ChangeLog

01/30/2016 Changes in    v4.86.1-1
==================================
*Updates*
- Moved directory structure to:
  MailScanner Perl Modules: 	/usr/share/MailScanner/perl/MailScanner
  Custom Perl Modules			/usr/share/MailScanner/perl/custom
  Reports: 						/usr/share/MailScanner/reports
  AV Wrappers and Autoupdate:	/var/lib/MailScanner/wrapper
- Renamed /etc/init.d/mailscanner to /etc/init.d/MailScanner 
  in Debian package
- Restructured Debian /etc/init.d/MailScanner script 
- Added check/fix for missing /var/lock/subsys in init scripts
- Updated virus.scanners.conf with new directory structure and updated
  current location of clamav installations
- Updated country.domains.conf
- Updated spam.lists.conf with stuff from this decade. You will need to
  redefine your "Spam List =" to an item on the new list.
- Added group creation of mtagroup which includes relevant system users
  for processing mail
- Changed distro default Incoming Work Group = mtagroup
- Changed distro default Incoming Work Permissions = 0660
- Added option to create RAMDISK during installation
- Added RAMDISK daemon to save and restore contents during reboot
  and power up if RAMDISK is enabled
- Removed dead virus scanners from virus.scanners.conf
- Removed dead virus scanners from SweepViruses.pm

01/16/2016 Changes in    v4.85.3-2
==================================
*Updates*
- Changed Debian installer to use unrar instead of unrar-free
- Revised update to Message.pm for unrar compatibility

01/12/2016 Changes in    v4.85.3-1
==================================
*Updates*
- Updated Messages.pm to support unrar version 5x
- Updated RPM spec file to remove sendmail conflict
- Replaced ScamNailer update_bad_phishing_emails with new version
- Changed Debian package init.d script from mailscanner to MailScanner
  
05/03/2015 Changes in    v4.85.2-3
==================================
*Updates*
- Added Postfix detection and update for master.cf to use
  FIFO instead of UNIX socket

04/13/2015 Changes in    v4.85.2-2
==================================
*Fixes*
- Corrected typo in RPM spec files for RHEL and SuSE builds

03/14/2015 Changes in    v4.85.2-1
==================================
* Updates *
- Moved structure to /usr/share/MailScanner to comply with 
  Filesystem Hierarchy Standard (FHS)
- Added phishing.safe.sites.custom to allow for easier maintenance 
* Fixes *
- PFDiskStore.pm updated 

03/02/2015 New in Version 4.85.1-1
==================================
* Fixes *
- Postfix long queue ID's in Postfix.pm.
- Updated files with perl -U option to be compliant with newer versions of perl.
- Notorious tempfile fix in LastSpam.pm
- Item use IO; deprecated. Updated files to use use IO::Pipe;
- Fixed phishing filter URL handling
- Internal TNEF.pm fixed
- Typo fixes
- Various language string updates
- Updated spam.lists.conf
- Improved translation tools
- Postfix taint fix
- Spamassassin temp file fix
- Removed Transtec links in notices
- Updated several AV wrappers

17/06/2013 New in Version 4.84.6-1
==================================
* Fixes *
1 TNEF code fixed according to commonly-distributed patch.
1 ScamNailer also updated to include commonly-distributed patches.

10/11/2012 New in Version 4.84.5-3
==================================
* Fixes *
1 Clamd will no longer think there is a virus in MessageBatch.pm.

05/03/2012 New in Version 4.84.5-2
==================================
* Fixes *
1 Fixed taint errors which show up in new versions of Perl.
2 Fixed another taint error. Errors in File.pm can't be found. :(
2 Fixed error occurring when Antiword fails to parse the input file.
3 Fixed bunch of mktemp bugs, thanks to Andrew Colin Kissa.
4 Another taint bug in Quarantine.pm.
5 Fixed disastrous domain expiry problem in update_bad_phishing_sites and
  update_bad_phishing_emails
5-2 Updated location of Web Bug Replacement to new cdn site.

17/04/2011 New in Version 4.83.5-1
==================================
* Fixes *
1 Fixed problem with Postfix and non-zero hash depth on "hold" queue.
2 Fixed problems with spaces in virus names.
3 Fixed logging of ClamAV updates (thanks for Peter Bonivart for this!).
4 Fixed "Return-Path:" header so it doesn't contain any 8-bit characters
  which conflict with the new "RP_8BIT" rule in SpamAssassin.
5 Fixed problems with permissions of zipfiles thanks to Rick Cooper and
  Curu Wong.
6 Fixed problem with webcal:// URLs getting caught incorrectly by phishing net.

11/02/2011 New in Version 4.82.6-1
==================================
* New Features and Improvements *
1 In filename.rules.conf and filetype.rules.conf files, as well as the
  previous "allow", "deny", "deny+delete", and email-address types of rule,
  there are now "rename" rules as well. If a filename or filetype matches
  a "rename" rule, the original attachment is left in the message but is
  renamed according to the "Rename Pattern" setting in MailScanner.conf.
  This allows for any prefixes or suffixes you may want to add to the
  attachment's filename.
2 Improved "rename" rules so you can now also specify "rename to new-text".
  If the rule matched an attachment's filename, the text matching the pattern
  for that rule will be replaced with the "new-text" string supplied.
  The "to" is optional, but makes it easier to read.
4 Rules files will be assumed in the MailScanner.conf if the filename now
  ends in ".Rules" as well as ".rules".
4 Allow deployments with the 'split mail per recipient' setup where mail
  is re-injected from 127.0.0.1 to still whitelist 127.0.0.1 for releasing
  of quarantined messages, while still scanning re-injected mail.

* Fixes *
1 AVG scanner command-line arguments typo fixed.
2 Fixed problem where HTML messages scanned for Phishing would be truncated
  at the start of the first <a> tag if it was never closed properly.
3 Fixed bug stopping things like "$1" working in the replacement text of a
  "rename to" filename.rules.conf rule.
4 Fixed permissions of ClamAV temp files to use workperms instead of 0600.
  Thanks to Rick Cooper for this fix!
4 Fixed problem caused by invalid "Spam List" or "Spam Domain List" values
  appearing in the conf file. Thanks to Steve Freegard for this!
5 Fixed issue where messages quarantined for being a DoS attack did not
  have their headers quarantined correctly.

06/09/2010 New in Version 4.81.4-1
===================================
* New Features and Improvements *
1 Slight improvement to check_mailscanner script to send some output to
  /dev/null for Greg Kuhnert.
2 "Scan Messages = virus" will *only* scan mail for viruses and nothing
  else at all. This makes simple setups where you only want virus scanning
  a whole lot easier to set up.
3 Changed non-RPM installer to use /bin/bash instead of /bin/sh to avoid
  issues on Solaris 10 systems. Sorry non-bash people :-(
3 Added new "_HOUR_" token to path available in quarantine and Archive Mail
  directory locations in MailScanner.conf. Represents the number of the hour
  in which MailScanner received the message, padded with a leading zero if
  necessary.

* Fixes *
1 Deny File MIME Types was ignored if new filetype rules used MIME checks.
2 Slightly improvement to phishing trap to handle links with " in them.
2 Worked around nasty behaviour of Perl's "each()". Thanks Timofey!
2-2 Fixed syntax error.
2-3 Fixed syntax issue and printing bug with "--lint".
4 Fixed docx file permissions problem (thanks to Andrew White!).

20/06/2010 New in Version 4.80.10-1
==================================
* New Features and Improvements *
1 Upgraded AVG support to AVG version 8. Support no longer guaranteed for
  older versions.
2 Installers no longer over-write mailscanner.cf in SpamAssassin directory
  if the file or link exists.
3 Added support for McAfee version 6. Use the virus scanner name "mcafee6"
  to get this support. Many thanks to Phil Randal and Michael Miller for
  all their hard work on this.
4 Improved "file" command output processing so it stops at 1st "," to reduce
  false alarms greatly.
5 Added facility for over-riding MailScanner.conf settings and rulesets
  with those held in an SQL database.
  New settings are:
  DB DSN, DB Username, DB Password, SQL Serial Number, SQL Quick Peek,
  SQL Config, SQL Ruleset, SQL SpamAssassin Config, SQL Debug.
  See the MailScanner.conf file for more details.
5 Added dependency "Sys::SigAction" Perl modules to installers.
6 Updated to Archive::Zip 1.30 and added Compress::Raw::Zlib dependency.

* Fixes *
1 A minor rewrite of a bit of the TNEF code to handle some systems' odd
  opinions about tainting data.
1 Minor tweak to avoid warning about insecure dependency in WorkArea.pm.
2 Fixed documentation for "Allow Multiple HTML Signatures" setting.
3 Fixed "MailScanner --lint" to not throw an erroneous error message about
  "MSlint" directory permissions.
3 Fixed error in MIME boundary checking that stopped a few very rare cases
  being checked.
5 Fixed issue where zip files in messages were unpacked with incorrect
  permissions.
5-2 Fixed bug introduced in 5-1.
7 Fixed ruleset-from-function bug introduced in 5-1.
9 Fixed bug where %variables% would not work in ruleset files.
10 Fixed bug on Linux systems where Postfix systems would change the
   ownership of the queue and work directories every time MailScanner
   was started.

01/02/2010 New in Version 4.79.11-1
==================================
* New Features and Improvements *
1 Settings relevant to update_spamassassin have moved from /etc/sysconfig/
  MailScanner to /etc/sysconfig/update_spamassassin.
1 Log files from update_spamassassin will only be deleted if both the
  sa-update and sa-compile commands succeeded. No news is good news!
2 Updated HTML-Parser to 3.64.
4 Changed behaviour. If the clamd daemon or the F-Prot daemon are unreachable
  then if *all* the configured virus scanners cannot be reached then no mail
  is virus-scanned and delivered. The previous behaviour was that the mail
  would still be delivered and logged in this situation. Now it will not
  deliver any message that could be infected but could not be scanned.
5 Changed behaviour of "Reject Message". It is now a "First match" rule and
  not an "All matches" rule. The first matching rule in the ruleset will
  determine the result.
5 Speeded up bitdefender-autoupdate script.
5 update_spamassassin changed to only update SpamAssassin if the rules changed.
  Many thanks to Mark Sapiro for the above updates!
9 Added support for new "*.xvdl" files in the Sophos autoupdate script.

* Fixes *
3 Fixed taint errors when running with Run As User not equal to root.
4 Tiny taint bug fixed when scanning Eicar.
5 Fixed taint bug in external TNEF expander code.
5 Fixed problem signing messages which have only an HTML part and that part
  has already been signed by an earlier MailScanner in the conversation thread.
6 Final TNEF taint problems fixed.
6 Fixed important bug in ClamAV output parser (only affects clamav, not clamd
  or clamavmodule).
7 Fixed UnpackZip taint problem, affecting processing of .docx files.
8 Fixed typo in Message.pm.
9 Fixed typo in SweepViruses.pm affect F-Protd-6 scanning.
10 Fixed error in "Full ClamAV Message Scan" file permissions.
10 Fixed logging from "sophossavi".

1/10/2009 New in Version 4.78.17-1
==================================
* New Features and Improvements *
1 Improved handling of Postfix messages with complex structures caused by
  some milters.
2 In addition to the previous 'host:hostname.domain.com' method of providing
  a hostname in rulesets, you can now also specify
    host-nocheck:hostname.domain.com
  which is the same thing but no anti-spoof checks are made. This is only
  useful if you have a 'PTR' record for providing the IP address of the
  hostname but no forward 'A' record for translating the IP address into
  a hostname.
  This is frequently the situation when using dynamic IP addresses.
3 Swapped over virus-scanning and spam-scanning code completely, so all
  virus-scanning code is done before spam-scanning code. It won't virus-
  scan "Silent Viruses" which is pretty much all of them now, so it should
  work okay. This allows me to introduce...
3 New feature to allow detection of "spam-viruses" which are items of spam
  that are reported by your virus scanner. You can set 2 new configuration
  options:
  Spam-Virus Header = X-%org-name%-MailScanner-SpamVirus-Report:
  Virus Names Which Are Spam = Sane*UNOFFICIAL HTML/*
  The names of the "spam-viruses" found are those viruses reported by your
  virus scanners which match any of the strings given in "Virus Names Which
  Are Spam". These "spam-virus" names are added to the header set by
  "Spam-Virus Header". You can then write a SpamAssassin rule in
  spam.assassin.prefs.conf which gives a score for the presence or contents
  of this header. I supply an example rule which adds a score of 3 if the
  header exists. Feel free to re-write and extend that rule! It will not work
  unless you customise it. You could even write a "SpamAssassin Rule Action"
  to handle this rule specially!
6 Improved installer for Fedora Core 11.
7 Improved RPM installer so when it needs to, it only removes RPMs I installed.
7-2 Added an "export HOSTNAME" to the init.d script. Should resolve some
  issues where using "$HOSTNAME" or "${HOSTNAME}" in MailScanner.conf did
  not work.
8 Added support for "include path-to-conf-files" lines in MailScanner.conf.
  You can now put your site-specific customisations in separate files, to
  make upgrading of many servers a lot easier. You can nest "include" files,
  which means that an "include"d file can "include" other files.
  The "path-to-conf-files" can use the normal shell wildcard characters such
  as "*" so a valid line might be
  include /etc/MailScanner/config/*.conf
  to read all the *.conf files in that directory in turn.
  The *last* value read for each MailScanner.conf setting will be used.
8 Added support for "include" lines in upgrade_MailScanner_conf. If you treat
  them as comments, the whole problem quietly disappears!
10 Added /etc/MailScanner/conf.d directory to RPM and added a default include
   line in shipped MailScanner.conf. Put a README in the conf.d directory.
11 Improved notes in conf.d/README file.
13 Added "Quick.Peek" script to distribution to read configuration settings
   from shell scripts, which correctly handles included files.

* Fixes *
2 Minor fix to phishing net for servers on port numbers that start with "80"
  but are not 80.
2 Fixed issue of spam report not appearing in rare cases.
4 Fixed problem of silent viruses not being quarantined when requested.
5 Fixed issue where spam-viruses would be quarantined and found as silent.
5-3 Renamed subroutine.
6 Fixed installer for Perl-IO, Perl-DBI, Perl-DBD-SQLite, Perl-Filesys-Df,
  Perl-Net-DNS for Fedora 11.
7 Fixed installer for Perl-Digest-SHA1 for Fedora 11.
9 Fixed problem where "Scan Messages = no" was ignored.
9 Fixed problem where multiply-infected files in the same archive may not
  always be removed correctly.
10 Fixed issues with "include" files where they wouldn't be used for a few
   variables, and "%variable%" definitions in include files were ignored.
11 Fixed problem where settings found in included conf files would be
   ignored sometimes when starting up.
14 Rulesets used within Custom Functions should work again now.
15 Fixed crash when "Expand TNEF = replace".
16 Improved processing_messages_alert so it behaves better in the face of
   a ruleset defining "Notices To =".
16 Fixed problem in Exim where duplicate headers could appear due to
   DeleteHeader not finding them correctly.
16 Improved handling of Unicode and foreign character sets used in attachment
   filenames.

4/6/2009 New in Version 4.77.10-1
=================================
* New Features and Improvements *
1 Can now automatically unzip small zip files and other archives. This
  is very useful if you have some service automatically mailing you log
  files, which zips up the logfiles to save space. It will unpack them if
  there only a few of them, they are fairly small and they match a list
  of filename patterns.
  Unzip Maximum Files Per Archive = 4
  Unzip Maximum File Size = 50k
  Unzip Filenames = *.txt *.ini *.log *.csv
  Unzip MimeType = text/plain
1 Hourly cron job about messages being processed only sends a message if
  'Send Notices = yes' is set in MailScanner.conf.
1 "Read IP Address From Received Header" has been extended, so it will
  now take a number instead of yes or no. "yes"=1 and "no"=0. If it is set
  to "yes" or a number, then the SMTP client IP address is taken from the
  "Received:" header. For example, setting it to 2 will cause the IP
  address to be taken from the 2nd Received: header.
  Users of BarricadeMX might want to set this to 2, to get the real SMTP
  client IP address from the 2nd Received: header, and not the 127.0.0.1
  address that BarricadeMX put in the headers.
  Users of fetchmail might want to set this to 1 or 2 to skip over the
  127.0.0.1 address which will be inserted by fetchmail.
5 Set up Antiword to always return UTF-8 characters and use that in the
  attachment it creates.
6 Removed co.dk from country.domains.conf as it's not an official 2nd level
  domain.
6-2 Upgraded DBD-SQLite to 1.25 to avoid RedHat 4 build problems.
6-3 Improved detection of some x86_64 systems.
6-4 Corrected DBD-SQLite packaging error.
7 Improved --lint checking of "Processing Attempts Database" and improved
  logging related to that database. Also improved documentation about the
  two SQLite databases in MailScanner.conf.
8 Implemented a new type of line in rulesets. When you specify a "From:"
  rule, you can use a syntax like "host:hostname.domain.com" to use the
  SMTP client's hostname instead of the numerical IP address. This can
  also be partial hostnames or domain names, such as "host:domain.com"
  or include wildcards anywhere, such as "host:mail*.dom*ain.com", or
  even Perl regular expressions such as "host:/(de|dk)$/". This goes
  where the numerical IP address would go in the rule, after the "From:"
  and before the value to return.
  Note that these are slightly slower than using the IP address as they
  involve a DNS lookup (maximum of once per message), but that value
  should be in your DNS cache as other things will have already had to
  look it up anyway.
  They are described in more detail in the etc/rules/README and
  etc/rules/EXAMPLES files.
9 Added spoofing protection to the "host:" name lookups. Forward and
  reverse DNS entries must now match.

* Fixes *
3 Fixed problem where Unzip functions would not be found. Set default to off.
4 Fixed issue with Postfix not scanning some messages in 4.77.3.
5 Fixed issue with Postfix scanning too many messages in 4.77.4. :-)
6 Fixed issue with extra character on the front of files created by antiword.
7 Fixed UTF-8 character in Perl source code in Esets output parser.
7 Fixed issue with encapsulating messages containing silent whole-message
  infections.
10 Fixed issue with "host:" name lookups with no DNS 'A' record.

12/5/2009 New in Version 4.76.25-1
==================================
* New Features and Improvements *
1 Added the ability to have totally different filename and filetype checks
  for files which are attachments and files which are members of attached
  archives. You even get to define what you consider to be an archive and
  what is not.
  New Configuration options in MailScanner.conf are
  Archives Are =
  Archives: Allow Filenames =
  Archives: Deny Filenames =
  Archives: Filename Rules =
  Archives: Allow Filetypes =
  Archives: Allow File MIME Types =
  Archives: Deny Filetypes =
  Archives: Deny File MIME Types =
  Archives: Filetype Rules =
  In the shipped MailScanner.conf, the checks applied to files within
  archives are the same as those applied to normal attachments that are
  not within an archive.  See the relevant settings in MailScanner.conf
  for more information.
4 RPM builds changed so that no RPMs are "forced" into being installed on
  RedHat 5 or CentOS 5 systems.
5 RPM builds changed so that no RPMs are "forced" into being installed at all.
5 RPM builds changed so that any previously installed RPM will not be
  rebuilt, even if the perl version check shows that it is not being used.
  This will dramatically speed up the upgrade process in future,
  especially if you use "./install.sh fast" to upgrade.
5 Changed @INC which is where Perl looks for its Perl modules.  It was
  previously mostly left alone so that RedHat could override some versions
  of modules that you thought you had upgraded. The new @INC path inserts
  the "site_perl" and "vendor_perl" directories before the core directories.
  This may result in your MailScanner behaving differently from before as
  it will actually be using all your upgraded modules, and not sticking
  with ones supplied by RedHat (at which point it ignore your upgrades).
  This should not cause any problems with MailScanner.
7 Rebuilt i386 version of "tnef" on RHEL4 to be compatible with more systems.
8 Drastically improved getPERLLIB added in 4.76.5. Perl does funny things
  with $PERL5LIB when calculating @INC to find Perl modules.
8 Added Digest::HMAC as RedHat Enterprise 4 needs it for Net::DNS.
9 Upgraded Perl module DBD::SQLite.
11 The "Archives: Filename Rules" and "Archives: Filetype Rules" now
   point to copies of the normal filename and filetype.rules.conf files,
   rather than pointing to the same file. This will make it easier for
   new users to customise the rules for files in archives.
12 Improved RPM install.sh installation script so that it detects an upgrade
   from before the big RPM rebuild in 4.76.11 and forces a "reinstall" of
   all the Perl modules, which will fix problems with later upgrading Perl.
13 Improved Postfix MailScanner message id so that it relates much better
   with the "messages being processed" database. It is now based on the
   "Fletcher" checksum of the data at the start of the file. Thanks to JD
   Marsters (jd@oddlittle.me) for this one!
17 If you use "Sign Clean Messages", then the signature will be placed in
   your email message wherever you put the marker "_SIGNATURE_", and it
   will be placed at the end by default if that marker is not found.
22 Both the "Phishing Safe Sites File" and the "Phishing Bad Sites File"
   settings can now take a space-separated list of filenames, to make local
   management simpler. Note that your filenames must not have spaces in them!
22 Speeded up SQL processing-messages database code by pre-preparing all SQL
   statements. I am now tempted to leave this feature enabled by default for
   safety. We can always add a note to the performance tips on the wiki that
   users struggling under high load might want to switch this feature off.
23 Changed RPM installation order to fit better with CentOS 5.2->5.3 systems.

* Fixes *
2 Added "Unpack Microsoft Documents" back into the list of recognised
  settings in MailScanner.conf.
3 Fixed "Add Text Of Doc" for Apple Mail's utterly broken MIME structure.
6 Fixed problems with RHEL5 installation created by 4.76.5.
7 Fixed problems with RHEL4 installation created by 4.76.5.
10 Fixed problems with Fedora Core 10 installation created by 4.76.5.
10-2 Fixed missing Locks dir.
14 Possibly fixed problem with incomplete Postfix messages getting into the
   'processed messages' table.
15 Neatened up message rejection code to help solve processing-messages
   database problem.
16 Fixed permissions and ownership problems with data extracted from TNEF
   winmail.dat attachments.
16 Fixed slight problem in installer on new systems, so it does not complain
   about perl-TimeDate already being installed.
16 Fixed problem with Postfix leaving messages in the processing-messages db.
   Many thanks to Kai Schaetzl and Mark Sapiro for spotting the common
   features of the message ids being left behind.
18 Fixed Postfix entropy bug.
19 Changed handling of "Sign Clean Messages" so that if the signing process
   fails, we don't worry about it too much, and we certainly don't create a
   new message section just containing a signature and nothing else.
20 Alternate solution to Postfix procesing database bug, without adding 'P'.
21 Better solution to Postfix processing database bug, adding 'A' to shorter
   entropy value, so no change to final message id.
21 Moved Net::CIDR much lower down in the installation order, to avoid
   problems with CentOS 5.2-->5.3 upgraded systems.
22 Made sure it works with the processing-messages database switched on.
23 Fixed problem with HTML sig being re-added at end of message.
24 Removed type identifier from filenames listed in sender warnings.
24-2 Don't uninstall ExtUtils-MakeMaker in "./install.sh --reinstall".
24-3 ExtUtils-MakeMaker will not build on Fedora 10 x86_64 as it stands.
24-3 Fedora 10 needs Test-Simple first, RHEL5 and CentOS 5 need Math-BigInt
     first. Great :-(
24-3 Fedora Core 10 upgrades are no longer officially supported. The
     RPM Perl build system is fundamentally broken. Take Pod-Escapes as a
     fine example, it cannot build without Pod-Simple. But Pod-Simple cannot
     build without Pod-Escapes. I quit.
25 Fixed logging bug which would make it say it had found uu-encoded files
   when it had not.
25 Fixed occasional problem with a message triggering MailScanner's crash
   detection when using "TNEF Expander = internal".
25 Fixed issue with Attachment size limits not working correctly in 4.76.

1/4/2009 New in Version 4.75.11-1
=================================
* New Features and Improvements *
1 Added more spam logging to simply find delivery and non-delivery addresses.
1 Improved error messages when using Custom Functions that won't compile.
1 Added new configuration option "Unpack Microsoft Documents" to control the
  unpacking of OLE document files, as there have been rare cases of the
  third-party extraction code hanging when faced with particular files.
  If you rely on ClamAV for all your virus-checking, then you can safely
  switch this off as ClamAV has its own OLE unpacking code. Do remember,
  however, that this will disable all filename and filetype checking of
  embedded files.
  It is on by default.
1 Added new option "delete" to setting "Treat Invalid Watermarks With No
  Sender as Spam =" so messages with invalid watermarks can just be deleted.
2 Added "restartms" command-line option to the init.d script for use in the
  anti-spear-phishing package I wrote.
2 Implemented crash-protection, by limiting the number of attempts made at
  processing any given message. There are 2 new configuration settings:
  "Maximum Processing Attempts" which is set to 6 by default, and
  "Processing Attempts Database" which is set to /var/spool/MailScanner/
  incoming/Processing.db by default.
  To disable this feature, just set "Maximum Processing Attempts = 0".
  To clean out the database, just stop MailScanner and delete the database
  file.
  Many thanks to David Lee at Durham University, UK for the ideas behind
  this new system.
3 New script "processing_messages_alert" which will be installed in /usr/sbin
  on Linux systems and in /usr/sbin on other systems. Also, in
  Linux, this is enabled as an hourly cron job. It executes the command
  "MailScanner --processing" which prints the contents of the "messages being
  processed" database, excluding any messages which are being processed for
  the first time. If there is nothing to print, it outputs nothing and no
  mail message is generated by the cron job. It sends the mail message from
  the "Notices From" address to the "Notices To" address. To edit the text of
  the message, just edit the "processing_messages_alert" script, it is very
  simple.
4 Messages killed by the crash protection will now generatee warnings back to
  the sender, and to the local postmaster, just like other forms of errors
  in messages. They will, however, remain in the database so you can see them.
5 Messages that caused MailScanner to die will not be re-tried for 4 +- 2
  minutes. This stops the system spinning generating high system load while
  achieving nothing, and makes it more likely that we can defend against some
  DoS scenarios. This also means that we do not have to worry about always
  building the same batch from the same messages, which could cause some safe
  messages to be "thrown out with the bathwater" along with the single message
  which *actually* killed MailScanner.
5 Messages are moved from the "current" table to an "archive" table which is
  printed separately when "MailScanner --processing" is run.
6 The "MailScanner --processing" option can now be given as, for example,
  "MailScanner --processing=0" which will give a minimum value for which you
  want to print the records from the "processing messages" database table.
  The default value is 1.
8 I have added a new configuration option "Place New Headers At Top Of
  Message". This is set to "no" by default, as I think the result looks a
  bit ugly. However, some people are fussy about always adding headers at the
  very top of email messages, rather than at the bottom of them, so they can
  see the order in which they were added.
8-3 Added support for latest versions of Bitdefender.
9 Added support for regular expressions in "Remove These Headers". Note that
  the expression is matched against the whole header line, not just the name
  of the header. Note that the expressions must not contain any spaces, so
  use '\s' instead of ' '. The match is done case-insensitive in all cases.

* Fixes *
1 Fix to multiple-milter support in Postfix in rare case.
7 2 minor bugfixes in crash-protection system. Wasn't handling messages
  correctly when their spam action was "delete".
7 Fixed problem when messages are left in processing-messages database if a
  batch is interrupted by MailScanner being shut down or restarted.
8 Fixed reporting bug in processing-database record deletion.
8 Fixed problem with some Perl 5.10.0 distributions with trackback handling
  in Sendmail and Postfix support.
8-2 Added NewHeadersAtTop to ConfigDefs.pl.
8-4 "Max Spam Check Size" can now be a ruleset. ConfigDefs.pl corrected.
9-2 Fixed bug in new handling of regexps in "Remove These Headers" in Postfix.
10 Correct mcafee-autoupdate so it wipes old dat files.
10 Worked around problem cause when Razor is set to syslog, caused MailScanner
   to log with the wrong "facility" (see syslog(3)).

12/1/2009 New in Version 4.74.16-1
==================================
* New Features and Improvements *
1 Patch added to ClamAV & SpamAssassin easy-to-install package to make
  Mail::ClamAV Perl module handle ClamAV 0.94 correctly.
  Thanks to Steve Barber for telling me about this fix.
7 Upgraded to tnef 1.4.5.
9 The Spam Actions and its pals may now contain the "header" action with the
  special keyword "_TO_" anywhere in the header value. This will be replaced
  by a comma-separated list of the original recipients of the message.
  I wrote this for when I divert a message to the postmaster when it's detected
  as spam, for example. Then you can put
  Spam Actions = store forward postmaster@ecs.soton.ac.uk header "X-ECS-Recips-were: Sent to _TO_"
  I don't always want to include the list of recipients in the headers, as
  others object to their privacy being violated by everyone receiving the full
  list of recipients, so I can't use the "Add Envelope To Header". I *only*
  want to add this information to spam messages, so I know to whom they were
  originally addressed.
11 Another check to ensure it doesn't chmod /tmp on misconfigured systems.
14 Added support for Fedora 10.
16 Added a bit more logging of message non-delivery.
16 Slight improvement to output of list of virus scanners with --lint.

* Fixes *
2 Major work on removing symlink attack vulnerabilities affecting -autoupdate
  lock files.
  Note: This vulnerability only affected systems where normal interactive users
  could log in to the system, or create arbitrary symlinks in your filesystem.
  So the ISP-style setups were never vulnerable, as they didn't allow normal
  users to login or allow people to arbitrarily create symlinks in the
  filesystem.
2 Removed symlink attack vulnerabilities in SpamAssassin and tnef handlers.
6-2 Re-release to fix filesize problems.
7-2 Added missing "use" statement to WorkArea.pm.
7-3 Added missing tnef to Other Unix tarball distribution.
    Linux distributions unchanged.
8 Minor fix in handling of complicated "SpamAssassin Rule Actions".
10 Fixes for Locks creation bugs from Jeff Earickson. Non-RPM distribution
   should work rather better now.
12 Tiny (but important) fix to mcafee-autoupdate so that it will work properly.
13 Last few symlink attack vulnerabilities found and squashed.
14 Added the Bayes-rebuild lock files to mailscanner_create_locks.
15 Fixed locking problems with Bayes-rebuild lock files.
15-2 Fixed problem with "rewind()" errors appearing in SA.pm.
16 Fixed bug in update_virus_scanners where trailing spaces or comments on
   the "Run As User" or "Run As Group" settings in MailScanner.conf would
   cause the Locks files to be owned by root.
16 Fixed similar bugs in /etc/sysconfig/MailScanner in RPM distributions.

1/12/2008 New in Version 4.73.4-2
=================================
* New Features and Improvements *
1 Improved install.sh for RPM systems to install correct arch of tnef RPM.
1 Upgraded to tnef version 1.4.4.
2 Scanner name will always be logged even if not being reported in text to user.

* Fixes *
2 Resolved reporting bug with number of viruses found when multiple scanners
  in use.
2 Security issue in "trend-autoupdate" resolved.
3 Problem caused by zip files containing identically-named zip files fixed.
4 Fixed bug in RPM installer when no TNEF was installed. Didn't actually cause
  any problems, just generated a noisy error message.
4-2 Added tnef-1.4.4.tar.gz to tarball package.

1/11/2008 New in Version 4.72.5-1
=================================
* New Features and Improvements *
1 Added support for ClamAV 0.94. Note that this has necessitated removal of
  complete support for earlier versions of ClamAV as the command-line settings
  are incompatible. So only use this version if you have upgraded to the latest
  ClamAV 0.94.
2 The "Found to be clean" header will not be added to the message at all if
  the relevant configuration setting is blank in MailScanner.conf.
2 Filename and filetype checks are now done before virus scanning. This means
  that you can use the "deny+delete" type of filename or filetype rule to
  selectively delete files that will choke your buggy virus scanner.
4 "install.sh" now logs all output to "install.log".
4 The RPM and SuSE versions of "install.sh" now have a "reinstall" command-
  line option which will make it attempt to remove the Perl RPMs before it
  installs them, in case you have changed your Perl version enough that the
  previous Perl modules were not being found by your new setup. Very handy
  for Fedora upgraders, among others.
4 Improvements to the "reinstall" command-line switch so it removes all the
  old versions first, before it starts installing anything new.
4 Updated MIME-tools to version 5.427.
4 Minor improvement to phishing net.
4 Added check to --lint for sufficiently correct /tmp permissions.
5 Remove dsbl.org blacklist from spam.lists.conf.
5 Added more comments to the "Remove These Headers" documentation. The
  suggested list of headers to remove is now all of these:
     Disposition-Notification-To
     Return-Receipt-To
     X-Confirm-Reading-To
     Disposition-Notification-To
     Receipt-Requested-To
     Confirm-Reading-To
     MDRcpt-To
     MDSend-Notifications-To
     Smtp-Rcpt-To
     Return-Receipt-To
     Read-Receipt-To
     X-Confirm-Reading-To
     X-Acknowledge-To
     Delivery-Receipt-To
     X-PMrqc
     Errors-To
     X-IMAPBase
     X-IMAP
     X-UID
     Status
     X-Status
     X-UIDL
     X-Keywords
     X-Mozilla-Status
     X-Mozilla-Status2

* Fixes *
1 Changed logging of clamd so that it reports the virus scanner name correctly.
2 Removed debug code from OLE unpacking code.
3 Fixed log handling bug in filename rules matching code, thanks to Derek Chee.
4 Fixed bug where whole message body was deleted if a file nested within 2
  zip files failed filename tests.
4 Fixed reporting bug in 'service MailScanner status' where it would produce
  an error instead of saying the incoming sendmail process was working fine.
4 Fixed a parsing bug in the "Avast" scanner support.
4 Minor change to error message when /tmp has wrong permissions.

1/9/2008 New in Version 4.71.10-1
=================================
* New Features and Improvements *
1 Upgraded from File::Temp 0.19 to File::Temp 0.20 to resolve installation
  problem reported with Fedora Core 8 systems.
2 New Feature: We can now extract the plain text of Microsoft Word (up to 2004)
  documents in the *.doc format, and add it as new attachments to a message.
  This is done using the "antiword" program available from
  http://www.winfield.demon.nl/. There are 3 new configuration settings for
  this feature:
  "Add Text Of Doc" - This switches the feature on and off. Off by default.
  "Antiword" - Full command to run the antiword binary. Adding "-f" to it
  makes it highlight emphasized text in the output, which I find helps.
  "Antiword Timeout" - The greatest length of time antiword is allowed to run.
3 Improvement to phishing net, now correctly ignores ':80' in http URLs.
3 Implemented support for Esets version 3.
4 Implemented support for F-Secure 7.01.
5 Added protection against attacks on the HTML text parser (Perl module
  HTML::Parser) which is used to analyse HTML messages for dangerous tags.
  There is a message in circulation that breaks this, causing Perl to trigger
  a "Segmentation Fault". This protection is necessary, but may have an impact
  on the performance of MailScanner. Until the Perl module is fixed, however,
  this is very necessary protection for your email systems.
7 Added new option "Read IP Address From Received Header" which you can set to
  yes if you are running fetchmail and injecting mail from fetchmail into your
  MTA using SMTP. You need to set the "--invisible" option to fetchmail as well
  to stop it adding its own "Received:" header. See the "Advanced" section of
  MailScanner.conf for more info on this.
8 Added new rules to filename.rules.conf to allow for days of the week and
  months in filenames like my_document.july.doc so they aren't caught by the
  double filename extension trap.
8 Improved error notification if your permissions on /tmp are all wrong. It
  now tells you exactly what to type to fix them.
8 Improved VBA32 output parser to handle slightly different new output format.
8 Improved 'partial message' handling to only remove the partial-message
  section of the message, and not the whole thing. This is particularly
  relevant to DSNs from bigfoot.com
10 Improved F-Secure scanning within executables.

* Fixes *
3 Improvement to "Sign Clean Messages" so the signature now appears where it
  should, above any </body> tag as well as above any </html> tag.
6 Fix to Exim support to allow for arbitrarily-named Exim ACLs. Fix kindly
  provided by dominik.schramm@businessmart.de.
6 Fix for missing watermarks, courtesy of Lasantha Marian.
7 Fix for case when Rebuild Bayes Every = 0 and Bayes is still rebuilt.
7 TNEF attachments will be added with correct filenames when TNEF Expander =
  internal. It was erroneously adding them with their "safe" filenames.
9 Removed a load of extra debug output code.
9 "Partial messages" are now quarantined correctly.
10 Removed duplicate warning output when "Virus Scanners = none".

23/6/2008 New in Version 4.70.7-1
=================================
* New Features and Improvements *
1 Improvement to OLE document unpacking code, more likely to extract embedded
  files correctly.
1 Added new setting "Dont Sign HTML If Headers Exist" to provide finer control
  over placement of HTML signatures. If any of the named headers exist in
  the message, the message is deemed to be a "reply", and so the HTML
  signature is not attached. By default this functionality is switched off
  by not specifying any header names.
2 Improvement to Filename and Filetype checks to catch mistakenly starting a
  regular expression with a "*" on its own, as in "*.pdf" or just "*".
2 Improved message reporting when Sophos finds password-protected zip archives.
2 Now supports Mail::ClamAV 0.22 for ClamAV 0.93. You will need to upgrade your
  ClamAV+SpamAssassin installation, using the download package I provide.
3 Improved update_bad_phishing_sites to support proxy_* environment variables.
  Thanks to Heinz.Knutzen@dataport.de for this.
3 Improved upgrade_MailScanner_conf for ClamAV 0.93 and Mail::ClaAV 0.22.
3 Removed URIBL additions from spam.assassin.prefs.conf. They are in
  SpamAssassin by default now.
3 Improvements to handling of Watermarks to resolve various problems with them.
3 Upgraded to ClamAV 0.93.1 in ClamAV+SpamAssassin easy-to-install package.
4 Added "-w" to suggested "diff" command in upgrade_MailScanner_conf. Thanks
  to Anthony Cartmell for this idea.
6 Changed Watermarking, so it only checks if there was a SMTP client IP address
  as we don't want to block messages we generated on the MailScanner server.
6 Added "ID Header" setting so that you can choose whether or not you want
  the header showing the MailScanner message id value. If you don't want the
  header then set this to be blank.
6 Minor improvement to link detection in the phishing net.

* Fixes *
2 Silly mistake fixed in "Dont Sign HTML If Headers Exist" feature.
2 Fixed output text error in upgrade_MailScanner_conf.
3 Bugfixes to Watermark handling and logging.
4 More fixes to Watermark handling.
5 More fixes to Watermark handling, and a minor header change.
6 Made check for Sophos Allowed Error Messages case-insensitive.
7 Fix for missing images in HTML messages with "Allow WebBugs = yes" set.

6/5/2008 New in Version 4.69.9-3
================================
* New Features and Improvements *
1 Added command-line option "--id=<message-id>" which will force it to scan
  just the message described by <message-id>. Only works when used with
  "--debug".
1 Commented out definition of ORDB-RBL to force a syntax error in setups which
  are still mistakenly using it (and not getting any mail as a result!).
1 Added comand-line option "--inqueuedir=<dir-name|glob>" which can take
  a) a directory name, or
  b) a directory name glob (or wildcard), or
  c) a text file listing any combination of (a) and (b) above.
  This specifies where to look for incoming messages. This is very useful when
  debugging, as test messages can be put in their own queue directory, and the
  main MailScanner running will not touch them, only a MailScanner run with
  this command-line option will see them.
1 Can now extract embedded files from within Microsoft Office documents and
  subject them to all the file tests like any other attachments.
1 To allow for executables embedded in zipped Office documents, default value
  for "Maximum Archive Depth" has been increased to 3. Remember that using
  upgrade_MailScanner_conf will *not* over-ride your current settings, so you
  will have to change this manually to use the new value.
3 Added new keywords available in Spam Actions, the SpamAssassin Rule Actions
  and Archive Mail locations. You can now specify _DATE_, _FROMUSER_,
  _FROMDOMAIN_, _TOUSER_ and _TODOMAIN_ keywords in any of those and they
  will be replaced with the user and domain halves of the relevant addresses
  of the original message.
  If, for example, you specify a "forward" address
  "spam.archive-_TOUSER_-at-_TODOMAIN_@mydomain.com", then a new recipient
  will be added to the message for *each* of the original recipients. So
  a message with 5 original recipients will have 5 new ones added to it.
3 Added new configuration setting "Missing Mail Archive Is =" which can take
  the values "file" or "directory". This allows you archive to mbox files whose
  name is based on the addresses of the original recipients.
4 Using the "store" Spam Action, you can now specify an arbitrary directory
  path after the '-', so
  "store-/var/spool/MailScanner/quarantine/spam/_TOUSER_._TODOMAIN_"
  will store the message in a location determined by the recipient addresses.
  Any of the _DATE_, _FROMUSER_, _FROMDOMAIN_, _TOUSER_ and _TODOMAIN_
  keywords can be used.
4 Changed "Monitors for ClamAV Updates" for ClamAV version 0.93.
5 If the image signature <img> tag includes alt="MailScanner Signature" then
  it notices the sig file is present and so doesn't add it again.
  The "alt" attribute is matched by the word "MailScanner" followed by anything
  followed by the word "Signature" in any combination of upper- and lower-case
  so you can adapt this text quite a lot. See note for "6" below.
6 Added new configuration setting "IP Protocol Version Header" which will tell
  you the IP version number used in the last hop to this server. It produces
  either "IPv4" or "IPv6" in the header. To stop the header appearing, just
  set it to be blank. Added at special request by my boss :-)
6 Added new configuration setting "Allow Multiple HTML Signatures". If the
  message has been signed with an HTML signature containing an <img> tag,
  whose "alt" attribute contains "MailScanner" and "Signature" and
  "%org-name%", then it will not be signed again if this option is set to "no".
  Once a message (with an image in the signature) has been replied to a few
  times, it starts getting very large and ugly. This option keeps the message
  size down and makes it look better. This is set to "no" by default as
  messages look better this way.
7 Debian/Ubuntu have changed the default %org-name% value to "unconfigured-
  debian-site" so I have to check for that as well in the 'Have I Been
  Configured" code at startup :-(
9 Added support for the VBA32 virus scanner from www.anti-virus.by/en/.
  The scanner is called "vba32" in MailScanner.conf.

* Fixes *
1 "IPBlock" Custom Function will start up properly without MailScanner.conf
  location on the command-line.
2 Fixed problem with file MIME type checks were being incorrectly applied.
2 Added OLE::Storage_Lite to the list output by "MailScanner -v".
4 Forced "Debug SpamAssassin" to no unless "Debug" is set to yes.
7 Fixed problem with "--debug-sa" and MailScanner freezing using 100% CPU.
8 Fixed problem with modules not reporting properly with "MailScanner -v".
8 Fixed problem where "MailScanner --lint" would sometimes report false errors.
9 Fixed problem with OLE document unpacking occasionally dying with error.
9-2 Added VBA32 -wrapper and -autoupdate to Linux packages.
9-3 Fixed problem with OLE document unpacking occasionally dying with error.

1/4/2008 New in Version 4.68.8-1
================================
* New Features and Improvements *
1 Support for the Fpscand daemon that is supplied with F-Prot version 6.
  Add this line to your virus.scanners.conf
  f-protd-6 /bin/false /usr/local/f-prot
  and set "Virus Scanners = f-protd-6" in your MailScanner.conf.
  This is very much faster than the f-prot-6 command-line scanner.
3 Improved the list of ignored web-bug filenames.
3 New update_bad_phishing_sites script to use major new fireproof delivery
  system. Many thanks to Matt Hampton for all his time and support with this.
3 Updated to Catalan translation.
3 Updated support for Vexira "vascan" virus scanner.
3 Changed location of Web-Bug Replacement image. upgrade_MailScanner_conf will
  put in the new URL. This will give significantly better response to your
  users.
3 Added new option "Log SpamAssassin Rule Actions" so that you can see exactly
  what actions fire on what messages from the "SpamAssassin Rule Actions"
  setting.
3 Added new option to the filename.rules.conf and filetype.rules.conf files.
  Instead of "allow", "deny" or "deny+delete", you can now specify a space or
  comma-separated list of email addresses. If the filename or filetype rule
  is matched, the message is sent to these new addresses instead of the ones
  given in the original email address.
3 Updated support for latest versions of Esets virus scanner from Nod32.
4 Added Net-DNS and Digest-SHA1 to the main MailScanner distributions so that
  they are installed appropriately ready for when you install Razor. This way
  they are installed as RPMs and not just plain Perl modules, as the RPM of
  Razor requires them to have been installed as RPMs.
4 New configuration option "Automatic Syntax Check" added, default is "yes",
  which causes a quick syntax check of the MailScanner.conf file and the other
  configuration files, printing out errors on the console, instead of just
  logging them to your system's mail log as it did before.
  This will hopefully make it easier for novices to get going successfully.
5 SpamAssassin Cache will no longer cache "timed out" responses.
5 Upgraded to perl-Digest-SHA1 version 2.11.
6 Added SpamAssassin MCP patch for 3.2.4.
7 Changed default supplied High-Scoring Spam Actions to "store". That way
  users don't have to work out how to change it, to reduce their spam a lot.

* Fixes *
2 Improved MakeNameSafe() to fix problems caused by f-protd-6 working with
  filenames containing spaces (which it cannot handle!).
2-2 Fixed error in --lint support for F-Protd-6.
2-3 Typo, missed out a "$" :-(
3 Fixed important bug in f-protd handling code.
4 Fixes to Ruleset-From-Function.pm Custom Function code.
5 Fixed various issues with new automatic syntax check (--lintlite) code.
6 Fixed IPBlock problem with MailScanner --lintlite.
6 Fixed Postfix milter problem (thanks Glenn!).
7 Fixed problem with Inline images in HTML signatures. Now works with nested
  multiple replies.
8 Fixed bug where original unsafe filename wasn't used correctly when auto-
  replacing attachments with zipped copies to save space in mail stores.
  Thanks to Armand Leroux at Capgemini for finding this one.

4/3/2008 New in Version 4.67.6-1
=================================
* New Features and Improvements *
1 Added support for the ESET virus scanner, from www.eset.com. Support written
  by Phil (UxBoD). Many thanks! Just use "Virus Scanners = esets" in
  MailScanner.conf and check you have installed it in the expected location or
  change /etc/MailScanner/virus.scanners.conf.
2 "MailScanner --lint" now checks to ensure unrar is installed and executable.
2 Esets autoupdater now accurately reports status results.
3 Implemented file MIME type checking, as reported by the "file -i" command.
  This includees 3 new settings, which all work just like their non-MIME
  brothers: "Log Permitted File MIME Types", "Allow File MIME Types" and "Deny
  File MIME Types".
  The main use is via the filetype.rules.conf file, where a new optional field
  may be added just after the regular expression field (just after the 2nd
  field in each line). If this field is added, then the "file -i" command is
  run on every batch of messages and the output checked against the MIME types
  specified in the newly inserted 3rd field (out of fields 1-5 on each line of
  filetype.rules.conf files).
4 Added compatibility for BitDefender 7.5 to bitdefender-wrapper.
4 --debug now tells you when it's waiting for its batch of messages, and how
  big the batch is.
4 "Use TNEF = replace" behaviour changed to add attachments with their original
  potentially very long filenames instead of a sanitised one.
4 Linux RPM install.sh fixed for Fedora Core 8. Thanks to scud@etailengine.com for that one.
4 Improvement to the phishing net to allow all the links that look like this:
  Name of my Blog - http://site.blogspot.com/
4 Installation order of Perl module changed to install File::Spec before ExtUtils::MakeMaker, which should help the Solaris folks.
5 Made warning about %org-name% containing illegal characters a lot more
  obvious when running "MailScanner --debug" as well as "MailScanner --lint".
5 Any mail headers inserted with spaces in them will have spaces replaced with
  hyphens.
5 When "MailScanner --debug --debug-sa" is run, the start of every line of
  SpamAssassin debugging output now has the current time stuck on the front
  of it. This makes looking for pauses a whole lot easier.
6 Improvements to the init.d scripts for the RPM distributions. While waiting
  for the MailScanner processes to die of natural causes, they periodically
  send them another kill signal as there are a few cases in which the kill
  signals are ignored. This should result in far more reliable restarting.
6 "sophos-autoupdate" improved to handle new "suspicious" threat data files
  whose names start with "sus".

* Fixes *
4 Improved definition of "Scan Messages" when using Postfix, to attempt to
  avoid occasional double delivery of unscanned messages on heavily loaded
  servers.
5 Maliciously crafted attachment filenames could circumvent the 'very-long-
  filename' rule in filename.rules.conf. Fixed.
5 Fix to include "ClamAVModule" in log outputs from it.
5 Symantec Scan Engine support problems now fixed. Set the path in
  MailScanner's virus.scanners.conf to "/opt/SYMCScan". If set to that value,
  it expects to see the Linux command-line scanner in the file
  /opt/SYMCScan/ssecls/ssecls.

4/1/2008 New in Version 4.66.5-3
================================
* New Features and Improvements *
1 New optional configuration setting "Syslog Socket Type". By default this is
  left blank, as it will work it out according to the operating system you
  are using. Some Solaris users may want to set this to "native".
1 Addition of new message property for use by MailWatch 2.
1 Update of Sophos.install for Sophos version 6.
2 Updated to handle new MailTools 2.02. This includes the use of several new
  Perl modules, so you'll have to use the install.sh to install all the
  requirements of the new MailTools code (unless you are doing clever things
  with yum repositories).
3 Improvement to the phishing net for multiple "blocked::" prefixes on links.
3 Improvements to speed up StartTiming() and StopTiming() greatly.
3 Updated to MIME-tools 5.425. This should solve lots of problems people are
  having with using yum repositories.
4 Added startup code to check for consistent version numbers with MIME-tools.
4-2 Better install.sh for RHEL and CentOS 5.
4-3 Added some more modules to the compulsory list for RHEL and CentOS 5.
    These are all labelled "yes" in the right-most column of the module list
    near the bottom of install.sh.
5 Improved eTrust-wrapper and -autoupdate to handle latest version 8.1 of
  eTrust, and allow more flexibility in setting of eTrust location in
  virus.scanners.conf. Can now just put /opt/CA if you are running 8.1 or later.
5 Improved easy-to-install ClamAV & SpamAssassin package so that it will always
  install my patched Mail::ClamAV and Mail::SpamAssassin modules even if un-
  patched versions are already installed.
5-3 Changed Perl IO module to always force installation.

1/11/2007 New in Version 4.65.3-1
=================================
* New Features and Improvements *
1 Added support for F-Secure version 5.5.
  In virus.scanners.conf, set the path to "/opt/f-secure/fssp".
2 Added log output when bad watermark causes raise in spam score.
2 RedHat RPM-based install.sh no longer forces installation of anything on
  RedHat 5, CentOS 5 or hopefully some clones thereof. No change on Fedora.
2 Improvement to upgrade_MailScanner_conf and upgrade_languages_conf so that
  if either is run when there is no .rpmnew file (and hence you don't need to
  run it) then no harm will be done, the .conf will be copied to the .new file.
3 Improved install.sh support for Mandriva which has /usr/src/rpm not .../RPM.
3 Changed syslog output of virus infections so scanner names are all 1 word.

* Fixes *
2 Fixed bug with "notify" action in "SpamAssassin Rule Actions" setting.
2 Fixed RBL check return address for anti-spam.org.cn's weird blacklist.
2 Fixed "MailScanner --value=..." (for testing rulesets), when MTA is not
  sendmail.

1/10/2007 New in Version 4.64.3-2
=================================
* New Features and Improvements *
1 The MailScanner book is now also available for purchase from the EU with
  much lower shipping costs. Go to www.lulu.com/mailscanner.
1 Solaris check_mailscanner code now uses pgrep.
1 "MailScanner -v" now lists version of Date::Parse which was missing.
1 Added "$datenumber" to the inline spam warning report.
1 "MailScanner --lint" now checks your %org-name% to ensure it only contains
  safe characters (i.e. a-z, A-Z, 0-9 and -).
1 Added "allow" rule to filename.rules.conf for the XML filenames inside
  Microsoft Office 2007 (e.g. *.docx) files which are actually archives.
1 F-Prot-6 autoupdater improved to tell you whether it actually downloaded
  a new virus signatures file or not.
1 Tar distro now includes ChangeLog.
1 "Treat Invalid Watermarks With No Sender as Spam" can now be set to a number
  greater than zero. This value will be added to the spam score.
1 Watermark spam header reports refer to them as "watermarks" and not
  "null headers" as that is easier to understand.
2 Changed the default value "ClamAV Full Message Scan = yes". It has a slight
  speed impact, but is worth it for the extra spam-spotting ability, especially
  if you are using any extra ClamAV additional databases of spam signatures.
3 Changes required for MailWatch v2. Provided for Steve Freegard.

* Fixes *
1 Now set the umask of the directory into which the TNEF attachments are
  unpacked by the external TNEF expander. Thanks to derek@csolve.net.
1 Fixed bug which caused crash when using a ruleset on "Filename Rules" setting
  when the file listed in the ruleset does not exist. Thanks to Ugo Bellevance.
1 Added line to stop EOCD Format errors being output in UnpackZip. Thanks to
  Rick Cooper.
2 Added fix to reported spam scores in some messages sent to multiple
  recipients. Provided by Derek Buttineau.

4/9/2007 New in Version 4.63.8-1
================================
* New Features and Improvements *
1 Improved init.d script, so that 'service MailScanner restart' or
  '/etc/init.d/MailScanner restart' runs faster. It pauses for just long
  enough for the old MailScanner to die gracefully, and starts up the new one
  as soon as the old one has died. Previously, it just waited for a fixed
  length of time which was much longer than needed for most people.
1 Improved tar installer so the directory created for MailScanner includes the
  build revision number as well as the main version number.
1 Improved phishing net logging to log entire real URL not just hostname.
1 Improvement to update_spamassassin to stop cron-generated mail.
1 New setting "Phishing Bad Sites File" which is a live continuously-updated
  list of known bad sites that have been reported to various mechanisms around
  the world. Please don't ask me for more information as I can't give it to
  you, but every site on the list has been manually tested and the list can be
  relied upon. Your installation should update this file every hour.
  NOTE: Run upgrade_languages_conf after installing this upgrade!
2 Reduce default "Restart Every" time to 2 hours so that updates to the
  known bad phishing sites list are re-read more frequently.
2 Added *.fdf to the list of dangerous filenames. Opening a .fdf file can
  cause the loading of any file on the internet into Adobe Acrobat.
2 Added 2 new variables to the sender reports: $size = size of message in bytes
  and $maxmessagesize = maximum allowed size of this message in bytes.
2 Added new setting "Check Filenames In Password-Protected Archives = yes" so
  that the filename checks can be suppressed on encrypted archives to allow
  a few people to get exe's and so on through the mail as part of their
  business needs. Normally leave this setting at "yes".
2 Added new setting "Include Binary Attachments In SpamAssassin = no" which
  can be used to tell SpamAssassin to look at all attachments, not just the
  ones containing text (or HTML, etc) which is its normal behaviour.
  Changing this setting to "yes" will have no effect without a patch to the
  SpamAssassin code, which you can fetch from
  http://www.mailscanner.info/mcp.html#patches
  It will slightly slow down SpamAssassin some of the time, and is therefore
  disabled by default.
  This can be very useful if you want to look for rude or derogatory content
  in messages, and do not want the huge speed impact of using MCP. It can
  successfully scan the content of Microsoft Word documents, for example. It
  won't be effective on PDF files however, as these are compressed internally
  so there is no readable text anywhere in the file.
3 Added a long $PATH to f-prot-autoupdate so we can find wget on most OS-es
  including Solaris.
3 Improved Sophos.install to disable the savupdate cron job and switch off
  the unwanted Sophos services.
3 Added a feature to the "SpamAssassin Rule Actions". You can now specify
  "SpamScore" and a number comparison, instead of just giving a SpamAssassin
  rule name. So you can say
  SpamAssassin Rule Actions = SpamScore>25=>delete
  and this will cause all messages scoring over 25 to be deleted. You can use
  this to set different actions at different spam scores, in addition to the
  normal spam actions and high-scoring spam actions. The numerical tests you
  can use are ">", ">=", "==", "<=" and "<".
4 The "action" in each "RULE=>action" in "SpamAssassin Rule Actions" can now
  be a comma-separated list of actions, so you can easily specify multiple
  actions per rule.
6 Added support for F-Prot version 6. Must be specified by
  "Virus Scanners = f-prot-6" in MailScanner.conf.

* Fixes *
1 Improvement to phishing net to allow HTML tags with contents split over
  multiple lines.
1 Changed options to ClamAVmodule so it doesn't hit false positives with the
  phishing and scam email detection signatures.
1-2 Fixed bug where --lint gives "MailScanner.conf file not found" error.
2 Stopped writing a PID file when "MailScanner --lint" is run.
2 update_spamassassin no longer produces any output, so no crond email.
2 Fixed bug where clamavmodule scanner name wouldn't always be logged correctly.
2 Bugfix in ZMDiskStore.pm ZMailer support from Leonardo Helman.
3 Force installation of perl-Getopt-Long to try to solve the problems with
  command-line options producing 'config file not found' errors.
3 Commented out sample rules in max.message.size.rules file.
3 Fixed MailScanner.conf Sophos-specific settings for Sophos 5.
5 Fixed problem where MTA=sendmail would cause ruleset to not be used on
  Sendmail2 setting.
8 Fixed bug when specifying multiple actions in "SpamAssassin Rule Actions"
  for one rule name.

1/8/2007 New in Version 4.62.9-3
================================
* New Features and Improvements *
1 Improved non-Linux installer.
1 Improved Linux installer.
1 Updated OpenBSD installation guide. Thanks to Jeremy Evans for this.
1 Upgraded MIME::Base64 to 3.07.
1 Improved error reporting for clamd permissions problems. Thanks Rick.
2 Added SAUPDATEARGS to /etc/sysconfig/MailScanner and
  /usr/sbin/update_spamassassin. For a good use of this, see
  http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt and search
  for "HOWTO" in the Subject: line of the MailScanner-discussion list archive.
  This process replaces RulesDuJour entirely.
  Another good ruleset to add to your setup is
  http://www.peregrinehw.com/downloads/SpamAssassin/contrib/KAM.cf
  To download this automatically every night, fetch
  http://www.mailscanner.info/files/4/KAM.cf.sh and put it in /etc/cron.daily
  and make it executable (type "chmod +x /etc/cron.daily/KAM.cf.sh").
3 Added "Known Web Bug Servers" so you can blacklist images from known servers
  of web bug services.
3 Added functionality of "milter-null" to MailScanner so you no longer need to
  run this separately. It is called "Watermarking" and there is a whole
  section for the settings in MailScanner.conf. They are
  Add Watermark	= yes
  Skip Spam Checks If Watermark Valid = yes
  Watermark Header = MailScanner-%org-name%-Watermark:
  Watermark Lifetime = 432000 # in seconds, = 5 days
  Watermark Secret = SET-THIS-TO-A-SECRET!
  Also added Digest::MD5 to the required list of Perl modules, this is needed
  for the watermarking code.
3 Added optional image to the clean message signature. You can also use this
  to add an arbitrary image attachment to any message, if you so wish. The
  main point is to be able to have graphical HTML signatures on messages.
  The settings are
  Attach Image To Signature = no
  Attach Image To HTML Message Only = yes
  Signature Image Filename = %report-dir%/sig.jpg
  Signature Image <img> Filename = signature.jpg
4 Added support for Kaspersky kav4fs. Set virus.scanners.conf entry to
  point to /opt/kaspersky.
4 Changed default value to "Max SpamAssassin Size = 100k" as modern PDF spams
  are getting quite large, and PDFInfo.pm doesn't work with cropped messages.
4 Improved Clamd parser to handle Sane Security ClamAV signature databases
  which detect spam and so on from the contents of the headers, and hence
  find infections without attachment filenames. Thanks to various people for
  help with this, you know who you are :-)
4 Improved upgrade_MailScanner_conf so that it checks that the 'Monitors for
  ClamAV Updates' setting looks for inc and cvd files. Problems have recently
  been suffered by many due to the value of this setting being out of date.
  It doesn't automatically re-write their setting in case they have installed
  ClamAV somewhere odd and have customised it.
4 Changed 'Monitors for Sophos Updates' setting default value to point to
  appropriate file for Sophos version 5 and upwards, and have added check
  in upgrade_MailScanner_conf to ensure their setting now points to a new
  location. It prints a warning if sophos-av does not appear in the path.
4 Added configuration setting "SpamAssassin Rule Actions". This setting is
  very powerful and can be used to implement many things that MCP can do,
  without having the processing overhead of MCP. The documentation for it is
  in the MailScanner.conf file. Its power is limited by your imagination :-)
  Start combining it with rulesets and you can take (or _not_ take) any
  combination of actions dependent on any bit of content in the message or its
  headers. You could try out new SA tests by storing in quarantine every
  message that matches a new particular SpamAssassin rule (or meta-rule for
  creating more complex expressions).
5 Added "custom" spam action, which takes a parameter. This is passed into the
  CustomAction function in CustomAction.pm in the CustomFunctions directory.
  This can be used to implement anything your heart desires, depending on the
  contents of a message.
7 When clamav, clamavmodule or clamd parsers are being used and new setting
  "ClamAV Full Message Scan" is set to "yes", pass each of the entire
  messages to ClamAV as well as the attachments so that the signatures that
  detect spam can work reliably. This is set to "no" be default as it has a
  speed impact.
7 The watermark options have been tweaked and renamed a bit, and one new
  feature has been added. "upgrade_MailScanner_conf" will show you the renames
  and the new feature is designed to save resources on sites with more than
  1 MailScanner. Currently, if you have a message delivered to a secondary MX
  (with MailScanner) which relays mail to the primary MX (also with
  MailScanner) for delivery to users' mailboxes, the spam checks will be
  done twice; this is a waste of resources. The new setting "Check Watermarks
  To Skip Spam Checks = yes" will remove this waste by skipping the spam
  checks on the primary MX as the secondary has already done them.
7 "Virus Scanners = auto" will detect multiple types of ClamAV installed and
  tend towards the most useful one. It will use clamd else clamavmodule else
  clamav. This helps if you have all 3 installed, which is quite likely.
8 Greatly improved "MailScanner --lint". It now actually tests every virus
  scanner that you have installed, and checks that they can successfully scan
  a message containing the Eicar test-virus pattern. It reports the results
  from each scanner and warns you about checking any that are not reported.
9 Added check to "MailScanner --lint" to check envelope_sender_header in
  spam.assassin.prefs.conf is correct and matches MailScanner.conf.
9 Added new setting "Use Watermarking = yes" to give overall control of all
  watermarking features.
9 Fixed error with "MailScanner --lint" when not using sendmail.

* Fixes *
2-2 Fixed error in RPM installer.
2-3 Fixed error in update_spamassassin.
3-2 The watermarking code should do something now :-)
3-3 Rewrote the watermarking docs so they reflect the truth.
4   --lint now reads all the Custom Functions properly.
4   Bug in auto-zip fixed where attachments could be deleted without being
    added to zip. Thanks to Matt Hampton.
4   Bug with '-' in HTML attribute names confusing phishing net fixed. Thanks
    to John Wilcock.
5   Fixed 2 bugs in MSRBL clamav-signature handler. Thanks to UxBoD.
6   Fixed bug from October 2006 involving McAfee finding infections in headers.
7   Fixed bug when unpacking TNEF files with external decoder.
7   Fixed 'monitor files' check in upgrade_MailScanner_conf so it doesn't check
    inadvertently when doing an upgrade_languages_conf.
7-3 Fixed bug in full message file creation in scanning dir as permissions
    were wrong.
9   Added use POSIX to top of MessageBatch.pm so WNOHANG is defined.

2/7/2007 New in Version 4.61.7-2
================================
* New Features and Improvements *
1 Direct support for the "clamd" virus scanner -- now talks directly to the
  clamd daemon without any overhead of calling clamd-wrapper or clamdscan.
  As a result, this should be faster than the previous clamd support.
  It also has a much smaller memory footprint than the "clamavmodule" scanner.
  This is all thanks to Rick Cooper who wrote the original code.
  New configuration options are
  - Clamd Port = 3310
  - Clamd Socket = /tmp/clamd
  - Clamd Lock File = /var/lock/subsys/clamd
  - Clamd Use Threads = no
  The use of these settings is explained in the MailScanner.conf file.
2 Changed session handling in direct clamd virus scanner support.
3 'MailScanner --lint' now finds clamd virus scanner.
3 Made clamd subsys lock file blank by default, so it works on non-Linux
  systems.
3 Added another example to the Allowed Sophos Error Messages setting for
  password-protected files.
4 Renamed "sa-update" command and cron job to "update_spamassassin".
4 Added ability to easily disable update_virus_scanners script.
4 Added conditional call to sa-compile to update_spamassassin cron job.
4 Added to $PATH in update_phishing_sites for Solaris 10 locations.
5 Watermarking functionality has had to be withdrawn due to patent issues.
  Sorry about this, but it would cause huge problems in the USA where
  software patents are legally enforceable and it would cause problems with
  including patented code in GPL software too.
6 Added facility to change SpamAssassin's temporary working files directory,
  using the new option 'SpamAssassin Temporary Dir'. By default this is put
  under the Incoming Work Dir location, as that is (hopefully) mounted using
  tmpfs. If an attempt to use this directory fails, it reverts to /tmp.
7 Fixed bug in finding PERL5LIB in installers. Thanks to Sean Coleman.

* Fixes *
2 Fixed bug in auto-zip feature with a message containing 2 attachments with
  the same filename.
2 Fixed bug in auto-zip feature that would allow zipping of an attachment
  which had been cleaned out of the message.
3 Fixed "identified/found" bug in AVG parser.
3 Fixed bugs in Panda and AVG parsers courtesy of Rick Cooper.
3 Fixed bug in Postfix handler which caused a problem with empty messages.
4 Fixed bug in SuSE init.d script stopping MailScanner reload working properly.
4 Changed method for getting MCP to decode binary attachments (the interesting
  ones have "application" in their MIME type). New patch for SpamAssassin 3.2.1
  Util.pm required now. No other SpamAssassin patches required at all.
4 Added definition of "noticesizeinfected" to languages.conf.
4 Added speedup (courtesy of Glenn Steen) to the new Postfix milter support.
4 Fixed rare bug in Postfix milter header support (from Glenn Steen).
5 Fixed problems with /usr/sbin/update_spamassassin not calling sa-update.
7 Removed second delay from update_spamassassin as one already exists in the
  cron job.

1/6/2007 New in Version 4.60.8-1
================================
* New Features and Improvements *
1 Improved Sophos.install script so that it sets up /etc/ld.so.conf ready for
  installation of Perl-SAVI module required for "sophossavi" virus scanner.
1 Custom Functions can now receive parameters not only to their Init and End
  functions, but also to their run-time calculation functions (i.e. the real
  custom function itself used when processing each message). The Custom
  Function is now passed not only the message, but also a ref to a list of
  parameters specified in the MailScanner.conf file.
1 Improvement to phishing net.
1 'clamavmodule' scanner no longer detects encrypted zips/rars as viruses,
  leaving MailScanner to do the check later in the dangerous content scanning.
  The consequence is that MailWatch will allow them to be released from
  quarantine.
2 Updated a whole load of Perl modules in the pre-requisites lists for both
  MailScanner and SpamAssassin.
2 Added a "--nomodules" command-line option to the MailScanner install.sh
  script to skip installing required Perl modules.
2-2 Fixed bugs introduced by 4.60.2 in generic installer. Only affects 'other
  Linux and non-Linux' installer.
2-4 Fixed more non-Linux installer problems.
4 Added more modules to the list output by "MailScanner --version".
4 Improved phishing net detection of HTML tags, courtesy of snifer_@hotmail.com.
4 Added patches to provide full "p record" support in Postfix 2.3 and 2.4,
  courtesy of Glenn Steen <glenn.steen@gmail.com>.
5 Added a new feature, to compress all the attachments in a message and
  replace them with a single zip file.
  Set "Zip Attachments = yes" (no by default), and
  set "Attachments Zip Filename = MessageAttachments.zip"
6 Added 2 new configuration options for the "Zip Attachments" feature:
  Attachments Min Total Size To Zip = 100k
  Attachment Extensions Not To Zip = .zip .rar .tgz .gz .mpg .mpeg .mp3 .rpm
  Hopefully these are fairly self-explanatory.

* Fixes *
1 Phishing net now correctly handles HTML tags inside links.
1 Deprecated clamscan flag replaced with supported one to stop it printing
  the summary.
1 Added '-b' to nod32-1.99 command-line options in SweepViruses.pm to stop
  scanner producing licensing details. Thanks to UxBoD.
1 Removed test in RPM distribution's test for RedHat 6 as it will clash with
  RHEL 6 and Fedora. Anyone still running RedHat 6 has bigger problems! :-)
1 Worked round Perl bug in returning number of RBLs hit by a message.
1 Fixed problem causing some password-protected RAR archives to be missed.
3 Fixed bug introduced in earlier beta in RBL code.
6-2 Patch to Exim to handle named ACL variables as well as numbered ones.
    Courtesy of Maarten Vink.
7 Added v320.pre to mcp directory.
7 Postfix 2.3/2.4 patch fix.

1/5/2007 New in Version 4.59.4-2
================================
* New Features and Improvements *
2 Changed locations monitored for ClamAV updates to fit new ClamAV 0.9 layout.
2 Added support for clamdscan and clamd. Use "Virus Scanners = clamd".
3 Changed check ordering so that mail from blacklisted addresses is still
  marked as spam even its size exceeds the max spam message size check.
3 Improved detection of empty <A HREF= tags in phishing detection. Thanks to
  snifer_@hotmail.com for this.
4 Added support for Avast "avastcmd" virus scanner. Use
  "Virus Scanners = avast" to use it.
4 Added support for Avast "avastd" virus scanning daemon, which must be
  configured and running first. Use "Virus Scanners = avastd" to use it.
  In /etc/avastd.conf, be sure to set "archivetype = A", in all the sections
  of the file where the setting appears.

* Fixes *
1 Exim fix by Debian Maintainer: Simon Walter.
1 Incoming Work Group not honoured for files with a leading dot in their
  filename. Again, fix by Simon Walter.

1/2/2007 New in Version 4.58.9-1
=================================
* New Features and Improvements *
1 Added accessor functions to Config.pm to enable implementation of ruleset
  evaluation within a Custom Function.
4 New example Custom Function to show how to evaluate a ruleset from within
  a Custom Function.
5 Checks the SA cache more intelligently now, to use the required score from
  the right message always. Thanks to Olaf.Ohlenmacher@colt.net for this.
5 Supporting code for BarricadeMX. If you haven't got this superb package
  yet, contact Fort Systems (www.fsl.com) for an evaluation licence RIGHT NOW!
  It's superb, and even runs on Windows with Exchange, in addition to all
  the other platforms normally supported. Say goodnight to all your spam
  problems. It will reduce the load on your mail servers so much that you
  won't be needing any upgrades for a few years, which will save you a
  whole load of money!
5 "MailScanner --lint" now checks the version number of the MailScanner.conf
  file to ensure you are not behind with your settings and need to run
  upgrade_MailScanner_conf.
6 Improvement to check_MailScanner script so it prints Done or Failed as
  appropriate.
7 Mail sent out to split mail queues will only be picked up when the MTA
  next scans the queue. This problem will be rectified in the next release.
  I didn't want to change the code so close to the release date, I will fix
  it very soon. This does not affect the vast proportion of users.
7 Okay, I've changed my mind. The new code is in for testing.
8 Mail sent out to multiple mail queues will all cause the MTA to be
  "kicked" into knowing there are new messages in the outgoing queue
  waiting to be delivered.
8 Added new configuration option
  "Notify Senders Of Blocked Size Attachments = no".
  This is to stop notifying senders of 0-length files which are generated
  by some broken viruses and worms. It does also control sender notifications
  for other sizes of attachments that are outside your pre-set limits set
  in other configuration options.
9 Added setting of TMPDIR shell variable so that SpamAssassin will store
  all its temporary files in tmpfs (under /dev/shm) to speed it up a bit.

* Fixes *
1 Small addition to Config.pm for one customer.
2 Don't use 4.58.1, bug introduced in Config.pm.
4 Bug fixed where {Fraud?} Subject: tag would not appear when appropriate.
5 Fixed bug in Exim delivery code that would leave stray defunct processes
  lying around in some situations.
5 Now kicks Sendmail/whatever about all messages in all outgoing queues.
5 MCP doesn't pick up sa-update rules any more. Thanks to Jason Desai.
5 AVG7 support improved.
6 Bug fixed where 1 disarmed message followed by another 1 non-disarmed
  message would cause the 2nd message to be tagged disarmed in the Subject:
  line, but only if the message batch would be processed in exactly 1
  particular order.
6 Fixed bug with extra "Disarmed" tags where there shouldn't be.
8 Postfix support for split queue kicking fixed. Sendmail support working well.
8 Fixed potential DoS attack bug with very long headers in ZMailer support.
  Patch from Leonardo Helman.


16/12/2006 New in Version 4.57.7-1
==================================
* New Features and Improvements *
1 Added new configuration setting
  Max Spam Check Size = 150000
  If a message is bigger than this size, then all the spam checks are
  skipped and the messages is not spam.
  This saves a lot of time decoding and matching against huge messages.
  New languages.conf setting needing translation:
    skippedastoobig = not spam (too large)
2 Improved install-Clam-SA.tar.gz so that it contains version numbers of
  contents.
2 Phishing Whitelist is now also used with less strict phishing net.
3 Add of the "Modify Subject" configuration options now also take the values
  "start" and "end", so that you can move any of the Subject: line tags to
  the end of the line in case that is what you need to do.
4 Speeded up the relaunch of MailScanner child processes. So the detrimental
  effects of the delays caused by a MailScanner "restart" will be greatly
  reduced.
4 Released as release candidate for 4.57 on December 1st.
5 Bug in spam handling (spam would be delivered when it should not be) fixed.
  Thanks to Mirko Acimas for spotting and reporting this one.
5 Bug in ham handling (same problem was spam handling).
5 spam.lists.conf updated.
7 Added a few accessor functions for LastSpam.com.

09/10/2006 New in Version 4.56.8-1
==================================
* New Features and Improvements *
1 Added a complete new set of configuration settings to report on
  messages and attachments that are outside the size limits set in
  MailScanner.conf. These are:
  Sender Size Report
  Stored Size Message Report
  Deleted Size Message Report
  Size Modify Subject
  Size Subject Text
  These are used in exactly the same way as the other sets of options
  that tag and modify the message for other reasons.
3 Improved report of "message too large" case.
3 Updated Catalan language files courtesy of Jordi Sanfeliu.
3 Increased default max SpamAssassin message size to catch more single-image
  spam messages.
3 Solved compatibility with Postfix 2.3.
3 Upgraded Sys::Syslog to 0.18 which fixes all the compatibility problems of
  0.17 and 0.16.
3 Upgraded Kaspersky support to 5.5.
4 Added new features to "Max SpamAssassin Size" setting:
  <number> --- behave as before
  <number n> trackback --- get n bytes then backtrack looking for the start
                           of the attachment we are in the middle of.
  <number n> continue <number m> --- get n bytes then continue up to a maximum
                                     of m extra bytes looking for the end of
                                     the attachment we are in the middle of.
5 Upgraded to tnef version 1.4.3.
5 Upgraded Archive::Zip to 1.16. Builds properly on x64 architectures.

* Fixes *
1 When 'Outgoing Queue Dir' was changed from the default, kicking sendmail
  into attempting delivery of a new processed message in the outgoing queue
  would just wait for the next regular run of the queue. Now fixed so that
  a delivery attempt is made immediately. This fix only affects users who
  have changed the "Outgoing Queue Dir" setting and who are also using
  sendmail as their MTA.
2 Missed 2 "defined" checks on variables before using them.
  Thanks to Andy Kirkpatrick for spotting that one.
2 Fixed version number check.
3 Fixed output bug in less strict phishing net. Does anyone use this?
3 Fixed bug in Sendmail KickMessage() function. Thanks to Martin Billy.
4 Removed Postfix 2.3 extra, and reverted to simple regexp as Holger's version
  is buggy (mismatched ')').
5 Changed number of viruses found reported to be max of each AV package's value.
6 Rewrote logic of addenvto so it should now work correctly when the setting
  is blank.
6 Put in new version of Postfix 2.3 regexp.
8 Fixed error when using k, m or g multipliers in Max SpamAssassin Size.

1/8/2006 New in Version 4.55.9-1
=================================
* New Features and Improvements *
1 Added educ.ar and uba.ar to country.domains.conf for less strict phishing net.
1 Code tidy up in Message constructor.
1 Speed improvements to ZMailer attachment extraction to keep up with the
  other MTAs.
1 "Log Speed = no" now does what it says on the tin. (UK in-joke :-)
1 Added "stopms" option to Linux init.d scripts.
1 Improved behaviour when %percentvars% at start of MailScanner.conf have not
  been configured at all. It now uses the fully-qualified hostname to guess
  the domain name and website address. It used to refuse to run which was
  very impolite.
1 Added Sys::Hostname::Long to list of required modules to implement the above.
2 Documentation rationalisation. Most up to date versions are all on the web.
3 Now output lock type in use with "--lint".
4 Improvement to Sophos.install for Sophos Version 5 so that email logging is
  disabled.
4 Now use syslog "notice" priority instead of "info" when issuing messages
  that are nearly warnings. This helps you drastically reduce the amount of
  syslog output by just logging priorities greater than or equal to "notice".
5 Added a "Contact Us" web page instead of just a mailto: link.
6 Improved Help guidance in Contact Us web page.
6 New command-line option: "-c" or "--changed".
  This will print out a table of all the configuration settings that have
  been changed from the default values hard-coded into MailScanner. Note
  this may not be quite the same as the differences from the supplied
  default MailScanner.conf file.
6 Updated hard-coded defaults to better match MailScanner.conf settings.
6 Improved handling of broken Custom Functions. Having a broken Custom
  Function will now just result in the setting's default value being used.
7 Bugfix for "--changed" printing when using Custom Functions.
8 Improved syslog-ing code so it doesn't matter is syslogd dies.
8 Upgraded DBD-SQLite to version 1.12 as it builds a lot more easily.
8 Improved handling of Postfix virtual users. Thanks to jpabuyer@tecnoera.com.
9 Added catch to commercial virus scanning code to allow syslogd to die during
  a virus scan.
9 Improved speed logging to remove chatter.
9 Upgraded Sys::Syslog to 0.17 which builds okay, unlike 0.16.
9 MCP timings are no longer output if MCP checks are disabled.

* Fixes *
1 Put back in the checks of free disk space that were in 4.53.1 but then lost.
1 Fix in check_MailScanner for MacOSX.
3 Default lock type for sendmail is now posix, as it should be.
4 Fix to phishing net so that links to "www.domain.com." are accepted as legal.
6 Fixed problem with dangerous filenames in TNEF archives when using the
  external TNEF expander.
8 Fixed problem with long SpamAssassin report in report files getting truncated
  at % signs.
8 Fixed phishing net problem with some cases of outbind://\d+/.... URLs.
9 Stopped logging code producing ridiculous numbers.
9 Improved Denial-of-service attack detector to handle multiple virus scanners
  more quickly. Now clears detection in 2 x Virus Scanner Timeout, as expected.
9 Fixed minor bug in TNEF handling of bad messages.
9 "service MailScanner reload" should work properly now.

27/5/2006 New in Version 4.54.6-1
=================================
* New Features and Improvements *
- sa-update cron job disabled by default
- Support for Sophos version 5. This just requires new sophos-autoupdate and
  sophos-wrapper. There are no changes to the core MailScanner code.
- The Sophos.install script is not needed for version 5 of Sophos. But it
  won't do any harm and will print some useful information on how you
  should configure it, and it will make its best attempts to update the
  virus.scanners.conf file to point to your new version 5 installation.
  So I would still strongly advise that you run Sophos.install to install
  Sophos, even with version 5.
- When the SpamAssassin cache is being used, the phrase "cached" or "not cached"
  is added to the start of the SpamAssassin detailed report in the headers.
  These words are defined in the languages.conf file so you can change them to
  anything you like, and translate them into your local languages. Please post
  all translations back to me for inclusion in the standard distribution.
- Added a reference to the message batch in the call to look up "lastafterbatch"
  so that MailWatch can get the batch statistics.
- Updated loads of Perl modules to more modern versions where there have been
  any significant updates to them. Minor doc and test tweaks have been ignored.
- Updated many Perl modules in ClamAV+SA easy-to-install package.
- ClamAV+SA package does not add extra loadplugin lines if they are already
  present in the init.pre and v310.pre files.
- Added more examples to /etc/MailScanner/rules/README to show all of the
  allowed formats of a numerical IP address range.
- Upgraded to Filesys::Df 0.90.
- Added Spanish translation of rejection.report.txt. Thanks to Leonardo Helman.
- Improved filetype rule for scripts so it doesn't accidentally trigger on
  JPEG images with full metadata tags.
5 Added Net::IP Perl module as it is needed for SpamAssassin and Net::DNS.
5 Improved handling of Unicode encoded subject lines with a few trailing spaces.
5 Fresh translation of German languges.conf file.

* Fixes *
- Fixed bug in output formatting of phishing net. This could leave HTML links
  open.
- Fixed major problem with Web Bug processor.
- Fixed bug in handling of multi-line Subject: lines in Postfix. Thanks to
  James for this fix and his patch.
5 Fixed bug in sophos-wrapper caused by confusion between Sophos V4 and V5.
5 Fixed bug stopping regexp rule /^$/ from working properly in rulesets.
6 Fixed packaging error with perl-Net-IP.

5/5/2006 New in Version 4.53.8-1
================================
* New Features and Improvements *
- Attachment extraction now checks for available disk space and a DoS attack
  using messages with high expansion ratios will fail even quicker than it
  did before.
- Added new setting "SpamAssassin Local State Dir" to support the sa-update
  tool provided with MailScanner these days, to provide a way of auto-
  updating the core SpamAssassin rulesets. The default value is set to what
  you need for Linux (/var/lib).
- Added new cron job to run sa-update every night. The location of the
  sa-update program is read from /etc/sysconfig/MailScanner.
- Added support for new header -H file format in Exim 4.61.
- Added 2 new configuration options "Gunzip Command" and "Gunzip Timeout" to
  enable unpacking of gzip-ed files for filename and filetype checking.
  Even if this is disabled, gzip-ed files will still be virus scanned.
- Added support for numerical entries in phishing.safe.sites.conf file.
- Added support for optional multipliers in numbers in MailScanner.conf.
  So you can now write "50M" instead of "50000000". The multipliers supported
  are "k", "m" and "g" to denote 1 thousand, 1 million and 1 billion (10^9)
  in upper or lower case.
  You must *not* put any spaces between the number and the multiplier character.
- Added a new configuration option "Ignored Web Bug Filenames". This allows
  you to whitelist a bunch of filenames that can appear in the URLs of
  potential web bugs. So if you decide that all potential web bugs with
  "spacer" or "pixel.gif" in the filename are just padding for page layout,
  then you can make it ignore them by adding them to this list. A sample
  list is provided in MailScanner.conf.
  This is disabled by default, as spammers may start to use this as a means
  of circumventing the Web Bug trap.
- When Web Bugs are disarmed, the URL used to replace the original web bug
  can now be set using the new configuration option "Web Bug Replacement".
  If this is not specified, then the old value of "MailScannerWebBug" is used.
  The default value supplied in the MailScanner.conf file is the address of
  an untracked 1x1 pixel transparent gif (51 bytes) hosted on the MailScanner
  web site. This will not be tracked other than to supply an overall count of
  the number of hits this image gets, for overall statistical purposes.
- Added Razor2 to the list of plugins automatically enabled by the ClamAV+SA
  easy-to-install package, due to the recent change in licence. Now if DCC
  could go the same way...
- Updated Catalan translations.

* Fixes *
- Fixed bug in DoS attack handler. Thanks for Jorge for this.
- Commented out setting of "SpamAssassin Local State Dir" in MailScanner.conf.
- Reorganised logic of phishing net to improve reliability and performance.

1/4/2006 New in Version 4.52.2-1
=================================
* New Features and Improvements *
- Added 2 new settings and another configuration data file.
  You can now set "Use Stricter Phishing Net = no" which will make the
  phishing net just check the name of the company owning the website, along
  with any country code of course. There is a configuration file containing
  a list of all the 2nd and 3rd level domain names in use by all countries,
  it lists domain endings such as "org.uk" which are used by a country to
  describe a whole type of websites within their country. So if the website
  is "www.hello.company.com" it knows to check just company.com, whereas
  given "www.byebye.charity.org.uk" it will check charity.org.uk.
  The configuration file "Country Sub-Domains List" lists all the entries
  required for this to work in any country, 1 per line. You shouldn't need
  to touch this file.

11/3/2006 New in Version 4.51.6-1
=================================
* New Features and Improvements *
- Syntax checking of Spam Actions (and its brothers) at run time.
  Message will be delivered if an error is found.
- Improved detection of Solaris GCC in the installers.
- New option "Use TNEF Contents" allows you to add the contents of winmail.dat
  attachments to messages in TNEF format. This means that users not running
  Microsoft Outlook can read attachments put there by badly-configured
  Outlook or Exchange systems. Valid values are "no", "add" or "replace" which
  do pretty much what they say. Explanations are in MailScanner.conf.
- Improved PID handling in sendmail on SuSE systems.
- Improved logging of overall batch timing.
- When headers are modified (e.g. Subject: line tagging), all occurrences
  of the header are modified, not just the first one. Thanks to ian@blenke.com
  for this patch.

* Fixes *
- "Use TNEF Contents = replace" didn't work in release 4.51.4. Fixed.
- Important fix for "Use TNEF Contents = replace" when processing messages
  containing delivery reports.

2/2/2006 New in Version 4.50.15-1
=================================
* New Features and Improvements *
- Speed increased significantly! Caches SpamAssassin results.
  Note you need to run my install.sh script to get the new modules required.
- If "Virus Scanners = auto" (ie. the installed default value) then it
  searches for and uses every available installed virus scanner.
- Added SpamAssassin cache analyser (analyse_SpamAssassin_cache) to the
  distributions. 99% written by Steve Freegard of MailWatch fame.
- Upgraded ClamAV+SA bundle to ClamAV 0.88.
- Added default headers that Thunderbird 1.5 will use to automatically
  identify spam based on SpamAssassin's spam headers.
- Added UU-decoder to automatically extract files from attachments that were
  stored in uu-encoded form. This behaves similarly to the zip and rar
  decoders. The virus scanners should check inside these files for themselves
  anyway, but this assists them when they do not. It also allows for filename
  and filetype checking of files stored in uu-encoded attachments.
- Added configuration option "Find UU-Encoded Files" to set whether uu-encoded
  files are decoded or not. These files are very rarely used, and the
  overhead of finding them is fairly large as it involves reading all
  existing attachments looking for the signature of them. So the default is
  to not look for them. A ruleset can be used to protect particularly
  vulnerable recipients or senders.
- You can now start up MailScanner without changing MailScanner.conf at all.
  It will auto-detect SpamAssassin and all available virus scanners.
- Changed default setting to "Use SpamAssassin = yes" and now auto-detect
  installation of SpamAssassin, logging installation instructions if
  it is not already installed and working.
- Added DBI and DBD::SQLite Perl modules. Please use my install.sh scripts
  when you upgrade or install this version.
- Added American spelling of "analyze_SpamAssassin_cache" as well as English
  spelling of "analyse_SpamAssassin_cache".
- DBI installation is forced in RPM distributions.
- Improved RPM installer to handle DBI module dependencies better. It now
  installs cleanly on the systems I have tested it on. These include Fedora
  Core 3, Fedora Core 4, SuSE 9.3, SuSE 10, RedHat Enterprise 4.
- Made log warnings more obvious when DBI/DBD::SQLite/Digest::MD5 are not
  all installed properly.
- Improved comments about "Allow Filenames" and "Allow Filetypes" in
  MailScanner.conf.
- Improvement to F-Prot output parser to handle new strings.
- Changed filename/type traps to account for new vulnerability in TNEF files.
- Adapted trend-autoupdate for 2006 onwards.
- --help implemented so you can see how to use it now.
- --debug now written. Works just like "Debug = yes" in MailScanner.conf.
- --debug-sa now written. Works just like "Debug SpamAssassin = yes".
- --check ruleset-checker now written. Takes max 1 from address, multiple to
  addresses, client IP address and virus name.
- Added a new command-line parameter "--lint" to verify the config file.
- --lint now prints what virus scanners you have chosen to use, and what
- --lint now checks SpamAssassin configuration too.
  scanners it can find installed.
- Added hi-res timing so the batch speed timings are now displayed to micro-
  second accuracy.
- Added Time::HiRes to the list of required modules. You must use ./install.sh
  to upgrade to, or install, this version in order to get the new module.
  Time taken to process the entire batch is logged, and time taken to do
  "Always Looked Up Last" is logged separately if it is being used at all.
- Added check that MailScanner.conf has at least been customised to set the
  organisation name, long name and web site.
- Added "SpamAssassin Cache Timings" configuration option for the few people
  who need to adjust these settings. Do *not* change it unless you really
  know what you are doing, the default settings will work nicely.
- Updated important perl modules.
- Removed duplicate logging of warnings about infected messages.
- Added detection of no virus scanners being installed, giving the user
  advice about how to install ClamAV using my easy-installation package.
- Improved ClamAV+SA easy-installation package so that it automatically
  enables the updates by commenting out the "Example" lines.
- Changed default Lock Type for sendmail to "posix" instead of "flock" as
  new Linux systems (the most popular platform by far) run sendmail 8.13 or
  later, which requires this to be "posix".
- Upgraded Sys::Hostname::Long and HTML::Parser in ClamAV+SA package.
- Disabled movie format "deny" rules in filetype.rules.conf and have enabled
  filetype checking by default.
- Updated man pages.
- Updated AVG parser to handle latest version 7.1.
- Added "Always Looked Up Last After Batch" which is looked up after the
  "Always Looked Up Last" option. The 2nd of those is looked up once for
  each message, the "...After Batch" value is looked up once for the
  entire batch. It is only intended for use with a Custom Function, its
  value is ignored.

* Fixes *
- Improved reliability of Bayes rebuilds a lot.
- Force installation of DBI as previous versions cause problems.
- Removed broken patch I was given, which was temporarily in 4.50.
- Packaging bug in 4.50.9-1 fixed. MailTools version typo.
- Fixed bug where temporary files were not cleaned up properly.
- Fixed missing HTML-Parser 3.48 package.
- Added check for creation of SpamAssassin cache database file.
- Fixed problems with --lint when not run as root.

1/1/2006 New in Version 4.49.7-1
==================================
* New Features and Improvements *
- Speed improvements for sendmail systems by changing the
  way temporary files are handled and how attachments are parsed. This
  should be really noticeable if I've got it right.
  Thanks for the great help of the Vodafone SHARK team.
- Added speed improvements for Exim.
- Added speed improvements for Postfix.
- Now changes the command line listed in `ps` (ie $0) to show what
  MailScanner is doing. Should help diagnose slow system problems.
- 4 new configuration options, which list patterns against which filenames
  and filetypes are matched to see if we should allow them or block them.
  This is implemented for the benefit of web-based configuration systems for
  MailScanner, it is not really intended for human use as it will complicate
  the filename/filetype matching unless you understand it. Read the comments
  in the MailScanner.conf and suggest better explanations!
  "Allow Filenames", "Deny Filenames", "Allow Filetypes", "Deny Filetypes".
  Note: There are 2 new entries in languages.conf so remember to
        run an upgrade_languages_conf.
- Upgraded tnef program to 1.3.4.
- Added message 'actions' property for MailWatch reporting.
- Custom Function filenames must end in .pm or .pl. Others will be logged
  and skipped.
- Various minor speed improvements.

* Fixes *
- Changed Postfix code to better support latest revision of Perl.
- Now stops MailScanner more reliably on SuSE systems.
- Logging of <img> tags only done if logging HTML tags.
- Fixed minor array ref problem in Perl 5.8.7 on FreeBSD 6.0.

1/12/2005 New in Version 4.48.4-2
=================================
* New Features and Improvements *
- Added a new configuration option "Reject Message". This is designed to be
  used with a ruleset. Any message matching the ruleset will be deleted and
  the "rejection.report.txt" email message will be sent back to the original
  sender of the offending message. To save a copy of the message as well as
  reject it, use the "Archive Mail" setting.
- Rearranged SpamAssassin spam.assassin.prefs.conf file, it is now read by
  SpamAssassin via a link called "mailscanner.cf" in the site_rules directory.
  It is no longer read directly by MailScanner, it is just read by Spam-
  Assassin during its normal initialisation process.
- Enabled blocking of messages containing web bugs. Note this may have some
  false alarms, as a web bug is any image of 2x2 or smaller.
- Improved ClamAVmodule scanning by adding new suggestions from ClamAV author.
- Changed ClamAV parser to not generate warning output when it sees lines it
  wasn't expected, as there are so many false positives that no-one ever
  looks at them anyway.
- Improved Sophos wrapper script to allow for EM library installations.
  No support for Sophos V5.0 yet.
- Upgraded ClamAV to 0.87.1.
- Added HTML::Parser to the list of Perl modules installed by my ClamAV+SA
  package so it can be used separately from MailScanner, without needing
  MailScanner to be installed first.
- Improved Clam+SA package and other installation scripts to create the soft-
  link whenever possible.
- Rewritten comments at the top of spam.assassin.prefs.conf.
- Speed improvement changing &POSIX::WNOHANG to WNOHANG in sub Explode.

* Fixes *
- Added "report-type" MIME attribute to spam notification multipart/report
  messages as the RFC says it should be there, and this lacking caused a
  problem in a few email apps. Thanks for Georg@hackt.net for this.
- Added missing ", 0777" from mkdir call in internal TNEF code.
- Fixed startup problems reading rulesets from LDAP on first message batch.
- Subject lines are all MIME-decoded properly now.

1/11/2005 New in Version 4.47.4-2
=================================
* New Features and Improvements *
- Automatically updates your phishing.safe.sites.conf file with new additions
  (and any subsequent deletions) from a master file I keep on
  www.mailscanner.info. All your local changes and additions will be kept of
  course, it will just add any new sites listed in my master list. If you want
  to *not* list a site which is in my master list, just put a "REMOVE site.com"
  line in your phishing.safe.sites.conf and that will make it ignore any
  listing for site.com that appears in my master list.
  Updates are done once per day.
- Quietened ClamAV log output when it scans 0-length files.
- Improved ClamAV+SA install.sh to add the 3 missing plugins to init.pre.
- Improved init.d scripts for RedHat and SuSE so they setup the queue dir
  ownerships automatically and generally help new users get started without
  them having to follow all the instructions to the letter.
- Added news about fire at ECS and moved all hosting out of Southampton.

* Fixes *
- Corrected rare problem where an empty X-MailScanner-SpamCheck header
  could appear in a non-spam email.
- Problem with empty or null filename.rules.conf or filetype.rules.conf fixed.
- Problem with Max Attachments setting not be honoured fixed.
- Problem with "Highlight Phishing Fraud" being ignored fixed.
- Fixed problem where SuSE init.d script crept into RedHat distribution.

1/10/2005 New in Version 4.46.2-2
=================================
* New Features and Improvements *
- Improved phishing net JavaScript detection to make reports more sensible.
- Loads of additions to phishing net safe sites list (thanks Denis!).
- Improved Install-Clam-SA package so that it sets up your /etc/ld.so.conf
  file for you, by adding /usr/local/lib if necessary.
- Increased the default expansion factor of archives for the clamav scanner.
- Removed -j3 from call to Kaspersky in kaspersky-wrapper, on advice from
  Kaspersky users.

* Fixes *
- Fixed problem with a few TNEF files and the internal TNEF decoder,
  caused occasional crashes.
- Fixed warnings with numeric tests in a couple of places.
- Tested against SpamAssassin 3.1.0, one minor problem found and fixed.
- Fixed minor bug in "actions" parser in ZMailer support code.

1/9/2005 New in Version 4.45.4-1
=================================
* New Features and Improvements *
- Added MCP patches for SpamAssassin 3.0.4.
- Added extra output about nodeps switch with install.sh for RPM.
- Added "no bytes" lines to cancel out "use bytes" as it causes problems
  with multi-lingual subject lines.
- Improved phishing net so that when you have multiple MailScanner servers
  all handling your incoming mail, links caught by the first one won't also
  be caught by the following ones. This caused the final message to contain
  multiple warnings about the same link. There is now just 1 warning.
- New "Quarantine Modified Body" setting, default is "no". This will cause
  all modified messages to be quarantined, including messages which have
  had their HTML disarmed. Also optimised this so it never archives twice.
- Added syslog-ing to BitDefender updater.
- Improved web bug handler when disarmed by multiple MailScanners.
- Added new configuration options to control whether you want to highlight
  phishing fraud links or modify the subject line or both.
  New options are :-
  Highlight Phishing Fraud (= yes        by default)
  Phishing Modify Subject  (= "{Fraud?}" by default)
  Phishing Subject Text    (= no         by default)
- Phishing detection now handles URL's containing %xx characters pointing to
  web site names with &eacute; in them (and characters written like that).


* Fixes *
- Corrected bayes_file_mode in spam.assassin.prefs.conf on advice from
  Matt Kettler.
- 'MailScanner -v' now prints out the version number of Convert::TNEF.
- Group memberships problem on BSD fixed. Spam quarantine membership
  should now always be correct on BSD systems.
- Tweaked ClamAV+SpamAssassin package so it skips the zlib-vcheck version
  check, it doesn't appear to be important and holds up newbies, which is
  a Bad Thing(TM).

1/8/2005 New in Version 4.44.6-2
================================
* New Features and Improvements *
- Published new version of the book, but advise you don't purchase until
  3rd week of August so I get to check a copy off the press first.
- Optimised situation where spam archive is being kept clean but many
  messages are being deleted. Thanks to yavor.trapkov@wipe.int for that.
- Improved logging to show what sort of HTML tags have been disarmed.
- Added "Scan Messages" option (intended to be a ruleset) which is an
  easy way of disabling all scanning and processing of messages. Great
  for customers who don't want scanning of any sort on their messages.
- More phishing net improvements and additions to the safe sites list.

* Fixes *
- Resolved dependency problems by "tweaking" /usr/lib/rpm/perl.req to
  produce no output.
- Added more Postfix temporarily-invalid-message checks.
  This is working perfectly reliably now.
- Added disk full checks for MailScanner/incoming space.
- Added missing object instantiate in the generic spam scanner.
- Fixed reporting and scoring bugs in Custom Spam Scanner.
- Made Postfix hash depth measurement more tolerant of stray files such
  as Razor logs appearing in the hold queue directories.
- Delete temporary TNEF files created by internal TNEF decoder/expander.
- Removed stray tar.gz files from tar distribution that shouldn't be there.

2/7/2005 New in Version 4.43.8
==============================
* New Features and Improvements *
- Added "Custom Spam Scanner" so that you can very easily plug in your
  own spam scanner, for example dspam. See MailScanner.conf and
  .../MailScanner/CustomFunctions/GenericSpamScanner.pm for more details.
- "Allowed Sophos Error Messages" now works for SophosSAVI scanner as well
  as the command-line Sophos scanner.
- "\n" can be used to insert line breaks in just about any configuration
  setting or languages.conf string.
- Optimised scanning of messages when spam/mcp archive is not kept clean.
- Updated Clam+SpamAssassin package for SpamAssassin 3.0.4.

* Fixes *
- Fixed bug in upgrade_MailScanner_conf so that it puts in the new value of
  "MailScanner Version Number" rather than copying it over from the old one,
  and it now gets all the comments right around this option when the
  "--keep-comments" command-line switch is used.
- Syslogging of files with allowed Sophos errors should now be correct.
- Fixed missing syslog entry for MCP actions taken on a non-delivered message.
- Fixed bug where infection could be reported for wrong message ID as well
  as correct message ID.
- Modified panda-wrapper to process entire batch in one call instead of
  per message.
- If message parsing failed, the pipe might not exist and this wasn't caught.
- Improved fault auto-detection and auto-correcting of Postfix formatting
  problems.
- Added missing "use" in MailScanner main script.

1/6/2005 New in Version 4.42.9
==============================
* New Features and Improvements *
- Now automatically detects and warns if the "Incoming Work Directory"
  setting contains any links. It also corrects the path (but not in the
  MailScanner.conf file) and continues to work properly.
- Added support for Sophos 3.93.2. You must use the sophos-autoupdate from
  this version if you want Sophos to work (both the sophos and sophossavi
  scanner settings).
- Tar and RPM distribution installation scripts now look for gtar if GNU
  tar was not found, and is happy if /usr/local/bin/perl and /usr/bin/perl
  point to the same place.
- SophosSAVI errors are detected as if they were viruses, and are not
  ignored.
- Panda support completely reimplemented a lot better by Rick Cooper.
- Upgraded File::Temp, Compress::Zlib and ExtUtils-MakeMaker to latest
  releases.
- New options "Disarmed Modify Subject" and "Disarmed Subject Text" now
  provide the ability to alter the Subject: line if any HTML tags in the
  body of the message were disarmed (by having their "Allow .... Tags" set
  to "disarm". This is switched on by default.
- New option "Spam Lists To Be Spam" now provides the ability to set how
  many Spam Lists a message must appear in before it is considered to be
  spam. The default is 1 as that mimics the previous behaviour.
- Improved output of SuSE MailScanner init.d script.
- Reversed spam and disarm tags to leave spam tag at start of Subject:.

* Fixes *
- Fixed problem that could cause harmless header files to be left in the
  temporary working directories when using Postfix.
- Fixed problem where attachment size checks were made on the contents of
  zip files and not just the zip files themselves.
- Hopefully fixed problem with ClamAV missing Worm.Sober.P occasionally.
- No longer import missing whine method from MIME-tools.
- Fixed problems with incomplete reporting of viruses in zip files.
- Fixed problem with "Delete" MCP action not being logged in syslog.
- Fixed problem with the "null MIME boundary" vulnerability test.
- Added check to upgrade_MailScanner_conf and upgrade_langages_conf so they
  check to ensure all input files have content before starting.
- Fixed bug where clean header was being applied to unscanned mail when using
  virus scanning rulesets.
- Fixed wrong build number for 1 Perl module in install.sh scripts.
- Fixed typo in upgrade_MailScanner_conf.
- Made significant changes to child worker process management and re-spawning,
  to try to avoid problems reported by a few users with MailScanner "slowly
  stopping working" over the space of several hours.

1/5/2005 New in Version 4.41.3
==============================
* New Features and Improvements *
- Improved install.sh to work on AMD64 Fedora Core 3 systems.
- Added * wildcard support to phishing.safe.sites.conf, so you can list
  *.safedomain.com instead of having to list subdomains and other servers
  individually. Useful for listing your own domain.
- Improved IPv6 support as sendmail on Linux adds "IPv6:" on the front of
  the IPv6 SMTP client address.
- Improved support for \ characters in URLs in phishing net.
- Better handling of subdirectories in RAR archives.
- Duplicates removed in quarantine postmaster notice.
- Added filetype entry to allow PostScript files.
- Improved phishing net by adding detector for numeric IPs which do match
  but warn as they might be part of a fraud.
- Added new entry to languages.conf which needs translating.
- Improved phishing net to improve handling of numbered website references
  automatically inserted by some Unix text-only email clients.
- Improved handling of ClamAV output when it scanned zero-length attachments.
- Updated phishing net safe-sites list.
- Added comment to MailScanner.conf about Maxium Archive Depth being a ruleset.
- Changed default auto-whitelisting to "no".
- Installation support for Solaris 10, in main ./install.sh and ClamAV-SA
  installation script.
- Changed blacklisting so it doesn't override whitelisting if you always
  want to get the SpamAssassin results header.
  So if you whitelist an address@domain.com and blacklist *@domain.com,
  it works as you would expect it to.
- Upgraded ClamAV+SA tarball to SpamAssassin 3.0.3 and ClamAV 0.84.

* Fixes *
- RAR archive handling: creation of directory only archive entries, both
  windows and *nix created archives (caused problems for SAVI).
- RAR archive handling: possible false Encrypted file trigger on file names
  containing the word "Encrypted".
- RAR archive handling: full path names used when extracting archived files,
  extracted to safe file name without out path.
- Removed harmless error message when clearing out empty working directories
  at startup in debug mode.
- Fixed problem where using rulesets to scan messages for dangerous content
  but not for viruses would cause the messages to be scanned by viruses anyway.
- Fixed problem where filename/type checks were still being done on messages
  which had rulesets saying they should not do dangerous content checking.
- Fixed problem in tar distribution install script where it would not
  correctly find the installed tnef expander binary.

2/4/2005 New in Version 4.40.11
===============================
* New Features and Improvements *
- The "clamavmodule" scanner cannot unpack archives of RAR version 3.
  2 new configuration settings allow you to unpack the latest RAR archives
  for testing by the "clamavmodule" scanner.
  It also enables the contents of the RAR archive to be checked for illegal
  filenames and filetypes, and also to see if they are password-protected.
  Unrar Command = /usr/bin/unrar
  Unrar Timeout = 50
- "Allow Password-protected Archives" can now be a ruleset when using the
  clamavmodule virus scanner.
- Multiple "Subject:" lines are removed. The 1st one is kept.
- If the "Unrar Command" is defined and points to an executable program,
  it will automatically be used by the "clamav" scanner. No -wrapper
  tweaking is needed to do this any more.
- You can now use shell environment variables such as $HOSTNAME or
  ${HOSTNAME} in MailScanner.conf and its relatives.
- More improvements to the phishing net.
- More additions to the starter phishing.safe.sites.conf file.
- Removed my spam.assassin.prefs.conf file in favour of the one from
  www.fsl.com, with just enough changes to produce an identical file
  layout to my previous versions.
- Re-enabled ALL_TRUSTED rule after comments from Matt Kettler. Thanks!
- Added long comment about ALL_TRUSTED rule, many thanks to Matt Kettler.
- Improved screen behaviour of RPM-based init.d script.
- Greatly improved RAR archive handler, thanks to Rick Cooper.
- Changed IPBlock DSN to 550 and made it easily configurable.
  Look for "$FailCode" in the CustomConfig.pm code and the IPBlock cron job.
- Changed the "Envelope-From" and "Envelope-To" headers to include your
  organisation's name.
- Made date and time stamps consistent across whole system.
- Added extra rules to the phishing net to avoid false alarms with some
  examples of Microsoft's .NET system.
- Added Custom Functions to implement multiple input and output queues for
  ZMailer users. Many thanks to MailScanner-devel@pert.com.ar (Leonardo
  Helman and Mariano Absatz) for all their hard work implementing this.
- Improved RedHat init.d script so reload is handled better for Postfix.
- Changed default supplied values for "Allow xxxxx Tags" to disarm all of
  these tags.
- Added 20 minute timeout to bitdefender's autoupdate script. Easy to set
  the timeout to your own value, just look at the start of the script.
- Added support for non-hashed queue directories for Postfix 2.2.

* Fixes *
- Fixed problem with missing Attachment-Warning when encountering a virus
  that is both silent and non-forging.
- Improved output format of Sender warning, and removed duplicate lines.
- In IPBlock facility, changed MTA dsn to 451 to temporarily refuse the
  connections, rather than the total block it used to do.
- Removed erroneous log output from SpamAssassin bayes-rebuilder.
- Postfix problem fixes.
- Fixed SpamAssassin Bayes database rebuild timeout problem.
- Fixed Exim problem with removing multiple "Subject:" headers.
- Fixed Postfix problem with removing multiple "Subject:" headers.
- Fixed problems in new Unrar code when renaming files in archives.
- Fixed problems in earlier betas with occasional missing attachment warnings.
- Fixed directory problem in vexira-autoupdate.
- Fixed problems with defunct processes when not virus scanning.
- Fixed problem with filename checks not happening without virus scanning.
- Fixed problem extracting RAR archives with filenames containing special
  characters.
- Fixed problem where 2 matching "No" rules would cause message to be checked
  for spam, if SpamChecks is moved in ConfigDefs.pl.

2/3/2005 New in Version 4.39.6
==============================
* New Features and Improvements *
- If the AttachmentWarning message put into a message is empty (zero-length)
  then the empty attachment won't be added to the message at all.
- Added scanning of PE's by default to clamavmodule scanner.
- Added feature when IP address in a ruleset has all 4 numbers, so that a
  full string match is done against the client IP, not a substring match.
- Added support for output from latest F-Prot and archive bomb detection.
- Set all virus scanners to SUPPORTED so no tweaking needed by users.
- Added 4 new configuration options for setting all ClamAV settings when
  using the "clamavmodule" scanner:
  ClamAVmodule Maximum Recursion Level
  ClamAVmodule Maximum Files
  ClamAVmodule Maximum File Size
  ClamAVmodule Maximum Compression Ratio
- Phishing net now traps website names containing unicode characters.

* Fixes *
- Corrected problem with <a> tags that have no text contents and no </a>.
- 2 minor typos in the Swedish reports.
- Changed check_MailScanner to check_mailscanner in cron job.
- Fixed problem where files with no extension, inside a zip file, were
  extracted with ".dat" added onto the end of them.
- Fixed problem with phishing net being confused by some malformed URLs.
- Syslog calls are forced to 8-bit characters.
- Fixed problems with nested input queues not being used consistently.
- Custom Function reader no longer includes Debian dpkg files it should ignore.
- Fixed problems with messages being rebuilt just because they contain <A>
  or <IMG>.
- Fixed problems with some messages with sendmail nested input queue but
  flat output queue.
- Fixed problems where an infected spam message containing a broken zip
  file could break MailScanner when delivered as an RFC-822 attachment
  to a new message.

2/2/2005 New in Version 4.38.10
===============================
* New Features and Improvements *
- Upgraded to MIME-tools 5.417.
- Added new filename restrictions using Microsoft vulnerability report from AUScert.
- Improved /etc/sysconfig/MailScanner so that it finds Incoming Work Dir and
  Incoming Queue Dir automatically from MailScanner.conf file.
- Can now use $from, $id and $subject in inline signature for signing clean
  messages.
- Any entry in the "Archive Mail" setting can contain _DATE_ which will be
  replaced with the current date in yyyymmdd form, so you can backup or move
  yesterday's archive safely knowing that it won't be written to today.
- Added zero score for ALL_TRUSTED rule in SpamAssassin as it is known to
  cause problems.
- Added "Also Find Numeric Phishing" setting (on by default) so that all
  numeric IP addresses in links are flagged as being dangerous.
- Added "$postmastername" to the list of variables available in many reports.
- ClamAV -autoupdate script now logs all warnings and errors from freshclam.
- Postfix support added to "IPBlock" functionality for SMTP connection
  throttling. Many thanks to Rakesh for writing this.
- Updated German translations. Many thanks to Felix for doing this.
- Added PDF version of new MailScanner advertising "flyer".
- Added "Log Dangerous HTML Tags" configuration setting, and removed old
  "Log IFrame Tags" configuration setting, so that all potentially dangerous
  HTML tags are now logged. This helps when you are developing your white-
  list of safe sources of HTML tags, such as newsletters and daily cartoons.
- Added "Phishing Safe Sites File" configuration setting to point to a file
  containing a list of fully-qualified hostnames which are ignored in the
  phishing detection tests. Any links to any of these hostnames are ignored
  in the phishing tests.
- Added "Eicar" to non-forging viruses list, so it's easier for testing.
- Upgraded to latest HTML::Parser version 3.45.
- Changed logging about HTML disarming to only log if it actually changed
  the message.
- Improved comments about ruleset filenames for Spam Actions et al.
- Upgraded to latest Net::CIDR version 0.10.
- Improved phishing net to handle links which look like email addresses.
- Upgraded Vexira to handle new version. Note that support for the old
  version of Vexira has been dropped. You *must* upgrade to use this release.
- Upgraded install-Clam-SA.tar.gz script (on the downloads page) to install
  ClamAV 0.81 and SpamAssassin 3.0.2.
- Better updated translations of pt_br by Eduard Michels.
- Improved logging of numeric-ip based phishing attempts.

* Fixes *
- Fixed problem where some spam was delivered even if the Spam Actions was set
  to "store delete" if the messages were not to be virus-scanned.
- Fixed harmless uninitialised variables in HTML disarming.
- Removed 2nd copy of tnef sources from tar distribution.
- Fixed problem in phishing net where empty <A> tags would cause false alarm
  on the previous normal link.
- Fixed problem in a few situations where logging would say content disarming
  was happening when actually it wasn't.
- Fixed problem where messages that were not virus-scanned did not have
  arbitrary headers removed.
- Subject lines are now MIME decoded before writing to Postmaster notices.
- Fixed bug in SpamAssassin score counting in MCP functionality.
- Fixed bug in handling of phishing safe sites file.

1/1/2005 New in Version 4.37.7
================================
* New Features and Improvements *
- When stripping HTML messages to plain text, the contents of script and
  style tags are omitted.
- Phishing net improved to ignore email addresses.
- Now supports split sendmail queues where any incoming mqueue.in directory
  can have qf, df, xf, tf subdirectories, each containing the appropriate
  type of file for each message. This will greatly speed operation on big
  queues as the directories will be less than half the size of a combined
  queue directory.
- New option "Keep Spam And MCP Archive Clean" which forces it to virus scan
  all spam that is quarantined. Any spam (or MCP messages) found to be virus-
  infected are removed from the quarantine, so you can safely let your users
  have access to the spam archive safe in the knowledge that they cannot get
  any viruses out of it.
  Note: This feature is disabled by default, as most people won't want the
        performance hit of all the extra scanning, as they don't their users
        access to the spam quarantine anyway.
- Changed Postfix handling so that "Archive Mail" feature creates files
  with unique names so that re-used message-ids don't cause overwriting of
  older files in the same day with the same message-id.
- Spam and MCP actions (and of course their non- and high-scoring- alternatives
  can now include extra headers which are added in each case. These entire
  headers must be contained in double quotes. So for example, you can have
  Spam Actions = header "X-Spam-Status: yes" deliver
  and the message will be delivered but with the extra header
    X-Spam-Status: yes
  added to the message.

* Fixes *
- Fixed sendmail and ZMailer problem where subject lines starting with a
  line-break were not tagged correctly.
- Fixed minor problems with multi-line Subject: headers.
- Fixed bugs with some MTAs when keeping spam archive clean.
- %vars% in MailScanner.conf are now handled properly in "other" settings.
- Fixed problem with correctly removing Phishing frauds from badly formatted
  html with missing <a> tags before corresponding </a>.
- Fixed problem with message duplication on some sendmail systems.
- Worked around Perl bug causing crashes with a few bounces from Hotmail.
- Fixed problems stopping SPF checks working properly.

1/12/2004 New in Version 4.36.4
===============================
* New Features and Improvements *
- Improved URL trimming in phishing net.
- Various improvements and fixes in phishing net.
- Added support for RedHat Enterprise Linux 4.
- Added check for Password-Protected Archives setting when using clamavmodule.
- Added support for "fast" parameter to all installation scripts.
  This reduces all waits to 1 second, greatly speeds installation!
- Improved logging when there are too many attachments.
- Added message ID to log of phishing attempts.
- Added autoupdater for Panda.
- Added %variables% to text and HTML report messages, so the email "signature"
  added to the end of each report is customised centrally from
  MailScanner.conf. This currently uses %org-long-name% and %web-site%.
- Added upgrade_languages_conf script to automate upgrading of
  the languages.conf file in whatever translation directory you use.

* Fixes *
- Fixed outstanding problem in bitdefender-autoupdate, so that it works
  properly on new installations.
- Fixed logging problem with phishing net on a few malformed messages.
- Removed /var/tmp files from MailScanner-MIME-Base64 rpm build.
- Fixed problem in Vexira parser.
- Fixed problem where All-Viruses would cause every problem to be silent.

4/11/2004 New in Version 4.35.11
================================
* New Features and Improvements *
- SpamAssassin 3 SPF checks are now fully supported.
- Added Disposition-Notification-To and Return-Receipt-To to the list of
  headers I advise you to remove.
- Added "Log Silent Viruses" configuration option.
- Mandrake Linux 10 is now supported by the RPM installation script.
- Added new configuration option "Find Phishing Fraud". This will scan HTML
  messages for links which don't link to the site they appear to. This
  should catch most "phishing" fraud attacks. It uses new text in the
  languages.conf file, so you will need to add the extra lines to yours.
- Added support for F-Secure 4.6x.
- Removed pre-built tnef programs from bin directory of distribution.
- Moved "virusscan" from "First" to "All".
- Tweaked generic-autoupdate so it apparently does nothing.
- Support Mail::ClamAV 0.12 and upwards. Dropped support for 0.11.
- Support ClamAV 0.80 and upwards. Dropped support for 0.75 and earlier.
- Added support for Kaspersky 5.0 autoupdater.
- Upgraded to Archive::Zip 1.14.
- Filenames are sanitised before being put into virus reports.
- Added a default empty string for Lock Type so upgrade_MailScanner_conf
  works more smoothly.
- Improved logging of attachment size errors.

* Fixes *
- Fixed bug where filetype checks that matched no rules were not logged
  properly.
- Fixed problems with MIME::Base64 dependencies.
- Fixed bug with @INC path reversal when loading MIME::Base64 and
  MIME::QuotedPrint.
- Fixed bug where MCP files were quarantined with the wrong owner.
- Fixed bug where MCP files were incorrectly logged if they were also spam.
- Fixed issue where Postfix insisted (quite correctly) on having a space
  after "Subject:" in the headers.
- Moved Envelope-From header for SpamAssassin to the top of the headers sent
  to SpamAssassin.
- Fixed existence check bug in antivir-autoupdate.
- Fixed problem where some parent reports were masked by child reports.
- Fixed problem with rules with multiple results and multiple tests.
- Messages with a null MIME boundary are now rejected instead of passed.
- Got MIME boundary fix rolled back into MIME-tools code.
- Added X-MailScanner-From header definition to SpamAssassin setup so
  that SPF checks and NO_DNS_FOR_FROM checks work properly.
- Completely new MIME::Base64 that lives in /usr/lib/MailScanner/utils.
- Fixed bug in minimum attachment size checking.

1/10/2004 New in Version 4.34.8
===============================

* New Features and Improvements *
- Added "Bounce Spam As Attachment" and "Bounce MCP As Attachment" options.
  These will cause the original message (up to the Max SpamAssassin Size so
  it cannot be used for denial-of-service attacks) to be included in the
  bounced message as an RFC/822 attachment, which some mail clients can read
  very nicely. This lets the original sender see what message got bounced.
- Updated the Qmail support. See opencomputing.sf.net for more info on Qmail.
- Changed default supplied values for a few settings. This will have no effect
  on upgraded installations, but will improve resource use for new
  installations, such as not quarantining silent viruses which is pretty
  much a waste of disk space and i/o load.
- Added POSIX back-compatibility switches to scripts wanting to use "tail".
- Added "Remove These Headers" setting to allow arbitrary headers, such as
  delivery receipt requests, to be removed from mail.
- Implemented MCP support for SpamAssassin 3.0.0.
- Published packages for RPM and non-RPM systems to install ClamAV and
  SpamAssassin 3.
- Adapted code to run with MIME-tools 5.412.
- Removed most of the MIME-tools version checks as the new code doesn't
  specify versions for its components.
- Added a load more optional modules to the version number list so we get
  all the modules required by SpamAssassin 3 and Mail::ClamAV.
- Added MIME-tools 5.413 and MIME-Base64 3.03. You must have these installed.
- Updated Catalan reports.
- Added support for NOD32 2.04.
- Added $longspamreport to sender.spam.sa report.
- Update Trend-autoupdate script so it supports Trend's new opr.ini file.
- Added 4 new MCP options to provide the same subject line modifications as
  you can do with spam messages: "MCP Modify Subject", "MCP Subject Text",
  "High Scoring MCP Modify Subject", "High Scoring MCP Subject Text".
  The defaults are the same as for spam.
- Added a "generic" virus scanner. This enables you to write your own
  virus (or other "nasty content") scanner, which produces input which is
  read by MailScanner and used to mark certain files as virus-infected.
  The spec of what output is required from your scanner is in the
  "generic-wrapper" script. It's very simple to use.
- When a child process is HUPped it will now attempt to kill any running
  child scanner processes, to avoid problems with uvscan consuming 100% CPU.
- Timeout code added to AntiVir updating script.
- Added a new setting "First Check" so you can control whether the MCP or
  the spam checks are done first. It is MCP by default as that is how it has
  run in the past, but you may well want to do spam checks first if you
  delete most spam.

* Fixes *
- Fixed another Postfix perl buffering error on a few OS's.
- Added remaining MCP definitions to languages.conf files.
- Fixed installation problems with MIME-Base64.
- Fixed bug in Exim.pm where case of MAIL sender wasn't properly preserved.
- Fixed problem causing bitdefender-autoupdate to hang.

1/9/2004 New in Version 4.33.3
==============================

* New Features and Improvements *
- When converting an HTML message to plain text, HTML comments are removed.
- Now prints more realistic Perl version with -v, and includes Net::DNS.
- Custom Functions can now take parameters. These are passed to the Init
  and End functions corresponding to each Custom Function.
- Updated Czech translations.
- McAfee -autoupdate script improved to handle situation where McAfee upgrade
  was manually installed and previous installation was not removed first.
- Added all the MCP settings to the shipped MailScanner.conf file.
- Added support for the "Symantec Scan Engine" scanner.
- Non-RPM installer never opts for RPM install.
- Upgraded Archive::Zip to 1.13.
- Improved "MailScanner -v" output so it gives kernel and OS release
  information if it can find any. Also now logs version of MIME::Base64.
- Added setting to SpamAssassin so that Version 3.0 will use fast non-NFS
  file locking, as most MailScanner users don't access Bayes across NFS.
- Configuration compiler much more tolerant of errors and missing files.

* Fixes *
- AntiVir is now forced to run in English.
- RAR archives that cannot be handled by ClamAV's internal RAR unpacker are
  now handled properly.
- Couple of minor fixes to ZMailer support.
- Added a space in the Postmaster report to improve formatting.
- Fixed bug in spam score number formatting.
- Now set the charset in messages that are "notices to".
- Now catch the case where SpamAssassin fails to set the autolearn status.

27/7/2004 New in Version 4.32.5
===============================

* New Features and Improvements *
- Per-domain white and blacklisting now supports IP address checks.
- Disarmed web bugs now tell you where they came from.
- New "Run In Foreground" option which will be useful if you are trying to
  use another tool to monitor MailScanner's health and restart it auto-
  matically if it dies for some reason.
- New "--perl=" switch for install.sh on non-RPM systems.
- Added extra strings to languages.conf to support new feature of reporting
  the fault with a message in the subject line of the postmaster report.
- CheckModuleVersion now supports the "-v" command-line option, to make its
  output more verbose.
- Upgraded Archive::Zip to 1.12.
- Added *.job to the list of banned filenames.
- New "Spam Score Number Format" option to allow numeric formatting of the
  number that is substituted for _SCORE_ in the spam score outputting.
- Added "--version" (or "-v" or anything that looks roughly like "-v").
  This will make MailScanner print the version number of all the modules
  that MailScanner uses, along with its own version number.
- Improved MailScanner.conf settings to explicitly say that "Virus Scanners"
  cannot be a ruleset.
- Improvement to installer for non-RPM systems to catch broken MakeMaker on
  some Solaris systems.
- Updated OpenBSD manual installation instructions.
- Added $MailScanner::Config::ConfFile so that Custom Functions can find the
  configuration directory easily.
- Updated Spanish translations.

* Fixes *
- Postfix file corruption problem remaining on a few systems, now fixed.
  It was a Perl bug.
- tar distribution check_mailscanner.cron file now calls check_mailscanner
  and not check_MailScanner.
- Comments output in upgrade_MailScanner_conf made more consistent.
- Moved "Spam List" so it matches the first rule, not all rules. This enables
  you to apply rules for entire domains and exceptions for certain addresses
  within those domains.
- Improved zip of death detection.
- Changed web bug disarming so alt text is only provided if there is a 'src'.
- Fixed bug where autolearn status was reported incorrectly with SpamAssassin 2.
- Fixed bug causing symptom of missing identically-named nested zip files.
- Fixed bug in ZMailer.pm from Mariano.
- Fixed bug involving '+' characters in address patterns in config compiler.

1/6/2004 New in Version 4.31.4
==============================
* New Features and Improvements *
- Added install.sh script for tar distribution which builds all Perl modules,
  tnef decoder and MailScanner automatically.
- Added configuration option "Dangerous Content Scanning" to allow you to
  disable all the content scanning except for the virus scanning.
- Added support for Vexira virus scanner.
- Implemented support for F-Secure 4.61.
- Implemented support for Nod32 2.01. If you are still running 1.99, you
  will need to edit /etc/MailScanner/virus.scanners.conf.
- Reports can now contain %variables% such as %org-name%.
- Changed default installation location of Bitdefender to /opt/bdc.
- Upgraded tnef to latest release from sourceforge.
- Moved ExtUtils::MakeMaker into list of normal perl modules to install.
- Linux distributions now auto-detect MTA setting in /etc/sysconfig/MailScanner.
- Can now detect very small images in a message, that may be "web bugs" to
  track you. These can be disarmed if you want.
- Changed documentation to just list single-instance version of Postfix.
- Changed init.d scripts to work well with both single and double instance of
  Postfix.
- Improved init.d script to support SuSE 9.1 properly.

* Fixes *
- Forced AVG to run in English.
- Corrected problem with negative failure counts from RBLs and SA.
- Fixed bug in LDAP ruleset handling.
- Sendmail code now auto-detects the correct lock type to use, flock or posix.
- That code has just been removed.
- Sendmail qf files no longer have to define an IP address.
- Corrected report when archive is nested too deeply.
- ZMailer forwarding fix provided by Mariano.
- Fixed Postfix message corruption on recent Postfixes on some architectures.
- Worked around latest tweaks to Postfix spec.
- Fixed problems with PDF docs when signing messages.

1/5/2004 New in Version 4.30.3
===============================
* New Features and Improvements *
- Zip files can now be located either by filename or by file contents, so
  you can effectively control whether your users can avoid zip file checking
  by renaming ".zip" to "_zip" for example. Note this does not affect virus
  checking, the contents of zip files will still be scanned for viruses.
  Note that this works with self-extracting zip files as well. The
  configuration option is called "Find Archives By Content" and is on by
  default.
- Tightened up MIME decoder to catch more of the tests at www.testvirus.org.
- Added support for Grisoft AVG virus scanner. Thanks to Rick Cooper for his
  hard work on this.
- BitDefender wrapper and autoupdate scripts now support both old and new
  versions without any modifications needed. They find the version
  automatically.
- The upgrade_MailScanner_conf command now preserves all your custom
  %variable% settings.
- Linux cron job scripts added to tarball distribution.
- Made the spam tag come before the virus tag on infected messages so that
  spam can be dumped more easily automatically.
- Added support for SpamAssassin version 3.
- Added new configuration options so that RBL's (and SpamAssassin) can have
  their network checks disabled is they fail more than a certain fraction of
  the time. This is very good for finding unreliable RBL's that don't always
  fail and are therefore not found by the "max timeouts" settings.
- Added new configuration option "Ignore Spam Whitelist If Recipients Exceed"
  to catch spammers who deliver messages to lots of recipients, including
  one recipient who chooses to receive all their spam.
- Added link to the Ellen MacArthur Trust to the home page. Please support
  this charity, they perform excellent work in an area that is very close to
  my heart.
- Improved update_virus_scanners so it ignores the lock if it is old.
- Added scanner name to log output from library-based virus scanners modules.
- Improved building of SRPMs so they work on all RedHat and SuSE versions.

* Fixes *
- Debian fix for their different dir structure causing problems with
  update_virus_scanners.
- Fixed problem where some HTML messages from Yahoo did not have the clean
  message signature added to their HTML portion.
- Fixed problem with some systems not rewinding file extraction directory
  properly.
- Fix to avoid problems in Qmail with regular expression match which reading
  Qf file.
- Messages with too many attachments should get a proper report now.
- Quarantine and Incoming Queue group memberships should now work properly
  for non-root users.
- Now only signs text/plain and text/html sections, so some PDF files and
  Outlook messages are not corrupted.

1/4/2004 New in Version 4.29.7
==============================
* New Features and Improvements *
- More robust MIME decoding, should catch postmaster bounces a lot better
  when they include the entire message with broken MIME headers.
- Clam -wrapper script adds /usr/ucb to end of $PATH for Solaris users.
- Moved cron job maximum update delay to /etc/sysconfig/MailScanner so it
  is preserved across upgrades.
- <Script> tags in HTML message bodies can now be filtered out or disarmed,
  just like what can be done already with <Form> tags and similar.
- <Object Data> tags handled as well as <Object Codebase> tags.
- Now unpacks self-extracting Zip archives.
- Now logs when a message is whitelisted.
- Added example rule for matching *@domain.com and *@*.domain.com in 1 rule.
- Now decodes binhex-encoded attachments, as well as binhex-encoded data
  hidden in the text portion of a message.
- McAfee wrapper script now detects extra.dat and uses it if present.
- Implemented support for a directory full of Custom Functions files, these
  will all be used automatically if present in the directory.
  Uses new "Custom Functions Dir" setting to point to the directory.
- Simplified logging of invalid message files.
- Improved error messages relating to Custom Functions directory.
- Rewrote Bayes database rebuilder to be able to capture its error messages.
- Zip archives detection improved to work by content rather than filename.
- Added "$longspamreport" to the inline.spam.warning.txt to let you add the
  table of rules information into a spam "attachment" action.
- Added support for Wietse's little "additions" to his Postfix queue files.
  Why he won't just document this stuff defeats me.

* Fixes *
- When not checking archives at all, they are now passed through correctly.
- Max Archive Depth should have been settable per-message.
- F-Prot output parser re-fixed so that it lets through password-encrypted
  archives as it should. Don't know what I was thinking when I blocked them
  here :-(
- Various waiting speedups by JJH.
- More speedups by me :-)
- Fixed problem with messages with lots of attachments being labelled as
  being nested too deep.
- Postfix support for latest snapshots implemented.
- Fixed problem where MSP+spam actions = delete ==> mail not delivered.
- Trial fix for problem where virtual domains weren't always used in Postfix.
- Fixed problem where bad TNEF messages were not always removed completely.
- Fixed problem where some circumstance server would quarantine warning
  instead of infected message.
- Fix to SpamAssassin "last hop" RBL checking for ZMailer.

8/3/2004 New in Version 4.28.6
==============================
* New Features and Improvements *
- It will now unpack zip archives up to the nesting depth set by the
  "Maximum Zip Archive Depth" setting so that virus scanning and filename
  checking can be done on files within zip archives.
  NOTE: This has not been very well tested yet, I hope to do something rather
  better in future.
  NOTE: You will need to install the "Archive::Zip" Perl module yourself
  before this version will run.
- It will now detect password-protected zip files, which is controlled by
  the option "Allow Password-Protected Archives". The default is to block them.
- Have now rewritten most of the password-protected zip handling code. There
  is a new keyword allowed in the Silent-Viruses list which is "Zip-Password".
  This will stop password-protected zip files being notified to the senders.
  Please add this to your Silent Viruses list.
  Now should only remove the infected part of the message and leave the rest
  intact when it sees a zip file it doesn't like.
- Setting the maximum archive nesting depth to 0 while banning password-
  protected zip files will result in the attachments being checked to ensure
  they are not password-protected, while not enforcing any other file rules
  on the contents.
- Improved the MIME decoder speed a little bit.
- The keyword "Zip-Password" can be added to the list of Non-Forging Viruses
  so that it over-rides the "All-Viruses" setting in the list of Silent
  Viruses.
- The Compress::Zlib and Archive::Zip Perl modules are now installed as part
  of the RPM distributions.
- Reports about password-protected archives and unreadable archives can now
  be customised and translated.
- More logging added to ClamAV autoupdate script.
- Timeout protection added to Symantec CSS autoupdate script.
- Sophos.install script now has a much better try at uncompressing the .Z
  archive you download from Sophos.
- Unsupported encrypted archives found by F-Prot are now blocked.

* Fixes *
- Fixed problems with messages containing both password-protected zip files
  and unprotected zip files.
- Won't reject .tar.gz and .tgz files it can't unpack.
- Password-protected zip files can no longer be "disinfected", just "cleaned".
- Password-protected zip files now tagged as dangerous content and not a virus.
- Debian users should get files unpacked into the correct directory

1/3/2004 New in Version 4.27.7
===============================
* New Features and Improvements *
- Improved Linux init.d scripts so that postfix and postfix.in settings are
  used throughout the init.d script.
- Added support for F-Secure 4.52.
- When lots of consecutive SpamAssassin timeouts occur, all network tests
  are now stopped, not just RBL checks.
- Added support for Qmail. You will need the contents of qmail/qmail-queue.zip.
- Added Exim d2mbox to distribution.
- Improved logging output from Trend autoupdater.
- Improved logging output from Trend parser.
- Added old and new queue ids for Postfix to make for easy message tracking.
- Brazilian Portuguese reports are now all translated.
- Added "Enable Spam Bounce" ruleset for selectively switching on permission
  to bounce spam for your most important customers.
- Fixed small bug in Exim d2mbox script for very long headers.
- Made the MIME parser much more robust to find messages hidden in messages.
- Also made it more robust against parsing errors by the virus scanners.
- Removed 2 confusing harmless log entries in Postfix queue discovery.
- Added $subject to Subject: line in sample recipient.spam.report.txt to show
  it can be used. Should ideally get all other languages translated.
- Much improved clamav-wrapper, courtesy of Kevin Spicer.
- Added comment about absolute path to Incoming Work Dir config option.
- Added options to add new headers containing the envelope sender and/or
  envelope recipients addresses. The names of the headers are, of course,
  configurable.
- Added "Non-Forging Viruses" list which works the opposite way around to the
  "Silent Viruses" list. If a virus report contains any words in this list,
  then the silent status is over-ridden by this. The net result is that you
  can put All-Viruses in the silent viruses list, so that by default no
  warnings are sent to senders. But put markers for joke programs or macro
  viruses in this list and the senders will still be warned about them, as
  they are known not to forge the From address.
- Improved Welsh translation of recipient spam and mcp reports.
- Added support for Symantec CarrierScan virus scanner (css).
- Improved robust MIME decoding speed slightly.
- Improved Symantec scanning support, courtesy of Kevin Spicer.
- Replaced original Catalan reports with new ones, with correct directory name.
- Added optional random delay to update_virus_scanners cron job so as not to
  overload virus update servers once per hour.

* Fixes *
- Fixed bug in "Rebuild Bayes Every" feature on Solaris.
- Exim bug with empty Subject headers being corrupted fixed.
- Add an option to Delete MailScanner Spam Bounces? Default this to no but
  need to explain why it is there. Not sure about this one yet.
- Fixed bug in directory reading in new MIME parser code.
- Exim multiple ACLs now supported for SPF compatibility.
- Outstanding: Quarantining warning message bug - cannot reproduce on any OS.
- Corrected all signature separators to "-- " instead of "--".
- Worked around Perl bug in inclusion of @ in report files.
- Fixed silent/noisy detection code when noisy list is empty.
- Changed default MTA to sendmail in SuSE /etc/sysconfig/MailScanner.
- Fixed bug in minimum number of stars!=0 not always generating X-Spam-Score
  header.

2/2/2004 New in Version 4.26.8
===============================
* New Features and Improvements *
- Improved configuration engine so that rules can now contain 2 tests
  separated by "and".
- Added "notify" Spam Action and High Scoring Spam Action. This will cause a
  short text notification message to be sent to the recipients of the spam
  message. The filename of the report is set with the "Recipient Spam Report"
  configuration setting. There is also an MCP equivalent of this
  functionality. See the MCP documentation for details of the settings.
- Removed the "bounce" spam action.
- Added regular rebuild of Bayes database. Has 2 options associated with it
  which I haven't included in the conf file yet.
- Added "Rebuild Bayes Every" and "Wait During Bayes Rebuild" options to
  configure the operation of the regular Bayes database rebuilds.
- Added commented "bayes_auto_expire 0" line to spam.assassin.prefs.conf as
  you will want to uncomment this line if you are using the regular scheduled
  Bayes database expiry feature given above.
- Added "Minimum Stars If On Spam List" setting so that people who just filter
  on the "Spam Stars" can catch messages which only trigger the "Spam List"
  trap.
- Added "Log Non Spam" option to allow logging of all non-spam, which can be
  coerced into logging SpamAssassin scores of non-spam mail.
- Added support for Norman virus scanner (www.norman.de).
- Added logging of ids of dropped silent viruses.
- Added "Too Many Attachments" error report in a message instead of old
  report saying it could not analyse the message.
- No longer stops or restarts after RPM upgrade.
- Added MCP patches for SpamAssassin 2.61 and 2.63.
- Added 'SpamAssassin Site Rules Dir' setting to locate /etc/mail/spamassassin.
- Spanish translations of languages.conf updated from Debian translators.
- Added Catalan translation of all report files.
- Added bogusmx list to supplied spam.lists.conf.
- Added spamhaus-XBL and SBL+XBL lists to supplied spam.lists.conf.
- Changed the version number scheme from major.minor-teeny to major.minor.teeny.
- Forced owner to be root.root in both RPM spec files, so can be re-built by
  non-root users.
- Added my Amazon.co.uk "wish list" to the donations page.
- Detailed spam report now includes auto-learn status if it was auto-learnt.

* Fixes *
- Fixed creation of MCP quarantine directory bug.
- Fix to Postfix message duplication problems. Must find "end of message"
  record now.
- Fix to duplicate recipient listing in postmaster notices.
- Fixed bug so filename/filetype rules configuration setting can be blank.
- Exim per-message log files are deleted correctly now.
- Fixed recipient duplication problems in sender messages and other reports.
- Fixed bug where extra ": " appears in VirusWarning.txt when MailScanner's
  own checks find multiple problems with 1 attachment.
- Fixed bug where _SCORE_ in subject line modifications is never more than 60.
- Fixed bug where rules generated a harmless warning in the log.
- Implemented workaround for bug in "Rebuild Bayes Every" on Solaris. Code
  works find on Linux, doesn't on Solaris. So on Solaris systems ensure this
  setting is 0.

2/12/2003 New in Version 4.25-14
================================
* New Features and Improvements *
- Added support for "disarm" option on all HTML tag detectors, which will
  disarm those tags while leaving the rest of the HTML intact.
- Added support for more ways of specifying IP ranges in rulesets.
  Can now do all of:
	152.78
	152.78.
	/^152\.78/
	152.78.0.0/16
	152.78.0.0-152.78.255.255
- Added support for retrieving configuration from LDAP.
- Added support for changing uid, gid and permissions of both Incoming Work
  Dir and Quarantine Dir.
- Added facility to limit the size of any individual attachment.

- Added support for DrWeb virus scanner, courtesy of Konrad Madej
  <kmadej@nask.pl>.
- Added support for Mail::ClamAV perl module, enabling ClamAV to scan without
  having to call any external programs at all.
- Panda version 7.0 supported.
- Improved ClamAV parser to handle errors printed when processing viruses
  containing corrupted zip files.
- Improved F-Prot output parser.
- Added inoculan autoupdater courtesy of "W-Mark Kubacki" <wmark@hurrikane.de>.
- Improved bitdefender-autoupdate script to support BitDefender 7 rather better.

- Greatly improved IPBlock code that throttles incoming SMTP connections
  when a host sends too many messages per hour. Now support netblocks in all
  sorts of different formats, and is enormously faster than previous code.
  It works much more reliably and effectively too. See CustomConfig.pm.
- Changed SpamAssassin timeout handler to kill processes and not process group.
- Improved documentation in virus.scanners.conf.
- Improved documentation of "disarm" configuration settings.
- Added optimisation to LDAP ruleset compiler that identifies 1-line rulesets
  which hold the default value.
- Improved Linux install.sh script so it spots *.rpmnew files in amongst
  -wrapper and -autoupdate scripts.
- Added 'spamblacklisted' message property for use by MailWatch.
- Added a new Custom Function to provide multiple outgoing queues for spam,
  high-scoring spam, and real email.
- Improved Linux init.d script so the "restart" delay is configurable in
  /etc/sysconfig/MailScanner as that is preserved across upgrades.
- Improved error message when unknown virus scanner name is used.
- Added SORBS RBLs to spam.lists.conf.
- Added some subject line sanity checks to cope with Outlook's bizarre
  behaviour.
- Added speed logging of different parts of the processing of a batch.
  See the new "Log Speed" configuration setting.
- Changed error handling in ruleset parser so it doesn't die if it finds
  syntax errors, it now just warns you instead.
- Improved syntax checking of rules in configuration ruleset files.

* Fixes*
- RPM distribution install.sh script now checks and creates pod2text properly.
- Fixed bug whereby the same message files could be deleted more than once,
  which could delete unprocessed messages using MTAs that name files after
  the inode and not the time.
- Syslogging should now start successfully on all versions of Solaris and IRIX.
- Bug fix in Postfix file handling code from Stefan Baltus which will
  hopefully patch up the last Solaris Postfix problem.
- Fixed bug causing uid+gid to be ignored when quarantining whole messages.
- Fixed bug causing Maximum Message Size not to be enforced properly.
- Fixed bug where sender of bulk precedence mail would be sent some warnings
  if their mail was identified as spam.
- Fixed duplicate logging of New Batch messages. Abandoned support of
  syslog-ng until I can test it properly on my own systems.
- Removed Infinite Monkeys from supplied list of RBLs, as it no longer exists.
- 4.25-13 : Removed "Infinite-Monkeys" from supplied "Spam List" setting.
- 4.25-14 : Fixed Subject: replacement code that was doubling up subject lines.

6/10/2003 New in Version 4.24-5
===============================
* New Features and Improvements *
- Added option "SpamScore Number Instead Of Stars" so that the spam stars
  header can be replaced by a number specifying the score instead.
- Added "Max Normal Queue Size" setting so that MailScanner will switch into
  a faster mode when collecting messages. This will stop it processing
  messages in order of date, and just pick them apparently randomly from the
  queue. This may delay some messages considerably, so set it so it is only
  used in emergencies. It should be at least several thousand. After the queue
  has shrunk below the threshold size, it continues to stay in this mode for
  another 40 batches in an attempt to completely clear the queue.
- Added "Maximum Attachments Per Message" setting so that messages which
  accidentally have thousands of attachments are rejected. I have seen this
  happen on 1 MTA when repeatedly bouncing a message between 2 addresses,
  enclosing the headers in a new attachment every time.
- Filename and Filetype allow/deny rules files now have a third option in
  addition to 'deny' and 'allow', you can now do 'deny+delete' (or any word
  containing 'deny' and 'delete'). This will stop the denied attachment
  from being quarantined. Very useful against Sobig worm as you can
  'deny+delete \.pif$' to simply strip all PIF files without quarantining them.
- Added Custom Function to implement per-IP messages-per-hour rate limiting.
  See CustomConfig.pm for more details (IPBlock).
- Added Custom Function to implement high-speed "spam List" and "Spam Domain
  List" lookups for use with very large rulesets. There are some restrictions
  on the types of rule you are allowed, see the code comments for more
  details (FastSpamList and FastSpamDomainList).
- The subject line text for tagging spam can now include "_SCORE_" which will
  be replaced with the numeric spam score.
- For use with the "attachment" spam action, changed "digest" to "report"
  to encourage MUAs to display the message correctly.
- Improved handling of "Filename Rules" and "Filetype Rules" so they are
  just-in-time compiled, which is needed when using Custom Functions for them.

- Added support for Kaspersky 4.5.0. This is totally different to all
  previous versions, bless them :( It's more sane though.
- Sophos-autoupdate fixed up for Sophos 3.74 and its international swpmess file.
- Improved sophos-wrapper to handle multi-lingual output of Sophos 3.74.
- Updated F-Secure parser for 4.51.
- Added Solaris check to update_virus_scanners for xpg4 path.
- New update to Tony Finch's mcafee-autoupdate script.
- F-Prot updater improved so downloading happens while MailScanner is running
  normally. Lock out only happens for a fraction of a second.
- Improved rav-autoupdate so it times out after 5 minutes.
- Changed default waiting time in init.d script restart operation to 10 secs.

- Added client IP address logging of infected messages.
- Changed the default values relating to warning senders about what happened
  to their message.
- eTrust added to OS vs virus-scanners grid table.
- Added new Debian package to downloads and news.
- Dutch reports updated with better translations.
- Spanish reports updated with better translations.
- Documentation now includes link to Mail Process Flow Diagram.
- Added "--keep-comments" command-line option to "upgrade_MailScanner_conf"
  command. By default this is off so you get to read about all the new
  whizzy options that can be used with existing configuration options.

* Fixes*
- Opened logging in f-prot-autoupdate so status logging happens.
- Fixed typo in Config.pm.
- changed SA and MCP pre-compilation code so it should now handle the bugs in
  this area of SpamAssassin. Am awaiting response on a fix to SA for this.
- Undone previous fix, SA have fixed their code in RC4.
- Oh no they haven't. Still buggy in their released code too :-(
- Fixed bug in quote replacement in SQL logging in CustomConfig.pm.
- Fixed typo in log text in 1 rule in filename.rules.conf.
- Added fix for bug in message handling on busy Postfix systems.

1/9/2003 New in Version 4.23-11
===============================
* New Features and Improvements *
- Implemented special "silent viruses" list keyword "All-Viruses" which matches
  the name of any virus. This means you can make messages silent which contain
  just viruses and none (or a combination) of the HTML hacks that are detected.
- Implemented "Use Default Rules With Multiple Recipients" configuration
  option to force predictable results when faced with a message with multiple
  recipients who have conflicting user preferences.
- Implemented various new parameters so that messages which only have
  dangerous content, and nothing else wrong with them, get a "dangerous
  content" warning rather than a "virus" warning.
- Added "Definite Spam Is High Scoring" configuration option so that spam
  that is blacklisted is treated using the "High Scoring Spam Actions".
- Added 3 new options to allow fine-grained control of notifications to
  senders, so that you can notify senders of bad filenames but not
  viruses, for example. The 3 new settings are:
  Notify Senders Of Blocked Filenames Or Filetypes
  Notify Senders Of Other Blocked Content
  Notify Senders Of Viruses
- Added support for eTrust Antivirus. Assumes installation directory of
  /opt/eTrustAntivirus as recommended by their AdminGuide manual.
- Added "Virus:" type to things you can use in rulesets so you can do
  stuff like only quarantine particular virus infections and not others.
- Added Message Content Protection (MCP) system to be able to quarantine
  messages that contain banned content in text and/or HTML sections. This
  has produced a whole new section in MailScanner.conf with stacks of
  configuration settings.

- All virus scanner package installation paths have been moved to
  virus.scanners.conf so they are not in any of the wrapper or autoupdate
  scripts.
  *NOTE*: If you are not using my "update_virus_scanners" global updater
  *NOTE*: script, but have written your own cron jobs, then you must add
  *NOTE*: the installation path to the autoupdate commands. To see the
  *NOTE*: default path, read virus.scanners.conf.
  *NOTE*: If you don't do this, your autoupdates may not work.
- Improved error detection in bitdefender-autoupdate.
- Added 5 minute timeout to clamav-autoupdate.
- Better mcafee-autoupdate script from Tony Finch. Allows non-root user
  more easily, and can delete old files if you want it to.
- Improved ClamAV wrapper so it safely attempts extra command-line flags.
- Improved rav-autoupdate so it fixes RAV permissions for non-root users.
- Added simple F-Secure autoupdate script.
- Added Trend autoupdate script.
- Added timeout support (10 minutes) to F-Prot autoupdate script.
- Sophos autoupdater now handles Sophos beta releases neatly.
- Improved logging output of global updater.

- Messages bigger than the max SA testing size are now checked by SA, just
  only the first n bytes of the message will be checked.
- Logging now handles syslog-ng better, as it will attempt to re-open the
  syslog connection if it dies while logging to it.
- Now check that at least 1 file matches all of the filename patterns
  specified in "Monitors For Sophos Updates".
- "Include Scanner Name In Reports" now also includes the name "MailScanner"
  at the start of the report lines that come from MailScanner's own
  internal filename, filetype and content checks. The exact wording used can
  be customised in languages.conf.
- Improved handling of Allowed Sophos Error Messages. To allow more than 1
  string, put each string in quotes and separate them with commas. For example
  Allowed Sophos Error Messages = "corrupt", "format not supported"
- Added ZMailer support to RedHat init.d script.
- Improved SuSE init.d script handles sendmail and Postfix.
  It will handle Exim once I can get it to build.
- Changed default path of lockfile in update_virus_scanners so it is more
  compatible with systems that don't have /var/lock.
- Produced patches for SpamAssassin versions 2.55 and 2.60 that allow TCP
  to scan the contents of non-text attachments, such as Microsoft Word
  documents. See docs/install/tcp/index.html for instructions.
- Improved "Spam Checks" description in MailScanner.conf.
- Added comment about virus.scanners.conf file to MailScanner.conf.
- Improved handling of messages containing viruses but no MIME structure.
- Removed Osirusoft spam lists, added NJABL.

* Fixes *
- Corrected minor typo in check_MailScanner cron job.
- Corrected typo in SweepOther.pm.
- Corrected handling of non-archives in kavdaemonclient scanner.
- SQL Logging code now translates '' into 'NULL' before inserting into table.
- Corrected minor bug in safe filename logging in CustomConfig.pm.
- Fixed bug in RAV output handling.
- Worked around bug in RAV directory traversal by improving wrapper script.
- Fixed bug in RBL result processing when RBL returns 127.0.0.10.
- Fixed bug in Exim handling of client IP address.
- Fixed bug in Command anti-virus detecting viruses in zip files.
- Fixed bug in DoS-attack handling code.
- Fixed bug in insertion of virus warning message that affects entire
  message.
- Fixed trend-autoupdate.
- Fixed logging format bug.

3/7/2003 New in Version 4.22-5
==============================
* New Features and Improvements *
- New mcafee-autoupate script.
- Address patterns in rules can now be filenames, which will be read for a
  list of patterns for the current rule. Files can be nested.

* Fixes *
- A few perl versions on odd OSes were incorrectly checking filenames
  which contained spaces. More efficient now too.
- RBL upper/lower case bug fixed.

1/7/2003 New in Version 4.22
=============================
* New Features and Improvements *
- Added support for checking file content types regardless of their filename.
  This uses the "file" command to work out the types of different files.
  New additions to MailScanner.conf are "file command", "file timeout",
  "filetype rules" (which work just like filename rules) and "log permitted
  filetypes".
- Added "Allow Form Tags" configuration option to ban HTML forms from email.
  Requires almost no additional CPU load and is useful protection.
- Added "Maximum Message Size" configuration option to limit the size of
  messages for certain users. Handy for dialup users to save their download
  phone bills. Obviously it works with a ruleset.
- "Spam Actions", "High Scoring Spam Actions" and "Non Spam Actions" are now
  set up so that the first matching rule will be used, rather than the sum of
  all the matching rules. This means you can have 1 setting for a domain, but
  before that have a rule for an individual user that over-rides the domain
  setting.
- MailScanner.conf file can now include "%name% = value" definition lines.
  These "%name%" variables can then be used later in the MailScanner.conf
  file and the rulesets, where they will be substituted with the appropriate
  "value". This greatly eases switching languages.
- Sophos.install script improved to make new versions work with sophossavi.
- f-prot-autoupdate script improved to handle new F-Prot version 4.
- Added bitdefender-autoupdate script from Alessandro Bianchi.
- Added "default" overall black- and white-lists to per-domain black/whitelist
  code in CustomConfig.pm.
- Added code to CustomConfig.pm to implement internal-only accounts that
  cannot send mail to external addresses.
- Improved comments in MailScanner.conf for "Max Children" setting.
- Added (commented out) instruction to not use Bayesian stats engine in
  MailScanner, with a comment about its need.

* Fixes *
- "channel error" detection bug in ZMailer support fixed.
- All sender.* reports now have To: From: and Subject: in English to keep
  sendmail and e-mail applications happy.
- "$reportword" appearing in Postmaster notices fixed.
- Added call to get logging working properly in clamav-autoupdate.
- RBLs are converted to lower-case when read from MailScanner.conf.
- Fix in signing clean messages containing single uuencoded attachments that
  are then read using certain versions of Outlook 97.
- MailScanner does not support Postfix without hashed queues. This situation
  is detected and reported if it is found.
  By default in all recent releases of Postfix (both 1.x and 2.x) hashed
  queues are enabled, so just don't disable them.

2/6/2003 New in Version 4.21
=============================
* New Features and Improvements *
- Can now handle non-spam messages with the same options as spam messages.
  This allows you to archive non-spam separately so you can spot missed spam
  messages in it and feed them into SpamAssassin or adjust your configuration.
  Note: bouncing non-spam is not available as it makes no sense.
- Cron job will not start MailScanner if it has been stopped manually with
  the init.d script. This protects you while you are in the middle of upgrading.
- SpamAssassin configuration no longer zeros out DCC rules and specifies
  normal path to dccproc.
- McAfee autoupdater script replaced by much better one from Tony Finch.
- When using SophosSAVI virus scanner and updating virus definitions very
  frequently, MailScanner will only be reset when the zip file of definitions
  actually changes. No reset is done if you downloaded the same set of
  definitions as you already have.
- Better handling of virus scanner lock files when not running as root.
- Improved logging and handling of child process exit codes.
- Added Hungarian (hu) translation of reports.
- Added new "Spam Lists To Reach High Score" setting so that "Spam List" hits
  can cause a message to be considered to be High Scoring Spam. Default is
  high enough that it won't ever be reached. Setting this to 1 might have
  uses in setting all Spam List messages to be treated as high scoring.
- Added support for 15th virus scanner, Bitdefender.
- Added "Include Scores In SpamAssassin Report" option to allow the
  inclusion of numerical score values in SpamAssassin reports. Default is yes.
- Added "Report" to the languages.conf so it can be translated.
- Added "inline.spam.warning.txt" to all languages. Needs translating!
- Added "attachment" Spam/Ham action allowing original message to be turned
  into an RFC822 attachment of itself, with a configurable warning file
  placed at the top of the message. This stops web bugs dead in their tracks.
- Added special keywords "HTML-IFrame" and "HTML-Codebase" to the list of
  "Silent Viruses" so that senders may not be warned about breaking these
  rules as they may be mailing lists that don't care anyway.
- Improvement to Exim documentation, courtesy of Tony Finch.
- Directory cleanup done by "service MailScanner stop" is safer.
- Reduced timeout limits for RBL's and Razor in spam.assassin.prefs.conf.
- "Spam List" support now supports JANET mirror of MAPS RBL+ with OPS list.
- Now support IPv6 addresses completely.
- Improvement to Perl modules installation docs.
- README.sql-logging now includes correct SQL setup code.

* Fixes *
- RedHat init.d script works quietly on systems without submit.cf.
- F-Secure code for versions before 4.50 fixed.
- SophosSAVI no longer reports 1 infection on some systems, when there is
  actually zero.
- Postfix support now has extra permissions parameter on "mkdir" calls,
  solving a syntax error on some versions of Perl.
- Postfix support now won't abandon a message because it could not get
  the SMTP client IP address out of it. Will insert 0.0.0.0 if no IP
  address could be found.
- Postfix will always pick up IP address of locally-generated mail.
- Postfix detects hash directory depth more cleanly.
- Postfix handles queue files which are still being written.
- Postfix bug fixed when processing messages with no body.
- Fixed missing Welsh reports.
- "Home directory is writable" check not done if not using SpamAssassin.
- HTML stripping now available to spam that is not virus-scanned.
- f-prot-autoupdate will now work properly on FreeBSD.
- Postfix dual recipient lists now handled correctly, so that "original
  recipients" in 'O' records are managed as well as 'R' records.
- Locking problem with Archive Mail fixed when using sendmail on some OS's
  on which flock() is based on lockf() and/or POSIX locks.
- Postfix support client IP extraction bug fixed.
- Fixed problem where Sign Cleaned Messages didn't work on messages without
  a message body.
- "attachment" spam action now works correctly with multipart/alternative
  messages.
- Capitalisation of copyrighted names in inline.spam.warning.txt fixed.

02/5/2003 New in Version 4.20
=============================
* New Features and Improvements *
- Postfix support.
- ZMailer support.
- New improved SQL logging code in CustomConfig.pm (upgrading will not over-
  write your existing CustomConfig.pm if you have modified it at all).
- "Archive Mail" feature can now append directly to "mbox"-format files
  (they must exist so it can tell you don't mean directories!), as well as
   save to directories or forward to email addresses.
- f-prot-wrapper improved to handle ram disks better.
- mcafee-autoupdate replaced with version from Tony Finch.
- Improved old NOD32 versions parser.
- Sophos.install script improved to create links for Perl-SAVI module.
- RPM init.d scripts improved to handle sendmail, Postfix and Exim systems.
- RPM init.d scripts improved to remove harmless error output from rm commands.
- Expanded RedHat init.d script so that it can be used for Postfix as well as
  sendmail. Just set "MTA" in /etc/sysconfig/MailScanner.
- In MailScanner.conf and rulesets, "_" characters embedded in numbers are
  allowed but ignored.
- Addition of "Advanced SpamAssassin Settings", one of which is required when
  using Postfix.
- Changed default SpamAssassin timeout to 40 seconds to work around problem
  of SpamAssassin's own internal DNS RBL timeout being 30 seconds.
- Check to ensure home dir is writable now gives guidance for Postfix users.
- Updated BSD installation instructions.
- Increased the Minimum Code Status of a bunch of the scanners which haven't
  had any reported problems for a long time.
- Updated spam.assassin.prefs.conf removing keywords which are no longer valid
  or have no effect on MailScanner.
- Added Czech translation.
- ClamAV autoupdate script improved to report when no updates were needed.
- Now all distributions come compressed.
- RedHat init.d script improved for sendmail setups. It now starts the sm-
  client queue runner as well as the incoming and outgoing queues.
- The name of SpamAssassin in the spam reports can now be changed. It is
  specified in the languages.conf file for each language.

* Fixes *
- Fix to problem caused when adding text onto the end of a multi-line Subject:
  header to mark that a message has been scanned.
- Fixed problem where SpamAssassin score between 0 and 1 would not produce
  a "SpamScore" header.
- Fixed bug in configuration compiler affecting empty default values for
  'Archive Mail' rulesets.
- Fixed bug where default rule in "Language Strings" rule was not read properly.
- Fixed bug in ClamAV parser when including scanner name on the front of the
  virus reports.
- Fixed bug in ruleset matching patterns.


04/4/2003 New in Version 4.14
=============================
* New Features and Improvements *
- Improved OpenBSD installation and upgrading instructions.
- Added check of location of all required system commands.
- Improved wording of message to spam senders.
- Increased max size of messages sent to SpamAssassin.
  Spam messages are getting bigger.
- All variables in the supplied conf file are now set to something, even if
  just a blank value. This will make upgrade_MailScanner_conf work better.
- Signed and/or encrypted messages can now be signed without breaking the
  PGP/GPG signed portion of the message.
- RAV support improved in Cobalt RaQ systems.
- Speeded up deletion of working area directories (thanks to Tony F for that).
- Added "Include Scanner Name In Reports" option to allow the virus scanner
  name to appear in the scanning reports.
- Added optional support in f-prot-wrapper script to support tmpfs and
  ramdisks which F-Prot cannot use without assistance.
- No more reliance on hard-coded paths in SystemDefs.pm, this entire file is
  now obsolete.
- "Debug SpamAssassin" option to help you sort out SpamAssassin problems.
- "Exim Split Spool" option to support split mail queues with Exim.
- Improved RedHat scripts to cope with glibc 2.3.x.
- Added support for new version of F-Prot 3.13.
- Added support for SAVI Perl module, using the "sophossavi" Virus Scanner
  setting. See the main docs for instructions on how to install the SAVI
  Perl module.
- Better error reporting when compiling configuration files.
- Added support for new (1.99) version of NOD32, using the "nod32-1.99"
  Virus Scanner setting, which has totally different output and different
  command-line switches from previous versions.
- Added support for new (4.50) version of F-Secure. Involves a new f-secure-
  wrapper as well as new main code.
- Full support for quirks of SpamAssassin 2.5x.

* Fixes *
- Fixed important bug in filename checking code causing it not to check
  long filenames properly. I strongly advise all 4.13 users to upgrade.
- Changed setuid/setgid code so taint mode is not switched on.
- Fixed various other issues kindly brought to my attention by Tony Finch
  at Cambridge Univ.
- Fixed problem with deleting recipients from messages with Exim.
- Fixed problem with headers being passed to SpamAssassin from Exim incorrectly.
- Fixed problem when running internal TNEF decoder.
- Fixed locking problems when SpamAssassin 2.50 times out.
- Fixed "RBL Timeout 20 of 7" problem, and problem when no RBL's in use at all.
- Fixed dont_copy_prefs option in call to SpamAssassin.

1/3/2003 New in Version 4.13
============================
* New Features and Improvements *
- Written script to automate upgrade of MailScanner.conf files.
- Added "Notices From" configuration option to change the user-visible
  part of the "From" address in the system administrator notices.
- Added "Allowed Sophos Error Messages" configuration option to ignore
  messages containing error messages from Sophos Anti-Virus.
- Added "Always Looked Up Last" configuration option for use with a Custom
  Function that does things at the end of message-processing such as logging
  extra information to a file and/or an SQL database.
- Added "Block Encrypted Messages" configuration option for use with a
  ruleset to ensure your employees are not covertly talking to your
  competitors.
- Added "Block Unencrypted Messages" configuration option for use with a
  ruleset to ensure that all sensitive mail is always encrypted.
- Improvements to check_mailscanner for most OS's except Linux.
- Improved check_MailScanner script to have "-q" (quiet) option, and changed
  cron job to use it rather than always ignore all output.
- Added check to ensure user's home directory exists and is writable to
  protect against SpamAssassin startup failing quietly.
- Improved stripping HTML to plain-text to ensure links have a whitespace
  immediately after them to ease the job of email clients.
- Improved RPM to detect upgrades and inform users about
  upgrade_MailScanner_conf script.
- Improved F-Prot autoupdater to not block MailScanner if first contact to
  update server locks up.
- Added Nod32 autoupdater.
- Added Kaspersky autoupdater with workaround for their script bugs.
- Increased "Minimum Code Status" for various scanners.
- Improved rulesets to allow optional '.' on the end of addresses.
- Per-domain/per-user spam black+white listing Custom Functions now support
  IP addresses as well as email addresses and email domains.
- Improved docs and rules EXAMPLES a bit after suggestions from users.
- Upgraded external TNEF decoder program to latest version 1.1.4.
- Added logging of child processes dying of old age.

* Fixes *
- Fix to permissions and not over-writing /etc/sysconfig/MailScanner when
  upgrading MailScanner RPM.
- Fix to "nodeps" switch in install.sh.
- Fix to sophos-autoupdate to use "warning" syslog priority, not "warn".
- Fixed filename checking of attachments within winmail.dat TNEF files.
- Changed RAV support to ravav instead of ravlin8 to circumvent GTK+.
- Fixed RAV support as it appears to dislike having no stdin.
- Improved configuration file reader to allow upper+lower case values.
- Fixed "$file" instead of "$filename" errors in Danish reports.

1/2/2003 New in Version 4.12
============================

*New Features and Improvements*
- Added "Hide Incoming Work Dir in Notices" configuration option so you can
  hide the local paths from the system administrator notices, in case your
  system administrators are actually customers who you don't want to give
  more information than is strictly necessary.
- Added "X-MailScanner-Information:" header to all messages.
  You can of course switch this off.
- Added "Notice Signature" configuration option so you can change what
  signature appears on the bottom of administrator notices. This can of
  course also be a ruleset so you can change it for each message.
- Added "Allow Partial Messages" configuration option so you can disable
  the "partial message" check for some/all of your users.
- Added "Allow External Message Bodies" configuration option so you can
  stop the IETF whinging about their messages being broken by MailScanner :-)
- Added "Detailed Spam Report" option to allow sites to just use a simple
  "spam" or "not spam" header instead of the potentially confusing full
  detailed report.
- Added set of custom functions to implement per-domain spam whitelists and
  blacklists. See /usr/lib/MailScanner/MailScanner/CustomConfig.pm
  for more information.
- Added support for the daemon scanner from Kaspersky. Will be quicker for
  small servers not processing much mail, especially when the code is
  actually being used in Dan's Guardian and not MailScanner :-)
- Added umask setting to handle SpamAssassin 2.50 resetting the umask
  all the time.
- Added Jeremy Evans' installation guide for OpenBSD.
- Improved SpamAssassin handling. After several timeouts it will disable
  SpamAssassin's RBL checks and keep trying to use it. If the timeouts
  continue to happen, then it will disable SpamAssassin completely until
  the next automatic restart.
- Improved RedHat init.d script to make graceful shutdown more likely.
- Improved error messages from sophos-autoupdate so it warns you that your
  Sophos installation may be too old.
- Improved Sophos parser so it correctly quarantines "corrupt" files.
- Updated all Swedish translations with ISO-8859 instead of UTF-8.
- Updated Spanish translation.
- Changed umask in update_virus_scanners to work with Exim better.
- Filename rules improved to cope with ".txt .exe" as well as ".txt.exe"
  file-extension-hiding tactics.
- Filename rules improved to catch Outlook Express attacks relying on bugs
  in OE related to very long filenames. All very long filenames will now
  be banned.
- Improved errors produced when running with Exim and permissions/ownership
  of incoming work dir are wrong.

*Fixes*
- Fixed Exim bug that was corrupting queues.
- Fixed variable-naming bug in AntiVir wrapper script.
- Fixed bug where duplicate copies of "notices" are sent where several
  "notices" recipients are given.
- Fixed bug where long-filename tests in filename.rules.conf would never
  match.
- Merged all the check_mailscanner scripts into one. Now needs to be built
  by autoconf.
- Fixed continuing problem with orphaned files being left in mqueue.in.
- Fixed blank-subject-when-using-Exim bug.
- Stopped sendmaili 8.12.7 complaining about closed std file descriptors.
- Fixed filename rules problem with short+long filenames.
- Fixed bug causing SpamAssassin to miss some spam messages.

1/1/2003 New in Version 4.11
============================

*Security*
- *** Important Security Fix ***

  You must edit the "sendmail -bd ..." command in your init script and add
                          -OPrivacyOptions=noetrn
  as otherwise people could maliciously bypass MailScanner on servers that
  are under heavy load.
  It is *vital* that you protect yourself with this change.
  It is included in the init scripts that are part of the RPM distributions,
  so RPM users just need to upgrade to the latest mailscanner*rpm.

*New Features and Improvements*
- Added 2 more configuration options to modify the subject line whenever
  a message is scanned (but no other subject line changes have happened)
  so it is obvious to all that the message has been scanned. By default
  this will (if enabled) add "{Scanned}" to the end of the Subject: line.
- Added "Never Notify Senders Of Precedence" configuration option so
  that you can stop MailScanner replying to postings to mailing lists and
  other bulk mail.
- A modified version of Steve Patterson's "clean.quarantine" script is
  included as a daily cron job. It is disabled by default. Edit it to see
  how to enable it. If you edit it, it will not be over-written by later
  upgrades to MailScanner.
- Written an update_virus_scanners script which updates all installed scanners.
  This is called hourly, as daily wasn't often enough and RedHat don't offer
  anything between hourly and daily.
- Implemented full support for BSD with installation instructions based on
  the tar distribution.
- Added Swedish translation of all reports.
- Added Spanish and Slovak translation of language strings.
- Added wrapper script for inoculan.
- Added an AntiVir autoupdate script.
- Improved AntiVir parser to handle new output format.
- Sophos parser improved to detect Sophos complaining about being given 1
  part of a multi-part archive. Gets flagged as a virus.
- F-Prot and F-Secure parsers improved to handle unusual virus names and
  quieter handling of archives containing infected files.
- Added "$filename" variable expansion in sender warnings.
  Used it in the English versions of the sender warnings.
- Completely new daemonising code to fix problems with ssh sessions refusing
  to die.
- Added "startin" and "startout" parameters to init.d scripts for RedHat
  and SuSE.
- Improved error reporting slightly in configuration compiler.
- Spam logging now includes the recipient domains as well as the sender.
- Incoming Queue Dirs can now be a file listing directories which include
  wildcards.
- Added the message's subject line to the sender spam reports.
- Added a "sleep 5" in between the stop and start in "restart" in the
  init.d script.
- Creates quarantine directories as required.
- Added link checking in code for finding incoming queue dirs.
- Added note for McAfee users about avoiding symlinks with anything even
  remotely connected to McAfee itself.
- Added "Poetry" page to the web site for Nick's idle thoughts...

*Fixes*
- Fixed problem of orphaned queue files being left in incoming queue when
  MailScanner child processes are killed half-way through clearing a message.
- Fixed file locking code in Config.pm so Exim users do not have to have the
  config files owned by exim.exim instead of root.root.
- Fixed Exim missing-characters-from-start-of-message bug.
- Fixed SpamAssassin "timeout 260 of 20" counter bug.
- Fixed EximDiskStore file locking bug.
- Fixed bug where unscanned messages are not properly archived if not
  archiving as raw queue files.
- Fixed bug stopping Exim collecting large message batches.
- Changed default virus scanner from "sophos" to "none".


New in Version 4.10
===================
- Exim supported as well as sendmail.
- I can now accept credit card donations.
- Numerous minor changes to ease transition from V3 to V4.
- Logging improvements to differentiate between initial scanning,
  disinfection and re-scanning passes over each batch.
- Logging improvements to spam detection when not using SpamAssassin.
- HTML messages containing IFrame tags can be converted to plain text
  and then delivered normally.
- Fixed df2mbox script for new spam dir layout and included it in
  the distributions.
- Another improvement to the F-Prot output parser.
- "Silent Viruses" list is no longer case insensitive.
- NOTE: Important fix for latest versions of Kaspersky.
- Fixed bug where properly disinfectable attachments could bypass filename
  checks.
- Re-wrote pipe code in RBL and SpamAssassin checking, as it occasionally
  fails badly for unknown reasons for 1 user.
- Reduced default maximum number of unscanned messages per batch, as these
  users were actually running out of file handles.
- Improved comments for "Virus Scanning" option in mailscanner.conf file.
- Moved all static output strings into languages.conf for translation.
  MailScanner should now be properly multi-lingual (several at the same time!).
- Added Danish translation (not quite complete, a few still in English).
- Added Italian translation.
- Fixed "Spam Bounce to" logging problem.
- SpamScore header doesn't appear when message is whitelisted.
- SpamCheck header always starts with "spam" or "not spam".
- Run-time selection of Exim vs Sendmail.
- Spam headers now obey "Multiple Headers" configuration option.
- Improved RedHat init.d script to allow local customisation of mqueue.in dir.
- Slight path correction in sophos-autoupdate.
- Reverted to having 1 PID file instead of a PID dir. Killing the parent will
  kill the children. Please use "kill" and not "kill -9" as it will do a
  better job.
- Linux init.d script improved so that stop, restart, reload and status
  should work better.
- Linux distribution now contains QuickInstall.txt instructions.
- Slightly improved wording of spam logging.
- Several warnings fixed.
- Configuration compiler now locks all config files as they are read, so
  that if you use "Restart Every" to restart frequently with config files
  updated by other scripts, you can simply copy the file-locking code from
  one of the autoupdate scripts and the same protection will be provided
  against reading config files while they are being updated.
- Added Romanian translation of reports.
- WinEvar added to default list of silent viruses.
- .ceo added to default list of banned filename extensions for attachments.
- Notices can now be sent to multiple recipients (space-separated list).
- F-Prot autoupdate script changed for different (ftp) fallback server,
  and improved error logging.
- IFrame and Object Codebase tags only allowed if all recipients+sender
  agree that they should be allowed.
- Added Posix setsigmask() calls to work around bug in Perl shipped with
  Solaris 9 which doesn't reset the blocked-signals mask properly.
- Bug fixed to correctly handle messages with no headers at all.
- McAfee autoupdate script now prints McAfee version number when it tries
  to run McAfee to test the updated pattern files.

New in Version 4.05
===================
- Can now put "$filename" in inline.warning.* to give a comma-separated
  list of the infected attachment filenames.
- Can now handle attachments whose names consist only of whitespace.
- Improvement to Trend parser for detecting viruses in archives.
- Improvement to ClamAV parser for multi-CPU servers.
- Handles attachment filenames in unknown character sets much better.
- Much better protection against malicious attachment filenames.
- Added Dutch and Brazilian Portugese reports.
- Added an "End" function to the Custom Functions in CustomConfig.pl.
  NOTE: If you have added your own Custom Functions to CustomConfig.pl,
        you will need to add an "End" function for each of them.
- Fixed bug in processing (not detection) of Denial of Service attacks.
- Stripped Nick's logging output.

New in Version 4.04
===================
- Improved output logging of ClamAV parser.

New in Version 4.03
===================

- Added ability for you to be able to write your own functions that produce
  values for configuration options, as well as being able to use simple
  values or rulesets. Read CustomConfig.pm and mailscanner.conf for more
  information on how to do this.
- Improvements to the RPM install.sh script.
- Improvements to the Sophos sophos-autoupdate script so that it works
  with their new vdl*.vdb file structure.
- Various minor bugfixes.
- Added support for Trend VirusWall vscan scanner, contributed by Martin
  Lorensen <mlo@uni2.dk>.
- Linux init.d script now cleans up MailScanning/incoming directory.
- HTTP Proxy server supported fixed in ClamAV autoupdate script.
- Permissions of Sophos.install fixed in tar distribution.
- Security fix when delivering disinfected files to avoid potential DoS.

New in Version 4.02
===================

- Added configuration option to allow quarantined messages to be stored
  either as readable header+body files, or as internal queue files so they
  can be easily dropped into a delivery queue or processed with my df2mbox
  script.
- Improvements to the RPM install.sh script.
- Various minor bugfixes.

New in Version 4.01
===================

- Added traps for all known Outlook, Outlook Express, Internet Explorer
  and Eudora security vulnerabilities.
  MailScanner is now a complete e-mail security system, not just a virus
  scanner.
- Fixed bug in check_mailscanner so you can run it from any directory.
- Fixed locking code (mostly for Solaris).
- Fixed bug where it was quarantining infected messages when it shouldn't.
- Added extra logs output for spam actions.
- Added configuration option to allow <IFrame> tags in HTML email messages.
  This can be a ruleset so you can allow these tags only from known mailing
  lists.
- "/etc/rc.d/init.d/MailScanner reload" or "service MailScanner reload" now
  work (or they will when I produce the RPMs).
- Checks for, and corrects, MIME boundaries where an outer multipart/mixed
  boundary is a substring of an inner multipart/alternative boundary,
  as this causes problems for the Cyrus IMAP server and a few versions of
  Eudora still in use.
- Checks for, and removes, messages containing external bodies that,
  according to RFC2046, can be held on external servers and are retrieved
  by FTP among other methods. Note this requires a 3rd patch to the MIME-
  tools modules which you will have to download from www.mailscanner.info.
- Fixed various bugs.
- Supports multiple mqueue.in directories, either by specifying a wildcard
  in the MailScanner.conf file, or else by giving the name of a file
  that contains the list of directories.
- Improved handling of message/external-body messages, leaving any other
  segments of the message intact.
- Protection against <IFrame> and <Object> tags is now optional.
- HTML content embedded in messages can be converted to plain text. This
  is very useful if you have users who are children, or who are offended
  by messages such as pornographic spam. You can convert it based on the
  sender/recipients of the messages, or use it as an action to carry out
  when messages are detected as spam.
- Messages that only failed the filename checks are tagged with a different
  tag from messages that had other problems.
- Subject line modification for high-scoring spam can now be done
  differently to the modification for low-scoring spam.
- Inline warning messages will now never be applied to attachments in
  messages that contain no body.
- A 4th security patch added to MIME-tools to handle messages better that
  have badly-formed MIME headers in sections of the message.
- If there is no main body in an infected message, then a plain text body
  is attached purely to contain the inline warning text message.
- The name of the VirusWarning.txt message can now be directly included in
  the inline warning message as a variable, so it is always correct.
- Bug fixes where uuencoded files sent as complete (plain-text) messages
  would only be readable on some mail clients.
- The "Load SpamAssassin" option has been removed. No longer necessary.
- SpamAssassin "required_hits" value is replaced by a MailScanner
  "Required SpamAssassin Score" option so it can vary for different
  messages.
- Added support for the open source ClamAV virus scanner.

=================
New in Version 4:
=================

- Completely redesigned and rewritten from scratch

- Multiple concurrent scanning processes makes it run much faster as all
  the CPU's in the server can be fully loaded at all times

- Virtually all configuration options can have their value calculated from
  a ruleset allowing you to set different values depending on the From:
  address, the To: address or the IP address of the computer sending you
  the message

- Support for 12 virus scanners:
  Sophos, McAfee, Command, Kaspersky, Inoculate, Inoculan, Nod32, F-Secure,
  F-Prot, Panda, RAV and AntiVir. Clam coming very soon.

- Can report messages back to people who sent you spam, explaining what
  detected it as spam. Different messages depending on whether it triggered
  an RBL, SpamAssassin or both.

- Complete hiding of directory paths in virus reports sent to users, so
  as not to confuse them or give away configuration information about your
  servers

- A header can be added to every message indicating the SpamAssassin score
  by giving 1 character per point, so a message with a score of 7 would
  contain "sssssss" in the header (the character is configurable).

- Notices about viruses no longer have to go to the local postmaster, they
  can go to any address

- All messages sent back to senders are created so that they cannot bounce,
  but can be replied to

- Messages already signed as being clean will not be re-signed by another
  MailScanner server on your site (but they will still be scanned)

- Actions to take when a message is detected as being spam include any
  combination of
  "deliver" it to the intended recipient as normal
  "store"   it in the spam archive
  "delete"  it altogether
  "bounce"  it back to the sender by sending them a warning message
  "forward" it to any other email addresses

- Completely separate set of actions can be used when the message scores
  above a certain SpamAssassin "High Score" threshold

- Mail for any group of users can be archived to a directory or forwarded
  onto another address. The original recipient should not be able to
  detect this has happened, if you choose not to tell them

- Spam whitelists and blacklists can be far more complex than before, if
  you need them to be

- Not only can you choose a list of addresses whose mail you want to scan,
  you can also choose a list of addresses whose mail you do not want to scan

- You can choose not to run SpamAssassin on messages that have already
  triggered an RBL blacklist



Version 3.24-1
==============
Fixed bug where infected messages with no body were being tagged in the
first attachment.
Changed reporting of Microsoft exploits so that reports applying to the
whole message now include all the reports applicable to the message, not
just the "entire message" report. This greatly improves Bugbear reporting.
New security patch for MIME-tools modules included. This avoids certain
problems with messages with badly-formed MIME header text.

Version 3.23-4
==============
Added 3rd patch to MIME-tools modules, and checks to ensure messages with
external bodies cannot be used to bypass MailScanner.

Version 3.23-3
==============
The <IFrame> tag check is now configurable with an "Allow IFrame Tags" option.

Version 3.23-2
==============
Fixed bug making the maillog swear like a trooper :-)

Version 3.23-1
==============
Added traps for all known Outlook, IE and Eudora security vulnerabilities,
and MailScanner now catches all of the GFI email security tests. This
makes MailScanner a complete e-mail security system, rather than just
being a virus scanner.
See http://www.gfi.com/emailsecuritytest for information about these tests.
Fixed a bug where the "domains.to.archive.conf" file would ignore complete
e-mail addresses containing a '.' before a '@'.
Changed Sophos autoupdate cron job so it checks to ensure Sophos is
actually installed.

Version 3.22-14
===============
Added 2nd patch to MIME-tools modules, and checks to ensure fragmented
or partial messages cannot be used to bypass MailScanner.

Version 3.22-13
===============
Fixed problems caused when logging activity involving attachments whose
filenames contain '%' characters.
Improvement to the Command AV parser to handle more output types, as
suggested by a user.
Simplified the wildcard whitelist checking code when looking for spam, to
make it more reliable as previous version fails occasionally.
Fixed Exim setuid/setgid ordering bug.

Version 3.22-12
===============
Added configuration option "Still Deliver Quietly Deleted Viruses = yes" to
control whether "quietly deleted" viruses are still delivered. Read the conf
file for more info on when/where to use this switch.
Improvement to the F-Prot parser to catch possible, unknown, viruses.
Added fix to config.pl so Sendmail2 works properly.

Version 3.22-11
===============
Added check for Eudora "long MIME boundary" attack described on Bugtraq.
Fixed Exim Very-Long-Subject-Line problem.
Fixed deletion of core files found in working directory.
Added logging to ProcessMcAfeeOutput so McAfee logs viruses better.

Version 3.22-10
===============
Fixed minor bug in spam whitelist detection code.

Version 3.22-9
==============
Removed new forking code due to problems with Solaris.

Version 3.22-8
==============
New forking code in mailscanner.
Added new syntax for spam.whitelist.conf.
Fixed spam domain logging error.

Version 3.22-7
==============
Improvement to the F-Prot parser to handle new "mass-mailing worm" output.
Note: I strongly advise all F-Prot users to upgrade to this version to ensure their continued virus protection.

Version 3.22-6
==============
"Spam White List" configuration option now includes a "From:" or "To:" property for each address indicating the direction the mail must be flowing to match the address given.

Version 3.22-5
==============
Features:
"Spam White List" configuration option now gives a filename whose contents are checked against both the sender's address and the recipients' addresses.
"Max Spam List Timeouts" configuration value gives the threshold for the number of consecutive times a single "Spam List" or "Spam Domain" entry can timeout before it is removed from the list of places to be checked. It will be restored to the list at the next restart (every 4 hours by default).
"Max SpamAssassin Timeouts" configuration value works the same way as "Max Spam List Timeouts" except it applies to SpamAssassin instead.
"Hide Incoming Work Dir" configuration option allows you to hide the full directory pathname from the messages sent to users.
"Sign Messages Already Processed" configuration option allow you to only sign messages once, regardless of how many times it has been scanned by your site.

Improvements:
Old core files are now deleted from the virus scanning work directory to speed up scanning if something dumps core in there.
MailScanner RedHat RPM init.d script extended to allow use of make within /etc/mail.
If RBL checks time out then error message logged says which DNSBL timed out.
All conf files that accept wildcards like "*.soton.ac.uk" now also accept wildcards like "abuse@*".

Fixes:
Changed assumed installation directory for RAV to /usr/local/rav8/bin which is where RAV 8.x puts it.
High scoring spam messages are now logged.
F-Prot autoupdate script now copes better with stray ^M characters.
F-Prot autoupdate script fixed in line with fixed shell script from F-Prot.
"Multiple Headers=replace" is now more resistant to bugs in Perl.

Version 3.21-1
==============
Features:
"Log Facility" configuration option so syslogs can be sent to somewhere other than the maillog.
"Notify Senders" configuration option now also accepts the value "local" so that only senders of viruses on your site are informed, not senders from outside your organisation.
"High SpamAssassin Score" configuration option to set the minimum SpamAssassin score above which the "High Scoring Spam Action" setting applies.
"High Scoring Spam Action" configuration option to set the action applied to all messages whose SpamAssasssin score is greater than the "High SpamAssassin Score".

Fixes:
"Sweep" no longer has to be defined if virus scanner = none or virus scanning = off.
SpamAssassin reports ending in newlines no longer cause broken qf files.
Return-Path: header is now handled correctly.

Version 3.20-7
==============
Features:
The RedHat RPM init.d script for mailscanner how has a "status" command in it as well as start, stop and restart. The "status" command should work on most RedHat systems.
The RedHat RPM init.d script now uses a /etc/sysconfig/mailscanner file so you can set the queue interval of the outgoing sendmail and not have it over-written when you upgrade.
The RedHat RPM spec now watches for changed mailscanner.conf file, and alerts user if necessary.

Improvements:
The recipients of viruses listed in viruses.to.delete.conf are informed about the virus we cleaned up for them, just not the sender. This is slightly different from the previous behaviour.

Fixes:
Fixed a bug in the queue ownership checking code. The user and group specified in the mailscanner.conf must be names, not numbers.

Version 3.20-6
==============
Fixes:
Fixed a bug in the RPM spec file.

Version 3.20-5
==============
Features:
Added an F-Prot autoupdate script.

Fixes:
"Accept Spam From = " on its own in mailscanner.conf no longer causes all mail to be whitelisted.
Rare problem with messages receiving blank SpamAssassin reports fixed.

Version 3.20-4
==============
Fixes:
Rewrote some of the SpamAssassin checking code, as it appears to be
generating false alarms when the hits<required_hits.
Added DCC-disabling line to spam.assassin.prefs.conf default file.

Version 3.20-1
==============
Features:
Moved McAfee support from "mcafee" directory to "uvscan" to make McAfee installation simpler
Added configuration option to control logging of spam messages
Added configuration option to control compilation of SpamAssassin code
Added support for RBL lists that work by domain name rather than by IP number
Added configuration option to list viruses that should be quietly deleted without informing the sender or recipient. A good example is the "Klez" worm.
Added configuration option to allow the "VirusWarning.txt" message to be inline or an attachment
Added configuration option to enable SpamAssassin's "auto-whitelist" functionality

Improvements:
Many minor speed improvements
Improvement to warning message placing in multipart/related messages

Fixed:
Fatal bug, introduced in 3.17-1, in lock.pl fixed
Fixed spam rbl list identification bug, introduced in 3.17-1, in config.pl
Now requires at least Perl 5.005 due to bugs in previous versions of Perl
Signatures on clean messages can now have a space at the end of a line

Version 3.17-2
==============
Never released.

More optimisations.

Version 3.17-1
==============
Never released.

Features:
Added optional internal TNEF expansion using CPAN Perl Convert::TNEF module
Added support for Panda and RAV virus scanners, bringing total supported to 10

Improvements:
Moved McAfee installation to their default directory: /usr/local/uvscan
Improved speed via optimisation of file+dir existence checks
Optimised code in various important places
Updated version of MIME-tools module shipped and included mime-tools-patch.txt from Bugtraq

Fixes:
Fixed bug (according to a user) in the Inoculan output parser. Not verified yet.

Version 3.16-1
==============
Features:
Added a per-message timeout for the RBL checks
Added facility to quarantine copy of entire message as well as just infected attachments

Improvements:
Won't call SpamAssassin on every message when it doesn't need to
Added MIME scanning option to McAfee scanner command-line

Fixes:
Hopefully the "not spam" entries appear in the right messages now
Start/stop commands moved within RPM spec file to upgrading should work better
Fixed bug where some unscanned messages were being marked as clean
Fixed bug where some "%" signs could disappear from Subject: headers

Version 3.15-1
==============
Features:
Added "Always Include SpamAssassin Header" option so you can have spam reports on non-spam messages
Added "default" action to spam.actions.conf file. See the supplied file for an example

Improvements:
Implemented switch to control logging of allowed attachment filenames
Most systems will no longer need "syslogd -r" for logging to work
F-Prot parser handles non-working copies of viruses
RPM file now saves config files rather than overwriting them
Added FAQ explaining how to use MailScanner with a Microsoft Windows mail system

Version 3.14-1
==============
Features:
Implemented per-user and per-domain control of what to do with spam
Added "Subject:" line modification for viruses, same as for spam
SpamAssassin report now also includes names of successful tests

Improvements:
Infected "multipart/alternative" messages are converted to "multipart/mixed" so that virus warning can always be seen.
Files which pass the filename rules are now logged
Added section about "exim_tidydb" command to Exim docs
File "domains.to.scan.conf" can now be a copy of Exim domain map file
Added ".scr" to supplied list of banned filename extensions
Added another FAQ (12) about settings for high-volume mail servers

Fixes:
Fixed tainting bug in ClearOutQueue()
Made documentation stylesheet a local file
Fixed handling of "Return-Path:" header
Fixed case sensitivity bug in local domains file
Fixed bug in Sophos autoupdate to account for new "vdl" filename