If you download MailScanner to try it out, or even better if you start using it on your site, please let me know by dropping me a line so I have some idea of where it is being used.
There is a mailing list for MailScanner users. The developers also keep an eye on it, so it's a good place to suggest new features, problems, questions, etc. If you only want to hear announcements of new versions, then I suggest you subscribe to the project at FreshMeat. You can access the mailing list on the web, or you can subscribe by sending an email to jiscmail@jiscmail.ac.uk containing
Before posting questions to me or the mailing list, please search the list archives and read the Installation FAQ.
I am doing a little survey. If you use MailScanner on your site, please can you email me the number of messages processed by MailScanner each day. I don't need to know the number of viruses found, or anything like that, just the number of email messages that MailScanner scans each day. Thankyou!
| 30/7/2002 | Released version 3.22-10. Fixed a minor bug in the spam whitelisting code that would cause whitelisted domains to be sometimes marked as spam. | |
|---|---|---|
| 29/7/2002 | Released version 3.22-9. New code in 3.22-8 to fork off MailScanner daemon at startup has been abandoned due to instability problems on a few versions of Solaris. I strongly recommend non-Linux users to upgrade to this version. | |
| 27/7/2002 | Release version 3.22-8. Bug fixes: spam logging should now log the correct domain, sender warnings now correctly support "Hide Incoming Work Dir" option, code that forks off MailScanner daemon at startup improved to protect from zombie processes on BSD. | |
| 23/7/2002 | Security alert: Due to a posting on NTBugtraq today, I would advise all MailScanner users to add a "deny" rule for \.mhtml$ to protect yourself against a newly discovered META-REFRESH attack against Eudora. | |
| 23/7/2002 | Version 3.22-7 improves the F-Prot parser to cope with the new
"mass-mailing worm" output it can produce. Many thanks to Alan
Ford at Newnet for reporting this one.
Note: I strongly advise all F-Prot users to upgrade. |
|
| 22/7/2002 | Version 3.22-6 addresses a couple of complaints about the new function of the spam.whitelist.conf file matching both inbound and outbound addresses. The syntax of the file has been enhanced to allow for a "From:" or "To:" keyword on each line indicating whether the address should match the sender or recipient addresses of the message. | |
| 22/7/2002 | I have released version 3.22-5.
A few new features this time: Spam White List configuration option now gives a filename whose contents are checked against both the sender's address and the recipients' addresses. Max Spam List Timeouts configuration value gives the threshold for the number of consecutive times a single "Spam List" or "Spam Domain" entry can timeout before it is removed from the list of places to be checked. It will be restored to the list at the next restart (every 4 hours by default). Max SpamAssassin Timeouts configuration value works the same way as "Max Spam List Timeouts" except it applies to SpamAssassin instead. Hide Incoming Work Dir configuration option allows you to hide the full directory pathname from the messages sent to users. Sign Messages Already Processed configuration option allow you to only sign messages once, regardless of how many times it has been scanned by your site. There are also a few improvements, such as automatic cleanup of core files, improvements to the RedHat init.d script to ease upgrading, improved logging of RBL timeouts, and another form of wildcard in all the files that take addresses and domains. You can now have wildcards like "spam@*" as well as "*.domain.com". The RAV installation directory has been changed to /usr/local/rav8/bin which is where the RAV 8.x installation program puts it. The F-Prot autoupdate script now handles stray ^M characters properly, and incorporates the fix recently published by F-Prot. The "Multple Headers = replace" option is now more robust against bugs in some versions of Perl. |
|
| 28/6/2002 | I have written FAQ 22 on the subject of why MailScanner does not yet support "daemonized" virus scanners as OpenVirusScanner and the daemonized version of F-Prot. | |
| 27/6/2002 | I have produced a df2mbox script which will convert complete quarantined messages (such as all your stored spam) into "mbox format" files which you can read with pine or Eudora (to name two). See FAQ 21 for more information. | |
| 27/6/2002 | Version 3.21 released.
This contains a couple of minor bugfixes, and you can now separate MailScanner's logging messages from your sendmail/Exim logs using the new "Log Facility" configuration option. The "Notify Senders" configuration option has been extended to allow the value "local" where only senders listed in the "Local Domains" list will be notified, and not those outside those domains. There is a new "High SpamAssassin Score" configuration value to set the minimum SpamAssassin score above which the "High Scoring Spam Action" setting applies. There is a new "High Scoring Spam Action" configuration value to set the action applied to all messages whose SpamAssasssin score is greater than the "High SpamAssassin Score". |
|
| 25/6/2002 | A small bug has been found in the SpamAssassin report-handling
code. This can cause the delivery of a very small percentage of
spam email. The fix is 1 line, and involves simply editing
sendmail.pl and adding the line
$SAreport =~ s/\s+$//g if $SAreport; after the line that says $SASaysSpam = 0 unless $SAreport; # Solve bug with empty SAreports which is line 285 in the latest release. |
|
| 23/6/2002 | Released version 3.20-7.
This corrects a small problem with the mail queue ownership (if you don't run MailScanner as root). Messages containing viruses listed in viruses.to.delete.conf will now be delivered (clean) to the recipient just as normal, but the sender will not be informed; this is a slight change to the previous operation of this option. The RedHat RPM init.d script has been improved: it now supports a "status" command, and if you change the outgoing queue delivery interval this value can be kept across upgrades. |
|
| 20/6/2002 | Written a much better RedHat Linux /etc/rc.d/init.d/mailscanner script. | |
| 19/6/2002 | RPM installation now has latest MailTools package, V1.46. Tar distribution is unchanged. | |
| 19/6/2002 | I have fixed a problem where, rarely, a message will get a blank SpamAssassin report, which will cause email filters to consider it as spam. Released Version 3.20-5. | |
| 18/6/2002 | I have written an autoupdate script for F-Prot. It aims to do exactly the same as the one supplied with F-Prot, except that it also does the proper file locking so that MailScanner cannot attempt to use F-Prot while the update is actually happening. | |
| 17/6/2002 | Released Version 3.20-4. This corrects the problems some users have experienced getting false alarms from SpamAssassin. | |
| 15/6/2002 | I've come up with a possible solution if you are getting false alarms from SpamAssassin, where a message gets marked as spam even though the "hits" < "required_hits". Try applying this patch and see if it solves the problem. Please let me know how you get on. | |
| 15/6/2002 | Everything seems to work okay with SpamAssassin 2.30. Check the mailing list archives to see my experiences installing and testing it. | |
| 14/6/2002 | Released Version 3.20. Many new features and improvements in this
release. For fuller details read the ChangeLog (in the docs directory)
and the mailscanner.conf documentation.
Some of the new features/improvements in this release are: Moved McAfee support from "mcafee" directory to "uvscan" to make McAfee installation simpler. Added support for Panda and RAV virus scanners, bringing total supported to 10 Many performance optimisations Added configuration option to list viruses that should be quietly deleted without informing the sender or recipient. A good example is the "Klez" worm Improved performance of SpamAssassin by pre-compiling all code Added configuration option to enable SpamAssassin's "auto-whitelist" functionality Added optional internal TNEF expansion using CPAN Perl Convert::TNEF module Updated version of MIME-tools module shipped and included mime-tools-patch.txt from Bugtraq Added support for RBL lists that work by domain name rather than by IP number Note for Exim users only: Due to a re-write of the locking code, MailScanner currently supports Linux, BSD (any variant), Solaris, AIX and IRIX. If you are using a different OS such as HP/UX, please contact us so we can quickly add support for your system. |
|
| 10/6/2002 | MailScanner has got a good write-up on linuxsecurity.com. Here is the full article. | |
| 7/6/2002 | Security patch for MIME-Tools
A member of the Bugtraq mailing list has found some potential security problems with the MIME-Tools module that MailScanner uses. They have released a patch which they claim resolves these problems. I have tested it on my systems and it does not appear to cause any problems. It is a patch for version 5.411 (latest stable release) of the MIME-Tools module, so if you do not have that version yet then you should download it from www.zeegee.com and unpack it, then apply the patch. |
|
| 20/5/2002 | Released Version 3.15-3. Fixed bug where non-spam messages from whitelisted hosts/networks, when SpamAssassin header was always included, would give an empty SpamCheck: header. | |
| 19/5/2002 | Released Version 3.15-2. Couple of minor fixes. | |
| 19/5/2002 | Released Version 3.15. No very major changes this time, but a
few improvements that have been requested:
Added "Always Include SpamAssassin Header" option so you can have spam reports on non-spam messages Added "default" rule to spam.actions.conf file. See the supplied file for an example, and the documentation Implemented switch to control logging of allowed attachment filenames Most systems will no longer need "syslogd -r" for logging to work F-Prot parser handles non-working copies of viruses RPM file now saves config files rather than overwriting them |
|
| 17/5/2002 | I have just added a FAQ that explains how to use MailScanner when your mail server runs Microsoft Windows or any other OS you care to mention, or any other mail system I don't support (e.g. Postfix, Qmail, Exchange, NTMail, etc). | |
| 14/5/2002 | Released Version 3.14. Changes for this version are:
Implemented per-user and per-domain control of what to do with spam Added "Subject:" line modification for viruses, same as for spam SpamAssassin report now also includes names of successful tests Infected "multipart/alternative" messages are converted to "multipart/mixed" so that virus warning can always be seen. Files which pass the filename rules are now logged Added section about "exim_tidydb" command to Exim docs File "domains.to.scan.conf" can now be a copy of Exim domain map file Added ".scr" to supplied list of banned filename extensions Added another FAQ (12) about settings for high-volume mail servers Fixed tainting bug in ClearOutQueue() Made documentation stylesheet a local file Fixed handling of "Return-Path:" header Fixed case sensitivity bug in local domains file Fixed bug in Sophos autoupdate to account for new "vdl" filename |
|
| 11/5/2002 | Next release due soon. I have implemented per-user and per-domain
control of what to do with spam (deliver/store/delete), and added
modification of the subject line in messages that had a virus in them.
I have fixed a few minor bugs such as handling infected multipart/alternative messages rather more neatly, and the Sophos autoupdate code (which broke when Sophos changed the VDL filename). |
|
| 25/3/2002 | Released version 3.13-1.
Fixed bug where carriage return characters embedded in subject lines could stop MailScanner being able to extract files from the message. Fixed bug in Sophos NSV autoupdate code. |
|
| 7/3/2002 | Released version 3.12-5.
Fixed bug where McAfee auto-updating script used the wrong lockfile. |
|
| 5/3/2002 | Released version 3.12-4.
Fixed bug causing "Mail Archive" feature to not work. Sorry! |
|
| 5/3/2002 | Released version 3.12-3. Changes from previous version are:
Domains To Scan now supports wildcards, e.g. *.julianfield.net, Spam White List now supports wildcards, e.g. *.julianfield.net, Greatly improved F-Prot parser (this should be the last major change to the parser), Support for SpamAssassin 2.1 and upwards, Stopped McAfee wrapper producing "kernel: cdrom open failed" errors, New feature: Mail Archive to save all incoming mail to a directory, Support for Inoculan 4.x virus scanner. Fixed the bug in changing the subject line when spam-tagging with Exim (hopefully!) Note: I would strongly advise all F-Prot users to upgrade to this version. |
|
| 2/3/2002 | I have added support for SpamAssassin version 2.1, but have had to
remove support for earlier versions. It will complain at startup if your
SpamAssassin is too old. I have also added Inoculan 4.x support, provided by gabor.funk@hunetkft.hu. |
|
| 25/2/2002 | I have improved the F-Prot parser some more, it should now cope with all the output that F-Prot can generate. | |
| 22/2/2002 | Modified feature: I have changed the "Spam White List" to support wildcards in the same say as the "Domains To Scan" list described below. | |
| 21/2/2002 | Modified feature: I have changed the "Domains To Scan" list when
scanning by domain. It will now match any address whose domain ends in one
of the names listed in the domains.to.scan.conf file. So putting
*.julianfield.net in the domains.to.scan.conf file will cause all
mail to/from anything.julianfield.net to be scanned, as well as
all mail to/from julianfield.net.
This code will be included in the next release, but please ask if you want it before then (release date unknown at the moment). |
|
| 15/2/2002 | Security Alert: A bug in Microsoft Outlook Express has been brought to my attention. By exploiting this bug, Outlook Express can be made to see a file attachment that is embedded in the message headers, and is currently not checked by MailScanner. As far as I am currently aware, no virus is yet exploiting this security hole. However, it is a simple 1-line fix to solve the problem, and I have just released version 3.11-1 to solve it. | |
| 12/2/2002 | Version 3.10-4 released. F-Prot parser updated to recognise output about "destructive programs". |
|
| 12/2/2002 | Version 3.10 released. Virus scanning per domain now implemented. It's an "all or nothing" switch per domain, I'm afraid. Keeps it simple. One or two minor bugfixes and improvements to some of the support scripts, please don't ask for too many details (I can't quite remember :-) |
|
| 28/1/2002 | Emergency: The MyParty virus slips through versions of MailScanner before 3.04-1. You must update to 3.04-1 to be able to catch this virus. If you want to fix it without upgrading, find the function DefinitelyClean in sendmail.pl and insert "return 0;" at the start of the function. | |
| 21/1/2002 | There are now some graphs showing the number of downloads by month and by version. Yell at me if they get out of date... | |
| 21/1/2002 | Due to a very generous gift from Paul Welsh (a MailScanner user), I now have the addresses www.mailscanner.biz, www.mailscanner.org.uk and www.mailscanner.co.uk all pointing to this site (in addition to www.mailscanner.info which I had already). Many thanks to Paul for this! | |
| 17/1/2002 | Version 3.03-1 released. New features/changes/fixes include:
Several virus scanners can now be used together. X-MailScanner-SpamCheck: SpamAssassin headers now include the number of hits. Lock File Dir configuration option. Improved F-Prot output parser to fix handling of joke programs, trojan programs and encrypted archives. All F-Prot users should upgrade. F-Prot output parser no longer stops when it gets output it doesn't recognise. Minor Inoculate and CommandAV parser fixes. Double-bounces of MailScanner messages now go to local postmaster. Fixed wrapping of virus scanner reports. Fixed bug where virus scanner would still be called with "Virus Scanning = no". Fixed bug in subject line spam tagging for Exim. All Exim users should upgrade. Improvement to Sophos.install, checks for install.sh script before calling it. |
|
| 8/1/2002 | Bug fix to improve stability and to stop Perl core dumping.
Bug fix causing SpamAssassin to mark everything as spam. Bug fix in F-Prot parsing code to support trojans and backdoor programs properly. All F-Prot users should upgrade. Bug fix in Inoculate parsing code. All InoculateIT users should upgrade. Improvement to logging when viruses originate from inside your own network. Changed localdomains.txt to localdomains.conf. Release of version 3.02-1. All users having any problems should upgrade. |
|
| 5/1/2002 | Bug fix in InoculateIT parsing code and release of 3.01-3. | |
| 4/1/2002 | I have fixed a problem scanning inside Zip files with F-Prot and released version 3.01-1. | |
| 4/1/2002 | I have written some notes about the Minimum Code Status configuration option, as it seems to be causing some confusion (especially among users who haven't read the documentation :-) | |
| 4/1/2002 | Improved the code that links messages between the queues when moving them. Minor change to sendmail.pl. | |
| 3/1/2002 | Fixed a problem in the tar distribution where the mailscanner script was wrong. Nothing has changed in the RPM distribution. | |
| 3/1/2002 | The previous version (2.60-2) was downloaded 3,441 times. As I know that quite a lot of you never upgraded to that version, I would estimate the number of MailScanner users out there to be at least 4,000 !!! | |
| 3/1/2002 | Version 3.00 released. Loads of new features in this version:
|
|
| 13/12/2001 | Quite a few people have asked about monitoring MailScanner using MRTG so they can draw some graphs showing mail throughput, number of viruses caught, and so on. I have written a page about MRTG support which includes the scripts and configuration files I use to do it. | |
| 13/12/2001 | The new version is close to completion. For a sneak preview of some of the new features, look here for any mention of "3.00". There are a few new keywords and a few updated ones. | |
| 7/12/2001 | Things have been a bit quiet on the MailScanner front recently. There have now been over 2,300 downloads of version 2.60-2. Work on the next version is in progress and I expect to release something around Christmas time. | |
| 7/12/2001 | Got onto the Cover Disc of the December issue of Linux Format magazine. They don't say much about it, but they did include it which is nice. | |
| 7/11/2001 | Won "Best Of Linux" award on DaveCentral.com. He also wrote a very nice review. | |
| 29/10/2001 | Released version 2.60.
Description is as below, there are now more text files in the etc directory to customise. I have also tweaked the timeout code again to make it more reliable. |
|
| 24/10/2001 | The next version, 2.60, is on the way. I have added more text files to the etc directory so that users get different responses (and replacement attachments) depending on whether it found a virus or whether it failed one of the filename traps. This should make things easier to understand for our poor hard-done-by users :-) | |
| 23/10/2001 | Released version 2.54-1.
This is a bug-fix release, corrects a problem with modifying the subject line of spam when using Exim. This change does not affect sendmail users at all. The Linux version now uses wget instead of lynx due to problems seen with some versions of lynx when running from crond. Also, to reduce the number of problems related to MIME-tools, minimum version numbers of some modules are now checked. |
|
| 18/10/2001 | Released version 2.53-1.
This includes improved handling of unparsable messages, and should also resolve any outstanding problems with timeouts that were present in version 2.52. It also logs its version number when it starts up. |
|
| 16/10/2001 | I have just found a bug that under rare circumstances (a MIME message badly formed in a very particular way, only originating from Apple Macs) MailScanner would fail and stop. This is the first time I have seen this happen in over a year of use. However, I have improved the handling of badly formed messages enough so that nothing stops. The fix will be included in 2.53 due out at the end of this week. | |
| 12/10/2001 | Update on 2.52: The code fix I propose is working well so far,
if you want a copy of the 2 new files then mail me, otherwise I'll
release it towards the end of next week if it's proved to solve the
problem.
2.52 is having one or two problems, I suggest you use 2.51 until I manage to prove that my fixes work. More news as it happens... |
|
| 9/10/2001 | 2.52-2 contains updated text in the Linux RPM distribution. The tar distribution is exactly the same as 2.52-1. | |
| 9/10/2001 | 2.52-1 released. Added configuration option "Deliver in
Background" which makes it run the sendmail processes in the
background instead of waiting for them to complete.
Also the Linux RPM uses wget rather than lynx to fetch Sophos updates (in /usr/local/Sophos/bin/autoupdate) as it is better for cron jobs than Lynx. I have also removed the sample sendmail.cf file from the distribution altogether as it continues to cause confusion. |
|
| 5/10/2001 | Any remaining problems with timeouts apparently not working have
been solved. This will be in release 2.52-1 which you can have
on request
if you urgently need it, else I'll release it around the end of next week.
I have also added a configuration option to allow the "sendmail" processes
to be all run in the background, instead of waiting for them to complete.
It will also use wget on Linux instead of lynx as it is more suited to running from a cron job. |
|
| 4/10/2001 | 2.51-2 released. Slight bug in sweep.pl stopped the removal of macros viruses from attachments working. *No* viruses would get through as a result of this bug, just one of the nice features of this package wouldn't work. | |
| 4/10/2001 | 2.51-1 released. Added configuration option "Deliver Unparsable TNEF" to allow compatibility with earlier behaviour where Microsoft Outlook Rich Text Format attachments that could not be decoded were still delivered. The default is "no". | |
| 2/10/2001 | 2.50-2 released. Corrected one typo in sweep.pl (that's all). | |
| 1/10/2001 | Version 2.50 released. New features are all mentioned below, and new mailscanner.conf switches are documented. | |
| 27/9/2001 | Version 2.50 will also feature a "spam white list" consisting of a file holding email addresses and email domains from which you will accept mail without ever marking it as spam. | |
| 26/9/2001 | MailScanner is now right near the top of the ratings chart at
FreshMeat. If some more
people could vote, we might make it to number 1 again!
Version 2.50 is near completion. This will feature timeouts to prevent Denial Of Service (DoS) attacks by people sending you things like the Zip of Death file (a small zip file which expands to thousands of terabytes). It will also feature the new version of the TNEF decoder, with an extra switch added to avoid other DoS attacks. And a couple of minor features requested by users (turn off virus scanning, turn off delivery of cleaned messages to users). |
|
| 10/9/2001 | Version 2.42 released.
This version allows you to modify the Subject: line of messages identified as being likely spam. There are 2 new configuration variables controlling this, "Spam Modify Subject" and "Spam Subject Text" which are both documented. |
|
| 3/9/2001 | We have discovered a problem in the Exim installation notes. Taking the steps given to stop the incoming Exim from ever accidentally delivering mail, will also cause it to operate as an open mail relay. This is okay if it is one of your internal mail servers, but obviously is very bad if it is one of your MX hosts. For now, please don't follow these 3 steps until we find a better solution. | |
| 31/8/2001 | Version 2.41-2 released.
There is a slight bug in the Sophos autoupdate script, which in some situations may cause the wrong IDE files to be fetched from Sophos, if the version of Sophos has been updated since it was originally installed. This is due to Sophos' installation program leaving an old version of a file lying in the sophos/lib directory. Either install the entire latest release or just fetch the appropriate replacement Linux or Solaris/Unix script. |
|
| 30/8/2001 | Version 2.41 released.
New feature is more intelligent handling of MailScanner status headers when a message has passed through multiple MailScanners. It is now configurable, but the default behaviour is to append new information to the existing X-... header, rather than add a new header. |
|
| 29/8/2001 | Important: I have discovered that some of you may have
corrupt copies of the tnef binary, which is in the
MailScanner bin directory and is used to unpack Microsoft
Outlook Rich Text attachments. To test it, cd into the
bin directory and run the command ./tnef --help
which should produce a help message. If it doesn't produce a help
message, please download a replacement Linux
or Solaris binary and copy it into this
directory, ensuring that you have permission to execute it (type
chmod +x tnef* in the bin directory).
This issue will be fixed in the 2.41 release due in the next few days. | |
| 29/8/2001 | Installation guide now available in Portugese. | |
| 15/8/2001 | Version 2.40 released.
Save a copy of your /etc/sendmail.cf, and /usr/local/MailScanner/etc or /opt/mailscanner/etc files before installing the new version as the upgrade may well overwrite them (particularly when using the Linux RPM). There are several new configuration file options, read the documentation carefully and merge your mailscanner.conf customisations into the new supplied version of this file. Make sure that any long lines (eg. the "Inline HTML Warning") don't word-wrap in your text editor! There is also 1 new addition to my suggested filename.rules.conf file (to trap .reg files). Managed to propogate a bug in /etc/rc.d/init.d/mailscanner from the previous version of the Linux RPM, hence there's now a 2.40-2 RPM. |
|
| 15/8/2001 | Discovered the official version of how the RBL+ works, thanks to
Michael Forrest. The line of code in sendmail.pl mentioned
below for using the RBL+ should read
|
|
| 12/8/2001 | Created a mailing list, subscription instructions are shown above in the "Talk To Me" section. | |
| 10/8/2001 | Version 2.40 is now in testing, hopefully will release next week.
Changes include:
|
|
| 9/8/2001 | Added an Installation FAQ. All suggestions for questions (and answers) are welcome. | |
| 6/8/2001 | Support for the RBL+ spam list. Due to not having a subscription before, I never discovered that it produces different format results from the other MAPS lists, so you need to make one small change to the source:
Look in sendmail.pl for the string 235 and you'll only find 1 occurrence. Change that line to read Then add the line to mailscanner.conf and you're away. |
|
| 6/8/2001 | Version 2.40 is almost ready. Significant changes are:
1. Support for RBL+ 2. Merged Exim and Sendmail versions into one 3. Warning message can now be added to the top of the message body, making it easier for users to understand what the VirusWarning.txt attachments mean. Both HTML and plain text supported. If you want other features, please request them now. |
|
| 29/7/2001 | Added a list of users of MailScanner.
Discovered minor bug in Linux distribution, please uncomment the call to mailscanner in /etc/rc.d/init.d/mailscanner. |
|
| 10/7/2001 | Sample mailscanner.conf file updated to include use of ORBL and ORDB replacements for the now-defunct ORBS open mail relay database. | |
| 14/6/2001 | Exim version of 2.30 released. | |
| 12/6/2001 | McAfee compatibility added to Release 2.30. | |
| 8/6/2001 | Release 2.30-2 produced. This includes minor corrections to file permissions, and includes the missing sophoswrapper script. | |
| 7/6/2001 | Release 2.30 produced.
This release includes automatic disinfection of macro viruses and any other viruses that can be disinfected (Sophos only, not McAfee yet). |
|
| 31/5/2001 | Exim installation notes finally put on-line.
Solaris release check_mailscanner script corrected to use SysV ps command. Release 2.20-2 for Solaris/non-Linux systems produced. |
|
| 29/5/2001 | Linux distribution of Version 2.20 released for sendmail and Sophos.
McAfee versions of 2.20 released so you don't have to use Sophos. I personally still strongly recommend Sophos over McAfee. |
|
| 25/5/2001 | Version 2.20 released for sendmail and Sophos. This release decodes Microsoft's MS/TNEF format and virus-checks the files contained within. This release also includes a greatly improved Sophos autoupdate script and a script to automate installation of Sophos. | |
| 24/5/2001 | Someone has reminded me that the McAfee code has disappeared. Expect it back soon! | |
| 24/5/2001 | I have got proper MS/TNEF decoding working, using the tool at http://world.std.com/~damned/software.html. Expect to see a new release (probably version 2.2) very soon. Exim version of it will follow a few days later. | |
| 24/4/2001 | There are some new plans for the next version. | |
| 23/4/2001 | New release for Exim, fixed some "header munging" bugs | |
| 19/4/2001 | Version 2.14 released for Exim mail transport agent, so you don't have to use sendmail if you don't like it or find it rather too scary ;-) Documentation will follow, mostly just have a good read through the supplied mailscanner.conf file. | |
| 18/4/2001 | In some installations of sendmail 8.11.3, MailScanner would fail to detect viruses properly. This has been found and fixed. Version 2.14 released as both a tar file and as a Linux RPM. | |
| 9/4/2001 | I have updated the RPM distribution and fixed the file location errors. Should work straight out of the box much more easily now. Have done more testing on sendmail 8.11.3 from sendmail.org and it detects viruses fine on that version. | |
| 30/3/2001 | I have updated the filename.rules.conf file to include some more known dangerous Microsoft file extensions. This now includes all the extensions which are known to be hidden even when you have Windows Explorer set to show all file extensions. | |
| 23/3/2001 | I have prepared an RPM distribution of MailScanner for Linux. This should make it far easier to install. Just download it, install the RPM, correct the "DH" and "DM" lines in /etc/sendmail.cf and you are up and away. If you are interested, the RPM spec file used to build it is here as well. |
Due to the nature of this software, I have an interest in the Regulation of Investigatory Powers Act which has just come into force in the United Kingdom. Under section 3(3) of the Act, I believe that this sort of interception is legal, but care must be taken to ensure that no-one other than the sender and intended recipient of any message can read any part of that message. This certainly includes infected attachments.