Re: [anomy-bugs]: Suggestion

From: Bjarni R. Einarsson (
Date: Thu 27 May 2004 - 12:56:36 GMT

  • Next message: Matt Fahrner: "Re: Re: [anomy-bugs]: Suggestion"

    On 2004-05-25, 10:54:30 (-0700), David Fetrow wrote:

    You're very welcome! :)

    > This is a request for a feature we think
    > would be useful, hopefully to you and others as well.
    > We would like to institute a self-retrieve website
    > so we needn't unquarantine every legit attachment (all .1%
    > of them).
    > One way that would be MUCH easier/secureable is if we had a way
    > to attach the login name to the filename as saved (note:
    > we save ours in around 60 subdirectories by first character
    > of original attachment; makes things more manageable).
    > e.g. att-$A-$F-$T.$$
    > where $A is the address (or username) it was sent to.
    > If we could save as the username, even better.

    OK, this should be easy enough - the main question would be how to
    pass the login name to the Sanitizer. Currently the only information
    the Sanitizer has comes from the message headers, and as you probably
    know from personal experience, thanks to "bcc" and mailing lists and
    such things, the user's login name may actually not occur anywhere
    in the message headers.

    If you're running from within a procmail environment, then it's easy
    enough to set an environment variable containing the recipient's
    login name - but if you can set an environment variable, you can
    just as easily customize the sanitizer's config instead. An example
    of this is actually implemented in the procmail ruleset I
    distributed the other day, which is at:

    If you take a look at that code, then you can see that the procmail
    recipie defines a TMPDIR which is based on the recipient's login name:


    This is then used to define a custom file_name_tpl when the sanitizer
    is invoked:

     :0 f
     |$ANOMY/bin/ \
            "file_name_tpl = $TMPDIR/eml-$DATE-$$"'-$$$-$F' \
            $SANCFG \
            'feat_log_stderr = 1' \

    If you aren't running from within procmail, you could almost
    certainly implement a similar strategy using a simple shell-script
    wrapper around the sanitizer.

    Does this help solve your problem?

    Bjarni Rúnar Einarsson

    PGP: 02764305, B7A3AB89

    hosted by