doc:appunti:linux:sa:sanitizer
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
doc:appunti:linux:sa:sanitizer [2023/01/19 11:03] – [The HTML MIME multipart problem] niccolo | doc:appunti:linux:sa:sanitizer [2023/01/19 12:11] (current) – [Perl Unescaped left brace warning] niccolo | ||
---|---|---|---|
Line 7: | Line 7: | ||
I use it as a personal mail filter in GNU/Linux mail servers, because it can be activated on a per-user basis, by the **Local Delivery Agent** called by **Postfix**. The LDA can be as simple as **procmail** or the more complex **Dovecot LDA with Pigeonhole Sieve Interpreter**. | I use it as a personal mail filter in GNU/Linux mail servers, because it can be activated on a per-user basis, by the **Local Delivery Agent** called by **Postfix**. The LDA can be as simple as **procmail** or the more complex **Dovecot LDA with Pigeonhole Sieve Interpreter**. | ||
- | ===== Perl Syntax Warning | + | ===== Perl unescaped left brace warning |
- | The version included in Debian Bullseye contains a bug into the Perl code, which triggers the warning message: | + | The Sanitizer |
< | < | ||
+ | Unescaped left brace in regex is passed through in regex; | ||
+ | </ | ||
+ | It turned out to be into the file **/ | ||
+ | |||
+ | <code perl> | ||
+ | $score += 4 while ($buff =~ s/ | ||
</ | </ | ||
+ | |||
+ | <code perl> | ||
+ | $score += 1 while ($buff =~ s/ | ||
+ | </ | ||
+ | |||
===== The HTML MIME multipart problem ===== | ===== The HTML MIME multipart problem ===== | ||
Line 19: | Line 30: | ||
Several mail user agents nowaday compose email messages in HTML format, sometimes without including a text-only copy of the same message. Some agents include the HTML as a part of multipart [[wp> | Several mail user agents nowaday compose email messages in HTML format, sometimes without including a text-only copy of the same message. Some agents include the HTML as a part of multipart [[wp> | ||
- | The Anomy Sanitizer uses several methods to detect the HTML parts into a message, relaying on the **Content-Type: | + | In some circumstances Sanitizer defang the HTML message or the HTML part (changing its content type); thus a modern email reader does not display it correctly. In the best case an **anonymous attachment** is shown, in the worst case **an empty message** is shown. |
+ | |||
+ | The Anomy Sanitizer uses several methods to detect the HTML parts into a message, relaying on the **Content-Type: | ||
That behaviour is triggered by the **feat_files = 1** configuration option (enable filename-based policy decisions). | That behaviour is triggered by the **feat_files = 1** configuration option (enable filename-based policy decisions). | ||
Line 45: | Line 58: | ||
</ | </ | ||
+ | It is also possibile to remove the '' | ||
+ | |||
+ | The customized perl module can be installed into **/ | ||
doc/appunti/linux/sa/sanitizer.1674122629.txt.gz · Last modified: 2023/01/19 11:03 by niccolo