[Esd-l] ANN: Email Sanitizer 1.144 released
John D. Hardin
jhardin at impsec.org
Wed Jul 28 18:26:12 PDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The procmail sanitizer has been updated. The current version is 1.144
It is available via:
US/WA: http://www.impsec.org/email-tools/procmail-security.html
US/WA: http://eucleides.com/sanitizer/procmail-security.html
EU/NL: http://kanon.net/~jhardin/email-tools/procmail-security.html
#EU/NO: http://oftedal.no/~jhardin/email-tools/procmail-security.html
AU: http://grebopple.accessunited.com.au/email-tools/procmail-security.html
AU: http://impsec.fuzzitech.net/email-tools/procmail-security.html
Direct links to the current tarball:
US/WA: http://www.impsec.org/email-tools/procmail-sanitizer.tar.gz
US/WA: http://eucleides.com/sanitizer/procmail-sanitizer.tar.gz
EU/NL: http://kanon.net/~jhardin/email-tools/procmail-sanitizer.tar.gz
#EU/NO: http://oftedal.no/~jhardin/email-tools/procmail-sanitizer.tar.gz
AU: http://grebopple.accessunited.com.au/email-tools/procmail-sanitizer.tar.gz
AU: http://impsec.fuzzitech.net/email-tools/procmail-sanitizer.tar.gz
("commented out" mirrors are temporarily out-of-sync or unavailable)
b27ab0472f9d5f68be5e106d9ff59262 html-trap.procmail
c2d5cb20d173f6f5c15ed6f17a99b767 html-trap.procmail.nomacroscan
e5a09dc262a697e4f27c6a5fb353dfd0 procmail-sanitizer.tar.gz
- From the changelog:
07/28/2004 (1.144)
Fix subject line on recipient notification if message was discarded (Thanks to Joe Steele).
Defang webbugs in table elements.
Defang additional HTML tags.
Add $SPOOFED_SENDER handling option for reply control.
Minor bugfix in ZIP file detection and scanning.
Trap poorly-formed BASE64-encoded ZIP attachments (short lines).
Fix bug in BASE64-encoded zipfile decoding.
NOTE: Please either update to this version or apply the
1.139 Smarter-Reply patch from the website. The stock 1.139
sanitizer responds to attack messages with forged sender
addresses. This generates a great deal of useless email
backscatter.
The sanitizer home page is at
http://www.impsec.org/email-tools/procmail-security.html
The archive of the sanitizer discussion list is at
http://www.spconnect.com/mailman/listinfo/esd-l
-----BEGIN PGP SIGNATURE-----
Version: PGP 5.0
Charset: noconv
iQA/AwUBQQeeGNgi5ua4cy55EQI/qACgkLz3OTTWSZr94WtfBJ06pmp15hYAnRhI
9rl0EIYJQOzJN+Dun9fmEzbv
=fjIS
-----END PGP SIGNATURE-----
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org FALaholic #11174 pgpk -a jhardin at impsec.org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The [assault weapons] ban is the moral equivalent of banning red
cars because they look too fast.
-- Steve Chapman, Chicago Tribune
-----------------------------------------------------------------------
47 days until the "Scary-Looking Guns" ban expires
More information about the esd-l
mailing list