MailScanner ANNOUNCE: Version 4.62.9 released
Julian Field
MailScanner at ecs.soton.ac.uk
Tue Jul 31 22:01:36 IST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have just released a new version of MailScanner, 4.62.9. I don't
normally bother releasing a new version for August, as it's normally
very quiet and it isn't worth it. However, this year July has been
absolutely hectic and the list of new features and changes this month is
enormous!
So here goes for the highlights:
- --- New "Known Web Bug Servers" setting to list sites you know host
web-bug services, so you can blacklist all images from their servers.
The default value lists the main offender.
- --- New "watermarking" functionality. 2 uses for this: firstly to
provide the same functionality as milter-null, so you don't have to
install that if, for example, you use Exim and so can't use it, or if
you don't want to install another piece of software on your system.
Also, you can use it to create a trust relationship between your
MailScanner servers so that the spam scanning only has to be done once
on any message, on the first server it hits and not on subsequent ones.
- --- New "ClamAV Full Message Scan" setting, and improvements to the
ClamAV parser so that the SANESecurity phishing- and spam-detection
signatures can be reliably used. Note this new setting is disabled by
default, as it has a slight speed impact.
- --- New "SpamAssassin Rule Actions" setting so that any SpamAssassin
rule firing can trigger any action on a message, including the...
- --- New "custom()" spam action which allows you to do absolutely
anything based on any property of a message. Immensely powerful, just
get your thinking caps on. :-)
- --- Major improvements to "MailScanner --lint". This now checks more,
and actually tries scanning a real virus-infected message (don't worry,
it's totally harmless!) to show you the reports from your virus scanners
to check they are all actually working.
- --- HTML clean message signature can contain an image, so you can have
graphical sigs on your email messages with the image embedded in the
message so the recipient always sees it.
- --- Improvements to handling of "Virus Scanners = auto" with multiple
ClamAV methods installed (ie. clamav, clamavmodule and clamd).
- --- Improvements to upgrade_MailScanner_conf.
That's not everything, that's just the important bits!
Download as usual from www.mailscanner.info.
The full Change Log is this:
* New Features and Improvements *
1 Improved non-Linux installer.
1 Improved Linux installer.
1 Updated OpenBSD installation guide. Thanks to Jeremy Evans for this.
1 Upgraded MIME::Base64 to 3.07.
1 Improved error reporting for clamd permissions problems. Thanks Rick.
2 Added SAUPDATEARGS to /etc/sysconfig/MailScanner and
/usr/sbin/update_spamassassin. For a good use of this, see
http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt and search
for "HOWTO" in the Subject: line of the MailScanner-discussion list
archive.
This process replaces RulesDuJour entirely.
Another good ruleset to add to your setup is
http://www.peregrinehw.com/downloads/SpamAssassin/contrib/KAM.cf
To download this automatically every night, fetch
http://www.mailscanner.info/files/4/KAM.cf.sh and put it in
/etc/cron.daily
and make it executable (type "chmod +x /etc/cron.daily/KAM.cf.sh").
3 Added "Known Web Bug Servers" so you can blacklist images from known
servers
of web bug services.
3 Added functionality of "milter-null" to MailScanner so you no longer
need to
run this separately. It is called "Watermarking" and there is a whole
section for the settings in MailScanner.conf. They are
Add Watermark = yes
Skip Spam Checks If Watermark Valid = yes
Watermark Header = MailScanner-%org-name%-Watermark:
Watermark Lifetime = 432000 # in seconds, = 5 days
Watermark Secret = SET-THIS-TO-A-SECRET!
Also added Digest::MD5 to the required list of Perl modules, this is
needed
for the watermarking code.
3 Added optional image to the clean message signature. You can also use this
to add an arbitrary image attachment to any message, if you so wish. The
main point is to be able to have graphical HTML signatures on messages.
The settings are
Attach Image To Signature = no
Attach Image To HTML Message Only = yes
Signature Image Filename = %report-dir%/sig.jpg
Signature Image <img> Filename = signature.jpg
4 Added support for Kaspersky kav4fs. Set virus.scanners.conf entry to
point to /opt/kaspersky.
4 Changed default value to "Max SpamAssassin Size = 100k" as modern PDF
spams
are getting quite large, and PDFInfo.pm doesn't work with cropped
messages.
4 Improved Clamd parser to handle Sane Security ClamAV signature databases
which detect spam and so on from the contents of the headers, and hence
find infections without attachment filenames. Thanks to various people for
help with this, you know who you are :-)
4 Improved upgrade_MailScanner_conf so that it checks that the 'Monitors for
ClamAV Updates' setting looks for inc and cvd files. Problems have
recently
been suffered by many due to the value of this setting being out of date.
It doesn't automatically re-write their setting in case they have
installed
ClamAV somewhere odd and have customised it.
4 Changed 'Monitors for Sophos Updates' setting default value to point to
appropriate file for Sophos version 5 and upwards, and have added check
in upgrade_MailScanner_conf to ensure their setting now points to a new
location. It prints a warning if sophos-av does not appear in the path.
4 Added configuration setting "SpamAssassin Rule Actions". This setting is
very powerful and can be used to implement many things that MCP can do,
without having the processing overhead of MCP. The documentation for it is
in the MailScanner.conf file. Its power is limited by your imagination :-)
Start combining it with rulesets and you can take (or _not_ take) any
combination of actions dependent on any bit of content in the message
or its
headers. You could try out new SA tests by storing in quarantine every
message that matches a new particular SpamAssassin rule (or meta-rule for
creating more complex expressions).
5 Added "custom" spam action, which takes a parameter. This is passed
into the
CustomAction function in CustomAction.pm in the CustomFunctions directory.
This can be used to implement anything your heart desires, depending
on the
contents of a message.
7 When clamav, clamavmodule or clamd parsers are being used and new setting
"ClamAV Full Message Scan" is set to "yes", pass each of the entire
messages to ClamAV as well as the attachments so that the signatures that
detect spam can work reliably. This is set to "no" be default as it has a
speed impact.
7 The watermark options have been tweaked and renamed a bit, and one new
feature has been added. "upgrade_MailScanner_conf" will show you the
renames
and the new feature is designed to save resources on sites with more than
1 MailScanner. Currently, if you have a message delivered to a
secondary MX
(with MailScanner) which relays mail to the primary MX (also with
MailScanner) for delivery to users' mailboxes, the spam checks will be
done twice; this is a waste of resources. The new setting "Check
Watermarks
To Skip Spam Checks = yes" will remove this waste by skipping the spam
checks on the primary MX as the secondary has already done them.
7 "Virus Scanners = auto" will detect multiple types of ClamAV installed and
tend towards the most useful one. It will use clamd else clamavmodule else
clamav. This helps if you have all 3 installed, which is quite likely.
8 Greatly improved "MailScanner --lint". It now actually tests every virus
scanner that you have installed, and checks that they can successfully
scan
a message containing the Eicar test-virus pattern. It reports the results
from each scanner and warns you about checking any that are not reported.
9 Added check to "MailScanner --lint" to check envelope_sender_header in
spam.assassin.prefs.conf is correct and matches MailScanner.conf.
9 Added new setting "Use Watermarking = yes" to give overall control of all
watermarking features.
* Fixes *
2-2 Fixed error in RPM installer.
2-3 Fixed error in update_spamassassin.
3-2 The watermarking code should do something now :-)
3-3 Rewrote the watermarking docs so they reflect the truth.
4 --lint now reads all the Custom Functions properly.
4 Bug in auto-zip fixed where attachments could be deleted without being
added to zip. Thanks to Matt Hampton.
4 Bug with '-' in HTML attribute names confusing phishing net fixed.
Thanks
to John Wilcock.
5 Fixed 2 bugs in MSRBL clamav-signature handler. Thanks to UxBoD.
6 Fixed bug from October 2006 involving McAfee finding infections in
headers.
7 Fixed bug when unpacking TNEF files with external decoder.
7 Fixed 'monitor files' check in upgrade_MailScanner_conf so it
doesn't check
inadvertently when doing an upgrade_languages_conf.
7-3 Fixed bug in full message file creation in scanning dir as permissions
were wrong.
9 Added use POSIX to top of MessageBatch.pm so WNOHANG is defined.
Jules
- --
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)
Charset: ISO-8859-1
wj8DBQFGr6MxEfZZRxQVtlQRAvyFAKDXxb2x96bxiV+oQgYhMYrnhzUw5gCfXI1m
hEfYtogRPhdHzVFDEaLY688=
=nqu3
-----END PGP SIGNATURE-----
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk
More information about the MailScanner-announce
mailing list