ANNOUNCE: Stable 4.24 released

Erik Jakobsen eja at URBAKKEN.DK
Mon Oct 6 11:24:13 IST 2003 

Julian Field wrote:
> Morning all!
> 
> I have just posted 4.24-5 on the website.
> 
> Major improvements this time are, for example,
> 
> --  Emergency queue-handling mode for rapid processing of very large mail
> queues.
> --  Check of number of attachments on a message to prevent a DoS attack.
> --  New rule type in Filename and Filetype checking, so some files can just
> be deleted and not quarantined, which saves disk space.
> --  Several new example Custom Functions to implement things like per-IP
> messages per hour to save you being bombarded with viruses from just a few
> IP addresses, high speed implementation of several configuration options
> which will work faster when using huge rulesets.
> 
> There are loads of other improvements as well.
> 
> When upgrading your MailScanner.conf using upgrade_MailScanner_conf, please
> read the usage message carefully. By default it will now not copy all the
> comments from the old file to the new one, so that you get to see any new
> features in the behaviour of configuration options. If you want to use all
> the old comments instead of the new ones, you need to add "--keep-comments"
> to the command line.
> 
> Download it from www.mailscanner.info.
> 
> The ChangeLog is here:
> 
> * New Features and Improvements *
> - Added option "SpamScore Number Instead Of Stars" so that the spam stars
>   header can be replaced by a number specifying the score instead.
> - Added "Max Normal Queue Size" setting so that MailScanner will switch 
> into
>   a faster mode when collecting messages. This will stop it processing
>   messages in order of date, and just pick them apparently randomly from 
> the
>   queue. This may delay some messages considerably, so set it so it is only
>   used in emergencies. It should be at least several thousand. After the 
> queue
>   has shrunk below the threshold size, it continues to stay in this mode 
> for
>   another 40 batches in an attempt to completely clear the queue.
> - Added "Maximum Attachments Per Message" setting so that messages which
>   accidentally have thousands of attachments are rejected. I have seen this
>   happen on 1 MTA when repeatedly bouncing a message between 2 addresses,
>   enclosing the headers in a new attachment every time.
> - Filename and Filetype allow/deny rules files now have a third option in
>   addition to 'deny' and 'allow', you can now do 'deny+delete' (or any word
>   containing 'deny' and 'delete'). This will stop the denied attachment
>   from being quarantined. Very useful against Sobig worm as you can
>   'deny+delete \.pif$' to simply strip all PIF files without quarantining
> them.
> - Added Custom Function to implement per-IP messages-per-hour rate 
> limiting.
>   See CustomConfig.pm for more details (IPBlock).
> - Added Custom Function to implement high-speed "spam List" and "Spam 
> Domain
>   List" lookups for use with very large rulesets. There are some 
> restrictions
>   on the types of rule you are allowed, see the code comments for more
>   details (FastSpamList and FastSpamDomainList).
> - The subject line text for tagging spam can now include "_SCORE_" which 
> will
>   be replaced with the numeric spam score.
> - For use with the "attachment" spam action, changed "digest" to "report"
>   to encourage MUAs to display the message correctly.
> - Improved handling of "Filename Rules" and "Filetype Rules" so they are
>   just-in-time compiled, which is needed when using Custom Functions for 
> them.
> 
> - Added support for Kaspersky 4.5.0. This is totally different to all
>   previous versions, bless them :( It's more sane though.
> - Sophos-autoupdate fixed up for Sophos 3.74 and its international swpmess
> file.
> - Improved sophos-wrapper to handle multi-lingual output of Sophos 3.74.
> - Updated F-Secure parser for 4.51.
> - Added Solaris check to update_virus_scanners for xpg4 path.
> - New update to Tony Finch's mcafee-autoupdate script.
> - F-Prot updater improved so downloading happens while MailScanner is 
> running
>   normally. Lock out only happens for a fraction of a second.
> - Improved rav-autoupdate so it times out after 5 minutes.
> - Changed default waiting time in init.d script restart operation to 10 
> secs.
> 
> - Added client IP address logging of infected messages.
> - Changed the default values relating to warning senders about what 
> happened
>   to their message.
> - eTrust added to OS vs virus-scanners grid table.
> - Added new Debian package to downloads and news.
> - Dutch reports updated with better translations.
> - Spanish reports updated with better translations.
> - Documentation now includes link to Mail Process Flow Diagram.
> - Added "--keep-comments" command-line option to "upgrade_MailScanner_conf"
>   command. By default this is off so you get to read about all the new
>   whizzy options that can be used with existing configuration options.
> 
> * Fixes*
> - Opened logging in f-prot-autoupdate so status logging happens.
> - Fixed typo in Config.pm.
> - changed SA and MCP pre-compilation code so it should now handle the 
> bugs in
>   this area of SpamAssassin. Am awaiting response on a fix to SA for this.
> - Undone previous fix, SA have fixed their code in RC4.
> - Oh no they haven't. Still buggy in their released code too :-(
> - Fixed bug in quote replacement in SQL logging in CustomConfig.pm.
> - Fixed typo in log text in 1 rule in filename.rules.conf.
> - Added fix for bug in message handling on busy Postfix systems.
> -- 
> Julian Field
> www.MailScanner.info
> MailScanner thanks transtec Computers for their support
> PGP footprint: EE81 D763 3DB0 0BFD E1DC  7222 11F6 5947 1415 B654
> 
> 
Hi. I have searched the whole area I think, but I canøt find the 
"upgrade_Mailscanner_conf" file. Nor the usage message.

Where has it been placed ?.

Sorry for the incovenience.
-- 

/Erik

More information about the MailScanner mailing list