From owner-freebsd-ports-bugs@FreeBSD.ORG Mon Mar 8 01:50:17 2004 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 93E4C16A4CE for ; Mon, 8 Mar 2004 01:50:17 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7A52843D49 for ; Mon, 8 Mar 2004 01:50:17 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i289oHbv090316 for ; Mon, 8 Mar 2004 01:50:17 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.10/8.12.10/Submit) id i289oHtg090315; Mon, 8 Mar 2004 01:50:17 -0800 (PST) (envelope-from gnats) Resent-Date: Mon, 8 Mar 2004 01:50:17 -0800 (PST) Resent-Message-Id: <200403080950.i289oHtg090315@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Jan-Peter Koopmann Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C4C8D16A4CE; Mon, 8 Mar 2004 01:47:01 -0800 (PST) Received: from mail.seceidos.de (mail.seceidos.de [213.157.28.234]) by mx1.FreeBSD.org (Postfix) with ESMTP id BB0C643D31; Mon, 8 Mar 2004 01:47:00 -0800 (PST) (envelope-from root@seceidos.de) Message-Id: <200403080946.i289ksMm031086@services.intern.seceidos.de> Date: Mon, 8 Mar 2004 10:46:54 +0100 (CET) From: Jan-Peter Koopmann To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 cc: sergei@FreeBSD.org Subject: ports/63921: [MAINTAINER] mail/MailScanner: update to 4.28.5 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Mar 2004 09:50:17 -0000 >Number: 63921 >Category: ports >Synopsis: [MAINTAINER] mail/MailScanner: update to 4.28.5 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Mon Mar 08 01:50:17 PST 2004 >Closed-Date: >Last-Modified: >Originator: Jan-Peter Koopmann >Release: FreeBSD 4.9-STABLE i386 >Organization: >Environment: System: FreeBSD services.intern.seceidos.de 4.9-STABLE FreeBSD 4.9-STABLE #0: Mon Jan 5 10:56:46 CET >Description: - Update to 4.28.5 - New features include blocking of password protected ZIPs and filename/-type checking within ZIPs Please add these files to CVS: - files/patch-docs:man:MailScanner.8.html - file files/patch-docs:man:MailScanner.conf.5.html Thanks, JP Generated with FreeBSD Port Tools 0.50 >How-To-Repeat: >Fix: --- MailScanner-4.28.5.patch begins here --- diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner.orig/Makefile /server-root/ports/mail/mailscanner/Makefile --- /server-root/ports/mail/mailscanner.orig/Makefile Wed Mar 3 08:07:47 2004 +++ /server-root/ports/mail/mailscanner/Makefile Mon Mar 8 10:06:20 2004 @@ -6,7 +6,7 @@ # PORTNAME= MailScanner -PORTVERSION= 4.27.7 +PORTVERSION= 4.28.5 CATEGORIES= mail MASTER_SITES= http://www.sng.ecs.soton.ac.uk/mailscanner/files/4/tar/ DISTNAME= MailScanner-${PORTVERSION}-${PATCHLEVEL} @@ -23,7 +23,9 @@ ${SITE_PERL}/MIME/Parser.pm:${PORTSDIR}/mail/p5-MIME-Tools \ ${SITE_PERL}/File/Temp.pm:${PORTSDIR}/devel/p5-File-Temp \ ${SITE_PERL}/Convert/TNEF.pm:${PORTSDIR}/converters/p5-Convert-TNEF \ - ${SITE_PERL}/Net/CIDR.pm:${PORTSDIR}/net-mgmt/p5-Net-CIDR + ${SITE_PERL}/Net/CIDR.pm:${PORTSDIR}/net-mgmt/p5-Net-CIDR \ + ${SITE_PERL}/Archive/Zip.pm:${PORTSDIR}/archivers/p5-Archive-Zip \ + ${SITE_PERL}/${PERL_ARCH}/Compress/Zlib.pm:${PORTSDIR}/archivers/p5-Compress-Zlib RUN_DEPENDS= ${BUILD_DEPENDS} \ ${LOCALBASE}/bin/bash:${PORTSDIR}/shells/bash2 \ ${LOCALBASE}/bin/tnef:${PORTSDIR}/converters/tnef \ @@ -34,7 +36,7 @@ USE_PERL5= yes -PATCHLEVEL= 1 +PATCHLEVEL= 2 WRKSRC= ${WRKDIR}/MailScanner-${PORTVERSION} PKGMESSAGE= ${WRKDIR}/pkg-message @@ -105,7 +107,7 @@ .endfor do-install: - # + # # Step 1: Install libexec files # ${MKDIR} ${PREFIX}/libexec/MailScanner diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner.orig/distinfo /server-root/ports/mail/mailscanner/distinfo --- /server-root/ports/mail/mailscanner.orig/distinfo Wed Mar 3 08:07:47 2004 +++ /server-root/ports/mail/mailscanner/distinfo Mon Mar 8 10:06:49 2004 @@ -1,2 +1,2 @@ -MD5 (MailScanner-4.27.7-1.tar.gz) = 587c0ac52b9ef2ba889c40d6fafdd05a -SIZE (MailScanner-4.27.7-1.tar.gz) = 965165 +MD5 (MailScanner-4.28.5-2.tar.gz) = 5cb83fca38392efa76d3f73280525f46 +SIZE (MailScanner-4.28.5-2.tar.gz) = 969966 diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner.orig/files/patch-docs:man:MailScanner.8 /server-root/ports/mail/mailscanner/files/patch-docs:man:MailScanner.8 --- /server-root/ports/mail/mailscanner.orig/files/patch-docs:man:MailScanner.8 Wed Mar 3 08:07:48 2004 +++ /server-root/ports/mail/mailscanner/files/patch-docs:man:MailScanner.8 Mon Mar 8 10:42:18 2004 @@ -1,8 +1,8 @@ ---- ../MailScanner-4.27.7.orig/docs/man/MailScanner.8 Mon Mar 1 15:25:07 2004 -+++ docs/man/MailScanner.8 Mon Mar 1 15:27:56 2004 +--- ../MailScanner-4.28.5.orig/docs/man/MailScanner.8 Mon Mar 8 10:41:05 2004 ++++ docs/man/MailScanner.8 Mon Mar 8 10:42:01 2004 @@ -1,4 +1,4 @@ -.TH "MailScanner" "8" "4.27.4" "Julian Field" "Mail" -+.TH "MailScanner" "8" "4.27.7" "Julian Field" "Mail" ++.TH "MailScanner" "8" "4.28.5" "Julian Field" "Mail" .SH "NAME" .LP MailScanner \- Virus/Spam Scanner for Sendmail, Exim and Postfix diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner.orig/files/patch-docs:man:MailScanner.8.html /server-root/ports/mail/mailscanner/files/patch-docs:man:MailScanner.8.html --- /server-root/ports/mail/mailscanner.orig/files/patch-docs:man:MailScanner.8.html Thu Jan 1 01:00:00 1970 +++ /server-root/ports/mail/mailscanner/files/patch-docs:man:MailScanner.8.html Mon Mar 8 10:42:18 2004 @@ -0,0 +1,9 @@ +--- ../MailScanner-4.28.5.orig/docs/man/MailScanner.8.html Mon Mar 8 10:41:05 2004 ++++ docs/man/MailScanner.8.html Mon Mar 8 10:42:01 2004 +@@ -1,5 +1,5 @@ + +- ++ + + diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner.orig/files/patch-docs:man:MailScanner.conf.5 /server-root/ports/mail/mailscanner/files/patch-docs:man:MailScanner.conf.5 --- /server-root/ports/mail/mailscanner.orig/files/patch-docs:man:MailScanner.conf.5 Wed Mar 3 08:07:48 2004 +++ /server-root/ports/mail/mailscanner/files/patch-docs:man:MailScanner.conf.5 Mon Mar 8 10:42:18 2004 @@ -1,8 +1,74 @@ ---- ../MailScanner-4.27.7.orig/docs/man/MailScanner.conf.5 Mon Mar 1 15:25:07 2004 -+++ docs/man/MailScanner.conf.5 Mon Mar 1 15:28:04 2004 +--- ../MailScanner-4.28.5.orig/docs/man/MailScanner.conf.5 Mon Mar 8 10:41:05 2004 ++++ docs/man/MailScanner.conf.5 Mon Mar 8 10:42:01 2004 @@ -1,4 +1,4 @@ -.TH "MailScanner.conf" "5" "4.27.4" "Julian Field" "Mail" -+.TH "MailScanner.conf" "5" "4.27.7" "Julian Field" "Mail" ++.TH "MailScanner.conf" "5" "4.28.5" "Julian Field" "Mail" .SH "NAME" .LP MailScanner.conf \- Main configuration for MailScanner +@@ -383,6 +383,14 @@ + This is intended for use with a ruleset to ensure that mail is always encrypted before being sent. This could be used to ensure that mail to your business partners is sent securely. + + .TP ++\fBAllow Password\-Protected Archives\fR ++Default: no ++.br ++ ++.br ++Should archives which contain any password\-protected files be allowed? Leaving this set to "no" is a good way of protecting against all the protected zip files used by viruses at the moment. This can also be the filename of a ruleset. ++ ++.TP + \fBMaximum Message Size\fR + Default: 0 + .br +@@ -397,6 +405,14 @@ + + .br + The maximum size, in bytes, of any attachment in a message. If this is set to zero, effectively no attachments are allowed. If this is set less than zero, then no size checking is done. This can also be the filename of a ruleset, so you can have different settings for different users. You might want to set this quite small for large mailing lists so they don't get deluged by large attachments. ++ ++.TP ++\fBMaximum Archive Depth\fR ++Default: 3 ++.br ++ ++.br ++The maximum depth to which zip archives will be unpacked to allow for checking filenames and filetypes within zip archives. Setting this to 0 will disable filename/\-type checks within zip files while still allowing to block password protected zip files. + .SH "Options specific to Sophos Anti-Virus" + .TP + \fBAllowed Sophos Error Messages\fR +@@ -457,7 +473,7 @@ + .br + + .br +-Which Virus Scanning package to use. Possible choices are sophos, sophossavi, mcafee, command, kaspersky, kaspersky\-4.5, kavdaemonclient, inoculate, inoculan, onoculan, nod32, nod32\-1.99, f\-secure, f\-prot, panda, rav, antivir, clamav, clamavmodule, trend, bitdefender, none (no virus scanning at all) ++Which Virus Scanning package to use. Possible choices are sophos, sophossavi, mcafee, command, kaspersky, kaspersky\-4.5, kavdaemonclient, inoculate, inoculan, onoculan, nod32, nod32\-1.99, f\-secure, f\-prot, panda, rav, antivir, clamav, clamavmodule, css, trend, bitdefender, none (no virus scanning at all) + .br + + .br +@@ -489,13 +505,15 @@ + .br + + .br +-Messages whose virus reports contain any of the words listed here will be treated as "silent" viruses. No messages will be sent back to the senders of these viruses, and the delivery to the recipient of the message can be controlled by the next option "Still Deliver Silent Viruses". This is primarily designed for viruses such as "Klez" and "Bugbear" which put fake addresses on messages they send, so there is no point informing the sender of the message, as it won't actually be them who sent it anyway. Other words that can be put in this list are the 3 special keywords ++Messages whose virus reports contain any of the words listed here will be treated as "silent" viruses. No messages will be sent back to the senders of these viruses, and the delivery to the recipient of the message can be controlled by the next option "Still Deliver Silent Viruses". This is primarily designed for viruses such as "Klez" and "Bugbear" which put fake addresses on messages they send, so there is no point informing the sender of the message, as it won't actually be them who sent it anyway. Other words that can be put in this list are the 5 special keywords + .br + HTML\-IFrame: inserting this will stop senders being warned about HTML Iframe tags, when they are not allowed. + .br + HTML\-Codebase: inserting this will stop senders being warned about HTML Object Codebase tags, when they are not allowed. + .br +-All\-Viruses: inserting this will stop senders being warned about any virus, while still allowing you to warn senders about HTML\-based attacks. ++Zip\-Password: inserting this will stop senders being warned about password\-protected zip files when they are not allowd. This keyword is not needed if you include All\-Viruses. ++.br ++All\-Viruses: inserting this will stop senders being warned about any virus, while still allowing you to warn senders about HTML\-based attacks. This includes Zip\-Password so you don't need to include both. + .br + + .br +@@ -517,7 +535,7 @@ + .br + + .br +-Strings listed here will be searched for in the output of the virus scanners. It works to achieve the opposite effect of the "Silent Viruses" listed above. If a string here is found in the output of the virus scanners, then the message will be treated as if it were not infected with a "Silent Virus". If a message is detected as both a silent virus and a non\-forging virus, then the non\-forging status will override the silent status. In simple terms, you should list virus names (or parts of them) that you know do *not* forge the From address. A good example of this is a document macro virus or a Joke program. ++Strings listed here will be searched for in the output of the virus scanners. It works to achieve the opposite effect of the "Silent Viruses" listed above. If a string here is found in the output of the virus scanners, then the message will be treated as if it were not infected with a "Silent Virus". If a message is detected as both a silent virus and a non\-forging virus, then the non\-forging status will override the silent status. In simple terms, you should list virus names (or parts of them) that you know do *not* forge the From address. A good example of this is a document macro virus or a Joke program. Another word that can be put in this list is the special keyword "Zip\-.Password". Inserting this will cause senders to be warned about password\-protected zip files, whey they are not allowed. + + .SH "Options specific to ClamAV Anti-Virus" + .TP diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner.orig/files/patch-docs:man:MailScanner.conf.5.html /server-root/ports/mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html --- /server-root/ports/mail/mailscanner.orig/files/patch-docs:man:MailScanner.conf.5.html Thu Jan 1 01:00:00 1970 +++ /server-root/ports/mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html Mon Mar 8 10:42:18 2004 @@ -0,0 +1,117 @@ +--- ../MailScanner-4.28.5.orig/docs/man/MailScanner.conf.5.html Mon Mar 8 10:41:05 2004 ++++ docs/man/MailScanner.conf.5.html Mon Mar 8 10:42:01 2004 +@@ -1,5 +1,5 @@ + +- ++ + + +@@ -1048,6 +1048,29 @@ + + + ++

Allow Password−Protected Archives

++ ++ ++ ++ ++ ++ ++
++

Default: no

++ ++

Should archives which contain any ++password−protected files be allowed? Leaving this set ++to "no" is a good way of protecting against all ++the protected zip files used by viruses at the moment. This ++can also be the filename of a ruleset.

++
++ ++ ++ ++ ++ +
+

Maximum Message Size

+ +@@ -1093,6 +1116,29 @@ + attachments.

+ + ++ ++ ++ ++ ++ ++
++

Maximum Archive Depth

++ ++ ++ ++ ++ ++
++

Default: 3

++ ++

The maximum depth to which zip archives will be unpacked ++to allow for checking filenames and filetypes within zip ++archives. Setting this to 0 will disable ++filename/−type checks within zip files while still ++allowing to block password protected zip files.

++
+ +

Options specific to Sophos Anti-Virus

+ +@@ -1247,7 +1293,7 @@ + kaspersky−4.5, kavdaemonclient, inoculate, inoculan, + onoculan, nod32, nod32−1.99, f−secure, + f−prot, panda, rav, antivir, clamav, clamavmodule, +-trend, bitdefender, none (no virus scanning at all)

++css, trend, bitdefender, none (no virus scanning at all)

+ +

Note for McAfee users: Do NOT use any symlinks with + McAfee at all. It is very strange but McAfee may not detect +@@ -1329,16 +1375,22 @@ + fake addresses on messages they send, so there is no point + informing the sender of the message, as it won’t + actually be them who sent it anyway. Other words that can be +-put in this list are the 3 special keywords
++put in this list are the 5 special keywords
+ HTML−IFrame: inserting this will stop senders being + warned about HTML Iframe tags, when they are not + allowed.
+ HTML−Codebase: inserting this will stop senders being + warned about HTML Object Codebase tags, when they are not + allowed.
++Zip−Password: inserting this will stop senders being ++warned about password−protected zip files when they ++are not allowd. This keyword is not needed if you include ++All−Viruses.
+ All−Viruses: inserting this will stop senders being + warned about any virus, while still allowing you to warn +-senders about HTML−based attacks.

++senders about HTML−based attacks. This includes ++Zip−Password so you don’t need to include ++both.

+ +

The default of "All−Viruses" means that + no senders of viruses will be notified (as the sender +@@ -1400,8 +1452,11 @@ + non−forging status will override the silent status. In + simple terms, you should list virus names (or parts of them) + that you know do *not* forge the From address. A good +-example of this is a document macro virus or a Joke +-program.

++example of this is a document macro virus or a Joke program. ++Another word that can be put in this list is the special ++keyword "Zip−.Password". Inserting this will ++cause senders to be warned about password−protected ++zip files, whey they are not allowed.

+ + + diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner.orig/pkg-plist /server-root/ports/mail/mailscanner/pkg-plist --- /server-root/ports/mail/mailscanner.orig/pkg-plist Wed Mar 3 08:07:47 2004 +++ /server-root/ports/mail/mailscanner/pkg-plist Mon Mar 8 10:04:35 2004 @@ -534,7 +534,6 @@ @dirrm %%DATADIR%%/reports/de @dirrm %%DATADIR%%/reports/cz @dirrm %%DATADIR%%/reports/cy+en -@dirrm %%DATADIR%%/reports/cat @dirrm %%DATADIR%%/reports/ca @dirrm %%DATADIR%%/reports @dirrm %%DATADIR%% --- MailScanner-4.28.5.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: