[Esa-l] ANN: Sanitizer update

[John D. Hardin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The procmail sanitizer has been updated. The current version is 1.123
It is available via:

US:  http://www.impsec.org/email-tools/procmail-security.html
US:  ftp://ftp.rubyriver.com/pub/jhardin/antispam/procmail-security.html
CAN: ftp://netserv.on.ca/pub/jhardin/antispam/procmail-security.html
EU:  ftp://kanon.net/pub/jhardin/antispam/procmail-security.html

- From the News section of the home page:

11/11/2000
Improved STYLE defanging to keep the style settings from being
visible in the message body when viewed in an HTML mail client.
Added defanging of MIME values that have been explicitly set to null
(e.g. encoding="") - this is a major DoS attack against Microsoft Exchange.
Added SECURITY_NOTIFY_RECIPIENT option.
Added .pps (PowerPoint slide show) to the default mangle list and
scanned documents.

SECURITY_NOTIFY_RECIPIENT works the same way as SECURITY_NOTIFY_SENDER,
but *should not* be used on a filtering relay.

The sanitizer, home page, gateway nano-HOWTO and a list of poisoned
filespecs is now available as a tarball.

The sanitizer home page is at
http://www.impsec.org/email-tools/procmail-security.html


-----BEGIN PGP SIGNATURE-----
Version: PGP 5.0
Charset: noconv

iQA/AwUBOg1axNgi5ua4cy55EQKmJwCeIsed97GYabCxAfXiEzTmu/6RbOEAmgL/
11sa7Cb9FFJhn6vLHMl6LUjw
=he1W
-----END PGP SIGNATURE-----

--
 John Hardin KA7OHZ   ICQ#15735746   http://www.wolfenet.com/~jhardin/
 jhardin at wolfenet.com      pgpk -a finger://gonzo.wolfenet.com/jhardin
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
  does quite what I want. I wish Christopher Robin was here."
				-- Peter da Silva in a.s.r
-----------------------------------------------------------------------
   12 days until Thanksgiving