ANNOUNCE: Beta release 4.25-6

Denis Beauchemin Denis.Beauchemin at USHERBROOKE.CA
Mon Nov 10 20:50:10 GMT 2003


I am testing the new disarming features and they do not seem to work
(they are blocked):
Nov 10 15:41:15 dbeauchemin MailScanner[1993]: New Batch: Scanning 1 messages, 1579 bytes
Nov 10 15:41:15 dbeauchemin MailScanner[1993]: Spam Checks: Starting
Nov 10 15:41:15 dbeauchemin MailScanner[1993]: Virus and Content Scanning: Starting
Nov 10 15:41:16 dbeauchemin MailScanner[1993]: Content Checks: Detected HTML-specific exploits in hAAKfE4N002024
Nov 10 15:41:16 dbeauchemin MailScanner[1993]: Content Checks: Found 1 problems
Nov 10 15:41:16 dbeauchemin MailScanner[1993]: Saved entire message to /quarantaine/autres/20031110/hAAKfE4N002024
Nov 10 15:41:16 dbeauchemin MailScanner[1993]: Saved infected "message2" to /quarantaine/autres/20031110/hAAKfE4N002024
# cat /quarantaine/autres/20031110/hAAKfE4N002024/message2
<title>Bulletin PROFETIC</title>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<form method='GET' action='nouveautes.php3'>
<input type="hidden" name="recalcul" value="oui">
<input type='submit' class='spip_bouton' name='submit' value='Recalculer cette page'></form>

Now for my MS settings:
Silent Viruses = All-Viruses HTML-IFrame HTML-Codebase HTML-Form
Allow Form Tags = disarm

I was initially using a ruleset for the Allow Form Tags but it wasn't
working...  I simplified it a bit but still no go.


Le ven 07/11/2003 à 09:47, Julian Field a écrit :
> Folks,
> I have added support for changing the uid, gid and permissions on files and
> directories within the quarantine area and "incoming work dir" temporary
> files area.
> I would appreciate it if people could try it out on their own favourite MTA
> and confirm if it all works okay.
> This release also includes the ClamAV parsing improvement from a couple of
> days ago.
> Download, as usual, from
> ChangeLog is this:
> 7/11/2003 New in Version 4.25-6
> ===============================
> * New Features and Improvements *
> - Panda version 7.0 supported.
> - Added dependency on Net::CIDR module so could add support for more ways of
>    specifying IP ranges in rulesets. Can now do all of:
>          152.78.
>          /^152\.78/
> - Added support for "disarm" option on all HTML tag detectors, which will
>    disarm those tags while leaving the rest of the HTML intact.
> - Added support for retrieving configuration from LDAP.
> - Changed SpamAssassin timeout handler to kill processes and not process group.
> - Added support for changing uid, gid and permissions of both Incoming Work
>    Dir and Quarantine Dir.
> - Improved ClamAV parser to handle errors printed when processing viruses
>    containing corrupted zip files.
> * Fixes*
> - RPM distribution script now checks and creates pod2text properly.
> - Fixed bug whereby the same message files could be deleted more than once,
>    which could delete unprocessed messages using MTAs that name files after
>    the inode and not the time.
> --
> Julian Field
> MailScanner thanks transtec Computers for their support
> PGP footprint: EE81 D763 3DB0 0BFD E1DC  7222 11F6 5947 1415 B654
Denis Beauchemin, analyste
Université de Sherbrooke, S.T.I.
T: 819.821.8000x2252 F: 819.821.8045

More information about the MailScanner mailing list