[Qmail-scanner-announce] Qmail-Scanner 2.00 release

[Jason H. <Jas...@tr...>]

This is announce that Qmail-Scanner 2.00 is officially out!

Download from http://qmail-scanner.sf.net/

Some of the major changes made since 1.25 follows (for a full list, see
http://qmail-scanner.sf.net/CHANGES):

*      Updated nod32

*      added 30sec timeout to spamc - some people have experienced long
hangs on spamd (nothing to do with Q-S), and ended up
        with spamc processes left  lying about. This should limit such
issues

*       NAME CHANGE.
        The spool directory into which Qmail-Scanner is installed is now
        /var/spool/qscand. This is to reflect (or force ;-) that you need
        to re-evaluate all your settings as some pretty fundamental changes
        have been made

*     NEW FEATURE.
    Starting to include concepts from Salvatore Toribio
    "st" patch to add spam quarantining features to Q-S. If you
    set "--sa-quarantine X" (where "X" is a positive number), then
    if SA tags a message as having a score higher than "required_hits"
    plus "X", that message will be quarantined into a new
    maildir "./spam/" and not delivered to the end-user (also
    no-one is notified). e.g. for "--sa-quarantine 5", a score of
    10/5 would cause the message to be quarantined into maildir
    "./spam/" instead of being delivered. A message with a score
    of 7/5 would be tagged as SPAM and delivered as per older versions. Note
    that this is a serious step to take. It means a false match ends up
    with no-one being notified and the e-mail effectively
    "blackholes". You can use your old Q-S logs of previous
    "tagged-only" mail to go through to prove to yourself that the
    "sa-quarantine" value you are going to use won't result in
    lost e-mail. DISABLED by default

*    BIG CHANGE
        Some features that were hard-wired into the main body of Q-S have
        been moved into quarantine-events.txt where they should have been
        all along. This makes it possible to change settings without
        reconfiguring the main body of qmail-scanner-queue.pl. You will need
    to rewrite any rules you had in place within the old
    quarantine-attachments.txt into the new format quarantine-events.txt
        One of these changes allows you to block zero-length attachments
at last
        ("any" length is now represented by "-1" instead of "0"). LET ME
SAY THAT
     AGAIN!!! "0" NOW MEANS "0" - IT USED TO MEAN "ANY"!!!!

*         Added support for decoding encoded attachment filenames and
Subject: headers
          by calling MIME::Base64. Now that's been done, you must
reference "normalized"
    filenames or strings in quarantine-attachments.txt and Q-S will
catch them
        even if they are encoded. Enabled by default, but as I'm not sure
        how many bad implementations of MIME encoding there are, it can
be disabled. Disable
        via the "--normalize 0" ./configure option - and tell me if it
starts blocking
        valid mail... I am also concerned about people running broken
syslog servers, and
        how they handle 8bit chars showing up. Please keep an eye on
this feature.


Existing users: please read the documentation included in the package
again to see if anything has changed that might affect you. Also take
another look at the contrib directory, there may be things you'd find
useful in there too. Obviously all this goes for new users too! ;-)


-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1