[Esa-l] A new mail sanitizer.

Bjarni R. Einarsson bre at netverjar.is
Tue Jun 13 05:53:40 PDT 2000


Hi all,

I've been lurking on this list for about a month, and working on my own
project in the meantime.  I've essentially written an alternate
implementation of most of the stuff in John's procmail security ruleset.
John's code proved to be an excellent source of ideas and code snippets.

It's written in Perl, using the CPAN MIME::Base64 module and my own MIME
stream editing module.

The url for my project is:  http://mailtools.anomy.net/

Pros, compared to John's procmail ruleset:

 - Everything runs in one process, and the message itself is only parsed
   once (unless you use external virus scanners).  I was very careful to 
   use memory and I/O sparingly.

 - Doesn't require procmail (although using it is recommended).

 - More complete: arbitrarily complex MIME structures are decoded and their
   contents parsed.  My HTML sanitizer will e.g. defang properly Base64 or
   QP encoded text/html parts, and other more obscure (or non-RFC-compliant)
   constructs such as Base64 encoded message/rfc822 parts.

 - Forwarded messages and pre-MIME UU encoded attachments can also be
   scanned.

 - Built in support for 3rd party virus scanning of attachments.

 - Relatively flexible configuration, including a policy mechanism for
   treating files differently based on extension.

Cons:

 - Bigger, more complicated code.  Probably has bugs.

 - New, not widely tested.  Probably has bugs. :)

 - Not very well documented.

 - Perl likes to burn CPU cycles.


Hopefully some of you will try it out and send me feedback...

-- 
Bjarni R. Einarsson                           PGP: 02764305, B7A3AB89
 bre at netverjar.is               -><-            http://bre.klaki.net/

Netverjar gegn ruslpósti: http://www.netverjar.is/baratta/ruslpostur/




More information about the esd-l mailing list