If you download MailScanner to try it out, or even better if you start using it on your site, please let me know by dropping me a line so I have some idea of where it is being used. I might even let you know about major updates...
There is a mailing list for MailScanner users. The developers also keep an eye on it, so it's a good place to suggest new features, problems, questions, etc. You can access the mailing list on the web, or you can subscribe by sending an email to jiscmail@jiscmail.ac.uk containing
| 29/10/2001 | Released version 2.60.
Description is as below, there are now more text files in the etc directory to customise. I have also tweaked the timeout code again to make it more reliable. |
|
|---|---|---|
| 24/10/2001 | The next version, 2.60, is on the way. I have added more text files to the etc directory so that users get different responses (and replacement attachments) depending on whether it found a virus or whether it failed one of the filename traps. This should make things easier to understand for our poor hard-done-by users :-) | |
| 23/10/2001 | Released version 2.54-1.
This is a bug-fix release, corrects a problem with modifying the subject line of spam when using Exim. This change does not affect sendmail users at all. The Linux version now uses wget instead of lynx due to problems seen with some versions of lynx when running from crond. Also, to reduce the number of problems related to MIME-tools, minimum version numbers of some modules are now checked. |
|
| 18/10/2001 | Released version 2.53-1.
This includes improved handling of unparsable messages, and should also resolve any outstanding problems with timeouts that were present in version 2.52. It also logs its version number when it starts up. |
|
| 16/10/2001 | I have just found a bug that under rare circumstances (a MIME message badly formed in a very particular way, only originating from Apple Macs) MailScanner would fail and stop. This is the first time I have seen this happen in over a year of use. However, I have improved the handling of badly formed messages enough so that nothing stops. The fix will be included in 2.53 due out at the end of this week. | |
| 12/10/2001 | Update on 2.52: The code fix I propose is working well so far,
if you want a copy of the 2 new files then mail me, otherwise I'll
release it towards the end of next week if it's proved to solve the
problem.
2.52 is having one or two problems, I suggest you use 2.51 until I manage to prove that my fixes work. More news as it happens... |
|
| 9/10/2001 | 2.52-2 contains updated text in the Linux RPM distribution. The tar distribution is exactly the same as 2.52-1. | |
| 9/10/2001 | 2.52-1 released. Added configuration option "Deliver in
Background" which makes it run the sendmail processes in the
background instead of waiting for them to complete.
Also the Linux RPM uses wget rather than lynx to fetch Sophos updates (in /usr/local/Sophos/bin/autoupdate) as it is better for cron jobs than Lynx. I have also removed the sample sendmail.cf file from the distribution altogether as it continues to cause confusion. |
|
| 5/10/2001 | Any remaining problems with timeouts apparently not working have
been solved. This will be in release 2.52-1 which you can have
on request
if you urgently need it, else I'll release it around the end of next week.
I have also added a configuration option to allow the "sendmail" processes
to be all run in the background, instead of waiting for them to complete.
It will also use wget on Linux instead of lynx as it is more suited to running from a cron job. |
|
| 4/10/2001 | 2.51-2 released. Slight bug in sweep.pl stopped the removal of macros viruses from attachments working. *No* viruses would get through as a result of this bug, just one of the nice features of this package wouldn't work. | |
| 4/10/2001 | 2.51-1 released. Added configuration option "Deliver Unparsable TNEF" to allow compatibility with earlier behaviour where Microsoft Outlook Rich Text Format attachments that could not be decoded were still delivered. The default is "no". | |
| 2/10/2001 | 2.50-2 released. Corrected one typo in sweep.pl (that's all). | |
| 1/10/2001 | Version 2.50 released. New features are all mentioned below, and new mailscanner.conf switches are documented. | |
| 27/9/2001 | Version 2.50 will also feature a "spam white list" consisting of a file holding email addresses and email domains from which you will accept mail without ever marking it as spam. | |
| 26/9/2001 | MailScanner is now right near the top of the ratings chart at
FreshMeat. If some more
people could vote, we might make it to number 1 again!
Version 2.50 is near completion. This will feature timeouts to prevent Denial Of Service (DoS) attacks by people sending you things like the Zip of Death file (a small zip file which expands to thousands of terabytes). It will also feature the new version of the TNEF decoder, with an extra switch added to avoid other DoS attacks. And a couple of minor features requested by users (turn off virus scanning, turn off delivery of cleaned messages to users). |
|
| 10/9/2001 | Version 2.42 released.
This version allows you to modify the Subject: line of messages identified as being likely spam. There are 2 new configuration variables controlling this, "Spam Modify Subject" and "Spam Subject Text" which are both documented. |
|
| 3/9/2001 | We have discovered a problem in the Exim installation notes. Taking the steps given to stop the incoming Exim from ever accidentally delivering mail, will also cause it to operate as an open mail relay. This is okay if it is one of your internal mail servers, but obviously is very bad if it is one of your MX hosts. For now, please don't follow these 3 steps until we find a better solution. | |
| 31/8/2001 | Version 2.41-2 released.
There is a slight bug in the Sophos autoupdate script, which in some situations may cause the wrong IDE files to be fetched from Sophos, if the version of Sophos has been updated since it was originally installed. This is due to Sophos' installation program leaving an old version of a file lying in the sophos/lib directory. Either install the entire latest release or just fetch the appropriate replacement Linux or Solaris/Unix script. |
|
| 30/8/2001 | Version 2.41 released.
New feature is more intelligent handling of MailScanner status headers when a message has passed through multiple MailScanners. It is now configurable, but the default behaviour is to append new information to the existing X-... header, rather than add a new header. |
|
| 29/8/2001 | Important: I have discovered that some of you may have
corrupt copies of the tnef binary, which is in the
MailScanner bin directory and is used to unpack Microsoft
Outlook Rich Text attachments. To test it, cd into the
bin directory and run the command ./tnef --help
which should produce a help message. If it doesn't produce a help
message, please download a replacement Linux
or Solaris binary and copy it into this
directory, ensuring that you have permission to execute it (type
chmod +x tnef* in the bin directory).
This issue will be fixed in the 2.41 release due in the next few days. | |
| 29/8/2001 | Installation guide now available in Portugese. | |
| 15/8/2001 | Version 2.40 released.
Save a copy of your /etc/sendmail.cf, and /usr/local/MailScanner/etc or /opt/mailscanner/etc files before installing the new version as the upgrade may well overwrite them (particularly when using the Linux RPM). There are several new configuration file options, read the documentation carefully and merge your mailscanner.conf customisations into the new supplied version of this file. Make sure that any long lines (eg. the "Inline HTML Warning") don't word-wrap in your text editor! There is also 1 new addition to my suggested filename.rules.conf file (to trap .reg files). Managed to propogate a bug in /etc/rc.d/init.d/mailscanner from the previous version of the Linux RPM, hence there's now a 2.40-2 RPM. |
|
| 15/8/2001 | Discovered the official version of how the RBL+ works, thanks to
Michael Forrest. The line of code in sendmail.pl mentioned
below for using the RBL+ should read
|
|
| 12/8/2001 | Created a mailing list, subscription instructions are shown above in the "Talk To Me" section. | |
| 10/8/2001 | Version 2.40 is now in testing, hopefully will release next week.
Changes include:
|
|
| 9/8/2001 | Added an Installation FAQ. All suggestions for questions (and answers) are welcome. | |
| 6/8/2001 | Support for the RBL+ spam list. Due to not having a subscription before, I never discovered that it produces different format results from the other MAPS lists, so you need to make one small change to the source:
Look in sendmail.pl for the string 235 and you'll only find 1 occurrence. Change that line to read Then add the line to mailscanner.conf and you're away. |
|
| 6/8/2001 | Version 2.40 is almost ready. Significant changes are:
1. Support for RBL+ 2. Merged Exim and Sendmail versions into one 3. Warning message can now be added to the top of the message body, making it easier for users to understand what the VirusWarning.txt attachments mean. Both HTML and plain text supported. If you want other features, please request them now. |
|
| 29/7/2001 | Added a list of users of MailScanner.
Discovered minor bug in Linux distribution, please uncomment the call to mailscanner in /etc/rc.d/init.d/mailscanner. |
|
| 10/7/2001 | Sample mailscanner.conf file updated to include use of ORBL and ORDB replacements for the now-defunct ORBS open mail relay database. | |
| 14/6/2001 | Exim version of 2.30 released. | |
| 12/6/2001 | McAfee compatibility added to Release 2.30. | |
| 8/6/2001 | Release 2.30-2 produced. This includes minor corrections to file permissions, and includes the missing sophoswrapper script. | |
| 7/6/2001 | Release 2.30 produced.
This release includes automatic disinfection of macro viruses and any other viruses that can be disinfected (Sophos only, not McAfee yet). |
|
| 31/5/2001 | Exim installation notes finally put on-line.
Solaris release check_mailscanner script corrected to use SysV ps command. Release 2.20-2 for Solaris/non-Linux systems produced. |
|
| 29/5/2001 | Linux distribution of Version 2.20 released for sendmail and Sophos.
McAfee versions of 2.20 released so you don't have to use Sophos. I personally still strongly recommend Sophos over McAfee. |
|
| 25/5/2001 | Version 2.20 released for sendmail and Sophos. This release decodes Microsoft's MS/TNEF format and virus-checks the files contained within. This release also includes a greatly improved Sophos autoupdate script and a script to automate installation of Sophos. | |
| 24/5/2001 | Someone has reminded me that the McAfee code has disappeared. Expect it back soon! | |
| 24/5/2001 | I have got proper MS/TNEF decoding working, using the tool at http://world.std.com/~damned/software.html. Expect to see a new release (probably version 2.2) very soon. Exim version of it will follow a few days later. | |
| 24/4/2001 | There are some new plans for the next version. | |
| 23/4/2001 | New release for Exim, fixed some "header munging" bugs | |
| 19/4/2001 | Version 2.14 released for Exim mail transport agent, so you don't have to use sendmail if you don't like it or find it rather too scary ;-) Documentation will follow, mostly just have a good read through the supplied mailscanner.conf file. | |
| 18/4/2001 | In some installations of sendmail 8.11.3, MailScanner would fail to detect viruses properly. This has been found and fixed. Version 2.14 released as both a tar file and as a Linux RPM. | |
| 9/4/2001 | I have updated the RPM distribution and fixed the file location errors. Should work straight out of the box much more easily now. Have done more testing on sendmail 8.11.3 from sendmail.org and it detects viruses fine on that version. | |
| 30/3/2001 | I have updated the filename.rules.conf file to include some more known dangerous Microsoft file extensions. This now includes all the extensions which are known to be hidden even when you have Windows Explorer set to show all file extensions. | |
| 23/3/2001 | I have prepared an RPM distribution of MailScanner for Linux. This should make it far easier to install. Just download it, install the RPM, correct the "DH" and "DM" lines in /etc/sendmail.cf and you are up and away. If you are interested, the RPM spec file used to build it is here as well. |
Due to the nature of this software, I have an interest in the Regulation of Investigatory Powers Act which has just come into force in the United Kingdom. Under section 3(3) of the Act, I believe that this sort of interception is legal, but care must be taken to ensure that no-one other than the sender and intended recipient of any message can read any part of that message. This certainly includes infected attachments.