[Esd-l] ANN: Procmail Sanitizer 1.136 released

John D. Hardin jhardin at impsec.org
Sun Oct 20 11:48:00 PDT 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The procmail sanitizer has been updated. The current version is 1.136
It is available via:

US/WA:  http://www.impsec.org/email-tools/procmail-security.html
US/FL:  http://stonewall.lbhs.net/~jhardin/email-tools/procmail-security.html
EU/NO:  http://jhardin.oftedal.no/email-tools/procmail-security.html
EU/NL:  http://kanon.net/~jhardin/email-tools/procmail-security.html
AU:     http://grebopple.accessunited.com.au/email-tools/procmail-security.html
AU:     http://impsec.fuzzitech.net/email-tools/procmail-security.html

Direct links to the current tarball:

US/WA:  http://www.impsec.org/email-tools/procmail-sanitizer.tar.gz
US/FL:  http://stonewall.lbhs.net/~jhardin/email-tools/procmail-sanitizer.tar.gz
EU/NO:  http://jhardin.oftedal.no/email-tools/procmail-sanitizer.tar.gz
EU/NL:  http://kanon.net/~jhardin/email-tools/procmail-sanitizer.tar.gz
AU:     http://grebopple.accessunited.com.au/email-tools/procmail-sanitizer.tar.gz
AU:     http://impsec.fuzzitech.net/email-tools/procmail-sanitizer.tar.gz


html-trap.procmail:
     $Id: html-trap.procmail,v 1.136 2002-10-20 10:38:14-07 jhardin Exp jhardin $
     $Revision: 1.136 $
     $Date: 2002-10-20 10:38:14-07 $
     $Revision: 1.136 $
2f8be4762cd1306a37be4d1d244a0e78  html-trap.procmail


- From the changelog:

10/20/2002 (1.136)
Added CPL (Control Panel applet) and WSZ (WinAmp skin - scriptable) to
  default list of executable extensions.
Handle extension-only filenames properly.
Don't corrupt HTML-encoded multibyte characters.
Collapse runs of spaces in filenames before length-limiting.
Don't lose original extension(s) during length-limiting.
Add a kill-all-EXEs option ($SECURITY_POISON_WINEXE) to check base64
  body for WIN exe magic.
Mangle MIME type to TEXT/PLAIN instead of APPLICATION/OCTET-STREAM to
  (hopefully) prevent magic scanning and execution.
Detect MSWord INCLUDETEXT and INCLUDEPICTURE as an attack in macro
  scanner.
Special case for sender detection in messages from AOL.
Smarten up sender postmaster notification a bit.


The sanitizer home page is at
http://www.impsec.org/email-tools/procmail-security.html

The archive of the sanitizer discussion list is at
http://www.spconnect.com/mailman/listinfo/esd-l



-----BEGIN PGP SIGNATURE-----
Version: PGP 5.0
Charset: noconv

iQA/AwUBPbLq3Ngi5ua4cy55EQLAUQCeNhAuPLWSRJGYFL2JsvX7PMQPHUIAnRnn
BoBTNL0tY3glDELTpKRbr+BI
=gTUk
-----END PGP SIGNATURE-----

--
 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin at impsec.org                        pgpk -a jhardin at impsec.org
 key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  ...the Fates notice those who buy chainsaws...
                                              -- www.darwinawards.com
-----------------------------------------------------------------------
   59 days until The Two Towers



More information about the esd-l mailing list