ANNOUNCE: Version 4.22-4 released

Julian Field mailscanner at
Tue Jul 1 18:34:46 IST 2003


I have just posted the new stable release 4.22-4 on the website.

Major new features this time are
- filetype detection regardless of filename, allowing you to allow/deny
files of different type.
- control over HTML forms in email messages, which have been used recently
to try to extract passwords and credit card details from unwitting users.
- control over the maximum size of any message, so you can limit the size
of messages for dial-up users for example.

Download it from as usual.

All comments to me or the list.

The full ChangeLog is this:
* New Features and Improvements *
- Added support for checking file content types regardless of their filename.
   This uses the "file" command to work out the types of different files.
   New additions to MailScanner.conf are "file command", "file timeout",
   "filetype rules" (which work just like filename rules) and "log permitted
- Added "Allow Form Tags" configuration option to ban HTML forms from email.
   Requires almost no additional CPU load and is useful protection.
- Added "Maximum Message Size" configuration option to limit the size of
   messages for certain users. Handy for dialup users to save their download
   phone bills. Obviously it works with a ruleset.
- "Spam Actions", "High Scoring Spam Actions" and "Non Spam Actions" are now
   set up so that the first matching rule will be used, rather than the sum of
   all the matching rules. This means you can have 1 setting for a domain, but
   before that have a rule for an individual user that over-rides the domain
- MailScanner.conf file can now include "%name% = value" definition lines.
   These "%name%" variables can then be used later in the MailScanner.conf
   file and the rulesets, where they will be substituted with the appropriate
   "value". This greatly eases switching languages.
- Sophos.install script improved to make new versions work with sophossavi.
- f-prot-autoupdate script improved to handle new F-Prot version 4.
- Added bitdefender-autoupdate script from Alessandro Bianchi.
- Added "default" overall black- and white-lists to per-domain black/whitelist
   code in
- Added code to to implement internal-only accounts that
   cannot send mail to external addresses.
- Improved comments in MailScanner.conf for "Max Children" setting.
- Added (commented out) instruction to not use Bayesian stats engine in
   MailScanner, with a comment about its need.

* Fixes *
- "channel error" detection bug in ZMailer support fixed.
- All sender.* reports now have To: From: and Subject: in English to keep
   sendmail and e-mail applications happy.
- "$reportword" appearing in Postmaster notices fixed.
- Added call to get logging working properly in clamav-autoupdate.
- RBLs are converted to lower-case when read from MailScanner.conf.
- Fix in signing clean messages containing single uuencoded attachments that
   are then read using certain versions of Outlook 97.
- MailScanner does not support Postfix without hashed queues. This situation
   is detected and reported if it is found.
   By default in all recent releases of Postfix (both 1.x and 2.x) hashed
   queues are enabled, so just don't disable them.
Julian Field
Professional Support Services at
MailScanner thanks transtec Computers for their support

More information about the MailScanner mailing list