[Esd-l] ANN: Sanitizer 1.131 is released

John D. Hardin jhardin at impsec.org
Fri Nov 23 21:07:01 PST 2001

Hash: SHA1

The procmail sanitizer has been updated. The current version is 1.131
It is available via:

US:  http://www.impsec.org/email-tools/procmail-security.html
NO:  http://jhardin.oftedal.no/email-tools/procmail-security.html
AU:  http://grebopple.accessunited.com.au/email-tools/procmail-security.html
AU:  http://impsec.fuzzitech.net/~jhardin/email-tools/procmail-security.html

- From the changelog:

11/22/2001 (1.131)
Fixed the script so that it now actually respects the setting of
Added support for the Perl regular expression (?...) construct in the poisoned
files list, so that more flexible poisoning lists may be constructed - see man
perlex for details. See the recommended poison list for examples.
Fixed a bug that caused the sanitizer to misinterpret multi-line RFC822
Content-Type headers, leading to attachments not being sanitized.
Added a hack to recognize filenames in Content-Description comment headers,
where MS Outlook helpfully looks for a filename if one isn't specified in
the Content-Type or Content-Disposition headers; if you don't want
Content-Description to be modified, define $SECURITY_DISABLE_OUTLOOK_HACKS to
be any value.
Recognize multipart attachment specification where the MIME boundary string is
not in quotes.
Added $SECURITY_NONOTIFY_LONGSUBJECT to suppress long-subject-header
Remove trailing spaces from attachment filenames.
Remove trailing spaces if truncating long attachment filename with embedded
Defer echo of Content-Type and Content-Transfer-Encoding headers to remove
the need for default filename generation and to make inserted warnings
display properly.
Fix misparsing of the attachment following an empty attachment.
Cosmetic fix in one warning message.
Added $STRIPPED_EXECUTABLES to strip attachments by name in a manner similar to
$POISONED_EXECUTABLES - stripping an attachment does not poison the entire

All of these new things may once again make the script too big for AIX...
If so, try the no-macro-scan version.

The opt-out processor appears stable. ISP's really should take a look at it.

The sanitizer home page is at

Version: PGP 5.0
Charset: noconv


 John Hardin KA7OHZ   ICQ#15735746   http://www.wolfenet.com/~jhardin/
 jhardin at impsec.org        pgpk -a finger://gonzo.wolfenet.com/jhardin
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
  In 1998 more than three times as many people in the US were killed
  by incompetent physicians than were killed by handguns, yet the
  President of the A.M.A. is adopting "gun safety" as his platform.
   1075 days until the Presidential Election

More information about the esd-l mailing list