MailScanner ANNOUNCE: 4.82 stable released

Julian Field MailScanner at
Fri Feb 11 14:27:36 GMT 2011


I have just released a new stable edition of MailScanner, version 4.82.6.

This is identical to the recent beta version 4.82.5.

The main new feature is in filename.rules.conf and filetype.rules.conf 
configuration files. As well as the previous "allow", "deny" and 
"deny+delete" instructions in a rule, you can now automatically rename 
attachment filenames using the "rename" and "rename to" instructions 
instead of just allowing or denying them.

When using the new "rename" instruction in a rule, any matching file 
will be automatically renamed using the new "Rename Pattern" setting in 
MailScanner.conf. This allows you to add a prefix or a suffix to any 

When using the new "rename to" instruction in a rule, any matching file 
will be automatically renamed so that the portion of the filename that 
matches the pattern string is replaced with new text. So for example, 
you can rename all *.pps files to *.ppt with the rule

rename to .ppt    \.pps$    Renamed pps to ppt    Renamed file

If you want to be even cleverer, you can use parenthesised sections of 
the match pattern within the replacement text. I'm not quite sure who 
this will be useful to, but I'm sure you will find some clever uses (you 
folks always do!). As a random example,

rename to Dangerous_$1_$2    ^(.*)\.(exe|com|scr)$    Renamed dangerous 
exes   Renamed file

That will rename any file such as "PleaseRunMe.exe" to 
"Dangerous_PleaseRunMe_exe" and rename "DodgyScreensaver.scr" to 
"Dangerous_DodgyScreensaver_scr" which means the user cannot run it 
without renaming it first.

Cool huh?

Anyway, you can get it as usual from


The full Changelog is:
* New Features and Improvements *
1 In filename.rules.conf and filetype.rules.conf files, as well as the
   previous "allow", "deny", "deny+delete", and email-address types of rule,
   there are now "rename" rules as well. If a filename or filetype matches
   a "rename" rule, the original attachment is left in the message but is
   renamed according to the "Rename Pattern" setting in MailScanner.conf.
   This allows for any prefixes or suffixes you may want to add to the
   attachment's filename.
2 Improved "rename" rules so you can now also specify "rename to new-text".
   If the rule matched an attachment's filename, the text matching the 
   for that rule will be replaced with the "new-text" string supplied.
   The "to" is optional, but makes it easier to read.
4 Rules files will be assumed in the MailScanner.conf if the filename now
   ends in ".Rules" as well as ".rules".
4 Allow deployments with the 'split mail per recipient' setup where mail
   is re-injected from to still whitelist for releasing
   of quarantined messages, while still scanning re-injected mail.

* Fixes *
1 AVG scanner command-line arguments typo fixed.
2 Fixed problem where HTML messages scanned for Phishing would be truncated
   at the start of the first <a> tag if it was never closed properly.
3 Fixed bug stopping things like "$1" working in the replacement text of a
   "rename to" filename.rules.conf rule.
4 Fixed permissions of ClamAV temp files to use workperms instead of 0600.
   Thanks to Rick Cooper for this fix!
4 Fixed problem caused by invalid "Spam List" or "Spam Domain List" values
   appearing in the conf file. Thanks to Steve Freegard for this!
5 Fixed issue where messages quarantined for being a DoS attack did not
   have their headers quarantined correctly.


Julian Field MEng CITP CEng

Buy the MailScanner book at
Need help customising MailScanner? Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at

'All programs have a desire to be useful' - Tron, 1982

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list