MailScanner ANNOUNCE: New stable release 4.78.17

Jules Field MailScanner at
Thu Oct 1 19:29:50 IST 2009

Evening all!

I have just released a new stable release of MailScanner 4.78.

There are many new features this time around, including
- "host:" and "host-nocheck:" specifiers in rulesets to allow you to 
specify hostnames the mail came from, as well as IP addresses and sender 
e-mail addresses.
- virus scanning is now done before spam scanning.
- new support for "spam-viruses" which are spam messages detected by 
your virus scanner (such as with the extra ClamAV signature databases, 
or F-Prot). This is managed by the new MailScanner.conf settings 
"Spam-Virus Header" and "Virus Names Which Are Spam". See the ChangeLog 
for more information.
- several installer improvements, in particular for Fedora Core 11 and 
better RPM management.
- "include" directive in MailScanner.conf files, so you can avoid 
modifying the shipped MailScanner.conf file at all, making upgrades 
easier. This also makes large installations easier as you can just 
specify your local modifications in a set of files stored in 
/etc/MailScanner/conf.d. "Include" directives can be nested to arbitrary 
depths, so included files can include other files to any complexity you 
- Many fixes.

For more information on any of the above, see the Change Log and the 
MailScanner.conf file as they describe them in more depth.

Download as usual from

The full Change Log is here:

* New Features and Improvements *
1 Improved handling of Postfix messages with complex structures caused by
   some milters.
2 In addition to the previous '' method of providing
   a hostname in rulesets, you can now also specify
   which is the same thing but no anti-spoof checks are made. This is only
   useful if you have a 'PTR' record for providing the IP address of the
   hostname but no forward 'A' record for translating the IP address into
   a hostname.
   This is frequently the situation when using dynamic IP addresses.
3 Swapped over virus-scanning and spam-scanning code completely, so all
   virus-scanning code is done before spam-scanning code. It won't virus-
   scan "Silent Viruses" which is pretty much all of them now, so it should
   work okay. This allows me to introduce...
3 New feature to allow detection of "spam-viruses" which are items of spam
   that are reported by your virus scanner. You can set 2 new configuration
   Spam-Virus Header = X-%org-name%-MailScanner-SpamVirus-Report:
   Virus Names Which Are Spam = Sane*UNOFFICIAL HTML/*
   The names of the "spam-viruses" found are those viruses reported by your
   virus scanners which match any of the strings given in "Virus Names Which
   Are Spam". These "spam-virus" names are added to the header set by
   "Spam-Virus Header". You can then write a SpamAssassin rule in
   spam.assassin.prefs.conf which gives a score for the presence or contents
   of this header. I supply an example rule which adds a score of 3 if the
   header exists. Feel free to re-write and extend that rule! It will 
not work
   unless you customise it. You could even write a "SpamAssassin Rule 
   to handle this rule specially!
6 Improved installer for Fedora Core 11.
7 Improved RPM installer so when it needs to, it only removes RPMs I 
7-2 Added an "export HOSTNAME" to the init.d script. Should resolve some
   issues where using "$HOSTNAME" or "${HOSTNAME}" in MailScanner.conf did
   not work.
8 Added support for "include path-to-conf-files" lines in MailScanner.conf.
   You can now put your site-specific customisations in separate files, to
   make upgrading of many servers a lot easier. You can nest "include" 
   which means that an "include"d file can "include" other files.
   The "path-to-conf-files" can use the normal shell wildcard characters 
   as "*" so a valid line might be
   include /etc/MailScanner/config/*.conf
   to read all the *.conf files in that directory in turn.
   The *last* value read for each MailScanner.conf setting will be used.
8 Added support for "include" lines in upgrade_MailScanner_conf. If you 
   them as comments, the whole problem quietly disappears!
10 Added /etc/MailScanner/conf.d directory to RPM and added a default 
    line in shipped MailScanner.conf. Put a README in the conf.d directory.
11 Improved notes in conf.d/README file.
13 Added "Quick.Peek" script to distribution to read configuration settings
    from shell scripts, which correctly handles included files.

* Fixes *
2 Minor fix to phishing net for servers on port numbers that start with "80"
   but are not 80.
2 Fixed issue of spam report not appearing in rare cases.
4 Fixed problem of silent viruses not being quarantined when requested.
5 Fixed issue where spam-viruses would be quarantined and found as silent.
5-3 Renamed subroutine.
6 Fixed installer for Perl-IO, Perl-DBI, Perl-DBD-SQLite, Perl-Filesys-Df,
   Perl-Net-DNS for Fedora 11.
7 Fixed installer for Perl-Digest-SHA1 for Fedora 11.
9 Fixed problem where "Scan Messages = no" was ignored.
9 Fixed problem where multiply-infected files in the same archive may not
   always be removed correctly.
10 Fixed issues with "include" files where they wouldn't be used for a few
    variables, and "%variable%" definitions in include files were ignored.
11 Fixed problem where settings found in included conf files would be
    ignored sometimes when starting up.
14 Rulesets used within Custom Functions should work again now.
15 Fixed crash when "Expand TNEF = replace".
16 Improved processing_messages_alert so it behaves better in the face of
    a ruleset defining "Notices To =".
16 Fixed problem in Exim where duplicate headers could appear due to
    DeleteHeader not finding them correctly.
16 Improved handling of Unicode and foreign character sets used in 


Julian Field MEng CITP CEng
Buy the MailScanner book at

Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at and

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list