MailScanner ANNOUNCE: stable 4.53.6 released
Julian Field
MailScanner at ecs.soton.ac.uk
Mon May 1 10:24:57 IST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have just released the May release of MailScanner, version 4.53.6.
The main new improvements this month are:
- - Support for sa-update as provided with recent versions of SpamAssassin.
- - Support for the new format of headers files produced by Exim 4.61.
- - Many improvements to the handling of, and response to, Web Bugs.
- - Support for the "gunzip" command so that filetype and filename checks
can be done on compressed files created with either the "gzip" or
"compress" commands.
- - Support for numerical IP addresses in phishing.safe.sites.conf. Using
this, entire servers can be whitelisted with one entry, removing the
need to add every domain provided by that server.
- - Support for "k", "m" and "g" multipliers in MailScanner.conf so that
entries can be written as "Max SpamAssassin Size = 30k" instead of
"30000". "k" = 1000, "m" = 1000000, "g" = 1000000000.
You can download it as usual from
www.mailscanner.info
The full Change Log is
* New Features and Improvements *
- - Attachment extraction now checks for available disk space and a DoS attack
using messages with high expansion ratios will fail even quicker than it
did before.
- - Added new setting "SpamAssassin Local State Dir" to support the sa-update
tool provided with MailScanner these days, to provide a way of auto-
updating the core SpamAssassin rulesets. The default value is set to what
you need for Linux (/var/lib).
- - Added new cron job to run sa-update every night. The location of the
sa-update program is read from /etc/sysconfig/MailScanner.
- - Added support for new header -H file format in Exim 4.61.
- - Added 2 new configuration options "Gunzip Command" and "Gunzip Timeout" to
enable unpacking of gzip-ed files for filename and filetype checking.
Even if this is disabled, gzip-ed files will still be virus scanned.
- - Added support for numerical entries in phishing.safe.sites.conf file.
- - Added support for optional multipliers in numbers in MailScanner.conf.
So you can now write "50M" instead of "50000000". The multipliers
supported
are "k", "m" and "g" to denote 1 thousand, 1 million and 1 billion (10^9)
in upper or lower case.
You must *not* put any spaces between the number and the multiplier
character.
- - Added a new configuration option "Ignored Web Bug Filenames". This allows
you to whitelist a bunch of filenames that can appear in the URLs of
potential web bugs. So if you decide that all potential web bugs with
"spacer" or "pixel.gif" in the filename are just padding for page layout,
then you can make it ignore them by adding them to this list. A sample
list is provided in MailScanner.conf.
This is disabled by default, as spammers may start to use this as a means
of circumventing the Web Bug trap.
- - When Web Bugs are disarmed, the URL used to replace the original web bug
can now be set using the new configuration option "Web Bug Replacement".
If this is not specified, then the old value of "MailScannerWebBug" is
used.
The default value supplied in the MailScanner.conf file is the address of
an untracked 1x1 pixel transparent gif (51 bytes) hosted on the
MailScanner
web site. This will not be tracked other than to supply an overall
count of
the number of hits this image gets, for overall statistical purposes.
- - Added Razor2 to the list of plugins automatically enabled by the ClamAV+SA
easy-to-install package, due to the recent change in licence. Now if DCC
could go the same way...
* Fixes *
- - Fixed bug in DoS attack handler. Thanks for Jorge for this.
- --
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)
iQA/AwUBRFXT6hH2WUcUFbZUEQJqkwCgnB2LzUyvYkHin3/aLN6I7WHsomMAn3au
BZyQSK0p+xYHKI8JQJk383/l
=qePP
-----END PGP SIGNATURE-----
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.
More information about the MailScanner
mailing list