From MailScanner at ecs.soton.ac.uk Mon Sep 1 14:36:16 2008 From: MailScanner at ecs.soton.ac.uk (Julian Field) Date: Mon Sep 1 14:37:47 2008 Subject: MailScanner ANNOUNCE: 4.71 stable released Message-ID: <48BBEFD0.7080507@ecs.soton.ac.uk> Hi folks! I have just released a new stable version of MailScanner, version 4.71. The main changes this month are: - If a message contains a *.doc document, a new attachment can be added containing the text of the document. This will save your users from having to save the attachment, potentially switch operating systems, and open up Microsoft Word or OpenOffice just to read the words in the document. My users absolutely *love* this feature, it saves them a huge amount of time and hassle when memos are circulated by the management. See the "Add Text Of Doc" setting in MailScanner.conf for more details of how to configure this. - Updated support for Esets and F-Secure virus scanners. - Thanks to F-Secure for donating me a set of server licences so I can always be sure that I am supporting the latest versions of their products. Much appreciated! - One for Fetchmail users: used together with the "--invisible" option to fetchmail, MailScanner will correctly use the IP address of the connecting SMTP client, and not "localhost" or "127.0.0.1" for the IP address in rulesets. - Added protection against denial-of-service attacks on the HTML text parser Perl module. There is a message involving thousands of tags in circulation which breaks previous versions of MailScanner when they try to analyse the HTML of the email message. This is in no way an attack on MailScanner, but on the underlying HTML::Parser Perl module. - Improved support of DSN messages from bigfoot.com which incorrectly use the "message/partial" MIME identifier. Download it all as usual from www.mailscanner.info. The full Change Log is here: * New Features and Improvements * 1 Upgraded from File::Temp 0.19 to File::Temp 0.20 to resolve installation problem reported with Fedora Core 8 systems. 2 New Feature: We can now extract the plain text of Microsoft Word (up to 2004) documents in the *.doc format, and add it as new attachments to a message. This is done using the "antiword" program available from http://www.winfield.demon.nl/. There are 3 new configuration settings for this feature: "Add Text Of Doc" - This switches the feature on and off. Off by default. "Antiword" - Full command to run the antiword binary. Adding "-f" to it makes it highlight emphasized text in the output, which I find helps. "Antiword Timeout" - The greatest length of time antiword is allowed to run. 3 Improvement to phishing net, now correctly ignores ':80' in http URLs. 3 Implemented support for Esets version 3. 4 Implemented support for F-Secure 7.01. 5 Added protection against attacks on the HTML text parser (Perl module HTML::Parser) which is used to analyse HTML messages for dangerous tags. There is a message in circulation that breaks this, causing Perl to trigger a "Segmentation Fault". This protection is necessary, but may have an impact on the performance of MailScanner. Until the Perl module is fixed, however, this is very necessary protection for your email systems. 7 Added new option "Read IP Address From Received Header" which you can set to yes if you are running fetchmail and injecting mail from fetchmail into your MTA using SMTP. You need to set the "--invisible" option to fetchmail as well to stop it adding its own "Received:" header. See the "Advanced" section of MailScanner.conf for more info on this. 8 Added new rules to filename.rules.conf to allow for days of the week and months in filenames like my_document.july.doc so they aren't caught by the double filename extension trap. 8 Improved error notification if your permissions on /tmp are all wrong. It now tells you exactly what to type to fix them. 8 Improved VBA32 output parser to handle slightly different new output format. 8 Improved 'partial message' handling to only remove the partial-message section of the message, and not the whole thing. This is particularly relevant to DSNs from bigfoot.com 10 Improved F-Secure scanning within executables. * Fixes * 3 Improvement to "Sign Clean Messages" so the signature now appears where it should, above any tag as well as above any tag. 6 Fix to Exim support to allow for arbitrarily-named Exim ACLs. Fix kindly provided by dominik.schramm@businessmart.de. 6 Fix for missing watermarks, courtesy of Lasantha Marian. 7 Fix for case when Rebuild Bayes Every = 0 and Bayes is still rebuilt. 7 TNEF attachments will be added with correct filenames when TNEF Expander = internal. It was erroneously adding them with their "safe" filenames. 9 Removed a load of extra debug output code. 9 "Partial messages" are now quarantined correctly. 10 Removed duplicate warning output when "Virus Scanners = none". Jules -- Julian Field MEng CITP CEng www.MailScanner.info Buy the MailScanner book at www.MailScanner.info/store Need help customising MailScanner? Contact me! Need help fixing or optimising your systems? Contact me! Need help getting you started solving new requirements from your boss? Contact me! PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From MailScanner at ecs.soton.ac.uk Thu Sep 18 15:02:17 2008 From: MailScanner at ecs.soton.ac.uk (Julian Field) Date: Thu Sep 18 15:03:10 2008 Subject: Announcing the new FSL MailScanner Beta yum repository Message-ID: <48D25F69.9090308@ecs.soton.ac.uk> * What is it? This is a new Yum repository for CentOS 5 i386 and x86_64 only. It will always contain the latest MailScanner beta (4.72.2 at the time of writing) along with SpamAssassin (plus DCC, Razor, DKIM, SPF, IP-Country and Rule2XS plug-ins), ClamAV and all Perl module dependencies. It should be used for beta testing new releases only and should not be used in production. * Why is it different from other repositories? Because it aims to completely eliminate the problem of package conflicts and to make installations and upgrades as simple as possible. These rpms provide an automatic configuration that contains the regular tuning tips that would be unfamiliar to those who do not have in-depth knowledge of MailScanner and it's configuration. This significantly reduces the amount of time it takes to do an installation. From start to finish, the installation and configuration of all packages takes less than five minutes on a reasonably fast network. Package conflicts are avoided by creating a new RPM namespace for all the Perl modules required by MailScanner and SpamAssassin and by installing all Perl modules (except SpamAssassin) in /opt/fsl/lib/perl5. This allows the Perl system libraries to be totally independent so they can be updated by the operating system vendor without the possibility of breaking MailScanner or SpamAssassin. Automatic configuration is achieved by using RPM 'triggers' which allow the installation, upgrade or un-installation of one package trigger to access an action specified by another package. For example - when 're2c' is installed, the fsl-spamassassin package runs a trigger that automatically runs 'sa-update' and 'sa-compile' to get the latest rules and compile them and then automatically enables the 'Rule2XSBody' plug-in in v320.pre, subsequently if 're2c' is uninstalled, then the plug-in is automatically disabled. * Installation procedure Ideally it should be installed onto a server with a fresh minimal installation of CentOS/RHEL 5. This will allow the operating system and all MailScanner related applications to be safely updated by simply running `yum -y update`. If you want the MailScanner package to automatically mount the MailScanner incoming directory on tmpfs then run the following command before starting the installation: export MAILSCANNER_CREATE_TMPFS=1 Then simply run: wget http://yum.fslupdate.com/fsl-beta/fsl-beta.repo -O /etc/yum.repos.d/fsl-beta.repo yum -y groupinstall MailScannerGold export PERL5LIB=/opt/fsl/lib/perl5 Once all the packages are installed, the only configuration required is to MailScanner.conf, Sendmail (/etc/mail/access, /etc/mail/mailertable) and then enable and start them both by running: chkconfig MailScanner on service MailScanner start * Installing over an existing RPM based installation This is no different to the procedure above - except you should back-up your MailScanner and SpamAssassin configuration first as a precaution. The 'stock' MailScanner package has no automatic upgrade procedure you will need to manually run upgrade_MailScanner_conf and/or upgrade_languages_conf if any rpmnew files are created by the new package. * Support Sign-up for the fsl-beta support list at http://listserv.fsl.com/mailman/listinfo/fsl-mailscanner-beta. The use of the repository is entirely unsupported by FSL, so use is at your own risk - however we will be happy to answer and questions about the repository or packages on the fsl-beta list. * MailScannerGold PRODUCTION The MailScannerGold Production yum repository will be available in a few days. We'll post another announcement when it's available for subscription and downloading. Initial pricing for the production version subscription is a monthly fee of $30 / month for the first gateway and $20 / per month for each additional gateway. This should help us to recover our costs for development and maintenance while at the same time costing sites less that the salaries required for administrators to fully maintain and update the MailScanner systems. Support for MailScannerGold PRODUCTION will provided by a subscribers supported and FSL moderated email list. Subscribers to the service will also be able to obtain FSL support services at our standard hourly rates less a 25% discount. These repositories should make installing, running and updating MailScanner a lot easier for both newbes and experienced mail administrators. Jules -- Julian Field MEng CITP CEng Chief Technical Officer Fort Systems Ltd. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.