[Esa-l] ANN: Sanitizer update

John D. Hardin jhardin at wolfenet.com
Sun Jul 23 09:52:17 PDT 2000

Hash: SHA1

The procmail sanitizer has been updated. The current version is 1.113
It is available via:

US: ftp://ftp.rubyriver.com/pub/jhardin/antispam/procmail-security.html
EU: ftp://kanon.net/pub/jhardin/antispam/procmail-security.html

- From the News section of the home page:

Added checks for certain excessively long standard headers, to address
the MS Outlook header buffer-overflow bug; previously only
MIME-related headers were length-limited, and only in MIME messages.
Disabled sanitizing of encrypted/signed messages; changing the body of
such a message breaks the signature, so there's no good way to
sanitize it.
Moved DROPPRIVS=YES into the sanitizer itself to avoid configuration
errors - this may break gateway use, watch it closely.
Enabled scanning of PowerPoint files, which weren't being scanned due
to an oversight (D'oh!).
Improved handling of RFC822 comments embedded in unquoted attachment
Improved handling of filenames containing international characters.
Added a debugging mode - if you want to see the poisoned filespecs it
is comparing attachment names to, define $DEBUG to be anything.
Improved loop-prevention in notification messages; if you want to secure
your system against someone forging the X-Loop: headers in an attempt to
suppress attack notification messages, define $SECRET to be a short string
of random text.

Given the severity of the Outlook BO bug, you probably want to install
the updated sanitizer right away.

If you've been beta-testing this the past few days, please update to this
release. A few more small changes have been made that weren't in the beta.

Version: PGP 5.0
Charset: noconv


 John Hardin KA7OHZ   ICQ#15735746   http://www.wolfenet.com/~jhardin/
 jhardin at wolfenet.com      pgpk -a finger://gonzo.wolfenet.com/jhardin
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
  "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
  does quite what I want. I wish Christopher Robin was here."
				-- Peter da Silva in a.s.r
   98 days until Daylight Savings Time ends

More information about the esd-l mailing list