[Esd-l] Stripping Attachments?

[John D. Hardin]

On Sat, 12 Jan 2002, Paul Thomas wrote:

> > Take *.RTF (etc.) out of your strip file if you don't want them
> > stripped.
> 
> Ah, this is the trouble I'm having then. What I'm trying to accomplish
> is, I run some listservers on my mailserver. One of the listowners
> wants to have all file types except for gif, jpg, txt, eml, and rtf
> to be stripped out. So I thought I might try a apply the Sanitizer's
> Stripped Executable feature to accomplish this as I run the incoming
> list mail through the Sanitizer anyway. 

Stripping "all except" is not easy in the current incarnation of the
sanitizer. When the newer policy files model is implemented, you'd be
able to code something like:

	*.gif	A
	*.jpg	A
	*.txt	A
	*.eml	A
	*.rtf	A
	*	S

...to achieve what you want.

NB: .eml is hazardous, as it's typically base64 encoded and thus not
(yet) subject to defanging or attachment rules. Also note that .rtf
doesn't necessarily mean what you think. There was a Word virus a
while back that saved things in .DOC format files with .RTF filenames,
thus permitting them to contain macro viruses even though .RTF is not
macro-enabled. Word doesn't care, it'll happily open the file
regardless of the filename.
 
--
 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin at impsec.org                       pgpk -a jhardin at wolfenet.com
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  Monty Python's Star Trek Voyager:
  A successful trans-warp experiment turns Paris and Janeway into
  newts, but they get better.
  ...wait a minute... It's already been done...
-----------------------------------------------------------------------
   6 days until Babylon 5: the Legend of the Rangers