anomy-list

Problems with sanitizer and mail from mail.com

From: David (64571@xyz.molar.is)
Date: Thu 14 Nov 2002 - 20:37:13 GMT


Dear gurus,

I have sanitizer 1.57 installed to strip nasty attachment. It works very
well, but I got a problem.
Mail originating from mail.com gets corrupted. The lovely swedish characters
looks pretty ugly (Example 1 below). Messages from mail.com looks ok if I
send them to a server without sanitizer installed (Example 2)

So, my question is how I can solve this problem?

TIA,
 /David

This is my conf file:
(I know that I probably can remove some stuff at the bottom of the conf,
because of the parameter file_list_2_policy = accept)

# Do not log to STDERR:
feat_log_stderr = 0

# Don't insert log in the message itself:
feat_log_inline = 0

# Advertisement to insert in each mail header:
header_info = X-Sanitizer: Advosys mail filter
header_url = 0
header_rev = 0

# Enable filename based policy decisions:
feat_files = 1

# Protect against buffer overflows and null values:
feat_lengths = 1

# Replace MIME boundaries with our own:
feat_boundaries = 0

# Fix invalid and ambiguous MIME boundaries, if possible:
# Andrad
feat_fixmime = 0

# Trust signed and/or encrypted messages:
feat_trust_pgp = 1
msg_pgp_warning = WARNING: Unsanitized content follows.\n

# Defang shell scripts:
feat_scripts = 0

# Defang active HTML:
feat_html = 0

# Defang UUEncoded files:
feat_uuencoded = 0

# Sanitize forwarded content too:
feat_forwards = 1

# Testing? Set to 1 for testing, 0 for production:
feat_testing = 0

# # Warn user about unscanned parts, etc.
# Andrad
feat_verbose = 0

# Force all parts (except text/html parts) to
# have file names.
# Andrad
feat_force_name = 0

# Disable web bugs:
feat_webbugs = 0

# Disable "score" based mail discarding:
score_panic = 0
score_bad = 0

msg_file_drop = \n*****\n
msg_file_drop += NOTE: An attachment named %FILENAME was deleted from
msg_file_drop += this message because it contained a windows executable
msg_file_drop += or other potentially dangerous file type.
msg_file_drop += Contact the system administrator for more information.

##
## File attachment name mangling rules:
##
  
# Specify the Anomy temp file and quarantine directory
file_name_tpl = /var/spool/filter/att-$F-$T.$$

# Number of rulesets we are defining:
file_list_rules = 2
# Andrad
#file_default_policy = defang
file_default_policy = accept

# Delete probably nasty attachments:
file_list_1 = (?i)(winmail\.dat
file_list_1 += |\.([23]86|ad[ep]|ba[st]|c(hm|md|om|pl|rt)|class|d(ll|rv)
file_list_1 += |exe|fot|h(lp|ta|tt)|in[fs]|isp|job|js|js(e)|lnk|md[betz]
file_list_1 += |mht|ms[cipt]|o(cx|vl)|pcd|pif|ppa|qtx|reg|rom|sys|sh[bs]
file_list_1 += |sc[rft]|url|vb|vb[esx]|wll|wiz|wsc|wsf|wsh|wpm|xl[al])
file_list_1 += (\.g?z|z.bz\d?)*)$
file_list_1_policy = drop
file_list_1_scanner = 0

# Allow known "safe" file types and those that will be
# scanned by the user's desktop virus scanner:
file_list_2 = (?i)\.
# Word processor and document formats:
file_list_2 += (doc|dot|txt|rtf|pdf|ps|htm|[sp]?html?
# Spreadsheets:
file_list_2 += |xls|xlw|xlt|csv|wk[1-4]
# Presentation applications:
file_list_2 += |ppt|pps|pot
# Bitmap graphic files:
file_list_2 += |jpe?g|gif|png|tiff?|bmp|psd|pcx
# Vector graphics and diagramming:
file_list_2 += |vsd|drw|cdr|swf
# Multimedia:
file_list_2 += |mp3|avi|mpe?g|mov|ram?|mid|ogg
# Archives:
file_list_2 += |zip|g?z|rar|tgz|bz2|tar
# Source code:
file_list_2 += |[ch](pp|\+\+)?|s|inc|asm|patch|java|php\d?|jsp|bas)
file_list_2_policy = accept
file_list_2_scanner = 0

# Any file type not listed above gets renamed to prevent
# ms outlook from auto-executing it.

-------
EXAMPLE 1

Return-Path: <64653@xyz.molar.is>
Delivered-To: 64571@xyz.molar.is
Received: by www.gof.se (Postfix, from userid 511)
    id 5385F1118B; Thu, 14 Nov 2002 21:19:59 +0100 (CET)
Received: from ws1-6.us4.outblaze.com (205-158-62-53.outblaze.com
[205.158.62.53])
    by www.gof.se (Postfix) with SMTP id 72320110B7
    for <64571@xyz.molar.is>; Thu, 14 Nov 2002 21:19:51 +0100 (CET)
Received: (qmail 43519 invoked by uid 1001); 14 Nov 2002 20:19:50 -0000
Message-ID: <64695@xyz.molar.is>
Content-Type: text/plain; charset="iso-8859-15"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0
X-Mailer: MIME-tools 5.41 (Entity 5.404)
Received: from [213.200.149.127] by ws1-6.us4.outblaze.com with http for
    64653@xyz.molar.is; Thu, 14 Nov 2002 21:19:50 +0100
From: "David B" <64653@xyz.molar.is>
To: 64750@xyz.molar.is, 64571@xyz.molar.is
Date: Thu, 14 Nov 2002 21:19:50 +0100
Subject: This is a test
X-Originating-Ip: 213.200.149.127
X-Originating-Server: ws1-6.us4.outblaze.com
X-Spam-Status: No, hits=-0.9 required=5.0
    tests=MSG_ID_ADDED_BY_MTA_2,SIGNATURE_SHORT_SPARSE,
          SPAM_PHRASE_03_05
    version=2.43
X-Spam-Level:
X-Sanitizer: Advosys mail filter

This is a test
Swedish chars: a?o A?0

-------
EXAMPLE 2



hosted by molar.is