Release beta 4.62.8
Julian Field
MailScanner at ecs.soton.ac.uk
Mon Jul 30 11:56:56 IST 2007
I have just released another new beta, due to a typo in the code in the
previous one.
-- As well as fixing that error, you should now find that "MailScanner
--lint" does rather more than it used to. It now checks that your
installed virus scanners actually successfully detect a virus.
-- "Virus Scanners = auto" now handles multiple different types of
installation of ClamAV and will use clamd in preference, else
clamavmodule, else clamav.
Download as usual from www.mailscanner.info.
The full Change Log is now this (enormous!)
* New Features and Improvements *
1 Improved non-Linux installer.
1 Improved Linux installer.
1 Updated OpenBSD installation guide. Thanks to Jeremy Evans for this.
1 Upgraded MIME::Base64 to 3.07.
1 Improved error reporting for clamd permissions problems. Thanks Rick.
2 Added SAUPDATEARGS to /etc/sysconfig/MailScanner and
/usr/sbin/update_spamassassin. For a good use of this, see
http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt and search
for "HOWTO" in the Subject: line of the MailScanner-discussion list
archive.
This process replaces RulesDuJour entirely.
Another good ruleset to add to your setup is
http://www.peregrinehw.com/downloads/SpamAssassin/contrib/KAM.cf
To download this automatically every night, fetch
http://www.mailscanner.info/files/4/KAM.cf.sh and put it in
/etc/cron.daily
and make it executable (type "chmod +x /etc/cron.daily/KAM.cf.sh").
3 Added "Known Web Bug Servers" so you can blacklist images from known
servers
of web bug services.
3 Added functionality of "milter-null" to MailScanner so you no longer
need to
run this separately. It is called "Watermarking" and there is a whole
section for the settings in MailScanner.conf. They are
Add Watermark = yes
Skip Spam Checks If Watermark Valid = yes
Watermark Header = MailScanner-%org-name%-Watermark:
Watermark Lifetime = 432000 # in seconds, = 5 days
Watermark Secret = SET-THIS-TO-A-SECRET!
Also added Digest::MD5 to the required list of Perl modules, this is
needed
for the watermarking code.
3 Added optional image to the clean message signature. You can also use this
to add an arbitrary image attachment to any message, if you so wish. The
main point is to be able to have graphical HTML signatures on messages.
The settings are
Attach Image To Signature = no
Attach Image To HTML Message Only = yes
Signature Image Filename = %report-dir%/sig.jpg
Signature Image <img> Filename = signature.jpg
4 Added support for Kaspersky kav4fs. Set virus.scanners.conf entry to
point to /opt/kaspersky.
4 Changed default value to "Max SpamAssassin Size = 100k" as modern PDF
spams
are getting quite large, and PDFInfo.pm doesn't work with cropped
messages.
4 Improved Clamd parser to handle Sane Security ClamAV signature databases
which detect spam and so on from the contents of the headers, and hence
find infections without attachment filenames. Thanks to various people for
help with this, you know who you are :-)
4 Improved upgrade_MailScanner_conf so that it checks that the 'Monitors for
ClamAV Updates' setting looks for inc and cvd files. Problems have
recently
been suffered by many due to the value of this setting being out of date.
It doesn't automatically re-write their setting in case they have
installed
ClamAV somewhere odd and have customised it.
4 Changed 'Monitors for Sophos Updates' setting default value to point to
appropriate file for Sophos version 5 and upwards, and have added check
in upgrade_MailScanner_conf to ensure their setting now points to a new
location. It prints a warning if sophos-av does not appear in the path.
4 Added configuration setting "SpamAssassin Rule Actions". This setting is
very powerful and can be used to implement many things that MCP can do,
without having the processing overhead of MCP. The documentation for it is
in the MailScanner.conf file. Its power is limited by your imagination :-)
Start combining it with rulesets and you can take (or _not_ take) any
combination of actions dependent on any bit of content in the message
or its
headers. You could try out new SA tests by storing in quarantine every
message that matches a new particular SpamAssassin rule (or meta-rule for
creating more complex expressions).
5 Added "custom" spam action, which takes a parameter. This is passed
into the
CustomAction function in CustomAction.pm in the CustomFunctions directory.
This can be used to implement anything your heart desires, depending
on the
contents of a message.
7 When clamav, clamavmodule or clamd parsers are being used and new setting
"ClamAV Full Message Scan" is set to "yes", pass each of the entire
messages to ClamAV as well as the attachments so that the signatures that
detect spam can work reliably. This is set to "no" be default as it has a
speed impact.
7 The watermark options have been tweaked and renamed a bit, and one new
feature has been added. "upgrade_MailScanner_conf" will show you the
renames
and the new feature is designed to save resources on sites with more than
1 MailScanner. Currently, if you have a message delivered to a
secondary MX
(with MailScanner) which relays mail to the primary MX (also with
MailScanner) for delivery to users' mailboxes, the spam checks will be
done twice; this is a waste of resources. The new setting "Check
Watermarks
To Skip Spam Checks = yes" will remove this waste by skipping the spam
checks on the primary MX as the secondary has already done them.
7 "Virus Scanners = auto" will detect multiple types of ClamAV installed and
tend towards the most useful one. It will use clamd else clamavmodule else
clamav. This helps if you have all 3 installed, which is quite likely.
8 Greatly improved "MailScanner --lint". It now actually tests every virus
scanner that you have installed, and checks that they can successfully
scan
a message containing the Eicar test-virus pattern. It reports the results
from each scanner and warns you about checking any that are not reported.
* Fixes *
2-2 Fixed error in RPM installer.
2-3 Fixed error in update_spamassassin.
3-2 The watermarking code should do something now :-)
3-3 Rewrote the watermarking docs so they reflect the truth.
4 --lint now reads all the Custom Functions properly.
4 Bug in auto-zip fixed where attachments could be deleted without being
added to zip. Thanks to Matt Hampton.
4 Bug with '-' in HTML attribute names confusing phishing net fixed.
Thanks
to John Wilcock.
5 Fixed 2 bugs in MSRBL clamav-signature handler. Thanks to UxBoD.
6 Fixed bug from October 2006 involving McAfee finding infections in
headers.
7 Fixed bug when unpacking TNEF files with external decoder.
7 Fixed 'monitor files' check in upgrade_MailScanner_conf so it
doesn't check
inadvertently when doing an upgrade_languages_conf.
7-3 Fixed bug in full message file creation in scanning dir as permissions
were wrong.
Jules
--
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk
More information about the MailScanner
mailing list