MailScanner ANNOUNCE: 4.71 stable released
Julian Field
MailScanner at ecs.soton.ac.uk
Mon Sep 1 14:36:08 IST 2008
Hi folks!
I have just released a new stable version of MailScanner, version 4.71.
The main changes this month are:
- If a message contains a *.doc document, a new attachment can be added
containing the text of the document. This will save your users from
having to save the attachment, potentially switch operating systems, and
open up Microsoft Word or OpenOffice just to read the words in the
document. My users absolutely *love* this feature, it saves them a huge
amount of time and hassle when memos are circulated by the management.
See the "Add Text Of Doc" setting in MailScanner.conf for more details
of how to configure this.
- Updated support for Esets and F-Secure virus scanners.
- Thanks to F-Secure for donating me a set of server licences so I can
always be sure that I am supporting the latest versions of their
products. Much appreciated!
- One for Fetchmail users: used together with the "--invisible" option
to fetchmail, MailScanner will correctly use the IP address of the
connecting SMTP client, and not "localhost" or "127.0.0.1" for the IP
address in rulesets.
- Added protection against denial-of-service attacks on the HTML text
parser Perl module. There is a message involving thousands of <FONT>
tags in circulation which breaks previous versions of MailScanner when
they try to analyse the HTML of the email message. This is in no way an
attack on MailScanner, but on the underlying HTML::Parser Perl module.
- Improved support of DSN messages from bigfoot.com which incorrectly
use the "message/partial" MIME identifier.
Download it all as usual from www.mailscanner.info.
The full Change Log is here:
* New Features and Improvements *
1 Upgraded from File::Temp 0.19 to File::Temp 0.20 to resolve installation
problem reported with Fedora Core 8 systems.
2 New Feature: We can now extract the plain text of Microsoft Word (up
to 2004)
documents in the *.doc format, and add it as new attachments to a message.
This is done using the "antiword" program available from
http://www.winfield.demon.nl/. There are 3 new configuration settings for
this feature:
"Add Text Of Doc" - This switches the feature on and off. Off by default.
"Antiword" - Full command to run the antiword binary. Adding "-f" to it
makes it highlight emphasized text in the output, which I find helps.
"Antiword Timeout" - The greatest length of time antiword is allowed
to run.
3 Improvement to phishing net, now correctly ignores ':80' in http URLs.
3 Implemented support for Esets version 3.
4 Implemented support for F-Secure 7.01.
5 Added protection against attacks on the HTML text parser (Perl module
HTML::Parser) which is used to analyse HTML messages for dangerous tags.
There is a message in circulation that breaks this, causing Perl to
trigger
a "Segmentation Fault". This protection is necessary, but may have an
impact
on the performance of MailScanner. Until the Perl module is fixed,
however,
this is very necessary protection for your email systems.
7 Added new option "Read IP Address From Received Header" which you can
set to
yes if you are running fetchmail and injecting mail from fetchmail
into your
MTA using SMTP. You need to set the "--invisible" option to fetchmail
as well
to stop it adding its own "Received:" header. See the "Advanced"
section of
MailScanner.conf for more info on this.
8 Added new rules to filename.rules.conf to allow for days of the week and
months in filenames like my_document.july.doc so they aren't caught by the
double filename extension trap.
8 Improved error notification if your permissions on /tmp are all wrong. It
now tells you exactly what to type to fix them.
8 Improved VBA32 output parser to handle slightly different new output
format.
8 Improved 'partial message' handling to only remove the partial-message
section of the message, and not the whole thing. This is particularly
relevant to DSNs from bigfoot.com
10 Improved F-Secure scanning within executables.
* Fixes *
3 Improvement to "Sign Clean Messages" so the signature now appears where it
should, above any </body> tag as well as above any </html> tag.
6 Fix to Exim support to allow for arbitrarily-named Exim ACLs. Fix kindly
provided by dominik.schramm at businessmart.de.
6 Fix for missing watermarks, courtesy of Lasantha Marian.
7 Fix for case when Rebuild Bayes Every = 0 and Bayes is still rebuilt.
7 TNEF attachments will be added with correct filenames when TNEF Expander =
internal. It was erroneously adding them with their "safe" filenames.
9 Removed a load of extra debug output code.
9 "Partial messages" are now quarantined correctly.
10 Removed duplicate warning output when "Virus Scanners = none".
Jules
--
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list