MailScanner ANNOUNCE: stable 4.53.6 released

Julian Field MailScanner at ecs.soton.ac.uk
Mon May 1 10:24:57 IST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have just released the May release of MailScanner, version 4.53.6.

The main new improvements this month are:

- - Support for sa-update as provided with recent versions of SpamAssassin.
- - Support for the new format of headers files produced by Exim 4.61.
- - Many improvements to the handling of, and response to, Web Bugs.
- - Support for the "gunzip" command so that filetype and filename checks 
can be done on compressed files created with either the "gzip" or 
"compress" commands.
- - Support for numerical IP addresses in phishing.safe.sites.conf. Using 
this, entire servers can be whitelisted with one entry, removing the 
need to add every domain provided by that server.
- - Support for "k", "m" and "g" multipliers in MailScanner.conf so that 
entries can be written as "Max SpamAssassin Size = 30k" instead of 
"30000". "k" = 1000, "m" = 1000000, "g" = 1000000000.

You can download it as usual from
             www.mailscanner.info

The full Change Log is

* New Features and Improvements *
- - Attachment extraction now checks for available disk space and a DoS attack
  using messages with high expansion ratios will fail even quicker than it
  did before.
- - Added new setting "SpamAssassin Local State Dir" to support the sa-update
  tool provided with MailScanner these days, to provide a way of auto-
  updating the core SpamAssassin rulesets. The default value is set to what
  you need for Linux (/var/lib).
- - Added new cron job to run sa-update every night. The location of the
  sa-update program is read from /etc/sysconfig/MailScanner.
- - Added support for new header -H file format in Exim 4.61.
- - Added 2 new configuration options "Gunzip Command" and "Gunzip Timeout" to
  enable unpacking of gzip-ed files for filename and filetype checking.
  Even if this is disabled, gzip-ed files will still be virus scanned.
- - Added support for numerical entries in phishing.safe.sites.conf file.
- - Added support for optional multipliers in numbers in MailScanner.conf.
  So you can now write "50M" instead of "50000000". The multipliers 
supported
  are "k", "m" and "g" to denote 1 thousand, 1 million and 1 billion (10^9)
  in upper or lower case.
  You must *not* put any spaces between the number and the multiplier 
character.
- - Added a new configuration option "Ignored Web Bug Filenames". This allows
  you to whitelist a bunch of filenames that can appear in the URLs of
  potential web bugs. So if you decide that all potential web bugs with
  "spacer" or "pixel.gif" in the filename are just padding for page layout,
  then you can make it ignore them by adding them to this list. A sample
  list is provided in MailScanner.conf.
  This is disabled by default, as spammers may start to use this as a means
  of circumventing the Web Bug trap.
- - When Web Bugs are disarmed, the URL used to replace the original web bug
  can now be set using the new configuration option "Web Bug Replacement".
  If this is not specified, then the old value of "MailScannerWebBug" is 
used.
  The default value supplied in the MailScanner.conf file is the address of
  an untracked 1x1 pixel transparent gif (51 bytes) hosted on the 
MailScanner
  web site. This will not be tracked other than to supply an overall 
count of
  the number of hits this image gets, for overall statistical purposes.
- - Added Razor2 to the list of plugins automatically enabled by the ClamAV+SA
  easy-to-install package, due to the recent change in licence. Now if DCC
  could go the same way...
* Fixes *
- - Fixed bug in DoS attack handler. Thanks for Jorge for this.

- -- 
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)

iQA/AwUBRFXT6hH2WUcUFbZUEQJqkwCgnB2LzUyvYkHin3/aLN6I7WHsomMAn3au
BZyQSK0p+xYHKI8JQJk383/l
=qePP
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.



More information about the MailScanner mailing list