

    > The anser's in the question, as my teachers used to say at school. :-)
    >
    > > # Any attachment not listed above gets renamed.
    >
    > You haven't told Anomy to accept .html - which is the invented filename
    > it uses for rule checking HTML.
    >
    > Therefore it will defang the part, renaming it, according to your
    > default policy.

    I tried adding htm and html to the accepted list and setting feat_html 0
    with the same results...

    Here is my latest (failed) attempt to make this work-- I've even turned off
    mime checking/replacement, etc. but still having the same results. It
    doesn't make sense. At this point I have just disabled anomy altogether...:

    # Do not log to STDERR:
    feat_log_stderr = 0

    # Don't insert log in the message itself:
    feat_log_inline = 0

    # Advertisement to insert in each mail header:
    header_info = X-Sanitizer: Advosys mail filter
    header_url = 0
    header_rev = 0

    # Enable filename based policy decisions:
    feat_files = 1

    # Protect against buffer overflows and null values:
    feat_lengths = 1

    # Replace MIME boundaries with our own:
    feat_boundaries = 0

    # Fix invalid and ambiguous MIME boundaries, if possible:
    feat_fixmime = 0

    # Trust signed and/or encrypted messages:
    feat_trust_pgp = 1
    msg_pgp_warning = WARNING: The following text was not screened for viral
    content.\n

    # Defang shell scripts:
    feat_scripts = 0

    # Defang active HTML:
    feat_html = 0

    # Defang UUEncoded files:
    feat_uuencoded = 0

    # Sanitize forwarded content too:
    feat_forwards = 1

    # Testing? Set to 1 for testing, 0 for production:
    feat_testing = 0

    # # Warn user about unscanned parts, etc.
    feat_verbose = 1

    # Force all parts (except text/html parts) to
    # have file names.
    feat_force_name = 0

    # Disable web bugs:
    feat_webbugs = 1

    # Disable "score" based mail discarding:
    score_panic = 0
    score_bad = 0

    msg_file_drop = \n*****\n
    msg_file_drop += NOTE: An attachment named %FILENAME was deleted from
    msg_file_drop += this message because was a windows executable.
    msg_file_drop += Contact the system administrator for more information.

    ##
    ## File attachment name mangling rules:
    ##

    file_name_tpl = /var/quarantine/att-$F-$T.$$

    # Number of rulesets we are defining:
    file_list_rules = 2
    file_default_policy = defang

    # Delete probably nasty attachments:
    file_list_1 = (?i)(winmail.dat)|
    file_list_1 +=
    (\.(vb[se]|exe|com|cab|dll|ocx|msi|cmd|bat|pif|lnk|hlp|ms[ip]|reg|asd))$
    file_list_1_policy = drop
    file_list_1_scanner = 0

    # Allow known "safe" file types and those that can be
    # scanned by the downstream virus scanner:
    file_list_2 =
    (?i)\.(html|htm|doc|dot|rtf|xls|ppt|xlw|jpg|gif|png|tiff?|txt|zip|tgz|gz|mp3
    )
    file_list_2_policy = accept
    file_list_2_scanner = 0

    # Any attachment not listed above gets renamed.



    hosted by molar.is