Date: Mon, 17 Jan 2005 17:16:34 +0100 (CET) From: Jan-Peter Koopmann <j.koopmann@seceidos.de> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/76357: [MAINTAINER] mail/MailScanner-devel: update to 4.38.2 Message-ID: <200501171616.j0HGGYcQ064727@services.intern.seceidos.de> Resent-Message-ID: <200501171620.j0HGKP5d019188@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 76357 >Category: ports >Synopsis: [MAINTAINER] mail/MailScanner-devel: update to 4.38.2 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Mon Jan 17 16:20:25 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Jan-Peter Koopmann >Release: FreeBSD 4.9-STABLE i386 >Organization: >Environment: System: FreeBSD services.intern.seceidos.de 4.9-STABLE FreeBSD 4.9-STABLE #0: Mon Jan 5 10:56:46 CET >Description: - Update to 4.38.2 * New Features and Improvements * - Added new filename restrictions using Microsoft vulnerability report from AUScert. - Improved /etc/sysconfig/MailScanner so that it finds Incoming Work Dir and Incoming Queue Dir automatically from MailScanner.conf file. - Can now use $from, $id and $subject in inline signature for signing clean messages. - Any entry in the "Archive Mail" setting can contain _DATE_ which will be replaced with the current date in yyyymmdd form, so you can backup or move yesterday's archive safely knowing that it won't be written to today. - Added zero score for ALL_TRUSTED rule in SpamAssassin as it is known to cause problems. - Added "Also Find Numeric Phishing" setting (on by default) so that all numeric IP addresses in links are flagged as being dangerous. * Fixes * - Fixed problem where some spam was delivered even if the Spam Actions was set to "store delete" if the messages were not to be virus-scanned. - Fixed harmless uninitialised variables in HTML disarming. Generated with FreeBSD Port Tools 0.63 >How-To-Repeat: >Fix: --- MailScanner-devel-4.38.2.patch begins here --- diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner-devel.orig/Makefile /server-root/ports/mail/mailscanner-devel/Makefile --- /server-root/ports/mail/mailscanner-devel.orig/Makefile Wed Dec 22 12:42:09 2004 +++ /server-root/ports/mail/mailscanner-devel/Makefile Mon Jan 17 15:46:29 2005 @@ -6,8 +6,7 @@ # PORTNAME= MailScanner -PORTVERSION= 4.37.3 -PORTREVISION= 1 +PORTVERSION= 4.38.2 CATEGORIES= mail MASTER_SITES= http://www.sng.ecs.soton.ac.uk/mailscanner/files/4/tar/ PKGNAMESUFFIX= -devel @@ -250,5 +249,12 @@ ${PREFIX}/etc/MailScanner ${INSTALL_DATA} ${WRKSRC}/etc/rules/spam.whitelist.rules \ ${PREFIX}/etc/MailScanner/rules/spam.whitelist.rules + @${ECHO} "******************************************************************************" + @${ECHO} "The provided default configuration requires several directories to be created:" + @${ECHO} "/var/spool/MailScanner/incoming" + @${ECHO} "/var/spool/MailScanner/quarantine" + @${ECHO} "/var/spool/mqueue" + @${ECHO} "Either create those directories or change the configuration." + @${ECHO} "******************************************************************************" .include <bsd.port.post.mk> diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner-devel.orig/distinfo /server-root/ports/mail/mailscanner-devel/distinfo --- /server-root/ports/mail/mailscanner-devel.orig/distinfo Fri Dec 17 09:24:24 2004 +++ /server-root/ports/mail/mailscanner-devel/distinfo Mon Jan 17 15:46:37 2005 @@ -1,2 +1,2 @@ -MD5 (MailScanner-install-4.37.3-1.tar.gz) = 27033636c42193a1f9dd3417d1533d16 -SIZE (MailScanner-install-4.37.3-1.tar.gz) = 5628665 +MD5 (MailScanner-install-4.38.2-1.tar.gz) = d3849865be7518c1b3d5915df9753a48 +SIZE (MailScanner-install-4.38.2-1.tar.gz) = 5618312 diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner-devel.orig/files/patch-docs:man:MailScanner.8 /server-root/ports/mail/mailscanner-devel/files/patch-docs:man:MailScanner.8 --- /server-root/ports/mail/mailscanner-devel.orig/files/patch-docs:man:MailScanner.8 Fri Dec 17 09:24:24 2004 +++ /server-root/ports/mail/mailscanner-devel/files/patch-docs:man:MailScanner.8 Mon Jan 17 15:54:21 2005 @@ -1,8 +1,8 @@ ---- ../MailScanner-install-4.37.3.orig/docs/man/MailScanner.8 Wed Dec 15 21:17:17 2004 -+++ docs/man/MailScanner.8 Wed Dec 15 21:29:54 2004 +--- ../MailScanner-install-4.38.2.orig/docs/man/MailScanner.8 Mon Jan 17 15:49:00 2005 ++++ docs/man/MailScanner.8 Mon Jan 17 15:54:03 2005 @@ -1,4 +1,4 @@ -.TH "MailScanner" "8" "4.34.8" "Julian Field" "Mail" -+.TH "MailScanner" "8" "4.37.3" "Julian Field" "Mail" ++.TH "MailScanner" "8" "4.38.2" "Julian Field" "Mail" .SH "NAME" .LP MailScanner \- Virus/Spam Scanner for Sendmail, Exim and Postfix diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner-devel.orig/files/patch-docs:man:MailScanner.8.html /server-root/ports/mail/mailscanner-devel/files/patch-docs:man:MailScanner.8.html --- /server-root/ports/mail/mailscanner-devel.orig/files/patch-docs:man:MailScanner.8.html Fri Dec 17 09:24:24 2004 +++ /server-root/ports/mail/mailscanner-devel/files/patch-docs:man:MailScanner.8.html Mon Jan 17 15:54:21 2005 @@ -1,9 +1,9 @@ ---- ../MailScanner-install-4.37.3.orig/docs/man/MailScanner.8.html Wed Dec 15 21:17:17 2004 -+++ docs/man/MailScanner.8.html Wed Dec 15 21:29:56 2004 +--- ../MailScanner-install-4.38.2.orig/docs/man/MailScanner.8.html Mon Jan 17 15:49:00 2005 ++++ docs/man/MailScanner.8.html Mon Jan 17 15:54:04 2005 @@ -1,5 +1,5 @@ <!-- Creator : groff version 1.19 --> -<!-- CreationDate: Fri Oct 15 15:13:21 2004 --> -+<!-- CreationDate: Wed Dec 15 21:29:27 2004 --> ++<!-- CreationDate: Mon Jan 17 15:53:41 2005 --> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">; <html> diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner-devel.orig/files/patch-docs:man:MailScanner.conf.5 /server-root/ports/mail/mailscanner-devel/files/patch-docs:man:MailScanner.conf.5 --- /server-root/ports/mail/mailscanner-devel.orig/files/patch-docs:man:MailScanner.conf.5 Fri Dec 17 09:24:24 2004 +++ /server-root/ports/mail/mailscanner-devel/files/patch-docs:man:MailScanner.conf.5 Mon Jan 17 15:54:21 2005 @@ -1,8 +1,8 @@ ---- ../MailScanner-install-4.37.3.orig/docs/man/MailScanner.conf.5 Wed Dec 15 21:17:17 2004 -+++ docs/man/MailScanner.conf.5 Wed Dec 15 21:30:00 2004 +--- ../MailScanner-install-4.38.2.orig/docs/man/MailScanner.conf.5 Mon Jan 17 15:49:00 2005 ++++ docs/man/MailScanner.conf.5 Mon Jan 17 15:54:08 2005 @@ -1,4 +1,4 @@ -.TH "MailScanner.conf" "5" "4.34.8" "Julian Field" "Mail" -+.TH "MailScanner.conf" "5" "4.37.3" "Julian Field" "Mail" ++.TH "MailScanner.conf" "5" "4.38.2" "Julian Field" "Mail" .SH "NAME" .LP MailScanner.conf \- Main configuration for MailScanner @@ -15,7 +15,31 @@ .br .br -@@ -781,6 +781,15 @@ +@@ -585,13 +585,22 @@ + + .TP + \fBFind Phishing Fraud\fR +-Default: no ++Default: yes + .br + + .br + Do you want to check for "Phishing" attacks? These are attacks that look like a genuine email message from your bank, which contain a link to click on to take you to the web site where you will be asked to type in personal information such as your account number or credit card details. Except it is not the real bank's web site at all, it is a very good copy of it run by thieves who want to steal your personal information or credit card details. These can be spotted because the real address of the link in the message is not the same as the text that appears to be the link. Note: This does cause significant extra load, particularly on systems receiving lots of spam such as secondary MX hosts. This *cannot* be the filename of a ruleset, it must be 'yes' or 'no'. + + .TP ++\fBAlso Find Numeric Phishing\fR ++Default: yes ++.br ++ ++.br ++While detecting "Phishing" attacks, do you also want to point out links to numeric IP addresses. Genuine links to totally numeric IP addresses are very rare, so this option is set to "yes" by default. If a numeric IP address is found in a link, the same phishing warning message is used as in the Find Phishing Fraud option above. This value cannot be the name of a ruleset, only a simple yes or no. ++ ++ ++.TP + \fBAllow IFrame Tags\fR + Default: no + .br +@@ -781,6 +790,15 @@ When an entire message is saved in the quarantine for any reason, do you want to save it as the raw data files out of the mail queue (which can be processed with the df2mbox script, and which is easier to send to its original recipients), or do you want a conventional message file consisting of the header followed by the body of the message. If the previous option is switched off, then this will only affect archived mail and quarantined spam. If the previous option is on, then this also affects quarantined infections. .TP @@ -31,7 +55,7 @@ \fBLanguage Strings\fR Default: %reports\-dir%/languages.conf .br -@@ -1266,12 +1275,11 @@ +@@ -1266,12 +1284,11 @@ .TP \fBAttachment Encoding Charset\fR @@ -46,7 +70,53 @@ .SH "Mail archiving and monitoring" .TP \fBArchive Mail\fR -@@ -1725,8 +1733,16 @@ +@@ -1294,9 +1311,10 @@ + + .br + If you give this option a ruleset, you can control exactly whose mail is archived or forwarded. If you do this, beware of the legal implications as this could be deemed to be illegal interception unless the police have asked you to do this. ++.br + +- +- ++.br ++Any of the items above can contain the magic string _DATE_ in them which will be replaced with the current date in yyyymmdd format. This will make archive\-rolling and maintenance much easier, as you can guarantee that yesterday's mail archive will not be in active use today. + .SH "Notices to system administrators" + .TP + \fBSend Notices\fR +@@ -1595,22 +1613,24 @@ + .br + .RS 7 + .IP \(bu 4 +-"deliver" \- the message is delivered to the recipient as normal ++deliver \- the message is delivered to the recipient as normal + .IP \(bu 4 +-"delete" \- the message is deleted ++delete \- the message is deleted + .IP \(bu 4 +-"store" \- the message is stored in the quarantine ++store \- the message is stored in the quarantine + + .IP \(bu 4 +-"forward" \- an email address is supplied, to which the message is forwarded ++forward \- an email address is supplied, to which the message is forwarded + .IP \(bu 4 +-"notify" \- Send the recipients a short notification that spam addressed to them was not delivered. They can then take action to request retrieval of the orginal message if they think it was not spam. ++notify \- Send the recipients a short notification that spam addressed to them was not delivered. They can then take action to request retrieval of the orginal message if they think it was not spam. + .IP \(bu 4 +-"striphtml" \- convert all in\-line HTML content in the message to be stripped to plain text, which removes all images and scripts and so can be used to protect your users from offensive spam. Note that using this action on its own does not imply that the message will be delivered, you will need to specify "deliver" or "forward" to actually deliver the message. ++striphtml \- convert all in\-line HTML content in the message to be stripped to plain text, which removes all images and scripts and so can be used to protect your users from offensive spam. Note that using this action on its own does not imply that the message will be delivered, you will need to specify "deliver" or "forward" to actually deliver the message. + .IP \(bu 4 +-"attachment" \- Convert the original message into an attachment of the message. This means the user has to take an extra step to open the spam, and stops "web bugs" very effectively. ++attachment \- Convert the original message into an attachment of the message. This means the user has to take an extra step to open the spam, and stops "web bugs" very effectively. + .IP \(bu 4 +-"bounce" \- bounce the spam message. This option should not be used and must be enabled with the "Enable Spam Bounce" option first. ++bounce \- bounce the spam message. This option should not be used and must be enabled with the "Enable Spam Bounce" option first. ++.IP \(bu 4 ++header "name: value" \- Add the header "name: value" to the message. name must not contain any spaces. + .RE + + .TP +@@ -1725,8 +1745,16 @@ .br Log all the filenames that are allowed by the Filetype Rules, or just the filetypes that are denied? This can also be the filename of a ruleset. @@ -64,7 +134,7 @@ .TP \fBSpamAssassin User State Dir\fR -@@ -1734,7 +1750,7 @@ +@@ -1734,7 +1762,7 @@ .br .br diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner-devel.orig/files/patch-docs:man:MailScanner.conf.5.html /server-root/ports/mail/mailscanner-devel/files/patch-docs:man:MailScanner.conf.5.html --- /server-root/ports/mail/mailscanner-devel.orig/files/patch-docs:man:MailScanner.conf.5.html Fri Dec 17 09:24:24 2004 +++ /server-root/ports/mail/mailscanner-devel/files/patch-docs:man:MailScanner.conf.5.html Mon Jan 17 15:54:21 2005 @@ -1,13 +1,13 @@ ---- ../MailScanner-install-4.37.3.orig/docs/man/MailScanner.conf.5.html Wed Dec 15 21:17:17 2004 -+++ docs/man/MailScanner.conf.5.html Wed Dec 15 21:30:02 2004 +--- ../MailScanner-install-4.38.2.orig/docs/man/MailScanner.conf.5.html Mon Jan 17 15:49:00 2005 ++++ docs/man/MailScanner.conf.5.html Mon Jan 17 15:54:10 2005 @@ -1,5 +1,5 @@ <!-- Creator : groff version 1.19 --> -<!-- CreationDate: Fri Oct 22 08:13:20 2004 --> -+<!-- CreationDate: Wed Dec 15 21:29:27 2004 --> ++<!-- CreationDate: Mon Jan 17 15:53:41 2005 --> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">; <html> -@@ -397,4 +397,5767 @@ +@@ -397,4 +397,5813 @@ <td width="3%"></td> <td width="72%"> @@ -1326,7 +1326,7 @@ +<tr valign="top" align="left"> +<td width="22%"></td> +<td width="78%"> -+<p>Default: no</p> ++<p>Default: yes</p> +<!-- INDENTATION --> +<p>Do you want to check for "Phishing" attacks? +These are attacks that look like a genuine email message @@ -1351,6 +1351,32 @@ +<tr valign="top" align="left"> +<td width="11%"></td> +<td width="89%"> ++<p><b>Also Find Numeric Phishing</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>While detecting "Phishing" attacks, do you also ++want to point out links to numeric IP addresses. Genuine ++links to totally numeric IP addresses are very rare, so this ++option is set to "yes" by default. If a numeric IP ++address is found in a link, the same phishing warning ++message is used as in the Find Phishing Fraud option above. ++This value cannot be the name of a ruleset, only a simple ++yes or no.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> +<p><b>Allow IFrame Tags</b></p></td> +</table> +<!-- INDENTATION --> @@ -3418,6 +3444,13 @@ +beware of the legal implications as this could be deemed to +be illegal interception unless the police have asked you to +do this.</p> ++<!-- INDENTATION --> ++<p>Any of the items above can contain the magic string ++_DATE_ in them which will be replaced with the current date ++in yyyymmdd format. This will make archive−rolling and ++maintenance much easier, as you can guarantee that ++yesterday’s mail archive will not be in active use ++today.</p> +</td> +</table> +<a name="Notices to system administrators"></a> @@ -4253,8 +4286,8 @@ +<td width="5%"></td> +<td width="72%"> + -+<p>"deliver" − the message is delivered to -+the recipient as normal</p> ++<p>deliver − the message is delivered to the ++recipient as normal</p> +</td> +<tr valign="top" align="left"> +<td width="22%"></td> @@ -4265,7 +4298,7 @@ +<td width="5%"></td> +<td width="72%"> + -+<p>"delete" − the message is deleted</p> ++<p>delete − the message is deleted</p> +</td> +<tr valign="top" align="left"> +<td width="22%"></td> @@ -4276,7 +4309,7 @@ +<td width="5%"></td> +<td width="72%"> + -+<p>"store" − the message is stored in the ++<p>store − the message is stored in the +quarantine</p> +</td> +<tr valign="top" align="left"> @@ -4288,8 +4321,8 @@ +<td width="5%"></td> +<td width="72%"> + -+<p>"forward" − an email address is -+supplied, to which the message is forwarded</p> ++<p>forward − an email address is supplied, to which ++the message is forwarded</p> +</td> +<tr valign="top" align="left"> +<td width="22%"></td> @@ -4300,10 +4333,10 @@ +<td width="5%"></td> +<td width="72%"> + -+<p>"notify" − Send the recipients a short -+notification that spam addressed to them was not delivered. -+They can then take action to request retrieval of the -+orginal message if they think it was not spam.</p> ++<p>notify − Send the recipients a short notification ++that spam addressed to them was not delivered. They can then ++take action to request retrieval of the orginal message if ++they think it was not spam.</p> +</td> +<tr valign="top" align="left"> +<td width="22%"></td> @@ -4314,12 +4347,12 @@ +<td width="5%"></td> +<td width="72%"> + -+<p>"striphtml" − convert all in−line -+HTML content in the message to be stripped to plain text, -+which removes all images and scripts and so can be used to -+protect your users from offensive spam. Note that using this -+action on its own does not imply that the message will be -+delivered, you will need to specify "deliver" or ++<p>striphtml − convert all in−line HTML content ++in the message to be stripped to plain text, which removes ++all images and scripts and so can be used to protect your ++users from offensive spam. Note that using this action on ++its own does not imply that the message will be delivered, ++you will need to specify "deliver" or +"forward" to actually deliver the message.</p> +</td> +<tr valign="top" align="left"> @@ -4331,10 +4364,23 @@ +<td width="5%"></td> +<td width="72%"> + -+<p>"attachment" − Convert the original -+message into an attachment of the message. This means the -+user has to take an extra step to open the spam, and stops -+"web bugs" very effectively.</p> ++<p>attachment − Convert the original message into an ++attachment of the message. This means the user has to take ++an extra step to open the spam, and stops "web ++bugs" very effectively.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>bounce − bounce the spam message. This option ++should not be used and must be enabled with the "Enable ++Spam Bounce" option first.</p> +</td> +<tr valign="top" align="left"> +<td width="22%"></td> @@ -4345,9 +4391,9 @@ +<td width="5%"></td> +<td width="72%"> + -+<p>"bounce" − bounce the spam message. This -+option should not be used and must be enabled with the -+"Enable Spam Bounce" option first.</p> ++<p>header "name: value" − Add the header ++"name: value" to the message. name must not ++contain any spaces.</p> +</td> +</table> +<!-- INDENTATION --> diff -ruN --exclude=CVS /server-root/ports/mail/mailscanner-devel.orig/pkg-message /server-root/ports/mail/mailscanner-devel/pkg-message --- /server-root/ports/mail/mailscanner-devel.orig/pkg-message Fri Dec 17 09:24:24 2004 +++ /server-root/ports/mail/mailscanner-devel/pkg-message Mon Jan 17 15:39:10 2005 @@ -31,10 +31,6 @@ to update your virus-wrappers, autoupdates, reports and languages.conf - The english languages.conf is updated automatically. For all - other versions use the update_languages_conf tool found - in the work directory of this port. - Sophos users: Please take a look at the Sophos install script %%PREFIX%%/share/doc/MailScanner/Sophos.install.freebsd --- MailScanner-devel-4.38.2.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501171616.j0HGGYcQ064727>