forked from MailScanner/v5
-
Notifications
You must be signed in to change notification settings - Fork 0
/
changelog
458 lines (384 loc) · 16.2 KB
/
changelog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
10/29/2022 Changes in v5.4.5-3
==================================
- Integrate working version of Sendmail::PMilter (milter)
(Version 1.2x from CPAN not working with postfix currently)
10/09/2022 Changes in v5.4.5-2
==================================
- Remove v5.4.5-1 from beta
- Fix dat file check not allowing files through
- Fix attachment mode not adding new MIME header
- Fix external message warning not always appearing
- Fix extraneous newline appearing in received header (milter)
- Bump milter to v1.7
07/03/2022 Changes in v5.4.5-1
==================================
- Add support for unrar v6x
- Add f-secure-12 support for allow password-protected archives
02/20/2022 Changes in v5.4.4-1
==================================
- Override Filetypes feature
- Generalize detection of dat files
- Improved handling of milterout queue files
- Unfold Received header (postfix/sendmail)
- Ensure HTTP::Date perl module is installed
- Fix IP::Country::DB_File (Suse)
01/04/2022 Changes in v5.4.3-2
==================================
- Remove default hosted 1x1spacer.gif
- Include base64 encoded 1x1 spacer
- Add missing file wrappers to packages
11/28/2021 Changes in v5.4.3-1
==================================
- Refine HTML Disarm logic (detect premature pipe end)
11/25/2021 Changes in v5.4.2-3 (beta)
==================================
- Revised logic for HTML Disarm (close in child only)
11/14/2021 Changes in v5.4.2-2 (beta)
==================================
- Eliminate queue id change in MSDiskStore.pm
11/14/2021 Changes in v5.4.2-1 (beta)
==================================
- Check for /usr/local/bin in path for ms-configure
- ESETS EFS Support
- Milter cleanup after restart
- MSMilter handle file handling before DISCARD
- Set F-Secure to use ScanOptions
- Close pipe in parent only for HTML Disarm
- Milter Authenticated Spam Skip enhancements
- Fix Received header detection in MSMilter
- F-Secure 12 Support
- Limit queue processing to child-owned queue files in MSMail.pm
- Properly detect permfails with code 5xx in MSMail.pm
09/19/2021 Changes in v5.4.1-3 (beta)
==================================
- Support for F-Secure version 12+
- Milter queue processing for child-owned queue files
08/08/2021 Changes in v5.4.1-2
==================================
- Update inline.internal.warning.html (translation)
- Update inline.external.warning.html (translation)
- Declare code in v5.4.1-1 production ready
01/25/2021 Changes in v5.4.1-1 (beta)
==================================
- Option to ignore DAT file type check
- Fix TNEF unparse behavior and work file permissions/ownership
- Reset opts variable causing unwanted notifies
- Fix mangling of sender in pre-header (preserve first occurrence)
12/04/2020 Changes in v5.3.4-3
==================================
- Ignore QP DOS Failure option and body fix
- Process all links during phishing checks
- Output to stdout/stderr when running in foreground mode
11/04/2020 Changes in v5.3.4-2
==================================
- Revert milter substitution of RCPT TO
09/07/2020 Changes in v5.3.4-1
==================================
- Add RFC 3461 RCPT TO Service Extension support (milter)
- Change Received header continuation spacing to tabs (milter)
- Fix pair of typos in ms-configure (rhel)
05/12/2020 Changes in v5.3.3-1
==================================
- Fix broken MIME Filetype logic
- Add support for the Kaspersky Scan Engine AV
- Add support for the Avast Daemon AV Engine
- Remove duplication in AV code
- Add support for the F-Prot Daemon Anti-virus Engine
- Add support for the F-Secure Daemon Anti-virus Engine
- Add support for the Sophos SAVID Daemon Anti-virus Engine
- Simplify build scripts
- Move new builds to release tags
04/25/2020 Changes in v5.3.2-2
==================================
- Fix errors with exim RBL bypass
04/25/2020 Changes in v5.3.2-1
==================================
- Support bypass of RBLs for authenticated connections in Exim
- Fix quarantining of relay rejected emails (milter)
- Eval WordDecoder in Exim
04/17/2020 Changes in v5.3.1-3
==================================
- Include /usr/local/bin and /usr/local/sbin in ms-cron PATH
04/11/2020 Changes in v5.3.1-2
==================================
- Rollback strategy for spamassassin on failure (RHEL/SUSE)
04/11/2020 Changes in v5.3.1-1
==================================
- Detect DOS attempt in Quoted Printable MIME parts (Security Fix)
- Support for latest RHEL, Debian, SuSE
- Support latest SpamAssassin (3.4.4)
- Require latest SpamAssassin (Use CPAN)
- Use cpanminus by default
- Disable config check for removed settings
- Update Clamd socket path (RHEL)
- Add PowerTools option (RHEL 8)
01/19/2020 Changes in v5.2.2-1
==================================
- Fix LocalSocket substitution in latest clam config (path changed)
- Set ownership of milter queues during ms-configure
- Correct naming of debian package
- Unpack img files and include all unpackable file extensions
- Preserve all header flags in Sendmail
- Remove deprecated clamav functions
- Fix File MIME Types checking
- Support for new Exim 4.93 queue format
- Update de rules translations
- Add report substitution to ReadExternalWarning
11/15/2019 Changes in v5.2.1-2
==================================
- Add QUICKPEEK variable to msmilter-init
- Add libdb-dev missing debian dependency
- clamavmodule (Mail::ClamAV) deprecated with warning
11/03/2019 Changes in v5.2.1-1
==================================
- External message warning support
- Scan silent viruses also for spam option
- Fix silent virus delivery behavior
- Keep batch during A/V scan failure and back off for 30 seconds
- RHEL/CentOS setenforce 0 (install)
- Move ownership and permissions to post (install/update)
- Eval WordDecoder Subject
- Allow scan 7z archives if 'Find Archives By Content = no'
- Use correct callback in debug message in milter
- Honor whitelistmaxrecips in milter
- Refactor to host MailScanner using standard package management
03/03/2019 Changes in v5.1.3-3 (unreleased)
==================================
- Additional checks for empty queue id in milter
- Update esets-wrapper-README and make sudo optional
- Better process kill handling during stop
- Reap children when stopping milter
- Fix temp file cleanup in milter during stop
- Ignore Denial of Service option (workaround)
- Add additional base packages to debian install
01/27/2019 Changes in v5.1.3-2
==================================
- Add sudo and README for esets-wrapper
- Handle ipv6 packed socket properly in MSMilter
- Fix path for avg-wrapper in virus.scanners.conf
- Fix AVG output parsing in SweepViruses.pm
- Fix absolute path in Sophos output parsing in SweepViruses.pm
- Add config option for mailto phishing highlighting
12/23/2018 Changes in v5.1.3-1
==================================
- Use literal 'mailto:' for mailto phishing detection
- Handle HTML entities in mailto phishing detections
- Enforce 7 bit characters for filename checks
- Revert decode_headers workaround
- Esets catch error reading archive
- FixSubstringBoundaries removed
- Add "for <...>; date-time" to MSMilter Received: header.
- Milter add 'Authenticated' note to Received: header for SASL auth mail
- Milter refactor to capture real postfix id
- Remove CRs for QMQP processing
- Display correct log warning for QMQP socket
- Milter QMQP support added
- Option to reveal URLs in links added
- Add support to detect mailto: phishing
- Get rid of artifacts in AVG output lines
- Check for Run As User during postinst and use if defined (debian)
- Refactor milter to support multiple emails per session
- Fix missing subject field following a To: header
- Quarantine support option for DOS protection added
- Fix milter to allow modified recipients
- Add postfork support to milter
- Fix milter adding previous message recipients
10/26/2018 Changes in v5.1.2-2
==================================
- Disable rbl check if user is authenticated (postfix)
- Preserve utf-8 header data
- Add additional services to systemd unit
- Simplify esets output
- Add newline to virus.scanners.conf
- Exclude predata headers in quarantine files (milter)
10/20/2018 Changes in v5.1.2-1
==================================
- Patch Mail::ClamAV to allow install for SuSE builds
- 7zip handle spaces in filenames
- Clamd full message scan
- Detect fax and tel links
- mime_perl_to_string fix for ignored handler
- Add Kaspersky Linux Mail Server support
- Ignore "archive damaged" in esets scanner output
- Cleanup reports, add en_uk reports
- Workaround MIME::Parser failing to decode UTF-8
- Refactor milter to fully support multiple original recipients
- Refactor milter to support large messages
- Refactor milter to reject blacklisted emails early
- Fix off by one header add in milter
- Look for all recipient records in DeleteRecipients
- Update milter doc to 1.3
- Remove invalid Apparmor code in debian package
- Fix condition concatenation in ms-update-phishing
- Fix mktemp in clamav-wrapper for FreeBSD11
- Add DrWeb virus scanner support
- Fixes for clamav on rhel variants
08/25/2018 Changes in v5.1.1-1
==================================
- Remove space in "Clam AV"
- Support enable_original_recipient=no in postfix
- Check CPANOPTION and add verbosity
- Better AV scanning loop with retry attempts
- Refactor AV scanning loop
- Revert escaping spaces in unrar (already strict quoted)
- Cluster friendly update scripts (check for PID before restarting)
- Milter support option for MailScanner
- Fix postfix long queue ids getting suffixed with key
- Support ClamAV 0.100.1+ configuration change in RHEL/CentOS 7
06/17/2018 Changes in v5.0.7-4
==================================
- Switch to gzipped phishing update files
- Fix for no virus scanner defined
- Fix configuration chaining for SA rules actions in rulesets
- Fix mime decoding deprecation
- Allow wildcards in phishing lists
- Update MIME::Tools using CPAN
- Fix removal of MailScanner.conf if MailScanner is removed
- Add support for Fedora 28
- Add perl-LWP-Protocol-https (RHEL Variants)
04/29/2018 Changes in v5.0.7-3
==================================
- Fix copy of CustomFunctions directory in debian install
- Fix untaint of $safename var in unpack7zip
- Respect process exit code of Message::SafePipe
- Fix systemd file syntax in RHEL/CentOS
- Remove rotating indication in ms-init
- Add ldconfig to end of install.sh
02/03/2018 Changes in v5.0.7-2
==================================
- Use mtagroup for tmpfiles.d clamd.scan (CentOS/RHEL 7)
- Remove spaces from CURLORWGET = 'wget'
- Fix one typo and a bit of grammar in DE translations
- Fix ms-update-sa reload for systemd
- Fix ms-update-bad-emails for systemd
- Change current working directory on MailScanner invocation
- Fix ms-update-phishing to suppress cron output
- Remove support for systemd reload
- Use /etc/tmpfiles.d for /var/run/clamd.scan configuration (CentOS/RHEL 7)
- Update ms-update-phishing to use restart instead of reload
12/25/2017 Changes in v5.0.7-1
==================================
- Fix parsing an email address into local-part and domain
- Fix syntax in Debian/postrm
- Escape space before passing to unrar extract
- Add gz to unzipable files
- Only run freshclam if it is not running yet (debian)
- 7zip support
- Remove execute flag on systemd service (debian)
- Add update flag to install.sh
- Fix configuration chaining for spamassassin rules actions
- Add --force for cpanm
- CentOS/RHEL 7 clamav configuration support
- Fix broken clamav install prompt block
- Include 2 perl modules for spammassassin from debian tree
- Support for Fedora 27
- Fix install.sh modifying clamav-wrapper before MailScanner is installed
- Add mariadb as a prerequisite service for mailscanner systemd unit
09/29/2017 Changes in v5.0.6-5
==================================
- Return result of mta installation
- Automation flags for all major distros
- Fix config filename to mcp.spamassassin.conf
- Point broken links to wayback machine for mcp
- Properly detect long queue IDs for postfix
- Preserve MailScanner.conf during upgrade
- Fix finding of configured SyslogFacility
- Properly suppress removing ms-sendmail init output
08/28/2017 Changes in v5.0.6-4
==================================
- Fixes and enhancements for ms-update-phishing
- Remove execute bit on systemd files
- Return code check added for ms-init during service reload
- Update documentation
- Add ms_cron_ps_restart to /etc/MailScanner/defaults
08/20/2017 Changes in v5.0.6-3
==================================
- New phishing sites update script
- Unattended install options for debian build
- Fix for exim queue processing
- ms-init fixes
- Fix debian not installing sendmail
- Fix SuSE not installing packages via zypper
- Suppress freshclam error output during install
- Fix missing libbz2-devel package on suse builds
- Fix MailScanner.conf not getting updated and merged
07/24/2017 Changes in v5.0.6-2
==================================
- Bring Spam List documentation in line with current
spam.lists.conf.
- Fix typo in sender.filename.report.txt (fr)
- Better systemd detection
- Prevent ms-init from mistaking itself as a MailScanner process
07/16/2017 Changes in v5.0.6-1
==================================
- Updated ms-update-bad-sites to quiet curl and wget
- Updated ms-update-safe-sites to quiet curl and wget
- Fix race condition in ms-init during restart
- Add systemd support for ms-init using ms-systemd script
- Add ms-sendmail-init script to correctly start sendmail
for mailscanner on init for RHEL based systems
- Add ms-sendmail, ms-sendmail-in, and ms-sendmail-out systemd
support scripts on RHEL based systems
- Update build scripts for systemd support
04/08/2017 Changes in v5.0.5-1
==================================
- updated SweepContent.pm to allow application/ld+json scripts
when Allow Script Tags = no in Dangerous Content Scanning
- Updated Postfix.pm and PFDiskStore.pm to use long queue IDs - issue #34
- Updated Postfix.pm to work with both FIFO and UNIX pipes
- rar fix to allow spaces in file names
- removed some unneeded packages from ms-perl-check
- fix for HTML tag is split across multiple lines - issue #43
- unrar fix - issue #33
- added rblspamreport to reports - issue #45
- update logging for all spam actions taken - issue #36
- increased free disk space check from 100k to 10m - issue #40
- removed re2c conf item in defaults - not used
- updated InPhishingWhitelist and InPhishingBlacklist to not check host.*
as it is incompatible with the current structure
11/10/2016 Changes in v5.0.4-4
==================================
- updated RHEL/Debian/SuSE install scripts
- updated cron job scripts
- updated init script
- changed Debian upstart from 80/20 to 80/80
- updated RHEL packages in install.sh
- updated SuSE packages in install.sh
- Postfix double scan during custom fix
- fixed ms-init and ms-check
- fixed ramdisk portion of install scripts
- fixed perl module declarations
08/14/2016 Changes in v5.0.3-7
==================================
- updated init script to include a time-wait for pid files during
process reloads and restarts
- updated Message.pm to correctly prepend phishing notices in email
subject
- added avast virus scanner support
- added esets virus scanner support
- added new function InitClamdParser to SweepViruses.pm
- added new function ProcessClamdOutput to SweepViruses.pm
05/23/2016 Changes in v5.0.2-1
==================================
- updated chmod permissions from 0600 to 0660 on work files to address
permission issues with clamd reading header files
05/23/2016 Changes in v5.0.1-2
==================================
- fixed install.sh for ms-upgrade-conf
05/22/2016 Changes in v5.0.1-1
==================================
- added logging of failed HTML disarms to Message.pm
05/13/2016 Changes in v5.0.0-9
==================================
- RHEL installer correction: creation of /etc/mail/spamassassin/mailscanner.cf
- start levels 80 20 set in Debian and RHEL
- ms-sa-update corrected
- errant removal of /usr/lib/MailScanner corrected
- added checks to remove init.d scripts or links pre-install
- added remove to update-rc.d and chkconfig pre-install
- added add to update-rc.d and chkconfig post-install
- corrected missing variable in RHEL install.sh script
- installers refined and updated
04/30/2016 Changes in v5.0.0-1
==================================
- New Release