forked from MailScanner/v4
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ChangeLog
3914 lines (3683 loc) · 207 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
01/30/2016 Changes in v4.86.1-1
==================================
*Updates*
- Moved directory structure to:
MailScanner Perl Modules: /usr/share/MailScanner/perl/MailScanner
Custom Perl Modules /usr/share/MailScanner/perl/custom
Reports: /usr/share/MailScanner/reports
AV Wrappers and Autoupdate: /var/lib/MailScanner/wrapper
- Renamed /etc/init.d/mailscanner to /etc/init.d/MailScanner
in Debian package
- Restructured Debian /etc/init.d/MailScanner script
- Added check/fix for missing /var/lock/subsys in init scripts
- Updated virus.scanners.conf with new directory structure and updated
current location of clamav installations
- Updated country.domains.conf
- Updated spam.lists.conf with stuff from this decade. You will need to
redefine your "Spam List =" to an item on the new list.
- Added group creation of mtagroup which includes relevant system users
for processing mail
- Changed distro default Incoming Work Group = mtagroup
- Changed distro default Incoming Work Permissions = 0660
- Added option to create RAMDISK during installation
- Added RAMDISK daemon to save and restore contents during reboot
and power up if RAMDISK is enabled
- Removed dead virus scanners from virus.scanners.conf
- Removed dead virus scanners from SweepViruses.pm
01/16/2016 Changes in v4.85.3-2
==================================
*Updates*
- Changed Debian installer to use unrar instead of unrar-free
- Revised update to Message.pm for unrar compatibility
01/12/2016 Changes in v4.85.3-1
==================================
*Updates*
- Updated Messages.pm to support unrar version 5x
- Updated RPM spec file to remove sendmail conflict
- Replaced ScamNailer update_bad_phishing_emails with new version
- Changed Debian package init.d script from mailscanner to MailScanner
05/03/2015 Changes in v4.85.2-3
==================================
*Updates*
- Added Postfix detection and update for master.cf to use
FIFO instead of UNIX socket
04/13/2015 Changes in v4.85.2-2
==================================
*Fixes*
- Corrected typo in RPM spec files for RHEL and SuSE builds
03/14/2015 Changes in v4.85.2-1
==================================
* Updates *
- Moved structure to /usr/share/MailScanner to comply with
Filesystem Hierarchy Standard (FHS)
- Added phishing.safe.sites.custom to allow for easier maintenance
* Fixes *
- PFDiskStore.pm updated
03/02/2015 New in Version 4.85.1-1
==================================
* Fixes *
- Postfix long queue ID's in Postfix.pm.
- Updated files with perl -U option to be compliant with newer versions of perl.
- Notorious tempfile fix in LastSpam.pm
- Item use IO; deprecated. Updated files to use use IO::Pipe;
- Fixed phishing filter URL handling
- Internal TNEF.pm fixed
- Typo fixes
- Various language string updates
- Updated spam.lists.conf
- Improved translation tools
- Postfix taint fix
- Spamassassin temp file fix
- Removed Transtec links in notices
- Updated several AV wrappers
17/06/2013 New in Version 4.84.6-1
==================================
* Fixes *
1 TNEF code fixed according to commonly-distributed patch.
1 ScamNailer also updated to include commonly-distributed patches.
10/11/2012 New in Version 4.84.5-3
==================================
* Fixes *
1 Clamd will no longer think there is a virus in MessageBatch.pm.
05/03/2012 New in Version 4.84.5-2
==================================
* Fixes *
1 Fixed taint errors which show up in new versions of Perl.
2 Fixed another taint error. Errors in File.pm can't be found. :(
2 Fixed error occurring when Antiword fails to parse the input file.
3 Fixed bunch of mktemp bugs, thanks to Andrew Colin Kissa.
4 Another taint bug in Quarantine.pm.
5 Fixed disastrous domain expiry problem in update_bad_phishing_sites and
update_bad_phishing_emails
5-2 Updated location of Web Bug Replacement to new cdn site.
17/04/2011 New in Version 4.83.5-1
==================================
* Fixes *
1 Fixed problem with Postfix and non-zero hash depth on "hold" queue.
2 Fixed problems with spaces in virus names.
3 Fixed logging of ClamAV updates (thanks for Peter Bonivart for this!).
4 Fixed "Return-Path:" header so it doesn't contain any 8-bit characters
which conflict with the new "RP_8BIT" rule in SpamAssassin.
5 Fixed problems with permissions of zipfiles thanks to Rick Cooper and
Curu Wong.
6 Fixed problem with webcal:// URLs getting caught incorrectly by phishing net.
11/02/2011 New in Version 4.82.6-1
==================================
* New Features and Improvements *
1 In filename.rules.conf and filetype.rules.conf files, as well as the
previous "allow", "deny", "deny+delete", and email-address types of rule,
there are now "rename" rules as well. If a filename or filetype matches
a "rename" rule, the original attachment is left in the message but is
renamed according to the "Rename Pattern" setting in MailScanner.conf.
This allows for any prefixes or suffixes you may want to add to the
attachment's filename.
2 Improved "rename" rules so you can now also specify "rename to new-text".
If the rule matched an attachment's filename, the text matching the pattern
for that rule will be replaced with the "new-text" string supplied.
The "to" is optional, but makes it easier to read.
4 Rules files will be assumed in the MailScanner.conf if the filename now
ends in ".Rules" as well as ".rules".
4 Allow deployments with the 'split mail per recipient' setup where mail
is re-injected from 127.0.0.1 to still whitelist 127.0.0.1 for releasing
of quarantined messages, while still scanning re-injected mail.
* Fixes *
1 AVG scanner command-line arguments typo fixed.
2 Fixed problem where HTML messages scanned for Phishing would be truncated
at the start of the first <a> tag if it was never closed properly.
3 Fixed bug stopping things like "$1" working in the replacement text of a
"rename to" filename.rules.conf rule.
4 Fixed permissions of ClamAV temp files to use workperms instead of 0600.
Thanks to Rick Cooper for this fix!
4 Fixed problem caused by invalid "Spam List" or "Spam Domain List" values
appearing in the conf file. Thanks to Steve Freegard for this!
5 Fixed issue where messages quarantined for being a DoS attack did not
have their headers quarantined correctly.
06/09/2010 New in Version 4.81.4-1
===================================
* New Features and Improvements *
1 Slight improvement to check_mailscanner script to send some output to
/dev/null for Greg Kuhnert.
2 "Scan Messages = virus" will *only* scan mail for viruses and nothing
else at all. This makes simple setups where you only want virus scanning
a whole lot easier to set up.
3 Changed non-RPM installer to use /bin/bash instead of /bin/sh to avoid
issues on Solaris 10 systems. Sorry non-bash people :-(
3 Added new "_HOUR_" token to path available in quarantine and Archive Mail
directory locations in MailScanner.conf. Represents the number of the hour
in which MailScanner received the message, padded with a leading zero if
necessary.
* Fixes *
1 Deny File MIME Types was ignored if new filetype rules used MIME checks.
2 Slightly improvement to phishing trap to handle links with " in them.
2 Worked around nasty behaviour of Perl's "each()". Thanks Timofey!
2-2 Fixed syntax error.
2-3 Fixed syntax issue and printing bug with "--lint".
4 Fixed docx file permissions problem (thanks to Andrew White!).
20/06/2010 New in Version 4.80.10-1
==================================
* New Features and Improvements *
1 Upgraded AVG support to AVG version 8. Support no longer guaranteed for
older versions.
2 Installers no longer over-write mailscanner.cf in SpamAssassin directory
if the file or link exists.
3 Added support for McAfee version 6. Use the virus scanner name "mcafee6"
to get this support. Many thanks to Phil Randal and Michael Miller for
all their hard work on this.
4 Improved "file" command output processing so it stops at 1st "," to reduce
false alarms greatly.
5 Added facility for over-riding MailScanner.conf settings and rulesets
with those held in an SQL database.
New settings are:
DB DSN, DB Username, DB Password, SQL Serial Number, SQL Quick Peek,
SQL Config, SQL Ruleset, SQL SpamAssassin Config, SQL Debug.
See the MailScanner.conf file for more details.
5 Added dependency "Sys::SigAction" Perl modules to installers.
6 Updated to Archive::Zip 1.30 and added Compress::Raw::Zlib dependency.
* Fixes *
1 A minor rewrite of a bit of the TNEF code to handle some systems' odd
opinions about tainting data.
1 Minor tweak to avoid warning about insecure dependency in WorkArea.pm.
2 Fixed documentation for "Allow Multiple HTML Signatures" setting.
3 Fixed "MailScanner --lint" to not throw an erroneous error message about
"MSlint" directory permissions.
3 Fixed error in MIME boundary checking that stopped a few very rare cases
being checked.
5 Fixed issue where zip files in messages were unpacked with incorrect
permissions.
5-2 Fixed bug introduced in 5-1.
7 Fixed ruleset-from-function bug introduced in 5-1.
9 Fixed bug where %variables% would not work in ruleset files.
10 Fixed bug on Linux systems where Postfix systems would change the
ownership of the queue and work directories every time MailScanner
was started.
01/02/2010 New in Version 4.79.11-1
==================================
* New Features and Improvements *
1 Settings relevant to update_spamassassin have moved from /etc/sysconfig/
MailScanner to /etc/sysconfig/update_spamassassin.
1 Log files from update_spamassassin will only be deleted if both the
sa-update and sa-compile commands succeeded. No news is good news!
2 Updated HTML-Parser to 3.64.
4 Changed behaviour. If the clamd daemon or the F-Prot daemon are unreachable
then if *all* the configured virus scanners cannot be reached then no mail
is virus-scanned and delivered. The previous behaviour was that the mail
would still be delivered and logged in this situation. Now it will not
deliver any message that could be infected but could not be scanned.
5 Changed behaviour of "Reject Message". It is now a "First match" rule and
not an "All matches" rule. The first matching rule in the ruleset will
determine the result.
5 Speeded up bitdefender-autoupdate script.
5 update_spamassassin changed to only update SpamAssassin if the rules changed.
Many thanks to Mark Sapiro for the above updates!
9 Added support for new "*.xvdl" files in the Sophos autoupdate script.
* Fixes *
3 Fixed taint errors when running with Run As User not equal to root.
4 Tiny taint bug fixed when scanning Eicar.
5 Fixed taint bug in external TNEF expander code.
5 Fixed problem signing messages which have only an HTML part and that part
has already been signed by an earlier MailScanner in the conversation thread.
6 Final TNEF taint problems fixed.
6 Fixed important bug in ClamAV output parser (only affects clamav, not clamd
or clamavmodule).
7 Fixed UnpackZip taint problem, affecting processing of .docx files.
8 Fixed typo in Message.pm.
9 Fixed typo in SweepViruses.pm affect F-Protd-6 scanning.
10 Fixed error in "Full ClamAV Message Scan" file permissions.
10 Fixed logging from "sophossavi".
1/10/2009 New in Version 4.78.17-1
==================================
* New Features and Improvements *
1 Improved handling of Postfix messages with complex structures caused by
some milters.
2 In addition to the previous 'host:hostname.domain.com' method of providing
a hostname in rulesets, you can now also specify
host-nocheck:hostname.domain.com
which is the same thing but no anti-spoof checks are made. This is only
useful if you have a 'PTR' record for providing the IP address of the
hostname but no forward 'A' record for translating the IP address into
a hostname.
This is frequently the situation when using dynamic IP addresses.
3 Swapped over virus-scanning and spam-scanning code completely, so all
virus-scanning code is done before spam-scanning code. It won't virus-
scan "Silent Viruses" which is pretty much all of them now, so it should
work okay. This allows me to introduce...
3 New feature to allow detection of "spam-viruses" which are items of spam
that are reported by your virus scanner. You can set 2 new configuration
options:
Spam-Virus Header = X-%org-name%-MailScanner-SpamVirus-Report:
Virus Names Which Are Spam = Sane*UNOFFICIAL HTML/*
The names of the "spam-viruses" found are those viruses reported by your
virus scanners which match any of the strings given in "Virus Names Which
Are Spam". These "spam-virus" names are added to the header set by
"Spam-Virus Header". You can then write a SpamAssassin rule in
spam.assassin.prefs.conf which gives a score for the presence or contents
of this header. I supply an example rule which adds a score of 3 if the
header exists. Feel free to re-write and extend that rule! It will not work
unless you customise it. You could even write a "SpamAssassin Rule Action"
to handle this rule specially!
6 Improved installer for Fedora Core 11.
7 Improved RPM installer so when it needs to, it only removes RPMs I installed.
7-2 Added an "export HOSTNAME" to the init.d script. Should resolve some
issues where using "$HOSTNAME" or "${HOSTNAME}" in MailScanner.conf did
not work.
8 Added support for "include path-to-conf-files" lines in MailScanner.conf.
You can now put your site-specific customisations in separate files, to
make upgrading of many servers a lot easier. You can nest "include" files,
which means that an "include"d file can "include" other files.
The "path-to-conf-files" can use the normal shell wildcard characters such
as "*" so a valid line might be
include /etc/MailScanner/config/*.conf
to read all the *.conf files in that directory in turn.
The *last* value read for each MailScanner.conf setting will be used.
8 Added support for "include" lines in upgrade_MailScanner_conf. If you treat
them as comments, the whole problem quietly disappears!
10 Added /etc/MailScanner/conf.d directory to RPM and added a default include
line in shipped MailScanner.conf. Put a README in the conf.d directory.
11 Improved notes in conf.d/README file.
13 Added "Quick.Peek" script to distribution to read configuration settings
from shell scripts, which correctly handles included files.
* Fixes *
2 Minor fix to phishing net for servers on port numbers that start with "80"
but are not 80.
2 Fixed issue of spam report not appearing in rare cases.
4 Fixed problem of silent viruses not being quarantined when requested.
5 Fixed issue where spam-viruses would be quarantined and found as silent.
5-3 Renamed subroutine.
6 Fixed installer for Perl-IO, Perl-DBI, Perl-DBD-SQLite, Perl-Filesys-Df,
Perl-Net-DNS for Fedora 11.
7 Fixed installer for Perl-Digest-SHA1 for Fedora 11.
9 Fixed problem where "Scan Messages = no" was ignored.
9 Fixed problem where multiply-infected files in the same archive may not
always be removed correctly.
10 Fixed issues with "include" files where they wouldn't be used for a few
variables, and "%variable%" definitions in include files were ignored.
11 Fixed problem where settings found in included conf files would be
ignored sometimes when starting up.
14 Rulesets used within Custom Functions should work again now.
15 Fixed crash when "Expand TNEF = replace".
16 Improved processing_messages_alert so it behaves better in the face of
a ruleset defining "Notices To =".
16 Fixed problem in Exim where duplicate headers could appear due to
DeleteHeader not finding them correctly.
16 Improved handling of Unicode and foreign character sets used in attachment
filenames.
4/6/2009 New in Version 4.77.10-1
=================================
* New Features and Improvements *
1 Can now automatically unzip small zip files and other archives. This
is very useful if you have some service automatically mailing you log
files, which zips up the logfiles to save space. It will unpack them if
there only a few of them, they are fairly small and they match a list
of filename patterns.
Unzip Maximum Files Per Archive = 4
Unzip Maximum File Size = 50k
Unzip Filenames = *.txt *.ini *.log *.csv
Unzip MimeType = text/plain
1 Hourly cron job about messages being processed only sends a message if
'Send Notices = yes' is set in MailScanner.conf.
1 "Read IP Address From Received Header" has been extended, so it will
now take a number instead of yes or no. "yes"=1 and "no"=0. If it is set
to "yes" or a number, then the SMTP client IP address is taken from the
"Received:" header. For example, setting it to 2 will cause the IP
address to be taken from the 2nd Received: header.
Users of BarricadeMX might want to set this to 2, to get the real SMTP
client IP address from the 2nd Received: header, and not the 127.0.0.1
address that BarricadeMX put in the headers.
Users of fetchmail might want to set this to 1 or 2 to skip over the
127.0.0.1 address which will be inserted by fetchmail.
5 Set up Antiword to always return UTF-8 characters and use that in the
attachment it creates.
6 Removed co.dk from country.domains.conf as it's not an official 2nd level
domain.
6-2 Upgraded DBD-SQLite to 1.25 to avoid RedHat 4 build problems.
6-3 Improved detection of some x86_64 systems.
6-4 Corrected DBD-SQLite packaging error.
7 Improved --lint checking of "Processing Attempts Database" and improved
logging related to that database. Also improved documentation about the
two SQLite databases in MailScanner.conf.
8 Implemented a new type of line in rulesets. When you specify a "From:"
rule, you can use a syntax like "host:hostname.domain.com" to use the
SMTP client's hostname instead of the numerical IP address. This can
also be partial hostnames or domain names, such as "host:domain.com"
or include wildcards anywhere, such as "host:mail*.dom*ain.com", or
even Perl regular expressions such as "host:/(de|dk)$/". This goes
where the numerical IP address would go in the rule, after the "From:"
and before the value to return.
Note that these are slightly slower than using the IP address as they
involve a DNS lookup (maximum of once per message), but that value
should be in your DNS cache as other things will have already had to
look it up anyway.
They are described in more detail in the etc/rules/README and
etc/rules/EXAMPLES files.
9 Added spoofing protection to the "host:" name lookups. Forward and
reverse DNS entries must now match.
* Fixes *
3 Fixed problem where Unzip functions would not be found. Set default to off.
4 Fixed issue with Postfix not scanning some messages in 4.77.3.
5 Fixed issue with Postfix scanning too many messages in 4.77.4. :-)
6 Fixed issue with extra character on the front of files created by antiword.
7 Fixed UTF-8 character in Perl source code in Esets output parser.
7 Fixed issue with encapsulating messages containing silent whole-message
infections.
10 Fixed issue with "host:" name lookups with no DNS 'A' record.
12/5/2009 New in Version 4.76.25-1
==================================
* New Features and Improvements *
1 Added the ability to have totally different filename and filetype checks
for files which are attachments and files which are members of attached
archives. You even get to define what you consider to be an archive and
what is not.
New Configuration options in MailScanner.conf are
Archives Are =
Archives: Allow Filenames =
Archives: Deny Filenames =
Archives: Filename Rules =
Archives: Allow Filetypes =
Archives: Allow File MIME Types =
Archives: Deny Filetypes =
Archives: Deny File MIME Types =
Archives: Filetype Rules =
In the shipped MailScanner.conf, the checks applied to files within
archives are the same as those applied to normal attachments that are
not within an archive. See the relevant settings in MailScanner.conf
for more information.
4 RPM builds changed so that no RPMs are "forced" into being installed on
RedHat 5 or CentOS 5 systems.
5 RPM builds changed so that no RPMs are "forced" into being installed at all.
5 RPM builds changed so that any previously installed RPM will not be
rebuilt, even if the perl version check shows that it is not being used.
This will dramatically speed up the upgrade process in future,
especially if you use "./install.sh fast" to upgrade.
5 Changed @INC which is where Perl looks for its Perl modules. It was
previously mostly left alone so that RedHat could override some versions
of modules that you thought you had upgraded. The new @INC path inserts
the "site_perl" and "vendor_perl" directories before the core directories.
This may result in your MailScanner behaving differently from before as
it will actually be using all your upgraded modules, and not sticking
with ones supplied by RedHat (at which point it ignore your upgrades).
This should not cause any problems with MailScanner.
7 Rebuilt i386 version of "tnef" on RHEL4 to be compatible with more systems.
8 Drastically improved getPERLLIB added in 4.76.5. Perl does funny things
with $PERL5LIB when calculating @INC to find Perl modules.
8 Added Digest::HMAC as RedHat Enterprise 4 needs it for Net::DNS.
9 Upgraded Perl module DBD::SQLite.
11 The "Archives: Filename Rules" and "Archives: Filetype Rules" now
point to copies of the normal filename and filetype.rules.conf files,
rather than pointing to the same file. This will make it easier for
new users to customise the rules for files in archives.
12 Improved RPM install.sh installation script so that it detects an upgrade
from before the big RPM rebuild in 4.76.11 and forces a "reinstall" of
all the Perl modules, which will fix problems with later upgrading Perl.
13 Improved Postfix MailScanner message id so that it relates much better
with the "messages being processed" database. It is now based on the
"Fletcher" checksum of the data at the start of the file. Thanks to JD
Marsters ([email protected]) for this one!
17 If you use "Sign Clean Messages", then the signature will be placed in
your email message wherever you put the marker "_SIGNATURE_", and it
will be placed at the end by default if that marker is not found.
22 Both the "Phishing Safe Sites File" and the "Phishing Bad Sites File"
settings can now take a space-separated list of filenames, to make local
management simpler. Note that your filenames must not have spaces in them!
22 Speeded up SQL processing-messages database code by pre-preparing all SQL
statements. I am now tempted to leave this feature enabled by default for
safety. We can always add a note to the performance tips on the wiki that
users struggling under high load might want to switch this feature off.
23 Changed RPM installation order to fit better with CentOS 5.2->5.3 systems.
* Fixes *
2 Added "Unpack Microsoft Documents" back into the list of recognised
settings in MailScanner.conf.
3 Fixed "Add Text Of Doc" for Apple Mail's utterly broken MIME structure.
6 Fixed problems with RHEL5 installation created by 4.76.5.
7 Fixed problems with RHEL4 installation created by 4.76.5.
10 Fixed problems with Fedora Core 10 installation created by 4.76.5.
10-2 Fixed missing Locks dir.
14 Possibly fixed problem with incomplete Postfix messages getting into the
'processed messages' table.
15 Neatened up message rejection code to help solve processing-messages
database problem.
16 Fixed permissions and ownership problems with data extracted from TNEF
winmail.dat attachments.
16 Fixed slight problem in installer on new systems, so it does not complain
about perl-TimeDate already being installed.
16 Fixed problem with Postfix leaving messages in the processing-messages db.
Many thanks to Kai Schaetzl and Mark Sapiro for spotting the common
features of the message ids being left behind.
18 Fixed Postfix entropy bug.
19 Changed handling of "Sign Clean Messages" so that if the signing process
fails, we don't worry about it too much, and we certainly don't create a
new message section just containing a signature and nothing else.
20 Alternate solution to Postfix procesing database bug, without adding 'P'.
21 Better solution to Postfix processing database bug, adding 'A' to shorter
entropy value, so no change to final message id.
21 Moved Net::CIDR much lower down in the installation order, to avoid
problems with CentOS 5.2-->5.3 upgraded systems.
22 Made sure it works with the processing-messages database switched on.
23 Fixed problem with HTML sig being re-added at end of message.
24 Removed type identifier from filenames listed in sender warnings.
24-2 Don't uninstall ExtUtils-MakeMaker in "./install.sh --reinstall".
24-3 ExtUtils-MakeMaker will not build on Fedora 10 x86_64 as it stands.
24-3 Fedora 10 needs Test-Simple first, RHEL5 and CentOS 5 need Math-BigInt
first. Great :-(
24-3 Fedora Core 10 upgrades are no longer officially supported. The
RPM Perl build system is fundamentally broken. Take Pod-Escapes as a
fine example, it cannot build without Pod-Simple. But Pod-Simple cannot
build without Pod-Escapes. I quit.
25 Fixed logging bug which would make it say it had found uu-encoded files
when it had not.
25 Fixed occasional problem with a message triggering MailScanner's crash
detection when using "TNEF Expander = internal".
25 Fixed issue with Attachment size limits not working correctly in 4.76.
1/4/2009 New in Version 4.75.11-1
=================================
* New Features and Improvements *
1 Added more spam logging to simply find delivery and non-delivery addresses.
1 Improved error messages when using Custom Functions that won't compile.
1 Added new configuration option "Unpack Microsoft Documents" to control the
unpacking of OLE document files, as there have been rare cases of the
third-party extraction code hanging when faced with particular files.
If you rely on ClamAV for all your virus-checking, then you can safely
switch this off as ClamAV has its own OLE unpacking code. Do remember,
however, that this will disable all filename and filetype checking of
embedded files.
It is on by default.
1 Added new option "delete" to setting "Treat Invalid Watermarks With No
Sender as Spam =" so messages with invalid watermarks can just be deleted.
2 Added "restartms" command-line option to the init.d script for use in the
anti-spear-phishing package I wrote.
2 Implemented crash-protection, by limiting the number of attempts made at
processing any given message. There are 2 new configuration settings:
"Maximum Processing Attempts" which is set to 6 by default, and
"Processing Attempts Database" which is set to /var/spool/MailScanner/
incoming/Processing.db by default.
To disable this feature, just set "Maximum Processing Attempts = 0".
To clean out the database, just stop MailScanner and delete the database
file.
Many thanks to David Lee at Durham University, UK for the ideas behind
this new system.
3 New script "processing_messages_alert" which will be installed in /usr/sbin
on Linux systems and in /opt/MailScanner/bin on other systems. Also, in
Linux, this is enabled as an hourly cron job. It executes the command
"MailScanner --processing" which prints the contents of the "messages being
processed" database, excluding any messages which are being processed for
the first time. If there is nothing to print, it outputs nothing and no
mail message is generated by the cron job. It sends the mail message from
the "Notices From" address to the "Notices To" address. To edit the text of
the message, just edit the "processing_messages_alert" script, it is very
simple.
4 Messages killed by the crash protection will now generatee warnings back to
the sender, and to the local postmaster, just like other forms of errors
in messages. They will, however, remain in the database so you can see them.
5 Messages that caused MailScanner to die will not be re-tried for 4 +- 2
minutes. This stops the system spinning generating high system load while
achieving nothing, and makes it more likely that we can defend against some
DoS scenarios. This also means that we do not have to worry about always
building the same batch from the same messages, which could cause some safe
messages to be "thrown out with the bathwater" along with the single message
which *actually* killed MailScanner.
5 Messages are moved from the "current" table to an "archive" table which is
printed separately when "MailScanner --processing" is run.
6 The "MailScanner --processing" option can now be given as, for example,
"MailScanner --processing=0" which will give a minimum value for which you
want to print the records from the "processing messages" database table.
The default value is 1.
8 I have added a new configuration option "Place New Headers At Top Of
Message". This is set to "no" by default, as I think the result looks a
bit ugly. However, some people are fussy about always adding headers at the
very top of email messages, rather than at the bottom of them, so they can
see the order in which they were added.
8-3 Added support for latest versions of Bitdefender.
9 Added support for regular expressions in "Remove These Headers". Note that
the expression is matched against the whole header line, not just the name
of the header. Note that the expressions must not contain any spaces, so
use '\s' instead of ' '. The match is done case-insensitive in all cases.
* Fixes *
1 Fix to multiple-milter support in Postfix in rare case.
7 2 minor bugfixes in crash-protection system. Wasn't handling messages
correctly when their spam action was "delete".
7 Fixed problem when messages are left in processing-messages database if a
batch is interrupted by MailScanner being shut down or restarted.
8 Fixed reporting bug in processing-database record deletion.
8 Fixed problem with some Perl 5.10.0 distributions with trackback handling
in Sendmail and Postfix support.
8-2 Added NewHeadersAtTop to ConfigDefs.pl.
8-4 "Max Spam Check Size" can now be a ruleset. ConfigDefs.pl corrected.
9-2 Fixed bug in new handling of regexps in "Remove These Headers" in Postfix.
10 Correct mcafee-autoupdate so it wipes old dat files.
10 Worked around problem cause when Razor is set to syslog, caused MailScanner
to log with the wrong "facility" (see syslog(3)).
12/1/2009 New in Version 4.74.16-1
==================================
* New Features and Improvements *
1 Patch added to ClamAV & SpamAssassin easy-to-install package to make
Mail::ClamAV Perl module handle ClamAV 0.94 correctly.
Thanks to Steve Barber for telling me about this fix.
7 Upgraded to tnef 1.4.5.
9 The Spam Actions and its pals may now contain the "header" action with the
special keyword "_TO_" anywhere in the header value. This will be replaced
by a comma-separated list of the original recipients of the message.
I wrote this for when I divert a message to the postmaster when it's detected
as spam, for example. Then you can put
Spam Actions = store forward [email protected] header "X-ECS-Recips-were: Sent to _TO_"
I don't always want to include the list of recipients in the headers, as
others object to their privacy being violated by everyone receiving the full
list of recipients, so I can't use the "Add Envelope To Header". I *only*
want to add this information to spam messages, so I know to whom they were
originally addressed.
11 Another check to ensure it doesn't chmod /tmp on misconfigured systems.
14 Added support for Fedora 10.
16 Added a bit more logging of message non-delivery.
16 Slight improvement to output of list of virus scanners with --lint.
* Fixes *
2 Major work on removing symlink attack vulnerabilities affecting -autoupdate
lock files.
Note: This vulnerability only affected systems where normal interactive users
could log in to the system, or create arbitrary symlinks in your filesystem.
So the ISP-style setups were never vulnerable, as they didn't allow normal
users to login or allow people to arbitrarily create symlinks in the
filesystem.
2 Removed symlink attack vulnerabilities in SpamAssassin and tnef handlers.
6-2 Re-release to fix filesize problems.
7-2 Added missing "use" statement to WorkArea.pm.
7-3 Added missing tnef to Other Unix tarball distribution.
Linux distributions unchanged.
8 Minor fix in handling of complicated "SpamAssassin Rule Actions".
10 Fixes for Locks creation bugs from Jeff Earickson. Non-RPM distribution
should work rather better now.
12 Tiny (but important) fix to mcafee-autoupdate so that it will work properly.
13 Last few symlink attack vulnerabilities found and squashed.
14 Added the Bayes-rebuild lock files to mailscanner_create_locks.
15 Fixed locking problems with Bayes-rebuild lock files.
15-2 Fixed problem with "rewind()" errors appearing in SA.pm.
16 Fixed bug in update_virus_scanners where trailing spaces or comments on
the "Run As User" or "Run As Group" settings in MailScanner.conf would
cause the Locks files to be owned by root.
16 Fixed similar bugs in /etc/sysconfig/MailScanner in RPM distributions.
1/12/2008 New in Version 4.73.4-2
=================================
* New Features and Improvements *
1 Improved install.sh for RPM systems to install correct arch of tnef RPM.
1 Upgraded to tnef version 1.4.4.
2 Scanner name will always be logged even if not being reported in text to user.
* Fixes *
2 Resolved reporting bug with number of viruses found when multiple scanners
in use.
2 Security issue in "trend-autoupdate" resolved.
3 Problem caused by zip files containing identically-named zip files fixed.
4 Fixed bug in RPM installer when no TNEF was installed. Didn't actually cause
any problems, just generated a noisy error message.
4-2 Added tnef-1.4.4.tar.gz to tarball package.
1/11/2008 New in Version 4.72.5-1
=================================
* New Features and Improvements *
1 Added support for ClamAV 0.94. Note that this has necessitated removal of
complete support for earlier versions of ClamAV as the command-line settings
are incompatible. So only use this version if you have upgraded to the latest
ClamAV 0.94.
2 The "Found to be clean" header will not be added to the message at all if
the relevant configuration setting is blank in MailScanner.conf.
2 Filename and filetype checks are now done before virus scanning. This means
that you can use the "deny+delete" type of filename or filetype rule to
selectively delete files that will choke your buggy virus scanner.
4 "install.sh" now logs all output to "install.log".
4 The RPM and SuSE versions of "install.sh" now have a "reinstall" command-
line option which will make it attempt to remove the Perl RPMs before it
installs them, in case you have changed your Perl version enough that the
previous Perl modules were not being found by your new setup. Very handy
for Fedora upgraders, among others.
4 Improvements to the "reinstall" command-line switch so it removes all the
old versions first, before it starts installing anything new.
4 Updated MIME-tools to version 5.427.
4 Minor improvement to phishing net.
4 Added check to --lint for sufficiently correct /tmp permissions.
5 Remove dsbl.org blacklist from spam.lists.conf.
5 Added more comments to the "Remove These Headers" documentation. The
suggested list of headers to remove is now all of these:
Disposition-Notification-To
Return-Receipt-To
X-Confirm-Reading-To
Disposition-Notification-To
Receipt-Requested-To
Confirm-Reading-To
MDRcpt-To
MDSend-Notifications-To
Smtp-Rcpt-To
Return-Receipt-To
Read-Receipt-To
X-Confirm-Reading-To
X-Acknowledge-To
Delivery-Receipt-To
X-PMrqc
Errors-To
X-IMAPBase
X-IMAP
X-UID
Status
X-Status
X-UIDL
X-Keywords
X-Mozilla-Status
X-Mozilla-Status2
* Fixes *
1 Changed logging of clamd so that it reports the virus scanner name correctly.
2 Removed debug code from OLE unpacking code.
3 Fixed log handling bug in filename rules matching code, thanks to Derek Chee.
4 Fixed bug where whole message body was deleted if a file nested within 2
zip files failed filename tests.
4 Fixed reporting bug in 'service MailScanner status' where it would produce
an error instead of saying the incoming sendmail process was working fine.
4 Fixed a parsing bug in the "Avast" scanner support.
4 Minor change to error message when /tmp has wrong permissions.
1/9/2008 New in Version 4.71.10-1
=================================
* New Features and Improvements *
1 Upgraded from File::Temp 0.19 to File::Temp 0.20 to resolve installation
problem reported with Fedora Core 8 systems.
2 New Feature: We can now extract the plain text of Microsoft Word (up to 2004)
documents in the *.doc format, and add it as new attachments to a message.
This is done using the "antiword" program available from
http://www.winfield.demon.nl/. There are 3 new configuration settings for
this feature:
"Add Text Of Doc" - This switches the feature on and off. Off by default.
"Antiword" - Full command to run the antiword binary. Adding "-f" to it
makes it highlight emphasized text in the output, which I find helps.
"Antiword Timeout" - The greatest length of time antiword is allowed to run.
3 Improvement to phishing net, now correctly ignores ':80' in http URLs.
3 Implemented support for Esets version 3.
4 Implemented support for F-Secure 7.01.
5 Added protection against attacks on the HTML text parser (Perl module
HTML::Parser) which is used to analyse HTML messages for dangerous tags.
There is a message in circulation that breaks this, causing Perl to trigger
a "Segmentation Fault". This protection is necessary, but may have an impact
on the performance of MailScanner. Until the Perl module is fixed, however,
this is very necessary protection for your email systems.
7 Added new option "Read IP Address From Received Header" which you can set to
yes if you are running fetchmail and injecting mail from fetchmail into your
MTA using SMTP. You need to set the "--invisible" option to fetchmail as well
to stop it adding its own "Received:" header. See the "Advanced" section of
MailScanner.conf for more info on this.
8 Added new rules to filename.rules.conf to allow for days of the week and
months in filenames like my_document.july.doc so they aren't caught by the
double filename extension trap.
8 Improved error notification if your permissions on /tmp are all wrong. It
now tells you exactly what to type to fix them.
8 Improved VBA32 output parser to handle slightly different new output format.
8 Improved 'partial message' handling to only remove the partial-message
section of the message, and not the whole thing. This is particularly
relevant to DSNs from bigfoot.com
10 Improved F-Secure scanning within executables.
* Fixes *
3 Improvement to "Sign Clean Messages" so the signature now appears where it
should, above any </body> tag as well as above any </html> tag.
6 Fix to Exim support to allow for arbitrarily-named Exim ACLs. Fix kindly
provided by [email protected].
6 Fix for missing watermarks, courtesy of Lasantha Marian.
7 Fix for case when Rebuild Bayes Every = 0 and Bayes is still rebuilt.
7 TNEF attachments will be added with correct filenames when TNEF Expander =
internal. It was erroneously adding them with their "safe" filenames.
9 Removed a load of extra debug output code.
9 "Partial messages" are now quarantined correctly.
10 Removed duplicate warning output when "Virus Scanners = none".
23/6/2008 New in Version 4.70.7-1
=================================
* New Features and Improvements *
1 Improvement to OLE document unpacking code, more likely to extract embedded
files correctly.
1 Added new setting "Dont Sign HTML If Headers Exist" to provide finer control
over placement of HTML signatures. If any of the named headers exist in
the message, the message is deemed to be a "reply", and so the HTML
signature is not attached. By default this functionality is switched off
by not specifying any header names.
2 Improvement to Filename and Filetype checks to catch mistakenly starting a
regular expression with a "*" on its own, as in "*.pdf" or just "*".
2 Improved message reporting when Sophos finds password-protected zip archives.
2 Now supports Mail::ClamAV 0.22 for ClamAV 0.93. You will need to upgrade your
ClamAV+SpamAssassin installation, using the download package I provide.
3 Improved update_bad_phishing_sites to support proxy_* environment variables.
Thanks to [email protected] for this.
3 Improved upgrade_MailScanner_conf for ClamAV 0.93 and Mail::ClaAV 0.22.
3 Removed URIBL additions from spam.assassin.prefs.conf. They are in
SpamAssassin by default now.
3 Improvements to handling of Watermarks to resolve various problems with them.
3 Upgraded to ClamAV 0.93.1 in ClamAV+SpamAssassin easy-to-install package.
4 Added "-w" to suggested "diff" command in upgrade_MailScanner_conf. Thanks
to Anthony Cartmell for this idea.
6 Changed Watermarking, so it only checks if there was a SMTP client IP address
as we don't want to block messages we generated on the MailScanner server.
6 Added "ID Header" setting so that you can choose whether or not you want
the header showing the MailScanner message id value. If you don't want the
header then set this to be blank.
6 Minor improvement to link detection in the phishing net.
* Fixes *
2 Silly mistake fixed in "Dont Sign HTML If Headers Exist" feature.
2 Fixed output text error in upgrade_MailScanner_conf.
3 Bugfixes to Watermark handling and logging.
4 More fixes to Watermark handling.
5 More fixes to Watermark handling, and a minor header change.
6 Made check for Sophos Allowed Error Messages case-insensitive.
7 Fix for missing images in HTML messages with "Allow WebBugs = yes" set.
6/5/2008 New in Version 4.69.9-3
================================
* New Features and Improvements *
1 Added command-line option "--id=<message-id>" which will force it to scan
just the message described by <message-id>. Only works when used with
"--debug".
1 Commented out definition of ORDB-RBL to force a syntax error in setups which
are still mistakenly using it (and not getting any mail as a result!).
1 Added comand-line option "--inqueuedir=<dir-name|glob>" which can take
a) a directory name, or
b) a directory name glob (or wildcard), or
c) a text file listing any combination of (a) and (b) above.
This specifies where to look for incoming messages. This is very useful when
debugging, as test messages can be put in their own queue directory, and the
main MailScanner running will not touch them, only a MailScanner run with
this command-line option will see them.
1 Can now extract embedded files from within Microsoft Office documents and
subject them to all the file tests like any other attachments.
1 To allow for executables embedded in zipped Office documents, default value
for "Maximum Archive Depth" has been increased to 3. Remember that using
upgrade_MailScanner_conf will *not* over-ride your current settings, so you
will have to change this manually to use the new value.
3 Added new keywords available in Spam Actions, the SpamAssassin Rule Actions
and Archive Mail locations. You can now specify _DATE_, _FROMUSER_,
_FROMDOMAIN_, _TOUSER_ and _TODOMAIN_ keywords in any of those and they
will be replaced with the user and domain halves of the relevant addresses
of the original message.
If, for example, you specify a "forward" address
"[email protected]", then a new recipient
will be added to the message for *each* of the original recipients. So
a message with 5 original recipients will have 5 new ones added to it.
3 Added new configuration setting "Missing Mail Archive Is =" which can take
the values "file" or "directory". This allows you archive to mbox files whose
name is based on the addresses of the original recipients.
4 Using the "store" Spam Action, you can now specify an arbitrary directory
path after the '-', so
"store-/var/spool/MailScanner/quarantine/spam/_TOUSER_._TODOMAIN_"
will store the message in a location determined by the recipient addresses.
Any of the _DATE_, _FROMUSER_, _FROMDOMAIN_, _TOUSER_ and _TODOMAIN_
keywords can be used.
4 Changed "Monitors for ClamAV Updates" for ClamAV version 0.93.
5 If the image signature <img> tag includes alt="MailScanner Signature" then
it notices the sig file is present and so doesn't add it again.
The "alt" attribute is matched by the word "MailScanner" followed by anything
followed by the word "Signature" in any combination of upper- and lower-case
so you can adapt this text quite a lot. See note for "6" below.
6 Added new configuration setting "IP Protocol Version Header" which will tell
you the IP version number used in the last hop to this server. It produces
either "IPv4" or "IPv6" in the header. To stop the header appearing, just
set it to be blank. Added at special request by my boss :-)
6 Added new configuration setting "Allow Multiple HTML Signatures". If the
message has been signed with an HTML signature containing an <img> tag,
whose "alt" attribute contains "MailScanner" and "Signature" and
"%org-name%", then it will not be signed again if this option is set to "no".
Once a message (with an image in the signature) has been replied to a few
times, it starts getting very large and ugly. This option keeps the message
size down and makes it look better. This is set to "no" by default as
messages look better this way.
7 Debian/Ubuntu have changed the default %org-name% value to "unconfigured-
debian-site" so I have to check for that as well in the 'Have I Been
Configured" code at startup :-(
9 Added support for the VBA32 virus scanner from www.anti-virus.by/en/.
The scanner is called "vba32" in MailScanner.conf.
* Fixes *
1 "IPBlock" Custom Function will start up properly without MailScanner.conf
location on the command-line.
2 Fixed problem with file MIME type checks were being incorrectly applied.
2 Added OLE::Storage_Lite to the list output by "MailScanner -v".
4 Forced "Debug SpamAssassin" to no unless "Debug" is set to yes.
7 Fixed problem with "--debug-sa" and MailScanner freezing using 100% CPU.
8 Fixed problem with modules not reporting properly with "MailScanner -v".
8 Fixed problem where "MailScanner --lint" would sometimes report false errors.
9 Fixed problem with OLE document unpacking occasionally dying with error.
9-2 Added VBA32 -wrapper and -autoupdate to Linux packages.
9-3 Fixed problem with OLE document unpacking occasionally dying with error.
1/4/2008 New in Version 4.68.8-1
================================
* New Features and Improvements *
1 Support for the Fpscand daemon that is supplied with F-Prot version 6.
Add this line to your virus.scanners.conf
f-protd-6 /bin/false /usr/local/f-prot
and set "Virus Scanners = f-protd-6" in your MailScanner.conf.
This is very much faster than the f-prot-6 command-line scanner.
3 Improved the list of ignored web-bug filenames.
3 New update_bad_phishing_sites script to use major new fireproof delivery
system. Many thanks to Matt Hampton for all his time and support with this.
3 Updated to Catalan translation.
3 Updated support for Vexira "vascan" virus scanner.
3 Changed location of Web-Bug Replacement image. upgrade_MailScanner_conf will
put in the new URL. This will give significantly better response to your
users.
3 Added new option "Log SpamAssassin Rule Actions" so that you can see exactly
what actions fire on what messages from the "SpamAssassin Rule Actions"
setting.
3 Added new option to the filename.rules.conf and filetype.rules.conf files.
Instead of "allow", "deny" or "deny+delete", you can now specify a space or
comma-separated list of email addresses. If the filename or filetype rule
is matched, the message is sent to these new addresses instead of the ones
given in the original email address.
3 Updated support for latest versions of Esets virus scanner from Nod32.
4 Added Net-DNS and Digest-SHA1 to the main MailScanner distributions so that
they are installed appropriately ready for when you install Razor. This way
they are installed as RPMs and not just plain Perl modules, as the RPM of
Razor requires them to have been installed as RPMs.
4 New configuration option "Automatic Syntax Check" added, default is "yes",
which causes a quick syntax check of the MailScanner.conf file and the other
configuration files, printing out errors on the console, instead of just
logging them to your system's mail log as it did before.
This will hopefully make it easier for novices to get going successfully.
5 SpamAssassin Cache will no longer cache "timed out" responses.
5 Upgraded to perl-Digest-SHA1 version 2.11.
6 Added SpamAssassin MCP patch for 3.2.4.
7 Changed default supplied High-Scoring Spam Actions to "store". That way
users don't have to work out how to change it, to reduce their spam a lot.
* Fixes *
2 Improved MakeNameSafe() to fix problems caused by f-protd-6 working with
filenames containing spaces (which it cannot handle!).
2-2 Fixed error in --lint support for F-Protd-6.
2-3 Typo, missed out a "$" :-(
3 Fixed important bug in f-protd handling code.
4 Fixes to Ruleset-From-Function.pm Custom Function code.
5 Fixed various issues with new automatic syntax check (--lintlite) code.
6 Fixed IPBlock problem with MailScanner --lintlite.
6 Fixed Postfix milter problem (thanks Glenn!).
7 Fixed problem with Inline images in HTML signatures. Now works with nested
multiple replies.
8 Fixed bug where original unsafe filename wasn't used correctly when auto-
replacing attachments with zipped copies to save space in mail stores.
Thanks to Armand Leroux at Capgemini for finding this one.
4/3/2008 New in Version 4.67.6-1
=================================
* New Features and Improvements *
1 Added support for the ESET virus scanner, from www.eset.com. Support written
by Phil (UxBoD). Many thanks! Just use "Virus Scanners = esets" in
MailScanner.conf and check you have installed it in the expected location or
change /etc/MailScanner/virus.scanners.conf.
2 "MailScanner --lint" now checks to ensure unrar is installed and executable.
2 Esets autoupdater now accurately reports status results.
3 Implemented file MIME type checking, as reported by the "file -i" command.
This includees 3 new settings, which all work just like their non-MIME
brothers: "Log Permitted File MIME Types", "Allow File MIME Types" and "Deny
File MIME Types".
The main use is via the filetype.rules.conf file, where a new optional field
may be added just after the regular expression field (just after the 2nd
field in each line). If this field is added, then the "file -i" command is
run on every batch of messages and the output checked against the MIME types
specified in the newly inserted 3rd field (out of fields 1-5 on each line of
filetype.rules.conf files).
4 Added compatibility for BitDefender 7.5 to bitdefender-wrapper.
4 --debug now tells you when it's waiting for its batch of messages, and how
big the batch is.
4 "Use TNEF = replace" behaviour changed to add attachments with their original
potentially very long filenames instead of a sanitised one.
4 Linux RPM install.sh fixed for Fedora Core 8. Thanks to [email protected] for that one.
4 Improvement to the phishing net to allow all the links that look like this:
Name of my Blog - http://site.blogspot.com/
4 Installation order of Perl module changed to install File::Spec before ExtUtils::MakeMaker, which should help the Solaris folks.
5 Made warning about %org-name% containing illegal characters a lot more
obvious when running "MailScanner --debug" as well as "MailScanner --lint".
5 Any mail headers inserted with spaces in them will have spaces replaced with
hyphens.
5 When "MailScanner --debug --debug-sa" is run, the start of every line of
SpamAssassin debugging output now has the current time stuck on the front
of it. This makes looking for pauses a whole lot easier.
6 Improvements to the init.d scripts for the RPM distributions. While waiting
for the MailScanner processes to die of natural causes, they periodically
send them another kill signal as there are a few cases in which the kill
signals are ignored. This should result in far more reliable restarting.
6 "sophos-autoupdate" improved to handle new "suspicious" threat data files
whose names start with "sus".
* Fixes *
4 Improved definition of "Scan Messages" when using Postfix, to attempt to
avoid occasional double delivery of unscanned messages on heavily loaded
servers.
5 Maliciously crafted attachment filenames could circumvent the 'very-long-
filename' rule in filename.rules.conf. Fixed.
5 Fix to include "ClamAVModule" in log outputs from it.
5 Symantec Scan Engine support problems now fixed. Set the path in
MailScanner's virus.scanners.conf to "/opt/SYMCScan". If set to that value,
it expects to see the Linux command-line scanner in the file
/opt/SYMCScan/ssecls/ssecls.
4/1/2008 New in Version 4.66.5-3
================================
* New Features and Improvements *
1 New optional configuration setting "Syslog Socket Type". By default this is
left blank, as it will work it out according to the operating system you
are using. Some Solaris users may want to set this to "native".
1 Addition of new message property for use by MailWatch 2.
1 Update of Sophos.install for Sophos version 6.
2 Updated to handle new MailTools 2.02. This includes the use of several new
Perl modules, so you'll have to use the install.sh to install all the
requirements of the new MailTools code (unless you are doing clever things
with yum repositories).
3 Improvement to the phishing net for multiple "blocked::" prefixes on links.
3 Improvements to speed up StartTiming() and StopTiming() greatly.
3 Updated to MIME-tools 5.425. This should solve lots of problems people are
having with using yum repositories.
4 Added startup code to check for consistent version numbers with MIME-tools.
4-2 Better install.sh for RHEL and CentOS 5.
4-3 Added some more modules to the compulsory list for RHEL and CentOS 5.