MailScanner ANNOUNCE: stable 4.53.6 released

Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem root at doctor.nl2k.ab.ca
Mon May 1 21:26:59 IST 2006


On Mon, May 01, 2006 at 11:37:09AM -0700, Scott Silva wrote:
> Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem
> spake the following on 5/1/2006 11:13 AM:
> > On Mon, May 01, 2006 at 06:47:04PM +0100, Julian Field wrote:
> Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem
> spake the following on 5/1/2006 11:13 AM:
> > On Mon, May 01, 2006 at 06:47:04PM +0100, Julian Field wrote:
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA1
> >>
> >>
> >>
> >> Dave Shariff Yadallee - System Administrator a.k.a. The Root of the 
> >> Problem wrote:
> >>> On Mon, May 01, 2006 at 06:18:11PM +0200, Jim Holland wrote:
> >>>   
> >>>> Hi Julian
> >>>>
> >>>> Thanks for the new version, however the links to the PGP signatures on 
> >>>> your site give a 404 Not found error.  Please check.
> >>>>
> >>>> Regards
> >>>>
> >>>> Jim Holland
> >>>> System Administrator
> >>>> MANGO - Zimbabwe's non-profit e-mail service
> >>>>
> >>>> On Mon, 1 May 2006, Julian Field wrote:
> >>>>
> >>>>     
> >>>>> -----BEGIN PGP SIGNED MESSAGE-----
> >>>>> Hash: SHA1
> >>>>>
> >>>>> I have just released the May release of MailScanner, version 4.53.6.
> >>>>>
> >>>>> The main new improvements this month are:
> >>>>>
> >>>>> - - Support for sa-update as provided with recent versions of SpamAssassin.
> >>>>> - - Support for the new format of headers files produced by Exim 4.61.
> >>>>> - - Many improvements to the handling of, and response to, Web Bugs.
> >>>>> - - Support for the "gunzip" command so that filetype and filename checks 
> >>>>> can be done on compressed files created with either the "gzip" or 
> >>>>> "compress" commands.
> >>>>> - - Support for numerical IP addresses in phishing.safe.sites.conf. Using 
> >>>>> this, entire servers can be whitelisted with one entry, removing the 
> >>>>> need to add every domain provided by that server.
> >>>>> - - Support for "k", "m" and "g" multipliers in MailScanner.conf so that 
> >>>>> entries can be written as "Max SpamAssassin Size = 30k" instead of 
> >>>>> "30000". "k" = 1000, "m" = 1000000, "g" = 1000000000.
> >>>>>
> >>>>> You can download it as usual from
> >>>>>              www.mailscanner.info
> >>>>>
> >>>>> The full Change Log is
> >>>>>
> >>>>> * New Features and Improvements *
> >>>>> - - Attachment extraction now checks for available disk space and a DoS attack
> >>>>>   using messages with high expansion ratios will fail even quicker than it
> >>>>>   did before.
> >>>>> - - Added new setting "SpamAssassin Local State Dir" to support the sa-update
> >>>>>   tool provided with MailScanner these days, to provide a way of auto-
> >>>>>   updating the core SpamAssassin rulesets. The default value is set to what
> >>>>>   you need for Linux (/var/lib).
> >>>>> - - Added new cron job to run sa-update every night. The location of the
> >>>>>   sa-update program is read from /etc/sysconfig/MailScanner.
> >>>>> - - Added support for new header -H file format in Exim 4.61.
> >>>>> - - Added 2 new configuration options "Gunzip Command" and "Gunzip Timeout" to
> >>>>>   enable unpacking of gzip-ed files for filename and filetype checking.
> >>>>>   Even if this is disabled, gzip-ed files will still be virus scanned.
> >>>>> - - Added support for numerical entries in phishing.safe.sites.conf file.
> >>>>> - - Added support for optional multipliers in numbers in MailScanner.conf.
> >>>>>   So you can now write "50M" instead of "50000000". The multipliers 
> >>>>> supported
> >>>>>   are "k", "m" and "g" to denote 1 thousand, 1 million and 1 billion (10^9)
> >>>>>   in upper or lower case.
> >>>>>   You must *not* put any spaces between the number and the multiplier 
> >>>>> character.
> >>>>> - - Added a new configuration option "Ignored Web Bug Filenames". This allows
> >>>>>   you to whitelist a bunch of filenames that can appear in the URLs of
> >>>>>   potential web bugs. So if you decide that all potential web bugs with
> >>>>>   "spacer" or "pixel.gif" in the filename are just padding for page layout,
> >>>>>   then you can make it ignore them by adding them to this list. A sample
> >>>>>   list is provided in MailScanner.conf.
> >>>>>   This is disabled by default, as spammers may start to use this as a means
> >>>>>   of circumventing the Web Bug trap.
> >>>>> - - When Web Bugs are disarmed, the URL used to replace the original web bug
> >>>>>   can now be set using the new configuration option "Web Bug Replacement".
> >>>>>   If this is not specified, then the old value of "MailScannerWebBug" is 
> >>>>> used.
> >>>>>   The default value supplied in the MailScanner.conf file is the address of
> >>>>>   an untracked 1x1 pixel transparent gif (51 bytes) hosted on the 
> >>>>> MailScanner
> >>>>>   web site. This will not be tracked other than to supply an overall 
> >>>>> count of
> >>>>>   the number of hits this image gets, for overall statistical purposes.
> >>>>> - - Added Razor2 to the list of plugins automatically enabled by the ClamAV+SA
> >>>>>   easy-to-install package, due to the recent change in licence. Now if DCC
> >>>>>   could go the same way...
> >>>>> * Fixes *
> >>>>> - - Fixed bug in DoS attack handler. Thanks for Jorge for this.
> >>>>>
> >>>>> - -- 
> >>>>> Julian Field
> >>>>> www.MailScanner.info
> >>>>> Buy the MailScanner book at www.MailScanner.info/store
> >>>>> Professional Support Services at www.MailScanner.biz
> >>>>> MailScanner thanks transtec Computers for their support
> >>>>>
> >>>>> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> >>>>>
> >>>>>
> >>>>> -----BEGIN PGP SIGNATURE-----
> >>>>> Version: PGP Desktop 9.0.6 (Build 6060)
> >>>>>
> >>>>> iQA/AwUBRFXT6hH2WUcUFbZUEQJqkwCgnB2LzUyvYkHin3/aLN6I7WHsomMAn3au
> >>>>> BZyQSK0p+xYHKI8JQJk383/l
> >>>>> =qePP
> >>>>> -----END PGP SIGNATURE-----
> >>>>>
> >>>>>
> >>>>>       
> >>>> -- 
> >>>> MailScanner mailing list
> >>>> mailscanner at lists.mailscanner.info
> >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> >>>>
> >>>> Before posting, read http://wiki.mailscanner.info/posting
> >>>>
> >>>> Support MailScanner development - buy the book off the website! 
> >>>>
> >>>> -- 
> >>>> This message has been scanned for viruses and
> >>>> dangerous content by MailScanner, and is
> >>>> believed to be clean.
> >>>>     
> >>>
> >>> Julian is Filesys-Statvfs_Statfs_Df
> >>>
> >>> GOingto be intrical to MailScanner?
> >>>   
> >> intrical? intrinsically critical?
> >>> If so, someone please tell me how I can correct:
> >>>
> >>>  make test
> >>> PERL_DL_NONLAZY=1 /usr/bin/perl "-Iblib/lib" "-Iblib/arch" test.pl
> >>> 1..3
> >>> /usr/bin/perl: can't resolve symbol 'statvfs'
> >>> Can't load 'blib/arch/auto/Filesys/Statvfs/Statvfs.so' for module Filesys::Statvfs: Unable to resolve symbol at /usr/libdata/perl5/5.8.8/i386-bsdos/DynaLoader.pm line 230.
> >>>  at test.pl line 12
> >>> Compilation failed in require at test.pl line 12.
> >>> BEGIN failed--compilation aborted at test.pl line 12.
> >>> not ok 1
> >>> *** Error code 2
> >>>
> >>> Stop.                                                          
> >> That's not good. Please file a bug with the author of Filesys::Df. It 
> >> appears it fails under BSD :-(
> >>
> >> To work around it for now, find where Message.pm has been put on your 
> >> BSD system (possibly /opt/MailScanner/lib/MailScanner/Message.pm or 
> >> /usr/lib/MailScanner/MailScanner/Message.pm?) and edit it.
> >>
> >> Change line 1663 from
> >>   my $df  = df($dir, 1024);
> >> to
> >>   my $df = undef;
> >>
> >> and then restart MailScanner. This will just eliminate the check. Make 
> >> sure you don't run out of disk space :-)
> >>
> >> - -- 
> > 
> > Don't run out of Disk Space??
> > 
> > Can we have an explanation?
> That module reports on file system usage. MailScanner must use it to make sure
> there is adequate space before it does some options.
>

Got you.  Why not use /tmp?
 
> 
> -- 
> 
> MailScanner is like deodorant...
> You hope everybody uses it, and
> you notice quickly if they don't!!!!
> 
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> 
> Before posting, read http://wiki.mailscanner.info/posting
> 
> Support MailScanner development - buy the book off the website! 
> 
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> 

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list