ANNOUNCE: Stable 4.23-10 released

Julian Field mailscanner at ecs.soton.ac.uk
Sun Aug 31 11:52:25 IST 2003 

Folks,

I have just released a new "stable" version of MailScanner. There are many
improvements and some fixes this time, rather more than I can easily list
for you here, so please see the ChangeLog which is at the bottom of this
message.

Download as usual from www.mailscanner.info.

P.S. If you are interested in blocking messages based on their text
content, please contact me.

ChangeLog
========
* New Features and Improvements *
- Implemented special "silent viruses" list keyword "All-Viruses" which matches
   the name of any virus. This means you can make messages silent which contain
   just viruses and none (or a combination) of the HTML hacks that are
detected.
- Implemented "Use Default Rules With Multiple Recipients" configuration
   option to force predictable results when faced with a message with multiple
   recipients who have conflicting user preferences.
- Implemented various new parameters so that messages which only have
   dangerous content, and nothing else wrong with them, get a "dangerous
   content" warning rather than a "virus" warning.
- Added "Definite Spam Is High Scoring" configuration option so that spam
   that is blacklisted is treated using the "High Scoring Spam Actions".
- Added 3 new options to allow fine-grained control of notifications to
   senders, so that you can notify senders of bad filenames but not
   viruses, for example. The 3 new settings are:
   Notify Senders Of Blocked Filenames Or Filetypes
   Notify Senders Of Other Blocked Content
   Notify Senders Of Viruses
- Added support for eTrust Antivirus. Assumes installation directory of
   /opt/eTrustAntivirus as recommended by their AdminGuide manual.
- Added "Virus:" type to things you can use in rulesets so you can do
   stuff like only quarantine particular virus infections and not others.

- All virus scanner package installation paths have been moved to
   virus.scanners.conf so they are not in any of the wrapper or autoupdate
   scripts.
   *NOTE*: If you are not using my "update_virus_scanners" global updater
   *NOTE*: script, but have written your own cron jobs, then you must add
   *NOTE*: the installation path to the autoupdate commands. To see the
   *NOTE*: default path, read virus.scanners.conf.
   *NOTE*: If you don't do this, your autoupdates may not work.
- Improved error detection in bitdefender-autoupdate.
- Added 5 minute timeout to clamav-autoupdate.
- Better mcafee-autoupdate script from Tony Finch. Allows non-root user
   more easily, and can delete old files if you want it to.
- Improved ClamAV wrapper so it safely attempts extra command-line flags.
- Improved rav-autoupdate so it fixes RAV permissions for non-root users.
- Added simple F-Secure autoupdate script.
- Added Trend autoupdate script.
- Added timeout support (10 minutes) to F-Prot autoupdate script.
- Sophos autoupdater now handles Sophos beta releases neatly.
- Improved logging output of global updater.

- Messages bigger than the max SA testing size are now checked by SA, just
   only the first n bytes of the message will be checked.
- Logging now handles syslog-ng better, as it will attempt to re-open the
   syslog connection if it dies while logging to it.
- Now check that at least 1 file matches all of the filename patterns
   specified in "Monitors For Sophos Updates".
- "Include Scanner Name In Reports" now also includes the name "MailScanner"
   at the start of the report lines that come from MailScanner's own
   internal filename, filetype and content checks. The exact wording used can
   be customised in languages.conf.
- Improved handling of Allowed Sophos Error Messages. To allow more than 1
   string, put each string in quotes and separate them with commas. For example
   Allowed Sophos Error Messages = "corrupt", "format not supported"
- Added ZMailer support to RedHat init.d script.
- Improved SuSE init.d script handles sendmail and Postfix.
   It will handle Exim once I can get it to build.
- Changed default path of lockfile in update_virus_scanners so it is more
   compatible with systems that don't have /var/lock.
- Improved "Spam Checks" description in MailScanner.conf.
- Added comment about virus.scanners.conf file to MailScanner.conf.
- Improved handling of messages containing viruses but no MIME structure.

* Fixes *
- Corrected minor typo in check_MailScanner cron job.
- Corrected typo in SweepOther.pm.
- Corrected handling of non-archives in kavdaemonclient scanner.
- SQL Logging code now translates '' into 'NULL' before inserting into table.
- Corrected minor bug in safe filename logging in CustomConfig.pm.
- Fixed bug in RAV output handling.
- Worked around bug in RAV directory traversal by improving wrapper script.
- Fixed bug in RBL result processing when RBL returns 127.0.0.10.
- Fixed bug in Exim handling of client IP address.
- Fixed bug in Command anti-virus detecting viruses in zip files.
- Fixed bug in DoS-attack handling code.
- Fixed bug in insertion of virus warning message that affects entire
   message.
--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support

More information about the MailScanner mailing list