1
12/1/2009 New in Version 4.74.16-1
2
==================================
3
* New Features and Improvements *
4
1 Patch added to ClamAV & SpamAssassin easy-to-install package to make
5
Mail::ClamAV Perl module handle ClamAV 0.94 correctly.
6
Thanks to Steve Barber for telling me about this fix.
7
7 Upgraded to tnef 1.4.5.
8
9 The Spam Actions and its pals may now contain the "header" action with the
9
special keyword "_TO_" anywhere in the header value. This will be replaced
10
by a comma-separated list of the original recipients of the message.
11
I wrote this for when I divert a message to the postmaster when it's detected
12
as spam, for example. Then you can put
13
Spam Actions = store forward postmaster@ecs.soton.ac.uk header "X-ECS-Recips-were: Sent to _TO_"
14
I don't always want to include the list of recipients in the headers, as
15
others object to their privacy being violated by everyone receiving the full
16
list of recipients, so I can't use the "Add Envelope To Header". I *only*
17
want to add this information to spam messages, so I know to whom they were
19
11 Another check to ensure it doesn't chmod /tmp on misconfigured systems.
20
14 Added support for Fedora 10.
21
16 Added a bit more logging of message non-delivery.
22
16 Slight improvement to output of list of virus scanners with --lint.
25
2 Major work on removing symlink attack vulnerabilities affecting -autoupdate
27
Note: This vulnerability only affected systems where normal interactive users
28
could log in to the system, or create arbitrary symlinks in your filesystem.
29
So the ISP-style setups were never vulnerable, as they didn't allow normal
30
users to login or allow people to arbitrarily create symlinks in the
32
2 Removed symlink attack vulnerabilities in SpamAssassin and tnef handlers.
33
6-2 Re-release to fix filesize problems.
34
7-2 Added missing "use" statement to WorkArea.pm.
35
7-3 Added missing tnef to Other Unix tarball distribution.
36
Linux distributions unchanged.
37
8 Minor fix in handling of complicated "SpamAssassin Rule Actions".
38
10 Fixes for Locks creation bugs from Jeff Earickson. Non-RPM distribution
39
should work rather better now.
40
12 Tiny (but important) fix to mcafee-autoupdate so that it will work properly.
41
13 Last few symlink attack vulnerabilities found and squashed.
42
14 Added the Bayes-rebuild lock files to mailscanner_create_locks.
43
15 Fixed locking problems with Bayes-rebuild lock files.
44
15-2 Fixed problem with "rewind()" errors appearing in SA.pm.
45
16 Fixed bug in update_virus_scanners where trailing spaces or comments on
46
the "Run As User" or "Run As Group" settings in MailScanner.conf would
47
cause the Locks files to be owned by root.
48
16 Fixed similar bugs in /etc/sysconfig/MailScanner in RPM distributions.
50
1/12/2008 New in Version 4.73.4-2
51
=================================
52
* New Features and Improvements *
53
1 Improved install.sh for RPM systems to install correct arch of tnef RPM.
54
1 Upgraded to tnef version 1.4.4.
55
2 Scanner name will always be logged even if not being reported in text to user.
58
2 Resolved reporting bug with number of viruses found when multiple scanners
60
2 Security issue in "trend-autoupdate" resolved.
61
3 Problem caused by zip files containing identically-named zip files fixed.
62
4 Fixed bug in RPM installer when no TNEF was installed. Didn't actually cause
63
any problems, just generated a noisy error message.
64
4-2 Added tnef-1.4.4.tar.gz to tarball package.
66
1/11/2008 New in Version 4.72.5-1
67
=================================
68
* New Features and Improvements *
69
1 Added support for ClamAV 0.94. Note that this has necessitated removal of
70
complete support for earlier versions of ClamAV as the command-line settings
71
are incompatible. So only use this version if you have upgraded to the latest
73
2 The "Found to be clean" header will not be added to the message at all if
74
the relevant configuration setting is blank in MailScanner.conf.
75
2 Filename and filetype checks are now done before virus scanning. This means
76
that you can use the "deny+delete" type of filename or filetype rule to
77
selectively delete files that will choke your buggy virus scanner.
78
4 "install.sh" now logs all output to "install.log".
79
4 The RPM and SuSE versions of "install.sh" now have a "reinstall" command-
80
line option which will make it attempt to remove the Perl RPMs before it
81
installs them, in case you have changed your Perl version enough that the
82
previous Perl modules were not being found by your new setup. Very handy
83
for Fedora upgraders, among others.
84
4 Improvements to the "reinstall" command-line switch so it removes all the
85
old versions first, before it starts installing anything new.
86
4 Updated MIME-tools to version 5.427.
87
4 Minor improvement to phishing net.
88
4 Added check to --lint for sufficiently correct /tmp permissions.
89
5 Remove dsbl.org blacklist from spam.lists.conf.
90
5 Added more comments to the "Remove These Headers" documentation. The
91
suggested list of headers to remove is now all of these:
92
Disposition-Notification-To
95
Disposition-Notification-To
99
MDSend-Notifications-To
119
1 Changed logging of clamd so that it reports the virus scanner name correctly.
120
2 Removed debug code from OLE unpacking code.
121
3 Fixed log handling bug in filename rules matching code, thanks to Derek Chee.
122
4 Fixed bug where whole message body was deleted if a file nested within 2
123
zip files failed filename tests.
124
4 Fixed reporting bug in 'service MailScanner status' where it would produce
125
an error instead of saying the incoming sendmail process was working fine.
126
4 Fixed a parsing bug in the "Avast" scanner support.
127
4 Minor change to error message when /tmp has wrong permissions.
1
129
1/9/2008 New in Version 4.71.10-1
2
130
=================================
3
131
* New Features and Improvements *
added
removed
ChangeLog
