"DBMail 1.2.8a
June 08, 2004 16:21:55 Posted by: Ilja Booij
A buffer overflow error in DBMail 1.2.x has been discovered and fix. The
buffer overflow causes dbmail-smtp to crash with a segmentation fault
when a line in the email header is bigger than 2048 bytes. All version <
1.2.8a are affected, so please update your DBMail installation."
is faster and less cpu intensive than other interperative based solutions.
It blocks spam using the following methods;
* Configurable Realtime DNS Blacklists
* Sender Address verification
* Configurable Black and White lists
* Invalid MTA hostname verfication
* Basic Virus/Worm file attachment rejection for files ending
in .pif, .scr, etc.. via MsExtChk filter
* SPF via libspf
Also;
* Realtime firewall blocking of MTA hosts with invalid host names via
MtaHostIpfw filter
* Realtime rate limited connection blocking via firewall rule injection
All actions are logged via syslog with both the sender and the recipient.
From this, report generation and notification to recipients showing
activity becomes extremely simple.
WWW: http://www.wanlink.com/spamilter/index.php
- Fix installation from package
As always, please be careful not to nuke your local configuration
on updating. This port needs a maintainer who actually uses it!
Closes PR: ports/60585
Submitted by: Seva Gluschenko
the mutt-users mailing list) to be able to behave like
mutt-1.4.x.
- Remove a non-working site from PATCH_SITES
- Bump PORTREVISION
PR: ports/67619
Submitted by: maintainer
since the workaround for old FreeBSD versions depends on them
(see Makefile for details.) The workaround itself could be
fixed, but that would make it less robust though.
Pointed out by: vs
- SECURITY: Close an XSS hole exploited via the Content-type header
of malicious emails.
- Fix conversion of folder names in some non-ascii charsets with buggy
iconv implementations.
- Filter out <base> tags when viewing HTML messages (Bug #10).
- Encode subject when saving as draft.
non-commercial distribution/mirroring of the original source
files. But as long as it's the only thing permitted, mark
the port as NO_CDROM and NO_PACKAGE, instead of RESTRICTED.
o Fix some buglets and port framework usage issues:
- The file milter-sender.mc doesn't belong to docs. Installing
its reference copy along with the working copy is better.
- Make use of the exported BSD_INSTALL_* environment variables.
- Change access permissions only on needed files.
- Take care of file access permissions when installing
from the package.
- daemon(8) will take the program to the background, but it cannot
change the current directory to anywhere but the root. Since
getting a core file might be useful, cd to a directory writable
by the milter-sender process just before starting it.
- Review the messages: improve grammar, remind to reinstall
sendmail.cf as well (rebuilding it alone isn't enough.)
Changelog:
* New Features and Improvements *
- Added install.sh script for tar distribution which builds all Perl modules,
tnef decoder and MailScanner automatically.
- Added configuration option "Dangerous Content Scanning" to allow you to
disable all the content scanning except for the virus scanning.
- Added support for Vexira virus scanner.
- Implemented support for F-Secure 4.61.
- Implemented support for Nod32 2.01. If you are still running 1.99, you
will need to edit /etc/MailScanner/virus.scanners.conf.
- Reports can now contain %variables% such as %org-name%.
- Changed default installation location of Bitdefender to /opt/bdc.
- Upgraded tnef to latest release from sourceforge.
- Moved ExtUtils::MakeMaker into list of normal perl modules to install.
- Linux distributions now auto-detect MTA setting in /etc/sysconfig/MailScanner.
- Can now detect very small images in a message, that may be "web bugs" to
track you. These can be disarmed if you want.
- Changed documentation to just list single-instance version of Postfix.
- Changed init.d scripts to work well with both single and double instance of
Postfix.
- Improved init.d script to support SuSE 9.1 properly.
* Fixes *
- Forced AVG to run in English.
- Corrected problem with negative failure counts from RBLs and SA.
- Fixed bug in LDAP ruleset handling.
- Sendmail code now auto-detects the correct lock type to use, flock or posix.
- Sendmail qf files no longer have to define an IP address.
- Corrected report when archive is nested too deeply.
- ZMailer forwarding fix provided by Mariano.
- Fixed Postfix message corruption on recent Postfixes on some architectures.
- Worked around latest tweaks to Postfix spec.
- Fixed problems with PDF docs when signing messages.
PR: ports/67542
Submitted by: Jan-Peter Koopmann <j.koopmann@seceidos.de> (maintainer)
Users of 1.4.3 are urged to upgrade, as this fix nasty memory exhaustion
bug in 1.4.3
PR: ports/67526
Submitted by: Simon Dick <simond@irrelevant.org> (maintainer)
