From MailScanner at ecs.soton.ac.uk Mon May 4 16:54:21 2009 From: MailScanner at ecs.soton.ac.uk (Julian Field) Date: Mon May 4 16:55:25 2009 Subject: MailScanner ANNOUNCE: 4.76 released References: <49FF0FAD.2040101@ecs.soton.ac.uk> Message-ID: Hi folks! This is to let you all know that I have released a new stable version of MailScanner, 4.76. Also, to let you know that you can now follow me at twitter.com/JulesFM if you want to :-) See the Change Log for full details, but the main new features I have introduced this time around are: - Totally separate rules for filename and filetype tests for attachments added directly to email messages, from files which are put into zip files or other archives, which are then attached to the message. So you can very different rules for objects allowed in zip files or Word documents such as, say, allowing executables, while still stopping people accidentally running a malicious executable with 1 click from their email program. You even get to decide what is considered to be "an archive" and what is not, out of zip, rar, Office document, TNEF (winmail.dat) and uu-encoded files. - I have done a lot of the work on the installer and the installation that you get. Perl modules are no longer "forced" into installing at all, neither do any of them cause problems with updating Perl itself. If you have any issues with the new installer, please do get in touch straight away with details of your system, and I will produce a solution for you. - "Sign Clean Messages" will put the signature at any location of your choice within the message, instead of always being at the bottom. So you can have a corporate sig/disclaimer (added by MailScanner) which goes before your personal signature (added by your email application) if you so wish. - Fixed all the issues with Postfix not playing nicely with the crash-protection defence system introduced in the last version of MailScanner. - Speeded up SQL to reduce the penalty of running the crash-protection system enabled with the "Maximum Processing Attempts" configuration setting in MailScanner.conf. You can download it as usual from www.mailscanner.info The full Change Log is this: * New Features and Improvements * 1 Added the ability to have totally different filename and filetype checks for files which are attachments and files which are members of attached archives. You even get to define what you consider to be an archive and what is not. New Configuration options in MailScanner.conf are Archives Are = Archives: Allow Filenames = Archives: Deny Filenames = Archives: Filename Rules = Archives: Allow Filetypes = Archives: Allow File MIME Types = Archives: Deny Filetypes = Archives: Deny File MIME Types = Archives: Filetype Rules = In the shipped MailScanner.conf, the checks applied to files within archives are the same as those applied to normal attachments that are not within an archive. See the relevant settings in MailScanner.conf for more information. 4 RPM builds changed so that no RPMs are "forced" into being installed on RedHat 5 or CentOS 5 systems. 5 RPM builds changed so that no RPMs are "forced" into being installed at all. 5 RPM builds changed so that any previously installed RPM will not be rebuilt, even if the perl version check shows that it is not being used. This will dramatically speed up the upgrade process in future, especially if you use "./install.sh fast" to upgrade. 5 Changed @INC which is where Perl looks for its Perl modules. It was previously mostly left alone so that RedHat could override some versions of modules that you thought you had upgraded. The new @INC path inserts the "site_perl" and "vendor_perl" directories before the core directories. This may result in your MailScanner behaving differently from before as it will actually be using all your upgraded modules, and not sticking with ones supplied by RedHat (at which point it ignore your upgrades). This should not cause any problems with MailScanner. 7 Rebuilt i386 version of "tnef" on RHEL4 to be compatible with more systems. 8 Drastically improved getPERLLIB added in 4.76.5. Perl does funny things with $PERL5LIB when calculating @INC to find Perl modules. 8 Added Digest::HMAC as RedHat Enterprise 4 needs it for Net::DNS. 9 Upgraded Perl module DBD::SQLite. 11 The "Archives: Filename Rules" and "Archives: Filetype Rules" now point to copies of the normal filename and filetype.rules.conf files, rather than pointing to the same file. This will make it easier for new users to customise the rules for files in archives. 12 Improved RPM install.sh installation script so that it detects an upgrade from before the big RPM rebuild in 4.76.11 and forces a "reinstall" of all the Perl modules, which will fix problems with later upgrading Perl. 13 Improved Postfix MailScanner message id so that it relates much better with the "messages being processed" database. It is now based on the "Fletcher" checksum of the data at the start of the file. Thanks to JD Marsters (jd@oddlittle.me) for this one! 17 If you use "Sign Clean Messages", then the signature will be placed in your email message wherever you put the marker "_SIGNATURE_", and it will be placed at the end by default if that marker is not found. 22 Both the "Phishing Safe Sites File" and the "Phishing Bad Sites File" settings can now take a space-separated list of filenames, to make local management simpler. Note that your filenames must not have spaces in them! 22 Speeded up SQL processing-messages database code by pre-preparing all SQL statements. I am now tempted to leave this feature enabled by default for safety. We can always add a note to the performance tips on the wiki that users struggling under high load might want to switch this feature off. 23 Changed RPM installation order to fit better with CentOS 5.2->5.3 systems. * Fixes * 2 Added "Unpack Microsoft Documents" back into the list of recognised settings in MailScanner.conf. 3 Fixed "Add Text Of Doc" for Apple Mail's utterly broken MIME structure. 6 Fixed problems with RHEL5 installation created by 4.76.5. 7 Fixed problems with RHEL4 installation created by 4.76.5. 10 Fixed problems with Fedora Core 10 installation created by 4.76.5. 10-2 Fixed missing Locks dir. 14 Possibly fixed problem with incomplete Postfix messages getting into the 'processed messages' table. 15 Neatened up message rejection code to help solve processing-messages database problem. 16 Fixed permissions and ownership problems with data extracted from TNEF winmail.dat attachments. 16 Fixed slight problem in installer on new systems, so it does not complain about perl-TimeDate already being installed. 16 Fixed problem with Postfix leaving messages in the processing-messages db. Many thanks to Kai Schaetzl and Mark Sapiro for spotting the common features of the message ids being left behind. 18 Fixed Postfix entropy bug. 19 Changed handling of "Sign Clean Messages" so that if the signing process fails, we don't worry about it too much, and we certainly don't create a new message section just containing a signature and nothing else. 20 Alternate solution to Postfix procesing database bug, without adding 'P'. 21 Better solution to Postfix processing database bug, adding 'A' to shorter entropy value, so no change to final message id. 21 Moved Net::CIDR much lower down in the installation order, to avoid problems with CentOS 5.2-->5.3 upgraded systems. 22 Made sure it works with the processing-messages database switched on. 23 Fixed problem with HTML sig being re-added at end of message. 24 Removed type identifier from filenames listed in sender warnings. 24-2 Don't uninstall ExtUtils-MakeMaker in "./install.sh --reinstall". 24-3 ExtUtils-MakeMaker will not build on Fedora 10 x86_64 as it stands. 24-3 Fedora 10 needs Test-Simple first, RHEL5 and CentOS 5 need Math-BigInt first. Great :-( 24-3 Fedora Core 10 upgrades are no longer officially supported. The RPM Perl build system is fundamentally broken. Take Pod-Escapes as a fine example, it cannot build without Pod-Simple. But Pod-Simple cannot build without Pod-Escapes. I quit. Jules -- Julian Field MEng CITP CEng www.MailScanner.info Buy the MailScanner book at www.MailScanner.info/store MailScanner customisation, or any advanced system administration help? Contact me at Jules@Jules.FM PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654 PGP public key: http://www.jules.fm/julesfm.asc Follow me at twitter.com/JulesFM -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.