Version 1.4.3 - 24th July 2014 (Wrap up changes since 1.4.2) * Bugs fixed: - Segfault condition that would very occasionally happen. - mstripconf: Behave more gracefully when no TTY is available (e.g. webmin) * Changes, Enhancements and New Features: - Upgraded Tcl back-end to 8.4.19. (Yes, it's not exactly cutting-edge but it has fewer library requirements than 8.5 or 8.6!) - Linux builds now require at the earliest RHEL4/CentOS4 (glibc-2.3.4) - Linux 64-bit build now available - Spam and virus quarantines no longer limited to 2GB. - Filter enhancement - %-based relaying check renamed to source routing check, and also now blocks attempts to relay using ! and [..]. Version 1.4.2 - 9th June 2012 (Wrap up updates made since 1.4.1) * Bugs fixed: * Changes, Enhancements and New Features: - New option to allow message tagging to use a header instead of the subject line. - New option (enabled by default) to block %-based source routed mail. - New senders.relay file. Don't use this unless you really have to. The file doesn't have to exist, and no sender-based relaying will happen if it doesn't. - RSET from a blacklisted source behaves largely like QUIT. Version 1.4.1 - 17th September 2007 * Bugs fixed: - Memory leak fixed. - "bgerror" crash bug fixed. - Single-line single-word emails now blocked when they weren't previously. - Some senders send the subject tag in lower case. Tagging now should work. - Timeouts work better, and better sanity checking on initial response from downstream SMTP server - Fixed an error where MailStripper would erroneously report a negative number of lines. - Fixed numerous issues with the installer on FreeBSD, and added FreeBSD 6.x compatibility. - Changed logic on the child process limiter. Previously, a connection from a blacklisted sender was always allowed through (so we could tell it to get lost, and if sender-whitelisted, allow it through). The new behaviour is to limit it to ($MAX_CHILDREN / 2) slots and send a busy reject if more than that number of slots are in use. This will make things much easier for non-blacklisted senders, and stop a snowball effect. * Changes, Enhancements and New Features: - Solaris/SPARC builds now on Solaris 10. - The virus bin can also be an email address target like the spam bin. - Network inactivity timeout now configurable, default is 300 seconds. - ClamAV's 'clamd' mechanism now supported, should make virus scans much faster. - Can now choose to quarantine messages blocked by senders.deny instead of bouncing them. - Per-User and Per-Domain senders.allow files now supported: senders.allow. and senders.allow.. - Updated the help in mstripconf to respond to '@' as well as '"' as the shift-2 character. (It already listens to both '#' and '£'.) - Remote tech support facility of reading the config file added. This is NOT ENABLED by default and is available only when enabled specifically, separate from the normal debug mode. Version 1.4.0 - 29th May 2006 * Bugs fixed: - Corrected a bug that caused messages refused by plugins to still be quarantined (although the sender did get the error message). - Stale lockfile detection added. - Bug fixes in SURBL. - Fixed a MIME attachment bug where the header wasn't specified in lowercase. - Fixed a MIME attachment bug where there was no blank line between the end of a block and the MIME separator. * Changes & Enhancements: - When tagging subject lines, if no subject line is found, one is now added. - If local MTA declares a SIZE of 0, ignore it. - SURBL plugin may be installed multiple times under different names, and will look at .config to allow use of multiple SURBL lists. - SURBL plugin can now recommend refusing the message (rather than just increasing the score), and also blacklisting the sender IP. - HTML junk cleaning improved. - Network inactivity timeout reduced to 15 minutes. - Fixed font and colour insanity in xmstripconf on CDE systems. - Virus bin as email address now fully functional. - Lines with only HTML tags are no longer counted in the line length count. - Lines with only one word (no spaces) no longer counted as a separate line. * New features: - SMTP AUTH support added - Added support for a plugin response code recommending blacklisting the IP. - Added native support for ClamAV antivirus. - New X-MailStripper-Level: header added, with a bargraph-type display of the score. Version 1.3.2 - 30 June 2005 - Fixed the stream freeze / timeout bug. Version 1.3.1 - 18 June 2005 - Fixed a URL mis-parsing bug in the SURBL plugin. - Added bitwise filtering to SURBL DNS responses, so for example in the case of multi.surbl.org you can choose how many or how few lists you check. - SURBL debug responses are no longer specific to multi.surbl.org, and are shown as a bitmap with the corresponding bitmask. - Fixed a potential buffer overflow in msclib. - Recognises another new way of hiding junk. - Plugin handler: Response code 2000 now works properly. Version 1.3.0 - 29 March 2005 - Major internal changes, including a scanning core 2-3 times as fast as the old one. - Plug-in interface - expand MailStripper's capabilities. - Local blocklists! This is implemented using the plug-in interface. - SURBL plugin - this uses the DNSBL at http://www.surbl.org - Trusted IPs plugin, that always bypasses the filter for mail from specified addresses. Note this does not override the IP blacklist or the honeypot. - Text-mode config tool menus reorganised, to match GUI more closely. - New filtering option to control level of junk removal before scanning. - Adjusted uvscan AV options to more optimal settings - New option to limit the size of inbound messages (only works with ESMTP). - New option to not content scan messages larger than a particular size. - Additional recognition and handling for odd HTML formations. - Blocklist Update mechanism updated, and now supports HTTP on non-standard ports. - New blocklist option which causes the uppercase check to be skipped for that specific rule. - Subject line prefixes now handled better. - Init script for Solaris improved. - HELO and EHLO now use the MailStripper machine name when talking to the MTA. - Better handling of MIME separators. (It no longer falls over with BinHex.) - Support for a Recipient Taglist. Similar to the Recipient Whitelist though it does NOT override a blacklist, and subject lines are tagged as per #TAG. (#TAG is therefore deprecated, but currently still supported.) - Empty stylesheets no longer attract a score penalty. Version 1.2.4 - 4 October 2004 - New switchable option to check for high-bit characters. This check takes place after folding accented characters to their non-accented equivalents. - New switchable option: Tag DNSBL-flagged mail instead of refusing it. - The Empty Message Override score is now configurable. - Bug fix: Multiple MIME-encoded text/* blocks are now scanned correctly. Note this never forwarded garbled messages, just incorrectly calculated the score. - Bug fix: Sometimes the first line of the message body wasn't scanned correctly. - Bug fix: Whitelists weren't always being matched correctly. - The spam bin %d and %u substitutions now map to lower-case equivalents. - New spam bin substitution %t returns an almost-guaranteed-to-be-unique value. This is to allow a spam bin where each message is an individual file. - RFC2047 decoding is now performed on the subject line. (Other fields are left alone as MailStripper ignores them) Version 1.2.3 - 12 August 2004 - Bug fix: MailStripper would sometimes get confused over ESMTP extensions on RCPT. - Adjusted uvscan invocation options. Version 1.2.2 - 7 July 2004 - Empty file bug fixed in score tool. - Corrected an issue with mstripconf and xmstripconf, where it would crash if $HOME was not set. - Corrected an issue with the mailstripper daemon, which would fail if $HOSTNAME was not set. - Boundary limits now available in the sender white and blacklists, reducing or eliminating the risk of inadvertent substring matching. - An IP blacklist check made at the top level. - Another speed-up. - FreeBSD fixes. Version 1.2.1 - 14 May 2004 - New "Permitted Domains" list for use on systems that insist on allowing relaying. This will operate irrespecive of licence state. - Add recognition of inlined uuencoded data blocks. - Fixed bug in MIME multipart handling. - Better handling of accented characters - Corrected a uvscan glitch, where it would inadvertently throw out clean messages. - The response to HELO no longer identifies MailStripper specifically. Version 1.2.0 - 13 March 2004 - New much faster scanning core. - Tcl-style regular expressions now supported in keyword list. - DNS blocklists supported. - Honeypot list feature to automatically blacklist IPs trying to deliver spam. - avwrap feature to allow use of unsupported antivirus systems via a wrapper script. - Virus-trapped emails now send back a 550 error to the sender, explaining why. (MailStripper does NOT generate the bounce message.) - Tooltips behave in a more natural fashion. - Upgrade / install script now take care of updating the config file to reflect the requirements of the new version. - SMTP Welcome banner modification, for those who prefer not to reveal what software is being run. - Control files moved from /usr/share/mailstripper to /etc/mailstripper. The install script will take care of updating old setups.