From MailScanner at ecs.soton.ac.uk Sat Jan 3 11:13:04 2009 From: MailScanner at ecs.soton.ac.uk (Julian Field) Date: Sat Jan 3 11:13:45 2009 Subject: MailScanner ANNOUNCE: Stable release 4.74.12 Message-ID: <495F4840.8050603@ecs.soton.ac.uk> I have just released the first version for 2009, 4.74. The main fix this time is that all the symlink vulnerabilities have been fixed, though you were only ever vulnerable to these problems if you let users interactively login (using ssh, for example) to your MailScanner servers. If you restrict logins to system admins and other trusted users, you would never have had a problem anyway. Other than that, the SpamAssassin Rule Actions have been improved slightly, in that the "header" action can now contain the magic word "_TO_" which will be replaced by a list of all the original message recipients, very useful if you don't deliver the message but instead forward it to someone else for checking. TNEF had been upgraded to 1.4.5. Download as usual from www.mailscanner.info. The full Change Log is this: * New Features and Improvements * 1 Patch added to ClamAV & SpamAssassin easy-to-install package to make Mail::ClamAV Perl module handle ClamAV 0.94 correctly. Thanks to Steve Barber for telling me about this fix. 7 Upgraded to tnef 1.4.5. 9 The Spam Actions and its pals may now contain the "header" action with the special keyword "_TO_" anywhere in the header value. This will be replaced by a comma-separated list of the original recipients of the message. I wrote this for when I divert a message to the postmaster when it's detected as spam, for example. Then you can put Spam Actions = store forward postmaster@ecs.soton.ac.uk header "X-ECS-Recips-w ere: Sent to _TO_" I don't always want to include the list of recipients in the headers, as others object to their privacy being violated by everyone receiving the full list of recipients, so I can't use the "Add Envelope To Header". I *only* want to add this information to spam messages, so I know to whom they were originally addressed. 11 Another check to ensure it doesn't chmod /tmp on misconfigured systems. * Fixes * 2 Major work on removing symlink attack vulnerabilities affecting -autoupdate lock files. Note: This vulnerability only affected systems where normal interactive users could log in to the system, or create arbitrary symlinks in your filesystem. So the ISP-style setups were never vulnerable, as they didn't allow normal users to login or allow people to arbitrarily create symlinks in the filesystem. 2 Removed symlink attack vulnerabilities in SpamAssassin and tnef handlers. 6-2 Re-release to fix filesize problems. 7-2 Added missing "use" statement to WorkArea.pm. 7-3 Added missing tnef to Other Unix tarball distribution. Linux distributions unchanged. 8 Minor fix in handling of complicated "SpamAssassin Rule Actions". 10 Fixes for Locks creation bugs from Jeff Earickson. Non-RPM distribution should work rather better now. 12 Tiny (but important) fix to mcafee-autoupdate so that it will work properly. Jules -- Julian Field MEng CITP CEng www.MailScanner.info Buy the MailScanner book at www.MailScanner.info/store MailScanner customisation, or any advanced system administration help? Contact me at Jules@Jules.FM PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654 PGP public key: http://www.jules.fm/julesfm.asc Jules -- Julian Field MEng CITP CEng www.MailScanner.info Buy the MailScanner book at www.MailScanner.info/store MailScanner customisation, or any advanced system administration help? Contact me at Jules@Jules.FM PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654 PGP public key: http://www.jules.fm/julesfm.asc -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.