the Anomy mail sanitizer
The Anomy mail sanitizer is a filter designed to block email-based security risks, such as trojans and viruses. It can scan an arbitrarily complex RFC822 or MIME message and remove or rename attachments, truncate unusually long MIME header fields and sanitize HTML by disabling Javascript, etc. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs. The sanitizer has built-in support for third-party virus scanners.
| Tags | Communications Email Filters Security |
|---|---|
| Licenses | GPL |
| Operating Systems | POSIX |
| Implementation | Perl |
Recent releases
- 20 Jun 2003 22:23
Changes: HTMLCleaner was updated to avoid endless loops with Perl 5.00503. Users can now specify certain replacement tags in the configuration file. The testall.sh script now warns users if they attempt to use the Sanitizer in an UTF-8 enabled environment. The test cases were updated for FreeBSD 4.6.2 with Perl 5.00503, and fir Unicode-enabled Red Hat 8 or 9 machines.
- 18 Sep 2002 08:25
Changes: The only change is within the HTML cleaner, to disable href= and src= attributes using the hcp:// protocol. The HTML cleaner has been updated to revision 1.17.
- 17 Sep 2002 16:41
Changes: This release has built-in support for F-Prot Antivirus for Linux and protection against "message/partial" fragmented message attacks. Quite a few minor bugs have been fixed.
- 15 Feb 2002 14:10
Changes: Workarounds for problems regarding how Outlook detects uuencoded attachments, protection against the Outlook "hidden attachment" exploit (caused by carriage returns in message headers), a few other minor bugfixes, and a more powerful attachment policy language. The HTML cleanup module is available as a seperate package for users and developers of other security tools.
- 07 Jan 2002 08:43
Changes: Compatibility with Windows platforms was improved. The way that STYLE blocks are handled by the HTML cleaner was improved. A few other minor bugs were fixed.
