Release 4.63.4

Julian Field MailScanner at
Mon Aug 27 12:17:24 IST 2007

Hi folks!

I hope all of you in the UK are having a nice day off, it's the last one 
before Christmas :-(

I have just released beta 4.63.4, which will turn into the stable 
release at the start of September, unless anything important happens 
before then.

The new feature in this release that is not in the previous beta is that 
in the "SpamAssassin Rule Actions" feature, you can now specify a 
comma-separated list of actions for each each RULE=>action statement in 
it, saving you having to specify the RULE once for each action.

Please let me know of any bugs in this release, as I want to get them 
fixed before the stable release on 1st September.

Download as usual from

The full Change Log for this release is this:

* New Features and Improvements *
1 Improved init.d script, so that 'service MailScanner restart' or
  '/etc/init.d/MailScanner restart' runs faster. It pauses for just long
  enough for the old MailScanner to die gracefully, and starts up the 
new one
  as soon as the old one has died. Previously, it just waited for a fixed
  length of time which was much longer than needed for most people.
1 Improved tar installer so the directory created for MailScanner 
includes the
  build revision number as well as the main version number.
1 Improved phishing net logging to log entire real URL not just hostname.
1 Improvement to update_spamassassin to stop cron-generated mail.
1 New setting "Phishing Bad Sites File" which is a live continuously-updated
  list of known bad sites that have been reported to various mechanisms 
  the world. Please don't ask me for more information as I can't give it to
  you, but every site on the list has been manually tested and the list 
can be
  relied upon. Your installation should update this file every hour.
  NOTE: Run upgrade_languages_conf after installing this upgrade!
2 Reduce default "Restart Every" time to 2 hours so that updates to the
  known bad phishing sites list are re-read more frequently.
2 Added *.fdf to the list of dangerous filenames. Opening a .fdf file can
  cause the loading of any file on the internet into Adobe Acrobat.
2 Added 2 new variables to the sender reports: $size = size of message 
in bytes
  and $maxmessagesize = maximum allowed size of this message in bytes.
2 Added new setting "Check Filenames In Password-Protected Archives = 
yes" so
  that the filename checks can be suppressed on encrypted archives to allow
  a few people to get exe's and so on through the mail as part of their
  business needs. Normally leave this setting at "yes".
2 Added new setting "Include Binary Attachments In SpamAssassin = no" which
  can be used to tell SpamAssassin to look at all attachments, not just the
  ones containing text (or HTML, etc) which is its normal behaviour.
  Changing this setting to "yes" will have no effect without a patch to the
  SpamAssassin code, which you can fetch from
  It will slightly slow down SpamAssassin some of the time, and is therefore
  disabled by default.
  This can be very useful if you want to look for rude or derogatory content
  in messages, and do not want the huge speed impact of using MCP. It can
  successfully scan the content of Microsoft Word documents, for example. It
  won't be effective on PDF files however, as these are compressed 
  so there is no readable text anywhere in the file.
3 Added a long $PATH to f-prot-autoupdate so we can find wget on most OS-es
  including Solaris.
3 Improved Sophos.install to disable the savupdate cron job and switch off
  the unwanted Sophos services.
3 Added a feature to the "SpamAssassin Rule Actions". You can now specify
  "SpamScore" and a number comparison, instead of just giving a SpamAssassin
  rule name. So you can say
  SpamAssassin Rule Actions = SpamScore>25=>delete
  and this will cause all messages scoring over 25 to be deleted. You 
can use
  this to set different actions at different spam scores, in addition to the
  normal spam actions and high-scoring spam actions. The numerical tests you
  can use are ">", ">=", "==", "<=" and "<".
4 The "action" in each "RULE=>action" in "SpamAssassin Rule Actions" can now
  be a comma-separated list of actions, so you can easily specify multiple
  actions per rule.

* Fixes *
1 Improvement to phishing net to allow HTML tags with contents split over
  multiple lines.
1 Changed options to ClamAVmodule so it doesn't hit false positives with the
  phishing and scam email detection signatures.
1-2 Fixed bug where --lint gives "MailScanner.conf file not found" error.
2 Stopped writing a PID file when "MailScanner --lint" is run.
2 update_spamassassin no longer produces any output, so no crond email.
2 Fixed bug where clamavmodule scanner name wouldn't always be logged 
2 Bugfix in ZMailer support from Leonardo Helman.
3 Force installation of perl-Getopt-Long to try to solve the problems with
  command-line options producing 'config file not found' errors.
3 Commented out sample rules in max.message.size.rules file.
3 Fixed MailScanner.conf Sophos-specific settings for Sophos 5.


Julian Field MEng CITP
Buy the MailScanner book at

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit

More information about the MailScanner mailing list