MailScanner ANNOUNCE: Version 4.62.9 released

[donald.dawson at bakerbotts.com]

thanks!

-----Original Message-----
From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Julian
Field
Sent: Tuesday, July 31, 2007 4:50 PM
To: MailScanner discussion
Subject: Re: MailScanner ANNOUNCE: Version 4.62.9 released


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It's the stable August release. I just decided to release a few hours
early.


donald.dawson at bakerbotts.com wrote:
> Is this the stable August release, or will there be a 4.63 shortly?
>
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of
Julian
> Field
> Sent: Tuesday, July 31, 2007 4:02 PM
> To: MailScanner discussion; MailScanner-Announce mailing list list
> Subject: MailScanner ANNOUNCE: Version 4.62.9 released
>
>
>
> * PGP Bad Signature, Signed by an unverified key: 07/31/07 at 22:01:37
>
> I have just released a new version of MailScanner, 4.62.9. I don't 
> normally bother releasing a new version for August, as it's normally 
> very quiet and it isn't worth it. However, this year July has been 
> absolutely hectic and the list of new features and changes this month
is
>
> enormous!
>
> So here goes for the highlights:
>
> --- New "Known Web Bug Servers" setting to list sites you know host 
> web-bug services, so you can blacklist all images from their servers. 
> The default value lists the main offender.
> --- New "watermarking" functionality. 2 uses for this: firstly to 
> provide the same functionality as milter-null, so you don't have to 
> install that if, for example, you use Exim and so can't use it, or if 
> you don't want to install another piece of software on your system. 
> Also, you can use it to create a trust relationship between your 
> MailScanner servers so that the spam scanning only has to be done once

> on any message, on the first server it hits and not on subsequent
ones.
> --- New "ClamAV Full Message Scan" setting, and improvements to the 
> ClamAV parser so that the SANESecurity phishing- and spam-detection 
> signatures can be reliably used. Note this new setting is disabled by 
> default, as it has a slight speed impact.
> --- New "SpamAssassin Rule Actions" setting so that any SpamAssassin 
> rule firing can trigger any action on a message, including the...
> --- New "custom()" spam action which allows you to do absolutely 
> anything based on any property of a message. Immensely powerful, just 
> get your thinking caps on. :-)
> --- Major improvements to "MailScanner --lint". This now checks more, 
> and actually tries scanning a real virus-infected message (don't
worry, 
> it's totally harmless!) to show you the reports from your virus
scanners
>
> to check they are all actually working.
> --- HTML clean message signature can contain an image, so you can have
>
> graphical sigs on your email messages with the image embedded in the 
> message so the recipient always sees it.
> --- Improvements to handling of "Virus Scanners = auto" with multiple 
> ClamAV methods installed (ie. clamav, clamavmodule and clamd).
> --- Improvements to upgrade_MailScanner_conf.
>
> That's not everything, that's just the important bits!
>
> Download as usual from www.mailscanner.info.
>
> The full Change Log is this:
> * New Features and Improvements *
> 1 Improved non-Linux installer.
> 1 Improved Linux installer.
> 1 Updated OpenBSD installation guide. Thanks to Jeremy Evans for this.
> 1 Upgraded MIME::Base64 to 3.07.
> 1 Improved error reporting for clamd permissions problems. Thanks
Rick.
> 2 Added SAUPDATEARGS to /etc/sysconfig/MailScanner and
>   /usr/sbin/update_spamassassin. For a good use of this, see
>   http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt and
> search
>   for "HOWTO" in the Subject: line of the MailScanner-discussion list 
> archive.
>   This process replaces RulesDuJour entirely.
>   Another good ruleset to add to your setup is
>   http://www.peregrinehw.com/downloads/SpamAssassin/contrib/KAM.cf
>   To download this automatically every night, fetch
>   http://www.mailscanner.info/files/4/KAM.cf.sh and put it in 
> /etc/cron.daily
>   and make it executable (type "chmod +x /etc/cron.daily/KAM.cf.sh").
> 3 Added "Known Web Bug Servers" so you can blacklist images from known

> servers
>   of web bug services.
> 3 Added functionality of "milter-null" to MailScanner so you no longer

> need to
>   run this separately. It is called "Watermarking" and there is a
whole
>   section for the settings in MailScanner.conf. They are
>   Add Watermark = yes
>   Skip Spam Checks If Watermark Valid = yes
>   Watermark Header = MailScanner-%org-name%-Watermark:
>   Watermark Lifetime = 432000 # in seconds, = 5 days
>   Watermark Secret = SET-THIS-TO-A-SECRET!
>   Also added Digest::MD5 to the required list of Perl modules, this is

> needed
>   for the watermarking code.
> 3 Added optional image to the clean message signature. You can also
use
> this
>   to add an arbitrary image attachment to any message, if you so wish.
> The
>   main point is to be able to have graphical HTML signatures on
> messages.
>   The settings are
>   Attach Image To Signature = no
>   Attach Image To HTML Message Only = yes
>   Signature Image Filename = %report-dir%/sig.jpg
>   Signature Image <img> Filename = signature.jpg
> 4 Added support for Kaspersky kav4fs. Set virus.scanners.conf entry to
>   point to /opt/kaspersky.
> 4 Changed default value to "Max SpamAssassin Size = 100k" as modern
PDF 
> spams
>   are getting quite large, and PDFInfo.pm doesn't work with cropped 
> messages.
> 4 Improved Clamd parser to handle Sane Security ClamAV signature
> databases
>   which detect spam and so on from the contents of the headers, and
> hence
>   find infections without attachment filenames. Thanks to various
people
> for
>   help with this, you know who you are :-)
> 4 Improved upgrade_MailScanner_conf so that it checks that the
'Monitors
> for
>   ClamAV Updates' setting looks for inc and cvd files. Problems have 
> recently
>   been suffered by many due to the value of this setting being out of
> date.
>   It doesn't automatically re-write their setting in case they have 
> installed
>   ClamAV somewhere odd and have customised it.
> 4 Changed 'Monitors for Sophos Updates' setting default value to point
> to
>   appropriate file for Sophos version 5 and upwards, and have added
> check
>   in upgrade_MailScanner_conf to ensure their setting now points to a
> new
>   location. It prints a warning if sophos-av does not appear in the
> path.
> 4 Added configuration setting "SpamAssassin Rule Actions". This
setting
> is
>   very powerful and can be used to implement many things that MCP can
> do,
>   without having the processing overhead of MCP. The documentation for
> it is
>   in the MailScanner.conf file. Its power is limited by your
imagination
> :-)
>   Start combining it with rulesets and you can take (or _not_ take)
any
>   combination of actions dependent on any bit of content in the
message 
> or its
>   headers. You could try out new SA tests by storing in quarantine
every
>   message that matches a new particular SpamAssassin rule (or
meta-rule
> for
>   creating more complex expressions).
> 5 Added "custom" spam action, which takes a parameter. This is passed 
> into the
>   CustomAction function in CustomAction.pm in the CustomFunctions
> directory.
>   This can be used to implement anything your heart desires, depending

> on the
>   contents of a message.
> 7 When clamav, clamavmodule or clamd parsers are being used and new
> setting
>   "ClamAV Full Message Scan" is set to "yes", pass each of the entire
>   messages to ClamAV as well as the attachments so that the signatures
> that
>   detect spam can work reliably. This is set to "no" be default as it
> has a
>   speed impact.
> 7 The watermark options have been tweaked and renamed a bit, and one
new
>   feature has been added. "upgrade_MailScanner_conf" will show you the

> renames
>   and the new feature is designed to save resources on sites with more
> than
>   1 MailScanner. Currently, if you have a message delivered to a 
> secondary MX
>   (with MailScanner) which relays mail to the primary MX (also with
>   MailScanner) for delivery to users' mailboxes, the spam checks will
be
>   done twice; this is a waste of resources. The new setting "Check 
> Watermarks
>   To Skip Spam Checks = yes" will remove this waste by skipping the
spam
>   checks on the primary MX as the secondary has already done them.
> 7 "Virus Scanners = auto" will detect multiple types of ClamAV
installed
> and
>   tend towards the most useful one. It will use clamd else
clamavmodule
> else
>   clamav. This helps if you have all 3 installed, which is quite
likely.
> 8 Greatly improved "MailScanner --lint". It now actually tests every
> virus
>   scanner that you have installed, and checks that they can
successfully
>
> scan
>   a message containing the Eicar test-virus pattern. It reports the
> results
>   from each scanner and warns you about checking any that are not
> reported.
> 9 Added check to "MailScanner --lint" to check envelope_sender_header
in
>   spam.assassin.prefs.conf is correct and matches MailScanner.conf.
> 9 Added new setting "Use Watermarking = yes" to give overall control
of
> all
>   watermarking features.
>
> * Fixes *
> 2-2 Fixed error in RPM installer.
> 2-3 Fixed error in update_spamassassin.
> 3-2 The watermarking code should do something now :-)
> 3-3 Rewrote the watermarking docs so they reflect the truth.
> 4   --lint now reads all the Custom Functions properly.
> 4   Bug in auto-zip fixed where attachments could be deleted without
> being
>     added to zip. Thanks to Matt Hampton.
> 4   Bug with '-' in HTML attribute names confusing phishing net fixed.

> Thanks
>     to John Wilcock.
> 5   Fixed 2 bugs in MSRBL clamav-signature handler. Thanks to UxBoD.
> 6   Fixed bug from October 2006 involving McAfee finding infections in

> headers.
> 7   Fixed bug when unpacking TNEF files with external decoder.
> 7   Fixed 'monitor files' check in upgrade_MailScanner_conf so it 
> doesn't check
>     inadvertently when doing an upgrade_languages_conf.
> 7-3 Fixed bug in full message file creation in scanning dir as
> permissions
>     were wrong.
> 9   Added use POSIX to top of MessageBatch.pm so WNOHANG is defined.
>
> Jules
>
>   

Jules

- -- 
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)
Charset: ISO-8859-1

wj8DBQFGr66FEfZZRxQVtlQRAmzyAKCQf5GlbHUG1qGubOVpltJvmtuRSwCfWgpq
tB+kbG00sSyczsivEGOGsTI=
=CR5m
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk

-- 
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!