MailScanner ANNOUNCE: 4.76 released

Julian Field MailScanner at
Mon May 4 16:54:21 IST 2009

Hi folks!

This is to let you all know that I have released a new stable version of 
MailScanner, 4.76.

Also, to let you know that you can now follow me at
if you want to :-)

See the Change Log for full details, but the main new features I have 
introduced this time around are:

- Totally separate rules for filename and filetype tests for attachments 
added directly to email messages, from files which are put into zip 
files or other archives, which are then attached to the message. So you 
can very different rules for objects allowed in zip files or Word 
documents such as, say, allowing executables, while still stopping 
people accidentally running a malicious executable with 1 click from 
their email program. You even get to decide what is considered to be "an 
archive" and what is not, out of zip, rar, Office document, TNEF 
(winmail.dat) and uu-encoded files.

- I have done a lot of the work on the installer and the installation 
that you get. Perl modules are no longer "forced" into installing at 
all, neither do any of them cause problems with updating Perl itself. If 
you have any issues with the new installer, please do get in touch 
straight away with details of your system, and I will produce a solution 
for you.

- "Sign Clean Messages" will put the signature at any location of your 
choice within the message, instead of always being at the bottom. So you 
can have a corporate sig/disclaimer (added by MailScanner) which goes 
before your personal signature (added by your email application) if you 
so wish.

- Fixed all the issues with Postfix not playing nicely with the 
crash-protection defence system introduced in the last version of 

- Speeded up SQL to reduce the penalty of running the crash-protection 
system enabled with the "Maximum Processing Attempts" configuration 
setting in MailScanner.conf.

You can download it as usual from

The full Change Log is this:
* New Features and Improvements *
1 Added the ability to have totally different filename and filetype checks
   for files which are attachments and files which are members of attached
   archives. You even get to define what you consider to be an archive and
   what is not.
   New Configuration options in MailScanner.conf are
   Archives Are =
   Archives: Allow Filenames =
   Archives: Deny Filenames =
   Archives: Filename Rules =
   Archives: Allow Filetypes =
   Archives: Allow File MIME Types =
   Archives: Deny Filetypes =
   Archives: Deny File MIME Types =
   Archives: Filetype Rules =
   In the shipped MailScanner.conf, the checks applied to files within
   archives are the same as those applied to normal attachments that are
   not within an archive.  See the relevant settings in MailScanner.conf
   for more information.
4 RPM builds changed so that no RPMs are "forced" into being installed on
   RedHat 5 or CentOS 5 systems.
5 RPM builds changed so that no RPMs are "forced" into being installed 
at all.
5 RPM builds changed so that any previously installed RPM will not be
   rebuilt, even if the perl version check shows that it is not being used.
   This will dramatically speed up the upgrade process in future,
   especially if you use "./ fast" to upgrade.
5 Changed @INC which is where Perl looks for its Perl modules.  It was
   previously mostly left alone so that RedHat could override some versions
   of modules that you thought you had upgraded. The new @INC path inserts
   the "site_perl" and "vendor_perl" directories before the core 
   This may result in your MailScanner behaving differently from before as
   it will actually be using all your upgraded modules, and not sticking
   with ones supplied by RedHat (at which point it ignore your upgrades).
   This should not cause any problems with MailScanner.
7 Rebuilt i386 version of "tnef" on RHEL4 to be compatible with more 
8 Drastically improved getPERLLIB added in 4.76.5. Perl does funny things
   with $PERL5LIB when calculating @INC to find Perl modules.
8 Added Digest::HMAC as RedHat Enterprise 4 needs it for Net::DNS.
9 Upgraded Perl module DBD::SQLite.
11 The "Archives: Filename Rules" and "Archives: Filetype Rules" now
    point to copies of the normal filename and filetype.rules.conf files,
    rather than pointing to the same file. This will make it easier for
    new users to customise the rules for files in archives.
12 Improved RPM installation script so that it detects an upgrade
    from before the big RPM rebuild in 4.76.11 and forces a "reinstall" of
    all the Perl modules, which will fix problems with later upgrading Perl.
13 Improved Postfix MailScanner message id so that it relates much better
    with the "messages being processed" database. It is now based on the
    "Fletcher" checksum of the data at the start of the file. Thanks to JD
    Marsters (jd at for this one!
17 If you use "Sign Clean Messages", then the signature will be placed in
    your email message wherever you put the marker "_SIGNATURE_", and it
    will be placed at the end by default if that marker is not found.
22 Both the "Phishing Safe Sites File" and the "Phishing Bad Sites File"
    settings can now take a space-separated list of filenames, to make local
    management simpler. Note that your filenames must not have spaces in 
22 Speeded up SQL processing-messages database code by pre-preparing all SQL
    statements. I am now tempted to leave this feature enabled by 
default for
    safety. We can always add a note to the performance tips on the wiki 
    users struggling under high load might want to switch this feature off.
23 Changed RPM installation order to fit better with CentOS 5.2->5.3 

* Fixes *
2 Added "Unpack Microsoft Documents" back into the list of recognised
   settings in MailScanner.conf.
3 Fixed "Add Text Of Doc" for Apple Mail's utterly broken MIME structure.
6 Fixed problems with RHEL5 installation created by 4.76.5.
7 Fixed problems with RHEL4 installation created by 4.76.5.
10 Fixed problems with Fedora Core 10 installation created by 4.76.5.
10-2 Fixed missing Locks dir.
14 Possibly fixed problem with incomplete Postfix messages getting into the
    'processed messages' table.
15 Neatened up message rejection code to help solve processing-messages
    database problem.
16 Fixed permissions and ownership problems with data extracted from TNEF
    winmail.dat attachments.
16 Fixed slight problem in installer on new systems, so it does not complain
    about perl-TimeDate already being installed.
16 Fixed problem with Postfix leaving messages in the 
processing-messages db.
    Many thanks to Kai Schaetzl and Mark Sapiro for spotting the common
    features of the message ids being left behind.
18 Fixed Postfix entropy bug.
19 Changed handling of "Sign Clean Messages" so that if the signing process
    fails, we don't worry about it too much, and we certainly don't create a
    new message section just containing a signature and nothing else.
20 Alternate solution to Postfix procesing database bug, without adding 'P'.
21 Better solution to Postfix processing database bug, adding 'A' to shorter
    entropy value, so no change to final message id.
21 Moved Net::CIDR much lower down in the installation order, to avoid
    problems with CentOS 5.2-->5.3 upgraded systems.
22 Made sure it works with the processing-messages database switched on.
23 Fixed problem with HTML sig being re-added at end of message.
24 Removed type identifier from filenames listed in sender warnings.
24-2 Don't uninstall ExtUtils-MakeMaker in "./ --reinstall".
24-3 ExtUtils-MakeMaker will not build on Fedora 10 x86_64 as it stands.
24-3 Fedora 10 needs Test-Simple first, RHEL5 and CentOS 5 need Math-BigInt
      first. Great :-(
24-3 Fedora Core 10 upgrades are no longer officially supported. The
      RPM Perl build system is fundamentally broken. Take Pod-Escapes as a
      fine example, it cannot build without Pod-Simple. But Pod-Simple 
      build without Pod-Escapes. I quit.


Julian Field MEng CITP CEng
Buy the MailScanner book at

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key:
Follow me at

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list