anomy-list

More on Content ID Revisited

From: Rick Johnson (107862@xyz.molar.is)
Date: Thu 15 Jan 2004 - 21:01:21 GMT

  • Next message: Peter Mueller: "Newbie HTML/DEFANG question -- how do I stop images from being DE FANGED?"

    Further checking on this behavior shows:

    Original Mime Header:

    *******
    Content-Type: image/jpeg;
      name="moz-screenshot-1.jpg"
    Content-Transfer-Encoding: base64
    Content-ID: <107953@xyz.molar.is>
    Content-Disposition: inline;
      filename="moz-screenshot-1.jpg"
    *******

    Sanitizer Log:

    *******
       Part (pos="1697"):
         SanitizeFile (filename="moz-screenshot-1.jpg,
    107953@xyz.molar.is, unnamed.jpg", mimetype="image/jpeg"):
           Match (names="107953@xyz.molar.is", rule="2"):
             ScanFile
    (file="/var/quarantine/att-part1.09070406.04080005_medata.com-4006feff.AB"):
               Scan succeeded, file is clean.

             Enforced policy: accept

           File name doesn't match MIME type, defanging.
           Replaced mime type with: application/RENAME_FILE_TO_USE-100
           Replaced file name with:
    part1_09070406_04080005_medata_com.RENAME_FILE_TO_USE-100
    *******

    Resulting Mime Header:

    *******
    Content-Type: application/RENAME_FILE_TO_USE-100;
    name="part1_09070406_04080005_medata_com.RENAME_FILE_TO_USE-100"
    Content-Transfer-Encoding: base64
    Content-Disposition: inline;
    filename="part1_09070406_04080005_medata_com.RENAME_FILE_TO_USE-100"
    Content-ID: <107953@xyz.molar.is>
    *******

    Rule Syntax:

    *******
    file_list_2_scanner = 0:19:12,13:/usr/local/bin/uvscan.sh %FILENAME
    file_list_2_policy = accept:save:drop:drop
    file_list_2 = (?i)(.*\@.*\.com)$
    *******

    I've turned on force filename for mime types w/o filenames. That being said,
    shouldn't it take the filename and make it priority over the Content-ID?

    Are there any other "features" I could enable or disable to resolve this?

    -Rick

    -- 
    Rick Johnson, RHCE #807302311706007 - 107862@xyz.molar.is
    Linux/Network Administrator - Medata, Inc.
    PGP Public Key: https://mail.medata.com/pgp/rjohnson.asc
    



    hosted by molar.is