From 067f35f6d8a213d7fae7e0a78a92dd9cc9177a39 Mon Sep 17 00:00:00 2001 From: Josef Karthauser Date: Fri, 4 Jun 2004 00:08:06 +0000 Subject: Update to version 4.31.6. Changelog: * New Features and Improvements * - Added install.sh script for tar distribution which builds all Perl modules, tnef decoder and MailScanner automatically. - Added configuration option "Dangerous Content Scanning" to allow you to disable all the content scanning except for the virus scanning. - Added support for Vexira virus scanner. - Implemented support for F-Secure 4.61. - Implemented support for Nod32 2.01. If you are still running 1.99, you will need to edit /etc/MailScanner/virus.scanners.conf. - Reports can now contain %variables% such as %org-name%. - Changed default installation location of Bitdefender to /opt/bdc. - Upgraded tnef to latest release from sourceforge. - Moved ExtUtils::MakeMaker into list of normal perl modules to install. - Linux distributions now auto-detect MTA setting in /etc/sysconfig/MailScanner. - Can now detect very small images in a message, that may be "web bugs" to track you. These can be disarmed if you want. - Changed documentation to just list single-instance version of Postfix. - Changed init.d scripts to work well with both single and double instance of Postfix. - Improved init.d script to support SuSE 9.1 properly. * Fixes * - Forced AVG to run in English. - Corrected problem with negative failure counts from RBLs and SA. - Fixed bug in LDAP ruleset handling. - Sendmail code now auto-detects the correct lock type to use, flock or posix. - Sendmail qf files no longer have to define an IP address. - Corrected report when archive is nested too deeply. - ZMailer forwarding fix provided by Mariano. - Fixed Postfix message corruption on recent Postfixes on some architectures. - Worked around latest tweaks to Postfix spec. - Fixed problems with PDF docs when signing messages. PR: ports/67542 Submitted by: Jan-Peter Koopmann (maintainer) --- .../files/patch-docs:man:MailScanner.conf.5.html | 1036 -------------------- 1 file changed, 1036 deletions(-) delete mode 100644 mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html (limited to 'mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html') diff --git a/mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html b/mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html deleted file mode 100644 index a712926fb1fb..000000000000 --- a/mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html +++ /dev/null @@ -1,1036 +0,0 @@ ---- ../MailScanner-4.30.3.orig/docs/man/MailScanner.conf.5.html Mon May 3 10:48:25 2004 -+++ docs/man/MailScanner.conf.5.html Mon May 3 10:48:42 2004 -@@ -1,5 +1,5 @@ - -- -+ - - -@@ -331,17 +331,85 @@ - -

Directory in which MailScanner should find e−mail - messages for scanning. This can be any of the following:

-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+
-+ -+

1.

-+		 -+ -+

a directory name.

-+		 -+
- --

1. a directory name. Example: /var/spool/mqueue.in

-- --

2. a wildcard giving directory names. Example: --/var/spool/mqueue.in/*

-+ -+ -+ -+ -+
-+

Example: /var/spool/mqueue.in

-+
-+ -+ -+ -+ -+ -+ -+ -+ -+
-+ -+

2.

-+		 -+ -+

a wildcard giving directory names.

-+		 -+
- --

3. the name of a file containing a list of directory --names, which can in turn contain wildcards. Example: --/usr/local/etc/MailScanner/mqueue.in.list.conf

-+ -+ -+ -+ -
-+

Example: /var/spool/mqueue.in/*

-
-+ -+ -+ -+ -+ -+ -+ -+
-+ -+

3.

-+		 -+ -+

the name of a file containing a list of directory names, -+which can in turn contain wildcards.

-+
-+ -+ -+ -+ -+ -+
-+

Example: -+/usr/local/etc/MailScanner/mqueue.in.list.conf

- - -@@ -1403,29 +1471,79 @@ - fake addresses on messages they send, so there is no point - informing the sender of the message, as it won’t - actually be them who sent it anyway. Other words that can be --put in this list are the 5 special keywords
--HTML−IFrame: inserting this will stop senders being --warned about HTML Iframe tags, when they are not --allowed.
--HTML−Codebase: inserting this will stop senders being --warned about HTML Object Codebase tags, when they are not --allowed.
--Zip−Password: inserting this will stop senders being --warned about password−protected zip files when they --are not allowd. This keyword is not needed if you include --All−Viruses.
--All−Viruses: inserting this will stop senders being --warned about any virus, while still allowing you to warn --senders about HTML−based attacks. This includes -+put in this list are the 5 special keywords

-+ -+
-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+
-+ -+

-+		 -+ -+

HTML−IFrame: inserting this will stop senders -+being warned about HTML Iframe tags, when they are not -+allowed.

-+
-+ -+

-+		 -+ -+

HTML−Codebase: inserting this will stop senders -+being warned about HTML Object Codebase tags, when they are -+not allowed.

-+
-+ -+

-+		 -+ -+

Zip−Password: inserting this will stop senders -+being warned about password−protected zip files when -+they are not allowd. This keyword is not needed if you -+include All−Viruses.

-+
-+ -+

-+		 -+ -+

All−Viruses: inserting this will stop senders -+being warned about any virus, while still allowing you to -+warn senders about HTML−based attacks. This includes - Zip−Password so you don’t need to include - both.

-+
- -+ -+ -+ -+ -+be notified.

-
-

The default of "All−Viruses" means that - no senders of viruses will be notified (as the sender - address is always forged these days anyway), but anyone who - sends a message that is blocked for other reasons will still --be notified.

--
- - -- --

yes => Allow these tags to be in the message no => --Ban messages containing these tags disarm => Allow these --tags, but stop these tags from working

-- --

This can also be the filename of a ruleset, so you can --allow them from known mailing lists but ban them from --everywhere else.

-+happy. This can also be the filename of a ruleset, so you -+can allow them from known mailing lists but ban them from -+everywhere else. Possible Values:

-+ -+
-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -
-+ -+

-+		 -+ -+

yes => Allow these tags to be in the message

-+
-+ -+

-+		 -+ -+

no => Ban messages containing these tags

-+
-+ -+

-+		 -+ -+

disarm => Allow these tags, but stop these tags from -+working

-
- -@@ -1615,8 +1765,14 @@ - - - --

Default: no

-+

Default: no

-+ - -+ -+ -+ -+ -+
-

You may receive complaints from your users that HTML - mailing lists they subscribe to have been stopped by the - "Allow IFrame Tags" option above. So before you -@@ -1649,10 +1805,44 @@ - people to part with credit card information and other - personal data. This can also be the filename of a ruleset. - Possible values:

-- --

yes => Allow these tags to be in the message no => --Ban messages containing these tags disarm => Allow these --tags, but stop these tags from working

-+
-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -
-+ -+

-+		 -+ -+

yes => Allow these tags to be in the message

-+
-+ -+

-+		 -+ -+

no => Ban messages containing these tags

-+
-+ -+

-+		 -+ -+

disarm => Allow these tags, but stop these tags from -+working

-
- -@@ -1669,18 +1859,57 @@ - - - --

Default: no

-+

Default: no

-+ - -+ -+ -+ -+ -+
-

Do you want to allow <Object Codebase=...> tags in - email messages? This is a bad idea as it leaves you - unprotected against various Microsoft−specific - security vulnerabilities. But if your users demand it, you - can do it. This can also be the filename of a ruleset. --Possible values:

-- --

yes => Allow these tags to be in the message no => --Ban messages containing these tags disarm => Allow these --tags, but stop these tags from working

-+Possible values:

-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -
-+ -+

-+		 -+ -+

yes => Allow these tags to be in the message

-+
-+ -+

-+		 -+ -+

no => Ban messages containing these tags

-+
-+ -+

-+		 -+ -+

disarm => Allow these tags, but stop these tags from -+working

-
- -@@ -1697,8 +1926,14 @@ - - - --

Default: no

-+

Default: no

-+ - -+ -+ -+ -+ - - -+
-

This option interacts with the "Allow ... Tags" - options above like this:

- -@@ -3670,6 +3905,32 @@ -
-+

Spam List Timeouts History

-+ -+ -+ -+ -+ -+
-+

Default: 10

-+ -+

The total number of Spam List attempts during which -+"Max Spam List Timeouts" will cause the spam list -+fo be marked as "unavailable". See the previous -+comment for more information. The default values of 5 and 10 -+mean that 5 timeouts in any sequence of 10 attempts will -+cause the list to be marked as "unavailable" until -+the next periodic restart (see "Restart -+Every").

-+
-+ -+ -+ -+ -+ -
-

Is Definitely Not Spam

- -@@ -3733,6 +3994,31 @@ - This can also be the filename of a ruleset.

- - -+ -+ -+ -+ -+ -+
-+

Ignore Spam Whitelist If Recipients -+Exceed

-+ -+ -+ -+ -+ -+
-+

Default: 20

-+ -+

Spammers have learnt that they can get their message -+through by sending a message with lots of recipients, one of -+which chooses to whitelist everything coming to them, -+including the spammer. So if a message arrives with more -+than this number of recipients, ignore the "Is -+Definitely Not Spam" whitelist.

-+
- -

SpamAssassin

- -@@ -3868,11 +4154,7 @@ - - - --

Default: --/opt/MailScanner/etc/spam.assassin.prefs.conf
--Default Linux: /etc/MailScanner/spam.assassin.prefs.conf
--Default FreeBSD: --/usr/local/etc/MailScanner/spam.assassin.prefs.conf

-+

Default: %etc−dir%/spam.assassin.prefs.conf

- -

SpamAssassin uses a "user preferences" file - which can be used to set the values of various SpamAssassin -@@ -3934,6 +4216,32 @@ - - - -+

SpamAssassin Timeouts History

-+ -+ -+ -+ -+ -+ -+
-+

Default: 30

-+ -+

The total number of SpamAssassin attempts during which -+"Max SpamAssassin Timeouts" will cause -+SpamAssassin to be marked as "unavailable". See -+the previous comment for more information. The default -+values of 10 and 20 mean that 10 timeouts in any sequence of -+20 attempts will trigger the behaviour described above, -+until the next periodic restart (see "Restart -+Every").

-+
-+ -+ -+ -+ -+ -
-

Check SpamAssassin If On Spam List

- -@@ -4063,23 +4371,81 @@ -

This can be any combination of 1 or more of the following - keywords, and these actions are applied to any message which - is spam.

-- -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ - - -+
-+ -+

-+		 -+ -

"deliver" − the message is delivered to - the recipient as normal

-- -+
-+ -+

-+		 -+ -

"delete" − the message is deleted

-- -+
-+ -+

-+		 -+ -

"store" − the message is stored in the - quarantine

-- --

"forward" − an email address is supplied, --to which the message is forwarded

-- -+
-+ -+

-+		 -+ -+

"forward" − an email address is -+supplied, to which the message is forwarded

-+
-+ -+

-+		 -+ -

"notify" − Send the recipients a short - notification that spam addressed to them was not delivered. - They can then take action to request retrieval of the - orginal message if they think it was not spam.

-- -+
-+ -+

-+		 -+ -

"striphtml" − convert all in−line - HTML content in the message to be stripped to plain text, - which removes all images and scripts and so can be used to -@@ -4087,12 +4453,30 @@ - action on its own does not imply that the message will be - delivered, you will need to specify "deliver" or - "forward" to actually deliver the message.

-- -+
-+ -+

-+		 -+ -

"attachment" − Convert the original - message into an attachment of the message. This means the - user has to take an extra step to open the spam, and stops - "web bugs" very effectively.

-- -+
-+ -+

-+		 -+ -

"bounce" − bounce the spam message. This - option should not be used and must be enabled with the - "Enable Spam Bounce" option first.

-@@ -4112,8 +4496,14 @@ -
--

Default: deliver

-+

Default: deliver

- -+ -+ -+ -+ -+do

-+ -
-

This is the same as the "Spam Actions" option - above, but it gives the actions to apply to any message - whose SpamAssassin score is above the "High -@@ -4452,24 +4842,18 @@ - Note the files are mutable. If this is unset then no extra - places are searched for. If using Postfix, you probably want - to set this to /var/spool/MailScanner/spamassassin and --do

-- -+ - - -- -- -- -- -- -+ -+ -
-- --

mkdir /var/spool/MailScanner/spamassassin

--
-- --

chown postfix.postfix --/var/spool/MailScanner/spamassassin

--		 -+

mkdir /var/spool/MailScanner/spamassassin
-+chown postfix.postfix -+/var/spool/MailScanner/spamassassin

- - -

Default:

- --

The site−local rules are searched for here, and in --prefix /etc/spamassassin, prefix/etc/mail/spamassassin, --/usr/local/etc/spamassassin, /etc/spamassassin, --/etc/mail/spamassassin, and maybe others. If this is set --then it adds to the list of places that are searched; --otherwise it has no effect.

-+

This tells MailScanner where to look for the -+site−local rules. If this is set it adds to the list -+of places that are searched. MailScanner will always look at -+the following places (even if this option is not set):

-+ -+
-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -
-+ -+

-+		 -+ -+

prefix/etc/spamassassin

-+		 -+
-+ -+

-+		 -+ -+

prefix/etc/mail/spamassassin

-+		 -+
-+ -+

-+		 -+ -+

/usr/local/etc/spamassassin

-+		 -+
-+ -+

-+		 -+ -+

/etc/spamassassin

-+		 -+
-+ -+

-+		 -+ -+

/etc/mail/spamassassin

-+		 -+
-+ -+

-+		 -+ -+

maybe others as well

-+		 -
- -@@ -4533,13 +4997,73 @@ - - - --

Default:

-+

Default:

-+ - --

The default rules are searched for here, and in --prefix/share/spamassassin, /usr/local/share/spamassassin, --/usr/share/spamassassin, and maybe others. If this is set --then it adds to the list of places that are searched; --otherwise it has no effect.

-+ -+ -+ -+ -+
-+

This tells MailScanner where to look for the default -+rules. If this is set it adds to the list of places that are -+searched. MailScanner will always look at the following -+places (even if this option is not set):

-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -
-+ -+

-+		 -+ -+

prefix/share/spamassassin

-+		 -+
-+ -+

-+		 -+ -+

/usr/local/share/spamassassin

-+		 -+
-+ -+

-+		 -+ -+

/usr/share/spamassassin

-+		 -+
-+ -+

-+		 -+ -+

maybe others as well

-+		 -
- -@@ -4797,15 +5321,78 @@ - -

Default: supported

- --

Some of the virus scanners are not supported by the --authors of MailScanner, and they may use code contributed by --another user. If this option is set to the wrong value for --your virus scanners, then you will get an error message in --your maillog (syslog) telling you tha# Are you using Exim --with split spool directories? If you don’t understand --# this, the answer is probably "no". Refer to the --Exim documentation for # more information about split spool --directories. Split Exim Spool = yes

-+

Minimum acceptable code stability status −− -+if we come across code that’s not at least as stable -+as this, we barf. This is currently only used to check that -+you don’t end up using untested virus scanner support -+code without realising it. Don’t even *think* about -+setting this to anything other than "beta" or -+"supported" on a system that receives real mail -+until you have tested it yourself and are happy that it is -+all working as you expect it to. Don’t set it to -+anything other than "supported" on a system that -+could ever receive important mail. Levels used are:

-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -
-+ -+

-+		 -+ -+

none − there may not even be any code.

-+
-+ -+

-+		 -+ -+

unsupported − code may be completely untested, a -+contributed dirty hack, anything, really.

-+
-+ -+

-+		 -+ -+

alpha − code is pretty well untested. Don’t -+assume it will work.

-+
-+ -+

-+		 -+ -+

beta − code is tested a bit. It should work.

-+
-+ -+

-+		 -+ -+

supported − code *should* be reliable.

-
- -@@ -4822,8 +5409,14 @@ - - - --

Default: yes

-+

Default: yes

-+ - -+ -+ -+ -+ -+
-

Are you using Exim with split spool directories? If you - don’t understand this, the answer is probably - "no". Refer to the Exim documentation for more -@@ -4850,22 +5443,55 @@ -

When trying to work out the value of configuration - parameters which are using a ruleset, this controls the - behaviour when a rule is checking the "To:" --addresses. If this option is set to "yes", then --the following happens when checking the ruleset:

-- --

a) 1 recipient. Same behaviour as normal.
--b) Several recipients, but all in the same domain -+addresses. If this option is set to "no", then -+some rules will use the result they get from the first -+matching rule for any of the recipients of a message, so the -+exact value cannot be predicted for messages with more than -+1 recipient. This value *cannot* be the filename of a -+ruleset.
-+If this option is set to "yes", then the following -+happens when checking the ruleset:

-+
-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -
-+ -+

a)

-+		 -+ -+

1 recipient. Same behaviour as normal.

-+
-+ -+

b)

-+		 -+ -+

Several recipients, but all in the same domain - (domain.com for example). The rules are checked for one that --matches the string "*@domain.com".
--c) Several recipients, not all in the same domain. The rules --are checked for one that matches the string -+matches the string "*@domain.com".

-+
-+ -+

c)

-+		 -+ -+

Several recipients, not all in the same domain. The -+rules are checked for one that matches the string - "*@*".

-- --

If this option is set to "no", then some rules --will use the result they get from the first matching rule --for any of the recipients of a message, so the exact value --cannot be predicted for messages with more than 1 recipient. --This value *cannot* be the filename of a ruleset.

-
- -- cgit v1.2.3