Rolled out Postifx/Courier IMAP/maildrop server last week. Using Advosys
Anomy/Spamassassin/Pyzor combo.
My problem: I have an internal recruiter who is getting emails stripped.
The emails are submitted from monster.com using the apply now button on the
job description page. What happens is the mail comes through, but the part
where the resume should be listed is cut off. I verified this problem
didn't exist with our old mail server. Looking at header [see below]:
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID: <BATCH10200zepDI8NFr0019e403@BATCH102>
X-OriginalArrivalTime: 04 Jun 2003 09:07:16.0943 (UTC)
FILETIME=[B2209DF0:01C32A78]
X-Spam-Status: No, hits=2.1 required=6.0
tests=NO_REAL_NAME,SUBJ_HAS_UNIQ_ID
version=2.54
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 2.54 (1.174.2.17-2003-05-11-exp)
X-Pyzor: Reported 0 times.
X-Sanitizer: HTS Mailwall
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
It shows the attachment as text/plain, but if that were case, I don't see
how it would be stripped. It has to be some html or multipart/mixed issue
coming out of monster.
I also have another person with this problem, and their header is slightly
different. In that instance, the Content-Type is multipart/mixed, but the
boundary on the problem emails is now boundary="MIMEStream=_+testing99"
I wonder if it's an issue with an attachment type coming off the monster
site? I played with the feat_force_name and feat_html values with no luck.
Is it possible the feat_forwards is screwing it up? My anomy.conf is below.
Although I pretty good with open source stuff, I an not a programmer and
besides applying diff patches am unable to modify code in any proactive
manner :) Any help would be appreciated...
Anomy.conf
-------------
## Logging
feat_log_stderr = 0
feat_log_inline = 0
## Header information
header_info = X-Sanitizer: HTS, Inc. Mailwall
header_url = 0
header_rev = 0
## Parameters
feat_files = 1
feat_lengths = 1
feat_boundaries = 0
feat_fixmime = 1
feat_trust_pgp = 0
feat_scripts = 1
feat_html = 1
feat_uuencoded = 1
feat_forwards = 1
feat_testing = 0
feat_verbose = 1
feat_force_name = 0
feat_webbugs = 1
score_bad = 100
## Messages
msg_pgp_warning = WARNING: Unsanitized content follows
msg_defanged = Message Quarantine
msg_blacklisted = Evil Attachment Warning
msg_file_drop = \n******************************************************\n
msg_file_drop += NOTE: An attachment named %FILENAME was deleted from\n
msg_file_drop += this message. This file is produced by various Microsoft\n
msg_file_drop += mail clients and can be safely ignored.\n
msg_file_drop += ********************************************************\n
msg_file_save = \n*******************************************************\n
msg_file_save += Added %FILENAME as %SAVEDNAME to the\n
msg_file_save += XXXXXXXXXXXXXX, Inc. Mailwall quarantine.\n
msg_file_save += Please contact your administrator for more information.\n
msg_file_save += ********************************************************\n
msg_log_prefix = This message has been sanitized. The original\n
msg_log_prefix += message may have been altered - the following \n
msg_log_prefix += log explains what was done and why.\n
## File attachment name mangling rules:
# Specify the Anomy temp file and quarantine directory
file_name_tpl = /var/spool/filter/att-$F-$T.$$
# Number of rulesets we are defining:
file_list_rules = 2
file_default_policy = defang
file_list_1_policy = save
file_list_1_scanner = 0
file_list_1 = (?i)
file_list_1 += (\.(exe|com|vb[es]|dll|ocx|cmd|bat|pif|lnk|ms[ip]|reg|sct|inf
file_list_1 +=
|asd|cab|c(om|hm)|sh[sb]|scr|cpl|chm|wsh|hta|vcd|vcf|eml|nws))$
file_list_2_policy = accept
file_list_2_scanner = 0
file_list_2 = (?i)(winmail\.dat)|
file_list_2 += (doc|dot|txt|rtf|pdf|ps|htm|[sp]?html?
file_list_2 += |xls|xlw|xlt|csv|wk[1-4]
file_list_2 += |ppt|pps|pot
file_list_2 += |jpe?g|gif|png|tiff?|bmp|psd|pcx
file_list_2 += |vsd|drw|cdr|swf
file_list_2 += |avi|mpe?g|mov|ram?|mid|ogg|mp[23]
file_list_2 += |zip|g?z|rar|tgz|bz2|tar|caz
file_list_2 += |[ch](pp|\+\+)?|s|inc|asm|patch|java|php\d?|jsp|bas)*$
Thanks...
************************************
Scott Renda
High Technology Solutions, Inc.
Phone: 858-495-0508
Fax: 858-571-5423
82225@xyz.molar.is
Attachments:
+ http://mailtools.anomy.net/archives/anomy-list//8e/c3/ede7cf6/01.winmail.dat