7 files changed, 255 insertions, 0 deletions

diff --git a/mail/Makefile b/mail/Makefile
index 163daf622705..e67afaf51d38 100644
--- a/mail/Makefile
+++ b/mail/Makefile
@@ -6,6 +6,7 @@
     SUBDIR += aileron
     SUBDIR += akpop3d
     SUBDIR += althea
+    SUBDIR += anomy-sanitizer
     SUBDIR += anubis
     SUBDIR += archivemail
     SUBDIR += arrow
diff --git a/mail/anomy-sanitizer/Makefile b/mail/anomy-sanitizer/Makefile
new file mode 100644
index 000000000000..f5a385b0bdf3
--- /dev/null
+++ b/mail/anomy-sanitizer/Makefile
@@ -0,0 +1,49 @@
+# New ports collection makefile for:	anomy-sanitizer
+# Date created:		2003-02-11
+# Whom:			janos.mohacsi@bsd.hu
+#
+# $FreeBSD$
+#
+
+PORTNAME=	anomy-sanitizer
+PORTVERSION=	1.63
+CATEGORIES=	mail security
+MASTER_SITES=	http://mailtools.anomy.net/dist/
+
+MAINTAINER=	janos.mohacsi@bsd.hu
+COMMENT=	Sanitize and clean incoming/outgoing mail
+
+RUN_DEPENDS=	${SITE_PERL}/${PERL_ARCH}/Digest/MD5.pm:${PORTSDIR}/security/p5-Digest-MD5 \
+		${SITE_PERL}/${PERL_ARCH}/MIME/Base64.pm:${PORTSDIR}/converters/p5-MIME-Base64 \
+		procmail:${PORTSDIR}/mail/procmail
+
+USE_PERL5=	yes
+
+NO_BUILD=	yes
+WRKSRC=		${WRKDIR}/anomy
+
+DOCS=		CHANGELOG.sanitizer CREDITS README.sanitizer sanitizer.html
+
+do-install:
+	@${MKDIR} ${SITE_PERL}/Anomy/Sanitizer/
+	${INSTALL_DATA} ${WRKSRC}/bin/Anomy/HTMLCleaner.pm ${SITE_PERL}/Anomy
+	${INSTALL_DATA} ${WRKSRC}/bin/Anomy/Log.pm ${SITE_PERL}/Anomy
+	${INSTALL_DATA} ${WRKSRC}/bin/Anomy/MIMEStream.pm ${SITE_PERL}/Anomy
+	${INSTALL_DATA} ${WRKSRC}/bin/Anomy/Sanitizer.pm ${SITE_PERL}/Anomy
+	${INSTALL_DATA} ${WRKSRC}/bin/Anomy/Sanitizer/FProt.pm ${SITE_PERL}/Anomy/Sanitizer/
+	${INSTALL_DATA} ${WRKSRC}/bin/Anomy/Sanitizer/MacroScanner.pm ${SITE_PERL}/Anomy/Sanitizer/
+	${INSTALL_DATA} ${WRKSRC}/bin/Anomy/Sanitizer/Scoring.pm ${SITE_PERL}/Anomy/Sanitizer/
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/sanitizer.pl ${PREFIX}/bin
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/simplify.pl ${PREFIX}/bin
+
+post-install:
+	${INSTALL_DATA} ${FILESDIR}/sanitizer.cfg.sample ${PREFIX}/etc/
+	@${ECHO_MSG} ""
+	@${ECHO_MSG} "Sample config installed at ${PREFIX}/etc/sanitizer.cfg.sample"
+	@${ECHO_MSG} ""
+.if !defined(NOPORTDOCS)
+	@${MKDIR} ${DOCSDIR}
+	cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${DOCSDIR}
+.endif
+
+.include <bsd.port.mk>
diff --git a/mail/anomy-sanitizer/distinfo b/mail/anomy-sanitizer/distinfo
new file mode 100644
index 000000000000..819e3f8f9bb5
--- /dev/null
+++ b/mail/anomy-sanitizer/distinfo
@@ -0,0 +1 @@
+MD5 (anomy-sanitizer-1.63.tar.gz) = 68cccc5a145ffb5f0faadcd971d96483
diff --git a/mail/anomy-sanitizer/files/sanitizer.cfg.sample b/mail/anomy-sanitizer/files/sanitizer.cfg.sample
new file mode 100644
index 000000000000..a7f27e6c9d2b
--- /dev/null
+++ b/mail/anomy-sanitizer/files/sanitizer.cfg.sample
@@ -0,0 +1,57 @@
+# Active features.
+#
+feat_boundaries     = 0
+feat_files          = 1
+feat_forwards       = 1
+feat_html           = 1
+feat_lengths        = 1
+feat_log_inline     = 1
+feat_log_stderr     = 0
+feat_scripts        = 1
+feat_trust_pgp      = 0
+feat_uuencoded      = 1
+feat_verbose        = 1
+file_list_rules     = 4
+#
+# Note:  This directory must exist and be writable by
+# the user running the sanitizer.
+#
+file_name_tpl       = /var/quarantine/att-$F-$T.$$
+
+# Files we absolutely don't want (mostly executables).
+#
+file_list_1_scanner = 0
+file_list_1_policy  = save
+file_list_1         = (?i)(winmail\.dat
+file_list_1        += |\.(exe|vb[es]|c(om|hm)|bat|pif|s(ys|cr))
+file_list_1        += (\.g?z|\.bz\d?)*)$
+
+# Pure data, don't mangle this stuff (much).
+#
+file_list_2_scanner = 0
+file_list_2_policy  = accept
+file_list_2         = (?i)\.(gif|jpe?g|pn[mg]|x[pb]m|dvi|e?ps|p(df|cx)|bmp
+file_list_2        += |mp[32]|wav|au|ram?
+file_list_2        += |avi|mov|mpe?g
+file_list_2        += |t(xt|ex)|csv|l(og|yx)|sql|jtmpl
+file_list_2        += |[ch](pp|\+\+)?|s|inc|asm|pa(tch|s)|java|php\d?
+file_list_2        += |[ja]sp
+file_list_2        += |can|pos|ux|reg|kbf|xal|\d+)(\.g?z|\.bz\d?)*$
+
+file_list_3_scanner = 0
+file_list_3_policy  = accept
+file_list_3         = ^[^\.]+$
+
+# Scan WinWord and Excel attachments with built-in macro scanner.
+# We consider anything exceeding the score of 25 to be dangerous,
+# and save it in the quarantine.
+#
+file_list_4 = (?i)\.(doc|dot|xls|xlw)$
+file_list_4_policy = accept:accept:save:save
+file_list_4_scanner = 0:1:2:builtin/macro 25
+
+
+
+# Default policy: accept, but mangle file name.
+#
+file_default_policy = defang
diff --git a/mail/anomy-sanitizer/files/sanitizer.cfg.sample2 b/mail/anomy-sanitizer/files/sanitizer.cfg.sample2
new file mode 100644
index 000000000000..b6e1cabaafb6
--- /dev/null
+++ b/mail/anomy-sanitizer/files/sanitizer.cfg.sample2
@@ -0,0 +1,111 @@
+# Example configuration file for Anomy Sanitizer 
+#
+# From http://advosys.ca/papers/postfix-filtering.html
+# Advosys Consulting Inc., Ottawa
+#
+# Works with Anomy Sanitizer revision 1.49
+
+# Do not log to STDERR:
+feat_log_stderr = 0
+
+# Don't insert log in the message itself:
+feat_log_inline = 0
+
+# Advertisement to insert in each mail header:
+header_info = X-Sanitizer: Anomy Sanitizer mail filter
+header_url = 0
+header_rev = 0
+
+# Enable filename based policy decisions:
+feat_files = 1
+
+# Protect against buffer overflows and null values:
+feat_lengths = 1
+
+# Replace MIME boundaries with our own:
+feat_boundaries = 1
+
+# Fix invalid and ambiguous MIME boundaries, if possible:
+feat_fixmime = 1
+
+# Trust signed and/or encrypted messages:
+feat_trust_pgp = 1
+msg_pgp_warning = WARNING: Unsanitized content follows.\n
+
+# Defang shell scripts:
+feat_scripts = 0
+
+# Defang active HTML:
+feat_html = 1
+
+# Defang UUEncoded files:
+feat_uuencoded = 0
+
+# Sanitize forwarded content too:
+feat_forwards = 1
+
+# Testing? Set to 1 for testing, 0 for production:
+feat_testing = 0
+
+# # Warn user about unscanned parts, etc.
+feat_verbose = 1
+
+# Force all parts (except text/html parts) to
+# have file names.
+feat_force_name = 1
+
+# Disable web bugs:
+feat_webbugs = 1
+
+# Disable "score" based mail discarding:
+score_panic = 0
+score_bad = 0
+
+msg_file_drop  = \n*****\n
+msg_file_drop += NOTE: An attachment named %FILENAME was deleted from 
+msg_file_drop += this message because it contained a windows executable
+msg_file_drop += or other potentially dangerous file type.
+msg_file_drop += Contact the system administrator for more information.
+
+##
+## File attachment name mangling rules:
+##
+
+# Specify the Anomy temp file and quarantine directory
+file_name_tpl       = /var/spool/filter/att-$F-$T.$$
+
+# Number of rulesets we are defining:
+file_list_rules = 2
+file_default_policy = defang
+
+# Delete probably nasty attachments:
+file_list_1 = (?i)(winmail.dat)|
+file_list_1 += (\.(exe|com|vb[se]|dll|ocx|cmd|bat|pif|lnk|hlp|ms[ip]|reg|sct|inf
+file_list_1 += |asd|cab|sh[sb]|scr|cpl|chm|ws[fhc]|hta|vcd|vcf|eml|nws))$
+file_list_1_policy = drop
+file_list_1_scanner = 0
+
+# Allow known "safe" file types and those that will be 
+# scanned by the user's desktop virus scanner:
+file_list_2 = (?i)\.
+#  Word processor and document formats:
+file_list_2 += (doc|dot|txt|rtf|pdf|ps|htm|[sp]?html?
+#  Spreadsheets:
+file_list_2 += |xls|xlw|xlt|csv|wk[1-4]
+#  Presentation applications:
+file_list_2 += |ppt|pps|pot
+#  Bitmap graphic files:
+file_list_2 += |jpe?g|gif|png|tiff?|bmp|psd|pcx
+#  Vector graphics and diagramming:
+file_list_2 += |vsd|drw|cdr|swf
+#  Multimedia:
+file_list_2 += |mp3|avi|mpe?g|mov|ram?|mid|ogg
+#  Archives:
+file_list_2 += |zip|g?z|rar|tgz|bz2|tar
+#  Source code:
+file_list_2 += |[ch](pp|\+\+)?|s|inc|asm|patch|java|php\d?|jsp|bas)
+file_list_2_policy = accept
+file_list_2_scanner = 0
+
+# Any file type not listed above gets renamed to prevent
+# ms outlook from auto-executing it.
diff --git a/mail/anomy-sanitizer/pkg-descr b/mail/anomy-sanitizer/pkg-descr
new file mode 100644
index 000000000000..e634050ee9fb
--- /dev/null
+++ b/mail/anomy-sanitizer/pkg-descr
@@ -0,0 +1,18 @@
+The Anomy sanitizer is what most people would call 
+"an email virus scanner". The most important jobs that the sanitizer 
+can do for you - it can scan email attachments for viruses. 
+
+Other things it can do:
+- Disable potentially dangerous HTML code, such as javascript, 
+  within incoming email.
+- Protect you from email-based break-in attempts which exploit 
+  bugs in common email programs (Outlook, Eudora, Pine, ...).
+- Block or "mangle" attachments based on their file names. 
+  This way if you don't need to recieve e.g. visual basic scripts, 
+  then you don't have to worry about the security risk they imply 
+  (the ILOVEYOU virus was a visual basic program). 
+  This lets you protect yourself and your users from whole
+  classes of attacks, instead of blocking individual exploits.
+
+Author:	Bjarni R. Einarsson <bre@netverjar.is>
+WWW:	http://mailtools.anomy.net/
diff --git a/mail/anomy-sanitizer/pkg-plist b/mail/anomy-sanitizer/pkg-plist
new file mode 100644
index 000000000000..34f380376dfb
--- /dev/null
+++ b/mail/anomy-sanitizer/pkg-plist
@@ -0,0 +1,18 @@
+@comment $FreeBSD$
+bin/sanitizer.pl
+bin/simplify.pl
+etc/sanitizer.cfg.sample
+%%SITE_PERL%%/Anomy/HTMLCleaner.pm
+%%SITE_PERL%%/Anomy/Log.pm
+%%SITE_PERL%%/Anomy/MIMEStream.pm
+%%SITE_PERL%%/Anomy/Sanitizer.pm
+%%SITE_PERL%%/Anomy/Sanitizer/FProt.pm
+%%SITE_PERL%%/Anomy/Sanitizer/MacroScanner.pm
+%%SITE_PERL%%/Anomy/Sanitizer/Scoring.pm
+@dirrm %%SITE_PERL%%/Anomy/Sanitizer/
+@dirrm %%SITE_PERL%%/Anomy/
+%%PORTDOCS%%%%DOCSDIR%%/CHANGELOG.sanitizer
+%%PORTDOCS%%%%DOCSDIR%%/CREDITS
+%%PORTDOCS%%%%DOCSDIR%%/README.sanitizer
+%%PORTDOCS%%%%DOCSDIR%%/sanitizer.html
+%%PORTDOCS%%@dirrm %%DOCSDIR%%