ANNOUNCE: Stable Release 4.25-11

Julian Field mailscanner at
Sat Nov 29 12:06:48 GMT 2003

G'Day all!

I have just released the latest stable version 4.25-11.

Some of the most important new features in this release are
-- the ability to "disarm" dangerous HTML tags, while leaving the bulk of
the message intact;
-- a means to throttle SMTP connections from hosts which are deluging you
with spam or viruses. You set the limit on the number of messages to
receive per hour from any given host, and mail above that limit will be
refused in the SMTP connection (sendmail only at the moment, sorry).
-- the ability to set the permissions and ownership of temporary working
files and the quarantine. This means that external systems such as a web
server can access and manage the quarantine on behalf of your users,
without the need for any risky setuid scripts.

Download as usual from

The full ChangeLog for this release is here:

29/11/2003 New in Version 4.25-11
* New Features and Improvements *
- Added support for "disarm" option on all HTML tag detectors, which will
   disarm those tags while leaving the rest of the HTML intact.
- Added support for more ways of specifying IP ranges in rulesets.
   Can now do all of:
- Added support for retrieving configuration from LDAP.
- Added support for changing uid, gid and permissions of both Incoming Work
   Dir and Quarantine Dir.
- Added facility to limit the size of any individual attachment.

- Added support for DrWeb virus scanner, courtesy of Konrad Madej
   <kmadej at>.
- Added support for Mail::ClamAV perl module, enabling ClamAV to scan without
   having to call any external programs at all.
- Panda version 7.0 supported.
- Improved ClamAV parser to handle errors printed when processing viruses
   containing corrupted zip files.
- Improved F-Prot output parser.
- Added inoculan autoupdater courtesy of "W-Mark Kubacki" <wmark at>.
- Improved bitdefender-autoupdate script to support BitDefender 7 rather

- Greatly improved IPBlock code that throttles incoming SMTP connections
   when a host sends too many messages per hour. Now support netblocks in all
   sorts of different formats, and is enormously faster than previous code.
   It works much more reliably and effectively too. See
- Changed SpamAssassin timeout handler to kill processes and not process group.
- Improved documentation in virus.scanners.conf.
- Improved documentation of "disarm" configuration settings.
- Added optimisation to LDAP ruleset compiler that identifies 1-line rulesets
   which hold the default value.
- Improved Linux script so it spots *.rpmnew files in amongst
   -wrapper and -autoupdate scripts.
- Added 'spamblacklisted' message property for use by MailWatch.
- Added a new Custom Function to provide multiple outgoing queues for spam,
   high-scoring spam, and real email.
- Improved Linux init.d script so the "restart" delay is configurable in
   /etc/sysconfig/MailScanner as that is preserved across upgrades.
- Improved error message when unknown virus scanner name is used.
- Added SORBS RBLs to spam.lists.conf.
- Added some subject line sanity checks to cope with Outlook's bizarre
- Added speed logging of different parts of the processing of a batch.
   See the new "Log Speed" configuration setting.
- Changed error handling in ruleset parser so it doesn't die if it finds
   syntax errors, it now just warns you instead.
- Improved syntax checking of rules in configuration ruleset files.

* Fixes*
- RPM distribution script now checks and creates pod2text properly.
- Fixed bug whereby the same message files could be deleted more than once,
   which could delete unprocessed messages using MTAs that name files after
   the inode and not the time.
- Syslogging should now start successfully on all versions of Solaris and IRIX.
- Bug fix in Postfix file handling code from Stefan Baltus which will
   hopefully patch up the last Solaris Postfix problem.
- Fixed bug causing uid+gid to be ignored when quarantining whole messages.
- Fixed bug causing Maximum Message Size not to be enforced properly.
- Fixed bug where sender of bulk precedence mail would be sent some warnings
   if their mail was identified as spam.
Julian Field
Professional Support Services at
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC  7222 11F6 5947 1415 B654

More information about the MailScanner mailing list