anomy-list

Attachment issue

From: Scott Renda (82225@xyz.molar.is)
Date: Wed 04 Jun 2003 - 23:19:39 GMT

  • Next message: Rick Johnson: "Re: Attachment issue"

    Rolled out Postifx/Courier IMAP/maildrop server last week. Using Advosys
    Anomy/Spamassassin/Pyzor combo.

    My problem: I have an internal recruiter who is getting emails stripped.
    The emails are submitted from monster.com using the apply now button on the
    job description page. What happens is the mail comes through, but the part
    where the resume should be listed is cut off. I verified this problem
    didn't exist with our old mail server. Looking at header [see below]:

    X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
    Message-ID: <BATCH10200zepDI8NFr0019e403@BATCH102>
    X-OriginalArrivalTime: 04 Jun 2003 09:07:16.0943 (UTC)
    FILETIME=[B2209DF0:01C32A78]
    X-Spam-Status: No, hits=2.1 required=6.0
            tests=NO_REAL_NAME,SUBJ_HAS_UNIQ_ID
            version=2.54
    X-Spam-Level: **
    X-Spam-Checker-Version: SpamAssassin 2.54 (1.174.2.17-2003-05-11-exp)
    X-Pyzor: Reported 0 times.
    X-Sanitizer: HTS Mailwall
    Content-Type: text/plain; charset="iso-8859-1"
    Content-Transfer-Encoding: quoted-printable

    It shows the attachment as text/plain, but if that were case, I don't see
    how it would be stripped. It has to be some html or multipart/mixed issue
    coming out of monster.

    I also have another person with this problem, and their header is slightly
    different. In that instance, the Content-Type is multipart/mixed, but the
    boundary on the problem emails is now boundary="MIMEStream=_+testing99"

    I wonder if it's an issue with an attachment type coming off the monster
    site? I played with the feat_force_name and feat_html values with no luck.
    Is it possible the feat_forwards is screwing it up? My anomy.conf is below.
    Although I pretty good with open source stuff, I an not a programmer and
    besides applying diff patches am unable to modify code in any proactive
    manner :) Any help would be appreciated...

    Anomy.conf
    -------------
    ## Logging
    feat_log_stderr = 0
    feat_log_inline = 0
    ## Header information
    header_info = X-Sanitizer: HTS, Inc. Mailwall
    header_url = 0
    header_rev = 0
    ## Parameters
    feat_files = 1
    feat_lengths = 1
    feat_boundaries = 0
    feat_fixmime = 1
    feat_trust_pgp = 0
    feat_scripts = 1
    feat_html = 1
    feat_uuencoded = 1
    feat_forwards = 1
    feat_testing = 0
    feat_verbose = 1
    feat_force_name = 0
    feat_webbugs = 1
    score_bad = 100
    ## Messages
    msg_pgp_warning = WARNING: Unsanitized content follows
    msg_defanged = Message Quarantine
    msg_blacklisted = Evil Attachment Warning
    msg_file_drop = \n******************************************************\n
    msg_file_drop += NOTE: An attachment named %FILENAME was deleted from\n
    msg_file_drop += this message. This file is produced by various Microsoft\n
    msg_file_drop += mail clients and can be safely ignored.\n
    msg_file_drop += ********************************************************\n
    msg_file_save = \n*******************************************************\n
    msg_file_save += Added %FILENAME as %SAVEDNAME to the\n
    msg_file_save += XXXXXXXXXXXXXX, Inc. Mailwall quarantine.\n
    msg_file_save += Please contact your administrator for more information.\n
    msg_file_save += ********************************************************\n
    msg_log_prefix = This message has been sanitized. The original\n
    msg_log_prefix += message may have been altered - the following \n
    msg_log_prefix += log explains what was done and why.\n
    ## File attachment name mangling rules:
    # Specify the Anomy temp file and quarantine directory
    file_name_tpl = /var/spool/filter/att-$F-$T.$$
    # Number of rulesets we are defining:
    file_list_rules = 2
    file_default_policy = defang

    file_list_1_policy = save
    file_list_1_scanner = 0
    file_list_1 = (?i)
    file_list_1 += (\.(exe|com|vb[es]|dll|ocx|cmd|bat|pif|lnk|ms[ip]|reg|sct|inf
    file_list_1 +=
    |asd|cab|c(om|hm)|sh[sb]|scr|cpl|chm|wsh|hta|vcd|vcf|eml|nws))$

    file_list_2_policy = accept
    file_list_2_scanner = 0
    file_list_2 = (?i)(winmail\.dat)|
    file_list_2 += (doc|dot|txt|rtf|pdf|ps|htm|[sp]?html?
    file_list_2 += |xls|xlw|xlt|csv|wk[1-4]
    file_list_2 += |ppt|pps|pot
    file_list_2 += |jpe?g|gif|png|tiff?|bmp|psd|pcx
    file_list_2 += |vsd|drw|cdr|swf
    file_list_2 += |avi|mpe?g|mov|ram?|mid|ogg|mp[23]
    file_list_2 += |zip|g?z|rar|tgz|bz2|tar|caz
    file_list_2 += |[ch](pp|\+\+)?|s|inc|asm|patch|java|php\d?|jsp|bas)*$

    Thanks...

    ************************************
    Scott Renda
    High Technology Solutions, Inc.
    Phone: 858-495-0508
    Fax: 858-571-5423
    82225@xyz.molar.is

    Attachments:
     + http://mailtools.anomy.net/archives/anomy-list//8e/c3/ede7cf6/01.winmail.dat



    hosted by molar.is