ANNOUNCE: Version 3.27 and 4.11

Mike Kercher mike at CAMAROSS.NET
Thu Jan 2 00:10:46 GMT 2003 

Anyone else seeing anything like this in the maillog:

Jan  1 18:20:45 mail MailScanner[31377]: Spam Checks: Starting
Jan  1 18:20:45 mail MailScanner[31377]: Looked up unknown string spam
in language translation file
/opt/MailScanner/etc/reports/en/languages.conf
Jan  1 18:20:45 mail MailScanner[31377]: Looked up unknown string score
in language translation file
/opt/MailScanner/etc/reports/en/languages.conf
Jan  1 18:20:45 mail MailScanner[31377]: Looked up unknown string
required in language translation file
/opt/MailScanner/etc/reports/en/languages.conf
Jan  1 18:20:46 mail MailScanner[31377]: Looked up unknown string
notspam in language translation file
/opt/MailScanner/etc/reports/en/languages.conf

Mike


-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
Behalf Of Julian Field
Sent: Wednesday, January 01, 2003 5:49 AM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: ANNOUNCE: Version 3.27 and 4.11


Happy New Year everyone!

I have just released updated versions of both V3 and V4.

The only change for V3 is an important security fix, which you can
easily apply without upgrading if you don't want to. See the ChangeLog
below for details.

There are many improvements and changes for V4. A few of them are:
- Security fix is included
- Modify Subject: line to show a message has been scanned
- Stop MailScanner replying to mailing lists that send it viruses
- Quarantine-cleaning script included
- Virus scanner update cron job replaced by global updater script
- Full installation instructions for FreeBSD
- Improved AntiVir, Sophos, F-Prot and F-Secure parsers

Also, in the spirit of Perl tradition, there is now a MailScanner Poetry
page for all you closet bards out there. Contributions are most welcome
:-)

It can all be downloaded as usual from
        www.mailscanner.info





For completeness, here is the entry from the ChangeLog for V4.11:

*Security*
- *** Important Security Fix ***

   You must edit the "sendmail -bd ..." command in your init script and
add
                           -OPrivacyOptions=noetrn
   as otherwise people could maliciously bypass MailScanner on servers
that are under heavy load.
   It is *vital* that you protect yourself with this change.
   However, please note there have been no reports at all of this
problem being actively exploited.
   It is included in the init scripts that are part of the RPM
distributions, so RPM users just need to upgrade to the latest
mailscanner*rpm.

*New Features and Improvements*
- Added 2 more configuration options to modify the subject line whenever
a message is scanned (but no other subject line changes have happened)
so it is obvious to all that the message has been scanned. By default
this will (if enabled) add "{Scanned}" to the end of the Subject: line.
- Added "Never Notify Senders Of Precedence" configuration option so
that you can stop MailScanner replying to postings to mailing lists and
other bulk mail.
- A modified version of Steve Patterson's "clean.quarantine" script is
included as a daily cron job. It is disabled by default. Edit it to see
how to enable it. If you edit it, it will not be over-written by later
upgrades to MailScanner.
- Written an update_virus_scanners script which updates all installed
scanners. This is called hourly, as daily wasn't often enough and RedHat
don't offer anything between hourly and daily.
- Implemented full support for BSD with installation instructions based
on the tar distribution.
- Added Swedish translation of all reports.
- Added Spanish and Slovak translation of language strings.
- Added wrapper script for inoculan.
- Added an AntiVir autoupdate script.
- Improved AntiVir parser to handle new output format.
- Sophos parser improved to detect Sophos complaining about being given
1 part of a multi-part archive. Gets flagged as a virus.
- F-Prot and F-Secure parsers improved to handle unusual virus names and
quieter handling of archives containing infected files.
- Added "$filename" variable expansion in sender warnings. Used it in
the English versions of the sender warnings.
- Completely new daemonising code to fix problems with ssh sessions
refusing to die.
- Added "startin" and "startout" parameters to init.d scripts for RedHat
and SuSE.
- Improved error reporting slightly in configuration compiler.
- Spam logging now includes the recipient domains as well as the sender.
- Incoming Queue Dirs can now be a file listing directories which
include wildcards.
- Added the message's subject line to the sender spam reports.
- Added a "sleep 5" in between the stop and start in "restart" in the
init.d script.
- Creates quarantine directories as required.
- Added link checking in code for finding incoming queue dirs.
- Added note for McAfee users about avoiding symlinks with anything even
remotely connected to McAfee itself.
- Added "Poetry" page to the web site for Nick's idle thoughts...

*Fixes*
- Fixed problem of orphaned queue files being left in incoming queue
when MailScanner child processes are killed half-way through clearing a
message.
- Fixed file locking code in Config.pm so Exim users do not have to have
the config files owned by exim.exim instead of root.root.
- Fixed Exim missing-characters-from-start-of-message bug.
- Fixed SpamAssassin "timeout 260 of 20" counter bug.
- Fixed EximDiskStore file locking bug.
- Fixed bug where unscanned messages are not properly archived if not
archiving as raw queue files.
- Fixed bug stopping Exim collecting large message batches.
- Changed default virus scanner from "sophos" to "none".
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support

More information about the MailScanner mailing list