anomy-list

Newbie HTML/DEFANG question -- how do I stop images from being DE FANGED?

From: Peter Mueller (108008@xyz.molar.is)
Date: Thu 15 Jan 2004 - 22:00:00 GMT

  • Next message: 108194@xyz.molar.is: "Re: Newbie HTML/DEFANG question -- how do I stop images from being DE FANGED?"

    Hello,

    Apologies if this has been asked before. I tried searching through the
    mailing list & documentation but didn't see an answer. My problem is that
    HTML gifs are getting defanged and I don't want them to. E.g.,

    DEFANGED_background="http://logo.intuitmarket.intuit.com/email/supplies/bg_b
    lack.gif"><IMG
            height=10 width=1 border=0
     
    DEFANGED_src="http://logo.intuitmarket.intuit.com/email/supplies/spacer.gif"

            NOSEND="1"></TD>

    I'd like to allow HTML-images through for now and perhaps secure them later.
    I have a setup similar to the Advosys setup, albeit with a few minor
    changes.

    Thanks,

    Peter

    <anomy.conf>
    # Example configuration file for Anomy Sanitizer
    #
    # From http://advosys.ca/papers/postfix-filtering.html
    # Advosys Consulting Inc., Ottawa
    #
    # Works with Anomy Sanitizer revision 1.53

    # Do not log to STDERR:
    feat_log_stderr = 0

    # Don't insert log in the message itself:
    feat_log_inline = 0

    # Advertisement to insert in each mail header:
    header_info = X-Sanitizer: SideStep mail filter
    header_url = 0
    header_rev = 0

    # Enable filename based policy decisions:
    feat_files = 1

    # Protect against buffer overflows and null values:
    feat_lengths = 1

    # Replace MIME boundaries with our own:
    feat_boundaries = 1

    # Fix invalid and ambiguous MIME boundaries, if possible:
    feat_fixmime = 1

    # Trust signed and/or encrypted messages:
    feat_trust_pgp = 1
    msg_pgp_warning = WARNING: Unsanitized content follows.\n

    # Defang shell scripts:
    feat_scripts = 0

    # Defang active HTML:
    feat_html = 1

    # Defang UUEncoded files:
    feat_uuencoded = 1

    # Disable message/partial MIME types:
    feat_no_partial = 1

    # Sanitize forwarded content too:
    feat_forwards = 1

    # Testing? Set to 1 for testing, 0 for production:
    feat_testing = 0

    # # Warn user about unscanned parts, etc.
    feat_verbose = 1

    # Force all parts (except text/html parts) to
    # have file names.
    feat_force_name = 1

    # Disable web bugs:
    feat_webbugs = 1

    # Disable "score" based mail discarding:
    score_panic = 0
    score_bad = 0

    msg_file_drop = \n*****\n
    msg_file_drop += NOTE: An attachment named %FILENAME was deleted from
    msg_file_drop += this message because it contained a windows executable
    msg_file_drop += or other potentially dangerous file type.\n
    msg_file_drop += Contact the system administrator for more information.

    ##
    ## File attachment name mangling rules:
    ##

    # Specify the Anomy temp file and quarantine directory
    file_name_tpl = /var/spool/filter/att-$F-$T.$$

    # Number of rulesets we are defining:
    file_list_rules = 2
    file_default_policy = defang

    # Delete executable, script and unscannable attachments:
    file_list_1 = (?i)(winmail\.dat
    file_list_1 += |\.([23]86|vb[se]|jse|cpl|crt|chm|cpl|in[fsi]
    file_list_1 += |isp|dll|drv|cmd|sc[rt]|sys|bat|pif|lnk|hlp
    file_list_1 += |ms[cip]|reg|asd|sh[bs]|app|ocx|ht[ta]|mht
    file_list_1 += |url|exe|ws[cfh]|ops|com|prx))\s*
    file_list_1_policy = drop
    file_list_1_scanner = 0

    # Allow known "safe" file types and those that will be
    # scanned by the user's desktop virus scanner:
    file_list_2 = (?i)\.
    # Word processor and document formats:
    file_list_2 += (doc|dot|txt|rtf|pdf|sxw|e?ps|htm|[sp]?html?
    # Spreadsheets:
    file_list_2 += |xls|xlw|xlt|csv|sxc|wk[1-4]
    # Presentation applications:
    file_list_2 += |ppt|pps|pot|sxi
    # Bitmap graphic files:
    file_list_2 += |jpe?g|gif|png|tiff?|bmp|psd|pcx
    # Vector graphics and diagramming:
    file_list_2 += |vsd|drw|cdr|swf
    # Multimedia:
    file_list_2 += |mp3|avi|mpe?g|mov|qtw|ram?|ogg
    # Archives:
    file_list_2 += |zip|g?z|rar|tgz|bz2|tar
    # Outlook Calender appointments
    file_list_2 += |ics
    # Source code:
    file_list_2 += |[ch](pp|\+\+)?|s|inc|asm|patch|java|php\d?|jsp|bas)
    file_list_2_policy = accept
    file_list_2_scanner = 0

    # Any file type not listed above gets renamed to prevent
    # ms outlook from auto-executing it.



    hosted by molar.is