Just after 4.53.7 was committed someone spotted a serious bug in that version
which was quickly fixed by the author.
PR: ports/96830
Submitted by: maintainer
3/5/2006 New in Version 4.53.7-1
================================
* New Features and Improvements *
- Attachment extraction now checks for available disk space and a DoS attack
using messages with high expansion ratios will fail even quicker than it
did before.
- Added new setting "SpamAssassin Local State Dir" to support the sa-update
tool provided with MailScanner these days, to provide a way of auto-
updating the core SpamAssassin rulesets. The default value is set to what
you need for Linux (/var/lib).
- Added new cron job to run sa-update every night. The location of the
sa-update program is read from /etc/sysconfig/MailScanner.
- Added support for new header -H file format in Exim 4.61.
- Added 2 new configuration options "Gunzip Command" and "Gunzip Timeout" to
enable unpacking of gzip-ed files for filename and filetype checking.
Even if this is disabled, gzip-ed files will still be virus scanned.
- Added support for numerical entries in phishing.safe.sites.conf file.
- Added support for optional multipliers in numbers in MailScanner.conf.
So you can now write "50M" instead of "50000000". The multipliers supported
are "k", "m" and "g" to denote 1 thousand, 1 million and 1 billion (10^9)
in upper or lower case.
You must *not* put any spaces between the number and the multiplier character.
- Added a new configuration option "Ignored Web Bug Filenames". This allows
you to whitelist a bunch of filenames that can appear in the URLs of
potential web bugs. So if you decide that all potential web bugs with
"spacer" or "pixel.gif" in the filename are just padding for page layout,
then you can make it ignore them by adding them to this list. A sample
list is provided in MailScanner.conf.
This is disabled by default, as spammers may start to use this as a means
of circumventing the Web Bug trap.
- When Web Bugs are disarmed, the URL used to replace the original web bug
can now be set using the new configuration option "Web Bug Replacement".
If this is not specified, then the old value of "MailScannerWebBug" is used.
The default value supplied in the MailScanner.conf file is the address of
an untracked 1x1 pixel transparent gif (51 bytes) hosted on the MailScanner
web site. This will not be tracked other than to supply an overall count of
the number of hits this image gets, for overall statistical purposes.
- Added Razor2 to the list of plugins automatically enabled by the ClamAV+SA
easy-to-install package, due to the recent change in licence. Now if DCC
could go the same way...
- Updated Catalan translations.
* Fixes *
- Fixed bug in DoS attack handler. Thanks for Jorge for this.
- Commented out setting of "SpamAssassin Local State Dir" in MailScanner.conf.
PR: ports/96751
Submitted by: maintainer
- Fix rc.subr reference in update_phishing_sites.cron and
update_virus_scanners.cron
- Patch for changed queue file format of Exim 4.61
- Mark IGNORE for PERL_LEVEL < 500600 which is required by databases/p5-DBI
(dependency)
PR: 96351
Submitted by: Jan-Peter Koopmann <j.koopmann@seceidos.de> (maintainer)
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.
- OPTIONSify
- Use USE_RC_SUBR
Change Log:
- Speed increased significantly! Caches SpamAssassin results.
Note you need to run my install.sh script to get the new modules required.
- If "Virus Scanners = auto" (ie. the installed default value) then it
searches for and uses every available installed virus scanner.
- Added SpamAssassin cache analyser (analyse_SpamAssassin_cache) to the
distributions. 99% written by Steve Freegard of MailWatch fame.
- Upgraded ClamAV+SA bundle to ClamAV 0.88.
- Added default headers that Thunderbird 1.5 will use to automatically
identify spam based on SpamAssassin's spam headers.
- Added UU-decoder to automatically extract files from attachments that were
stored in uu-encoded form. This behaves similarly to the zip and rar
decoders. The virus scanners should check inside these files for themselves
anyway, but this assists them when they do not. It also allows for filename
and filetype checking of files stored in uu-encoded attachments.
- Added configuration option "Find UU-Encoded Files" to set whether uu-encoded
files are decoded or not. These files are very rarely used, and the
overhead of finding them is fairly large as it involves reading all
existing attachments looking for the signature of them. So the default is
to not look for them. A ruleset can be used to protect particularly
vulnerable recipients or senders.
- You can now start up MailScanner without changing MailScanner.conf at all.
It will auto-detect SpamAssassin and all available virus scanners.
- Changed default setting to "Use SpamAssassin = yes" and now auto- detect
installation of SpamAssassin, logging installation instructions if
it is not already installed and working.
- Added DBI and DBD::SQLite Perl modules. Please use my install.sh scripts
when you upgrade or install this version.
- Added American spelling of "analyze_SpamAssassin_cache" as well as English
spelling of "analyse_SpamAssassin_cache".
- DBI installation is forced in RPM distributions.
- Improved RPM installer to handle DBI module dependencies better. It now
installs cleanly on the systems I have tested it on. These include Fedora
Core 3, Fedora Core 4, SuSE 9.3, SuSE 10, RedHat Enterprise 4.
- Made log warnings more obvious when DBI/DBD::SQLite/Digest::MD5 are not
all installed properly.
- Improved comments about "Allow Filenames" and "Allow Filetypes" in
MailScanner.conf.
- Improvement to F-Prot output parser to handle new strings.
- Changed filename/type traps to account for new vulnerability in TNEF files.
- Adapted trend-autoupdate for 2006 onwards.
- --help implemented so you can see how to use it now.
- --debug now written. Works just like "Debug = yes" in MailScanner.conf.
- --debug-sa now written. Works just like "Debug SpamAssassin = yes".
- --check ruleset-checker now written. Takes max 1 from address, multiple to
addresses, client IP address and virus name.
- Added a new command-line parameter "--lint" to verify the config file.
- --lint now prints what virus scanners you have chosen to use, and what
- --lint now checks SpamAssassin configuration too.
scanners it can find installed.
- Added hi-res timing so the batch speed timings are now displayed to
micro-second accuracy.
- Added Time::HiRes to the list of required modules. You must use ./ install.sh
to upgrade to, or install, this version in order to get the new module.
Time taken to process the entire batch is logged, and time taken to do
"Always Looked Up Last" is logged separately if it is being used at all.
- Added check that MailScanner.conf has at least been customised to set the
organisation name, long name and web site.
- Added "SpamAssassin Cache Timings" configuration option for the few people
who need to adjust these settings. Do *not* change it unless you really
know what you are doing, the default settings will work nicely.
- Updated important perl modules.
- Removed duplicate logging of warnings about infected messages.
- Added detection of no virus scanners being installed, giving the user
advice about how to install ClamAV using my easy-installation package.
- Improved ClamAV+SA easy-installation package so that it automatically
enables the updates by commenting out the "Example" lines.
- Changed default Lock Type for sendmail to "posix" instead of "flock" as
new Linux systems (the most popular platform by far) run sendmail
8.13 or later, which requires this to be "posix".
- Upgraded Sys::Hostname::Long and HTML::Parser in ClamAV+SA package.
- Disabled movie format "deny" rules in filetype.rules.conf and have enabled
filetype checking by default.
- Updated man pages.
- Updated AVG parser to handle latest version 7.1.
- Added "Always Looked Up Last After Batch" which is looked up after the
"Always Looked Up Last" option. The 2nd of those is looked up once for
each message, the "...After Batch" value is looked up once for the
entire batch. It is only intended for use with a Custom Function, its
value is ignored.
* Fixes *
- Improved reliability of Bayes rebuilds a lot.
- Force installation of DBI as previous versions cause problems.
- Removed broken patch I was given, which was temporarily in 4.50.
- Packaging bug in 4.50.9-1 fixed. MailTools version typo.
- Fixed bug where temporary files were not cleaned up properly.
- Fixed missing HTML-Parser 3.48 package.
PR: ports/93026
Submitted by: maintainer
- Update to 4.49.7
* New Features and Improvements *
- Speed improvements for sendmail systems by changing the
way temporary files are handled and how attachments are parsed. This
should be really noticeable if I've got it right.
Thanks for the great help of the Vodafone SHARK team.
- Added speed improvements for Exim.
- Added speed improvements for Postfix.
- Now changes the command line listed in `ps` (ie $0) to show what
MailScanner is doing. Should help diagnose slow system problems.
- 4 new configuration options, which list patterns against which filenames
and filetypes are matched to see if we should allow them or block them.
This is implemented for the benefit of web-based configuration systems for
MailScanner, it is not really intended for human use as it will complicate
the filename/filetype matching unless you understand it. Read the comments
in the MailScanner.conf and suggest better explanations!
"Allow Filenames", "Deny Filenames", "Allow Filetypes", "Deny Filetypes".
Note: There are 2 new entries in languages.conf so remember to
run an upgrade_languages_conf.
- Upgraded tnef program to 1.3.4.
- Added message 'actions' property for MailWatch reporting.
- Custom Function filenames must end in .pm or .pl. Others will be logged
and skipped.
- Various minor speed improvements.
* Fixes *
- Changed Postfix code to better support latest revision of Perl.
- Now stops MailScanner more reliably on SuSE systems.
- Logging of <img> tags only done if logging HTML tags.
- Fixed minor array ref problem in Perl 5.8.7 on FreeBSD 6.0 (which is not
a public stable release anyway).
PR: ports/91306
Submitted by: Jan-Peter Koopmann <j.koopmann@seceidos.de>
Update to 4.46.2
1/10/2005 New in Version 4.46.2-2
=================================
* New Features and Improvements *
- Improved phishing net JavaScript detection to make reports more sensible.
- Loads of additions to phishing net safe sites list (thanks Denis!).
- Improved Install-Clam-SA package so that it sets up your /etc/ld.so.conf
file for you, by adding /usr/local/lib if necessary.
- Increased the default expansion factor of archives for the clamav scanner.
- Removed -j3 from call to Kaspersky in kaspersky-wrapper, on advice from
Kaspersky users.
* Fixes *
- Fixed problem with a few TNEF files and the internal TNEF decoder,
caused occasional crashes.
- Fixed warnings with numeric tests in a couple of places.
- Tested against SpamAssassin 3.1.0, one minor problem found and fixed.
- Fixed minor bug in "actions" parser in ZMailer support code.
1/9/2005 New in Version 4.45.4-1
=================================
* New Features and Improvements *
- Added MCP patches for SpamAssassin 3.0.4.
- Added extra output about nodeps switch with install.sh for RPM.
- Added "no bytes" lines to cancel out "use bytes" as it causes problems
with multi-lingual subject lines.
- Improved phishing net so that when you have multiple MailScanner servers
all handling your incoming mail, links caught by the first one won't also
be caught by the following ones. This caused the final message to contain
multiple warnings about the same link. There is now just 1 warning.
- New "Quarantine Modified Body" setting, default is "no". This will cause
all modified messages to be quarantined, including messages which have
had their HTML disarmed. Also optimised this so it never archives twice.
- Added syslog-ing to BitDefender updater.
- Improved web bug handler when disarmed by multiple MailScanners.
- Added new configuration options to control whether you want to highlight
phishing fraud links or modify the subject line or both.
New options are :-
Highlight Phishing Fraud (= yes by default)
Phishing Modify Subject (= "{Fraud?}" by default)
Phishing Subject Text (= no by default)
- Phishing detection now handles URL's containing %xx characters pointing to
web site names with é in them (and characters written like that).
* Fixes *
- Corrected bayes_file_mode in spam.assassin.prefs.conf on advice from
Matt Kettler.
- 'MailScanner -v' now prints out the version number of Convert::TNEF.
- Group memberships problem on BSD fixed. Spam quarantine membership
should now always be correct on BSD systems.
- Tweaked ClamAV+SpamAssassin package so it skips the zlib-vcheck version
check, it doesn't appear to be important and holds up newbies, which is
a Bad Thing(TM).
PR: ports/87842
Submitted by: Jan-Peter Koopmann <j.koopmann@seceidos.de>
* New Features and Improvements *
- Published new version of the book, but advise you don't purchase until
3rd week of August so I get to check a copy off the press first.
- Optimised situation where spam archive is being kept clean but many
messages are being deleted. Thanks to yavor.trapkov@wipe.int for that.
- Improved logging to show what sort of HTML tags have been disarmed.
- Added "Scan Messages" option (intended to be a ruleset) which is an
easy way of disabling all scanning and processing of messages. Great
for customers who don't want scanning of any sort on their messages.
- More phishing net improvements and additions to the safe sites list.
* Fixes *
- Resolved dependency problems by "tweaking" /usr/lib/rpm/perl.req to
produce no output.
- Added more Postfix temporarily-invalid-message checks.
This is working perfectly reliably now.
- Added disk full checks for MailScanner/incoming space.
- Added missing object instantiate in the generic spam scanner.
- Fixed reporting and scoring bugs in Custom Spam Scanner.
- Made Postfix hash depth measurement more tolerant of stray files such
as Razor logs appearing in the hold queue directories.
- Delete temporary TNEF files created by internal TNEF decoder/expander.
- Removed stray tar.gz files from tar distribution that shouldn't be there.
PR: ports/85218
Submitted by: maintainer
+ add devel/p5-PathTools, remove devel/p5-File-Spec
+ update dependencies for all affected ports (make them unconditional),
bump PORTREVISION for these ports
module was renamed
* reflect renaming on CPAN PodParser to Pod-Parser
+ add textproc/p5-Pod-Parser, remove textproc/p5-PodParser
+ update dependencies for all affected ports (make them unconditional),
bump PORTREVISION for these ports
* for all changed ports make dependencies on File::Temp, Digest::MD5,
Storable unconditional
* remove 'CONFIGURE_ARGS= INSTALLDIRS=site' from Makefile's
(this variable is forced by bsd.port.mk now)
* update Class-Autouse to 1.17
* update POE-API-Hooks to 1.05
* make portlint happy (clean IGNORE, convert spaces to tabs and so on)
- Update to 4.36.4
Removed file(s):
- files/patch-lib:MailScanner:Message.pm
ChangeLog:
* New Features and Improvements *
- Improved URL trimming in phishing net.
- Various improvements and fixes in phishing net.
- Added support for RedHat Enterprise Linux 4.
- Added check for Password-Protected Archives setting when using clamavmodule.
- Added support for "fast" parameter to all installation scripts.
This reduces all waits to 1 second, greatly speeds installation!
- Improved logging when there are too many attachments.
- Added message ID to log of phishing attempts.
- Added autoupdater for Panda.
- Added %variables% to text and HTML report messages, so the email "signature"
added to the end of each report is customised centrally from
MailScanner.conf. This currently uses %org-long-name% and %web-site%.
- Added upgrade_languages_conf script to automate upgrading of
the languages.conf file in whatever translation directory you use.
* Fixes *
- Fixed outstanding problem in bitdefender-autoupdate, so that it works
properly on new installations.
- Fixed logging problem with phishing net on a few malformed messages.
- Removed /var/tmp files from MailScanner-MIME-Base64 rpm build.
- Fixed problem in Vexira parser.
- Fixed problem where All-Viruses would cause every problem to be silent.
PR: ports/75127
Submitted by: Jan-Peter Koopmann <j.koopmann@seceidos.de>
Changelog:
* New Features and Improvements *
- Added install.sh script for tar distribution which builds all Perl modules,
tnef decoder and MailScanner automatically.
- Added configuration option "Dangerous Content Scanning" to allow you to
disable all the content scanning except for the virus scanning.
- Added support for Vexira virus scanner.
- Implemented support for F-Secure 4.61.
- Implemented support for Nod32 2.01. If you are still running 1.99, you
will need to edit /etc/MailScanner/virus.scanners.conf.
- Reports can now contain %variables% such as %org-name%.
- Changed default installation location of Bitdefender to /opt/bdc.
- Upgraded tnef to latest release from sourceforge.
- Moved ExtUtils::MakeMaker into list of normal perl modules to install.
- Linux distributions now auto-detect MTA setting in /etc/sysconfig/MailScanner.
- Can now detect very small images in a message, that may be "web bugs" to
track you. These can be disarmed if you want.
- Changed documentation to just list single-instance version of Postfix.
- Changed init.d scripts to work well with both single and double instance of
Postfix.
- Improved init.d script to support SuSE 9.1 properly.
* Fixes *
- Forced AVG to run in English.
- Corrected problem with negative failure counts from RBLs and SA.
- Fixed bug in LDAP ruleset handling.
- Sendmail code now auto-detects the correct lock type to use, flock or posix.
- Sendmail qf files no longer have to define an IP address.
- Corrected report when archive is nested too deeply.
- ZMailer forwarding fix provided by Mariano.
- Fixed Postfix message corruption on recent Postfixes on some architectures.
- Worked around latest tweaks to Postfix spec.
- Fixed problems with PDF docs when signing messages.
PR: ports/67542
Submitted by: Jan-Peter Koopmann <j.koopmann@seceidos.de> (maintainer)
- In certain conditions the update_virus_scanners script cannot kill
the lock-file. Therefore all future updates of virus signatures fail.
- If a mail contained too many attachment, it was blocked but the report
was empty, confusing the sender.
PR: ports/66046
Submitted by: Jan-Peter Koopmann <j.koopmann@seceidos.de> (maintainer)
New features include blocking of password-protected ZIPs
and filename/-type checking within ZIPs
PR: ports/63921
Submitted by: Jan-Peter Koopmann (maintainer)