MailScanner ANNOUNCE: 4.82 stable released
MailScanner at ecs.soton.ac.uk
Fri Feb 11 14:27:36 GMT 2011
I have just released a new stable edition of MailScanner, version 4.82.6.
This is identical to the recent beta version 4.82.5.
The main new feature is in filename.rules.conf and filetype.rules.conf
configuration files. As well as the previous "allow", "deny" and
"deny+delete" instructions in a rule, you can now automatically rename
attachment filenames using the "rename" and "rename to" instructions
instead of just allowing or denying them.
When using the new "rename" instruction in a rule, any matching file
will be automatically renamed using the new "Rename Pattern" setting in
MailScanner.conf. This allows you to add a prefix or a suffix to any
When using the new "rename to" instruction in a rule, any matching file
will be automatically renamed so that the portion of the filename that
matches the pattern string is replaced with new text. So for example,
you can rename all *.pps files to *.ppt with the rule
rename to .ppt \.pps$ Renamed pps to ppt Renamed file
If you want to be even cleverer, you can use parenthesised sections of
the match pattern within the replacement text. I'm not quite sure who
this will be useful to, but I'm sure you will find some clever uses (you
folks always do!). As a random example,
rename to Dangerous_$1_$2 ^(.*)\.(exe|com|scr)$ Renamed dangerous
exes Renamed file
That will rename any file such as "PleaseRunMe.exe" to
"Dangerous_PleaseRunMe_exe" and rename "DodgyScreensaver.scr" to
"Dangerous_DodgyScreensaver_scr" which means the user cannot run it
without renaming it first.
Anyway, you can get it as usual from
The full Changelog is:
* New Features and Improvements *
1 In filename.rules.conf and filetype.rules.conf files, as well as the
previous "allow", "deny", "deny+delete", and email-address types of rule,
there are now "rename" rules as well. If a filename or filetype matches
a "rename" rule, the original attachment is left in the message but is
renamed according to the "Rename Pattern" setting in MailScanner.conf.
This allows for any prefixes or suffixes you may want to add to the
2 Improved "rename" rules so you can now also specify "rename to new-text".
If the rule matched an attachment's filename, the text matching the
for that rule will be replaced with the "new-text" string supplied.
The "to" is optional, but makes it easier to read.
4 Rules files will be assumed in the MailScanner.conf if the filename now
ends in ".Rules" as well as ".rules".
4 Allow deployments with the 'split mail per recipient' setup where mail
is re-injected from 127.0.0.1 to still whitelist 127.0.0.1 for releasing
of quarantined messages, while still scanning re-injected mail.
* Fixes *
1 AVG scanner command-line arguments typo fixed.
2 Fixed problem where HTML messages scanned for Phishing would be truncated
at the start of the first <a> tag if it was never closed properly.
3 Fixed bug stopping things like "$1" working in the replacement text of a
"rename to" filename.rules.conf rule.
4 Fixed permissions of ClamAV temp files to use workperms instead of 0600.
Thanks to Rick Cooper for this fix!
4 Fixed problem caused by invalid "Spam List" or "Spam Domain List" values
appearing in the conf file. Thanks to Steve Freegard for this!
5 Fixed issue where messages quarantined for being a DoS attack did not
have their headers quarantined correctly.
Julian Field MEng CITP CEng
Buy the MailScanner book at www.MailScanner.info/store
Need help customising MailScanner? Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM
'All programs have a desire to be useful' - Tron, 1982
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner