Date: Mon, 1 Dec 2003 16:52:20 +0100 (CET) From: Janos Mohacsi <mohacsi@niif.hu> To: FreeBSD-gnats-submit@FreeBSD.org Cc: linimon@FreeBSD.org Subject: ports/59869: New port: mail/anomy-sanitizer version 1.63 Message-ID: <200312011552.hB1FqKpw062470@skye.ki.iif.hu> Resent-Message-ID: <200312011600.hB1G0HRL065996@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 59869
>Category: ports
>Synopsis: New port: mail/anomy-sanitizer version 1.63
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon Dec 01 08:00:16 PST 2003
>Closed-Date:
>Last-Modified:
>Originator: Janos Mohacsi
>Release: FreeBSD 4.9-STABLE i386
>Organization:
NIIF
>Environment:
System: FreeBSD skye.ki.iif.hu 4.9-STABLE FreeBSD 4.9-STABLE #2: Mon Nov 24 10:43:45 CET 2003 root@skye.ki.iif.hu:/usr/obj/mirror/src/sys/SKYE i386
>Description:
New port: anomy mail sanitizer - removes viruses, trojans from mail.
The current version is 1.63.
Can use procmail or {sendmail/posfix/qmail} to sanitize incoming (and outgoing)
mails.
You can close PR=ports/48235 (earlier version of this port).
The current version only set up to use procmail.
>How-To-Repeat:
apply this shar.
>Fix:
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# anomy-sanitizer/
# anomy-sanitizer/files
# anomy-sanitizer/files/sanitizer.cfg.sample
# anomy-sanitizer/files/sanitizer.cfg.sample2
# anomy-sanitizer/Makefile
# anomy-sanitizer/distinfo
# anomy-sanitizer/pkg-descr
# anomy-sanitizer/pkg-plist
#
echo c - anomy-sanitizer/
mkdir -p anomy-sanitizer/ > /dev/null 2>&1
echo c - anomy-sanitizer/files
mkdir -p anomy-sanitizer/files > /dev/null 2>&1
echo x - anomy-sanitizer/files/sanitizer.cfg.sample
sed 's/^X//' >anomy-sanitizer/files/sanitizer.cfg.sample << 'END-of-anomy-sanitizer/files/sanitizer.cfg.sample'
X# Active features.
X#
Xfeat_boundaries = 0
Xfeat_files = 1
Xfeat_forwards = 1
Xfeat_html = 1
Xfeat_lengths = 1
Xfeat_log_inline = 1
Xfeat_log_stderr = 0
Xfeat_scripts = 1
Xfeat_trust_pgp = 0
Xfeat_uuencoded = 1
Xfeat_verbose = 1
Xfile_list_rules = 4
X#
X# Note: This directory must exist and be writable by
X# the user running the sanitizer.
X#
Xfile_name_tpl = /var/quarantine/att-$F-$T.$$
X
X# Files we absolutely don't want (mostly executables).
X#
Xfile_list_1_scanner = 0
Xfile_list_1_policy = save
Xfile_list_1 = (?i)(winmail\.dat
Xfile_list_1 += |\.(exe|vb[es]|c(om|hm)|bat|pif|s(ys|cr))
Xfile_list_1 += (\.g?z|\.bz\d?)*)$
X
X# Pure data, don't mangle this stuff (much).
X#
Xfile_list_2_scanner = 0
Xfile_list_2_policy = accept
Xfile_list_2 = (?i)\.(gif|jpe?g|pn[mg]|x[pb]m|dvi|e?ps|p(df|cx)|bmp
Xfile_list_2 += |mp[32]|wav|au|ram?
Xfile_list_2 += |avi|mov|mpe?g
Xfile_list_2 += |t(xt|ex)|csv|l(og|yx)|sql|jtmpl
Xfile_list_2 += |[ch](pp|\+\+)?|s|inc|asm|pa(tch|s)|java|php\d?
Xfile_list_2 += |[ja]sp
Xfile_list_2 += |can|pos|ux|reg|kbf|xal|\d+)(\.g?z|\.bz\d?)*$
X
Xfile_list_3_scanner = 0
Xfile_list_3_policy = accept
Xfile_list_3 = ^[^\.]+$
X
X# Scan WinWord and Excel attachments with built-in macro scanner.
X# We consider anything exceeding the score of 25 to be dangerous,
X# and save it in the quarantine.
X#
Xfile_list_4 = (?i)\.(doc|dot|xls|xlw)$
Xfile_list_4_policy = accept:accept:save:save
Xfile_list_4_scanner = 0:1:2:builtin/macro 25
X
X
X
X# Default policy: accept, but mangle file name.
X#
Xfile_default_policy = defang
END-of-anomy-sanitizer/files/sanitizer.cfg.sample
echo x - anomy-sanitizer/files/sanitizer.cfg.sample2
sed 's/^X//' >anomy-sanitizer/files/sanitizer.cfg.sample2 << 'END-of-anomy-sanitizer/files/sanitizer.cfg.sample2'
X# Example configuration file for Anomy Sanitizer
X#
X# From http://advosys.ca/papers/postfix-filtering.html
X# Advosys Consulting Inc., Ottawa
X#
X# Works with Anomy Sanitizer revision 1.49
X
X# Do not log to STDERR:
Xfeat_log_stderr = 0
X
X# Don't insert log in the message itself:
Xfeat_log_inline = 0
X
X# Advertisement to insert in each mail header:
Xheader_info = X-Sanitizer: Anomy Sanitizer mail filter
Xheader_url = 0
Xheader_rev = 0
X
X# Enable filename based policy decisions:
Xfeat_files = 1
X
X# Protect against buffer overflows and null values:
Xfeat_lengths = 1
X
X# Replace MIME boundaries with our own:
Xfeat_boundaries = 1
X
X# Fix invalid and ambiguous MIME boundaries, if possible:
Xfeat_fixmime = 1
X
X# Trust signed and/or encrypted messages:
Xfeat_trust_pgp = 1
Xmsg_pgp_warning = WARNING: Unsanitized content follows.\n
X
X# Defang shell scripts:
Xfeat_scripts = 0
X
X# Defang active HTML:
Xfeat_html = 1
X
X# Defang UUEncoded files:
Xfeat_uuencoded = 0
X
X# Sanitize forwarded content too:
Xfeat_forwards = 1
X
X# Testing? Set to 1 for testing, 0 for production:
Xfeat_testing = 0
X
X# # Warn user about unscanned parts, etc.
Xfeat_verbose = 1
X
X# Force all parts (except text/html parts) to
X# have file names.
Xfeat_force_name = 1
X
X# Disable web bugs:
Xfeat_webbugs = 1
X
X# Disable "score" based mail discarding:
Xscore_panic = 0
Xscore_bad = 0
X
Xmsg_file_drop = \n*****\n
Xmsg_file_drop += NOTE: An attachment named %FILENAME was deleted from
Xmsg_file_drop += this message because it contained a windows executable
Xmsg_file_drop += or other potentially dangerous file type.
Xmsg_file_drop += Contact the system administrator for more information.
X
X##
X## File attachment name mangling rules:
X##
X
X# Specify the Anomy temp file and quarantine directory
Xfile_name_tpl = /var/spool/filter/att-$F-$T.$$
X
X# Number of rulesets we are defining:
Xfile_list_rules = 2
Xfile_default_policy = defang
X
X# Delete probably nasty attachments:
Xfile_list_1 = (?i)(winmail.dat)|
Xfile_list_1 += (\.(exe|com|vb[se]|dll|ocx|cmd|bat|pif|lnk|hlp|ms[ip]|reg|sct|inf
Xfile_list_1 += |asd|cab|sh[sb]|scr|cpl|chm|ws[fhc]|hta|vcd|vcf|eml|nws))$
Xfile_list_1_policy = drop
Xfile_list_1_scanner = 0
X
X# Allow known "safe" file types and those that will be
X# scanned by the user's desktop virus scanner:
Xfile_list_2 = (?i)\.
X# Word processor and document formats:
Xfile_list_2 += (doc|dot|txt|rtf|pdf|ps|htm|[sp]?html?
X# Spreadsheets:
Xfile_list_2 += |xls|xlw|xlt|csv|wk[1-4]
X# Presentation applications:
Xfile_list_2 += |ppt|pps|pot
X# Bitmap graphic files:
Xfile_list_2 += |jpe?g|gif|png|tiff?|bmp|psd|pcx
X# Vector graphics and diagramming:
Xfile_list_2 += |vsd|drw|cdr|swf
X# Multimedia:
Xfile_list_2 += |mp3|avi|mpe?g|mov|ram?|mid|ogg
X# Archives:
Xfile_list_2 += |zip|g?z|rar|tgz|bz2|tar
X# Source code:
Xfile_list_2 += |[ch](pp|\+\+)?|s|inc|asm|patch|java|php\d?|jsp|bas)
Xfile_list_2_policy = accept
Xfile_list_2_scanner = 0
X
X# Any file type not listed above gets renamed to prevent
X# ms outlook from auto-executing it.
END-of-anomy-sanitizer/files/sanitizer.cfg.sample2
echo x - anomy-sanitizer/Makefile
sed 's/^X//' >anomy-sanitizer/Makefile << 'END-of-anomy-sanitizer/Makefile'
X# New ports collection makefile for: anomy-sanitizer
X# Date created: 11 February 2003
X# Whom: janos.mohacsi@bsd.hu
X#
X# $FreeBSD$
X#
X
XPORTNAME= anomy-sanitizer
XPORTVERSION= 1.63
XCATEGORIES= mail security
XMASTER_SITES= http://mailtools.anomy.net/dist/
X
XMAINTAINER= janos.mohacsi@bsd.hu
XCOMMENT= Sanitize and clean incoming (outgoing) mails
X
XRUN_DEPENDS= ${SITE_PERL}/${PERL_ARCH}/Digest/MD5.pm:${PORTSDIR}/security/p5-Digest-MD5 \
X ${SITE_PERL}/${PERL_ARCH}/MIME/Base64.pm:${PORTSDIR}/converters/p5-MIME-Base64 \
X procmail:${PORTSDIR}/mail/procmail
X
XUSE_PERL5= yes
XNO_BUILD= yes
XWRKSRC= ${WRKDIR}/anomy
XDOC_FILES= README.sanitizer sanitizer.html
X
Xdo-install:
X @${MKDIR} ${SITE_PERL}/Anomy/Sanitizer/
X @${INSTALL_DATA} ${WRKSRC}/bin/Anomy/HTMLCleaner.pm ${SITE_PERL}/Anomy
X @${INSTALL_DATA} ${WRKSRC}/bin/Anomy/Log.pm ${SITE_PERL}/Anomy
X @${INSTALL_DATA} ${WRKSRC}/bin/Anomy/MIMEStream.pm ${SITE_PERL}/Anomy
X @${INSTALL_DATA} ${WRKSRC}/bin/Anomy/Sanitizer.pm ${SITE_PERL}/Anomy
X @${INSTALL_DATA} ${WRKSRC}/bin/Anomy/Sanitizer/FProt.pm ${SITE_PERL}/Anomy/Sanitizer/
X @${INSTALL_DATA} ${WRKSRC}/bin/Anomy/Sanitizer/MacroScanner.pm ${SITE_PERL}/Anomy/Sanitizer/
X @${INSTALL_DATA} ${WRKSRC}/bin/Anomy/Sanitizer/Scoring.pm ${SITE_PERL}/Anomy/Sanitizer/
X @${INSTALL_SCRIPT} ${WRKSRC}/bin/sanitizer.pl ${PREFIX}/bin
X @${INSTALL_SCRIPT} ${WRKSRC}/bin/simplify.pl ${PREFIX}/bin
X
Xpost-install:
X @${INSTALL_DATA} ${FILESDIR}/sanitizer.cfg.sample ${PREFIX}/etc/
X @${ECHO} ""
X @${ECHO} "Sample config installed at \
X ${PREFIX}/etc/sanitizer.cfg.sample
X @${ECHO} ""
X.ifndef(NOPORTDOCS)
X @${MKDIR} ${DOCSDIR}
X.for file in ${DOC_FILES}
X @${INSTALL_DATA} ${WRKSRC}/${file} ${DOCSDIR}
X.endfor
X.endif
X
X.include <bsd.port.mk>
END-of-anomy-sanitizer/Makefile
echo x - anomy-sanitizer/distinfo
sed 's/^X//' >anomy-sanitizer/distinfo << 'END-of-anomy-sanitizer/distinfo'
XMD5 (anomy-sanitizer-1.63.tar.gz) = 68cccc5a145ffb5f0faadcd971d96483
END-of-anomy-sanitizer/distinfo
echo x - anomy-sanitizer/pkg-descr
sed 's/^X//' >anomy-sanitizer/pkg-descr << 'END-of-anomy-sanitizer/pkg-descr'
XThe Anomy sanitizer is what most people would call "an email virus
Xscanner". The most important jobs that the sanitizer can do for you - it
Xcan scan email attachments for viruses. Other things it can do:
X* Disable potentially dangerous HTML code, such as javascript, within
Xincoming email.
X* Protect you from email-based break-in attempts which exploit bugs in
Xcommon email programs (Outlook, Eudora, Pine, ...).
X* Block or "mangle" attachments based on their file names. This way if you
Xdon't need to recieve e.g. visual basic scripts, then you don't have to
Xworry about the security risk they imply (the ILOVEYOU virus was a visual
Xbasic program). This lets you protect yourself and your users from whole
Xclasses of attacks, instead of blocking individual exploits.
X
XWWW: http://mailtools.anomy.net/
END-of-anomy-sanitizer/pkg-descr
echo x - anomy-sanitizer/pkg-plist
sed 's/^X//' >anomy-sanitizer/pkg-plist << 'END-of-anomy-sanitizer/pkg-plist'
Xbin/sanitizer.pl
Xbin/simplify.pl
Xetc/sanitizer.cfg.sample
X%%SITE_PERL%%/Anomy/HTMLCleaner.pm
X%%SITE_PERL%%/Anomy/Log.pm
X%%SITE_PERL%%/Anomy/MIMEStream.pm
X%%SITE_PERL%%/Anomy/Sanitizer.pm
X%%SITE_PERL%%/Anomy/Sanitizer/FProt.pm
X%%SITE_PERL%%/Anomy/Sanitizer/MacroScanner.pm
X%%SITE_PERL%%/Anomy/Sanitizer/Scoring.pm
X@dirrm %%SITE_PERL%%/Anomy/Sanitizer/
X@dirrm %%SITE_PERL%%/Anomy/
X%%PORTDOCS%%%%DOCSDIR%%/README.sanitizer
X%%PORTDOCS%%%%DOCSDIR%%/sanitizer.html
X%%PORTDOCS%%@dirrm %%DOCSDIR%%
END-of-anomy-sanitizer/pkg-plist
exit
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200312011552.hB1FqKpw062470>