Release 4.62.7 beta

Julian Field MailScanner at ecs.soton.ac.uk
Sat Jul 28 20:17:49 IST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have just released another beta, 4.62.7.
Download as usual from www.mailscanner.info.

- -- The ability to skip spam checks if there is a valid watermark has 
returned. If you have more than 1 MX with MailScanner on it, this can be 
used to avoid doing multiple sets of spam checks. It will do it on the 
first MailScanner the message hits, and skip them on subsequent 
MailScanners.

- -- "ClamAV Full Message Scan = yes" will make ClamAV get the full 
message as 1 file, so all the ClamAV 'type 4' signatures which spot spam 
will always work reliably. This will help you a lot if you are using the 
sanesecurity signatures or any others like it. If you're not using this, 
I strongly recommend it as it will help a lot with your spam detection.

As the Change Log is now so enormous, there will be a stable release at 
the start of August. But please do still test this release for me! I 
rely on your help for this, please don't let me down.

The full Change Log for this version is now this:

* New Features and Improvements *
1 Improved non-Linux installer.
1 Improved Linux installer.
1 Updated OpenBSD installation guide. Thanks to Jeremy Evans for this.
1 Upgraded MIME::Base64 to 3.07.
1 Improved error reporting for clamd permissions problems. Thanks Rick.
2 Added SAUPDATEARGS to /etc/sysconfig/MailScanner and
  /usr/sbin/update_spamassassin. For a good use of this, see
  http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt and search
  for "HOWTO" in the Subject: line of the MailScanner-discussion list 
archive.
  This process replaces RulesDuJour entirely.
  Another good ruleset to add to your setup is
  http://www.peregrinehw.com/downloads/SpamAssassin/contrib/KAM.cf
  To download this automatically every night, fetch
  http://www.mailscanner.info/files/4/KAM.cf.sh and put it in 
/etc/cron.daily
  and make it executable (type "chmod +x /etc/cron.daily/KAM.cf.sh").
3 Added "Known Web Bug Servers" so you can blacklist images from known 
servers
  of web bug services.
3 Added functionality of "milter-null" to MailScanner so you no longer 
need to
  run this separately. It is called "Watermarking" and there is a whole
  section for the settings in MailScanner.conf. They are
  Add Watermark = yes
  Skip Spam Checks If Watermark Valid = yes
  Watermark Header = MailScanner-%org-name%-Watermark:
  Watermark Lifetime = 432000 # in seconds, = 5 days
  Watermark Secret = SET-THIS-TO-A-SECRET!
  Also added Digest::MD5 to the required list of Perl modules, this is 
needed
  for the watermarking code.
3 Added optional image to the clean message signature. You can also use this
  to add an arbitrary image attachment to any message, if you so wish. The
  main point is to be able to have graphical HTML signatures on messages.
  The settings are
  Attach Image To Signature = no
  Attach Image To HTML Message Only = yes
  Signature Image Filename = %report-dir%/sig.jpg
  Signature Image <img> Filename = signature.jpg
4 Added support for Kaspersky kav4fs. Set virus.scanners.conf entry to
  point to /opt/kaspersky.
4 Changed default value to "Max SpamAssassin Size = 100k" as modern PDF 
spams
  are getting quite large, and PDFInfo.pm doesn't work with cropped 
messages.
4 Improved Clamd parser to handle Sane Security ClamAV signature databases
  which detect spam and so on from the contents of the headers, and hence
  find infections without attachment filenames. Thanks to various people for
  help with this, you know who you are :-)
4 Improved upgrade_MailScanner_conf so that it checks that the 'Monitors for
  ClamAV Updates' setting looks for inc and cvd files. Problems have 
recently
  been suffered by many due to the value of this setting being out of date.
  It doesn't automatically re-write their setting in case they have 
installed
  ClamAV somewhere odd and have customised it.
4 Changed 'Monitors for Sophos Updates' setting default value to point to
  appropriate file for Sophos version 5 and upwards, and have added check
  in upgrade_MailScanner_conf to ensure their setting now points to a new
  location. It prints a warning if sophos-av does not appear in the path.
4 Added configuration setting "SpamAssassin Rule Actions". This setting is
  very powerful and can be used to implement many things that MCP can do,
  without having the processing overhead of MCP. The documentation for it is
  in the MailScanner.conf file. Its power is limited by your imagination :-)
  Start combining it with rulesets and you can take (or _not_ take) any
  combination of actions dependent on any bit of content in the message 
or its
  headers. You could try out new SA tests by storing in quarantine every
  message that matches a new particular SpamAssassin rule (or meta-rule for
  creating more complex expressions).
5 Added "custom" spam action, which takes a parameter. This is passed 
into the
  CustomAction function in CustomAction.pm in the CustomFunctions directory.
  This can be used to implement anything your heart desires, depending 
on the
  contents of a message.
7 When clamav, clamavmodule or clamd parsers are being used and new setting
  "ClamAV Full Message Scan" is set to "yes", pass each of the entire
  messages to ClamAV as well as the attachments so that the signatures that
  detect spam can work reliably. This is set to "no" be default as it has a
  speed impact.
7 The watermark options have been tweaked and renamed a bit, and one new
  feature has been added. "upgrade_MailScanner_conf" will show you the 
renames
  and the new feature is designed to save resources on sites with more than
  1 MailScanner. Currently, if you have a message delivered to a 
secondary MX
  (with MailScanner) which relays mail to the primary MX (also with
  MailScanner) for delivery to users' mailboxes, the spam checks will be
  done twice; this is a waste of resources. The new setting "Check 
Watermarks
  To Skip Spam Checks = yes" will remove this waste by skipping the spam
  checks on the primary MX as the secondary has already done them.

* Fixes *
2-2 Fixed error in RPM installer.
2-3 Fixed error in update_spamassassin.
3-2 The watermarking code should do something now :-)
3-3 Rewrote the watermarking docs so they reflect the truth.
4   --lint now reads all the Custom Functions properly.
4   Bug in auto-zip fixed where attachments could be deleted without being
    added to zip. Thanks to Matt Hampton.
4   Bug with '-' in HTML attribute names confusing phishing net fixed. 
Thanks
    to John Wilcock.
5   Fixed 2 bugs in MSRBL clamav-signature handler. Thanks to UxBoD.
6   Fixed bug from October 2006 involving McAfee finding infections in 
headers.
7   Fixed bug when unpacking TNEF files with external decoder.
7   Fixed 'monitor files' check in upgrade_MailScanner_conf so it 
doesn't check
    inadvertently when doing an upgrade_languages_conf.

Jules

- -- 
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)
Charset: ISO-8859-1

wj8DBQFGq5ZeEfZZRxQVtlQRAhuGAJ9yRrrL8XOYf4Q7LT4CBV+AcGtcYQCghKhd
ml+GerQHlzQWtue03N4r4X4=
=o/5z
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk



More information about the MailScanner mailing list