• Back to all releases

Version 1.2.1 of renattach

Changes: The --loop option was added, which removes Delivered-To headers from the input message. This defends Postfix against a "mail forwarding loop" spam relay trick which could be used when renattach is installed as an smtpd-side content filter.

Changes: A MIME parser bug where some headers were incorrectly sanitized was fixed. Support for using "#" to suppress new_extension was added. The build scripts were fixed to handle getopt properly, so the FreeBSD port now builds without modification. Note that the software has been discontinued, so sites using renattach should switch to a different security system.

Changes: The potentially insecure --pipe feature has been rewritten to eliminate shell interpretation/escape risks. The RFC 2047 decoder has been improved and a base64 decoding bug has been fixed, improving support for non-ASCII filenames. Several improvements were made to help with non-Unix builds and eliminate compiler warnings.

Changes: An option to search inside zip attachments for malicious files has been added. Security for launching external pipes has been enhanced. This release supports Outlook-style multi-line encoded filenames.

Changes: This release changes the exitcodes to more sensible values and adds new .conf options to allow more flexibility in altering the Subject field.