More on Content ID Revisited

From: Rick Johnson (
Date: Thu 15 Jan 2004 - 21:01:21 GMT

  • Next message: Peter Mueller: "Newbie HTML/DEFANG question -- how do I stop images from being DE FANGED?"

    Further checking on this behavior shows:

    Original Mime Header:

    Content-Type: image/jpeg;
    Content-Transfer-Encoding: base64
    Content-ID: <>
    Content-Disposition: inline;

    Sanitizer Log:

       Part (pos="1697"):
         SanitizeFile (filename="moz-screenshot-1.jpg,, unnamed.jpg", mimetype="image/jpeg"):
           Match (names="", rule="2"):
               Scan succeeded, file is clean.

             Enforced policy: accept

           File name doesn't match MIME type, defanging.
           Replaced mime type with: application/RENAME_FILE_TO_USE-100
           Replaced file name with:

    Resulting Mime Header:

    Content-Type: application/RENAME_FILE_TO_USE-100;
    Content-Transfer-Encoding: base64
    Content-Disposition: inline;
    Content-ID: <>

    Rule Syntax:

    file_list_2_scanner = 0:19:12,13:/usr/local/bin/ %FILENAME
    file_list_2_policy = accept:save:drop:drop
    file_list_2 = (?i)(.*\@.*\.com)$

    I've turned on force filename for mime types w/o filenames. That being said,
    shouldn't it take the filename and make it priority over the Content-ID?

    Are there any other "features" I could enable or disable to resolve this?


    Rick Johnson, RHCE #807302311706007 -
    Linux/Network Administrator - Medata, Inc.
    PGP Public Key:

    hosted by