v5/changelog

03/10/2024 Changes in    v5.5.1-5
==================================
- Remove case insenstive duplicate options
- Add values to return statements in msmilter
- Fix regex for bad helo check in msmilter

12/29/2023 Changes in    v5.5.1-4
==================================
- Fix Exim code block

12/27/2023 Changes in    v5.5.1-3
==================================
- Fix Exim code block

12/27/2023 Changes in    v5.5.1-2
==================================
- Fix 7z/xz/bz2 etc. decompression
- Check for bad helo callback in msmilter
- Support new Exim Message-ID format in versions 4.97+

03/03/2023 Changes in    v5.5.1-1 (beta)
==================================
- Set headermodified flag on signature
- Ignore quotes at start/end of link text for fraud check
- Drop Sendmail::PMilter local perl module (fixed upstream)
- Fix condition logic in authenticated spam list check
- Fix date string in milter (rfc5322 section 3.3)
- SpamAssassin 4x support and latest OSes updates
- Skip signing calendar mimetypes with external message
- Virus scan options and enhancements
- Don't delete message from processing db if abandoned
- Add newline between header and body in modified header
  (milter mode)
- Spec file updates for rhel and suse
- Date localization workaround for Esets EFS wrapper
- ms-perl-check update to check core modules

10/29/2022 Changes in    v5.4.5-3
==================================

- Integrate working version of Sendmail::PMilter (milter)
  (Version 1.2x from CPAN not working with postfix currently)

10/09/2022 Changes in    v5.4.5-2
==================================

- Remove v5.4.5-1 from beta
- Fix dat file check not allowing files through
- Fix attachment mode not adding new MIME header
- Fix external message warning not always appearing
- Fix extraneous newline appearing in received header (milter)
- Bump milter to v1.7

07/03/2022 Changes in    v5.4.5-1
==================================

- Add support for unrar v6x
- Add f-secure-12 support for allow password-protected archives

02/20/2022 Changes in    v5.4.4-1
==================================

- Override Filetypes feature
- Generalize detection of dat files
- Improved handling of milterout queue files
- Unfold Received header (postfix/sendmail)
- Ensure HTTP::Date perl module is installed
- Fix IP::Country::DB_File (Suse)

01/04/2022 Changes in    v5.4.3-2
==================================

- Remove default hosted 1x1spacer.gif
- Include base64 encoded 1x1 spacer
- Add missing file wrappers to packages

11/28/2021 Changes in    v5.4.3-1
==================================

- Refine HTML Disarm logic (detect premature pipe end)

11/25/2021 Changes in    v5.4.2-3 (beta)
==================================

- Revised logic for HTML Disarm (close in child only)

11/14/2021 Changes in    v5.4.2-2 (beta)
==================================

- Eliminate queue id change in MSDiskStore.pm

11/14/2021 Changes in    v5.4.2-1 (beta)
==================================

- Check for /usr/local/bin in path for ms-configure
- ESETS EFS Support
- Milter cleanup after restart
- MSMilter handle file handling before DISCARD
- Set F-Secure to use ScanOptions
- Close pipe in parent only for HTML Disarm
- Milter Authenticated Spam Skip enhancements
- Fix Received header detection in MSMilter
- F-Secure 12 Support
- Limit queue processing to child-owned queue files in MSMail.pm
- Properly detect permfails with code 5xx in MSMail.pm

09/19/2021 Changes in    v5.4.1-3 (beta)
==================================

- Support for F-Secure version 12+
- Milter queue processing for child-owned queue files

08/08/2021 Changes in    v5.4.1-2
==================================

- Update inline.internal.warning.html (translation)
- Update inline.external.warning.html (translation)
- Declare code in v5.4.1-1 production ready

01/25/2021 Changes in    v5.4.1-1 (beta)
==================================

- Option to ignore DAT file type check
- Fix TNEF unparse behavior and work file permissions/ownership
- Reset opts variable causing unwanted notifies
- Fix mangling of sender in pre-header (preserve first occurrence)

12/04/2020 Changes in    v5.3.4-3
==================================

- Ignore QP DOS Failure option and body fix
- Process all links during phishing checks
- Output to stdout/stderr when running in foreground mode

11/04/2020 Changes in    v5.3.4-2
==================================

- Revert milter substitution of RCPT TO

09/07/2020 Changes in    v5.3.4-1
==================================

- Add RFC 3461 RCPT TO Service Extension support (milter)
- Change Received header continuation spacing to tabs (milter)
- Fix pair of typos in ms-configure (rhel)

05/12/2020 Changes in    v5.3.3-1
==================================

- Fix broken MIME Filetype logic
- Add support for the Kaspersky Scan Engine AV
- Add support for the Avast Daemon AV Engine
- Remove duplication in AV code
- Add support for the F-Prot Daemon Anti-virus Engine
- Add support for the F-Secure Daemon Anti-virus Engine
- Add support for the Sophos SAVID Daemon Anti-virus Engine
- Simplify build scripts
- Move new builds to release tags

04/25/2020 Changes in    v5.3.2-2
==================================

- Fix errors with exim RBL bypass

04/25/2020 Changes in    v5.3.2-1
==================================

- Support bypass of RBLs for authenticated connections in Exim
- Fix quarantining of relay rejected emails (milter)
- Eval WordDecoder in Exim

04/17/2020 Changes in    v5.3.1-3
==================================

- Include /usr/local/bin and /usr/local/sbin in ms-cron PATH

04/11/2020 Changes in    v5.3.1-2
==================================

- Rollback strategy for spamassassin on failure (RHEL/SUSE)

04/11/2020 Changes in    v5.3.1-1
==================================

- Detect DOS attempt in Quoted Printable MIME parts (Security Fix)
- Support for latest RHEL, Debian, SuSE
- Support latest SpamAssassin (3.4.4)
- Require latest SpamAssassin (Use CPAN)
- Use cpanminus by default
- Disable config check for removed settings
- Update Clamd socket path (RHEL)
- Add PowerTools option (RHEL 8)

01/19/2020 Changes in    v5.2.2-1
==================================

- Fix LocalSocket substitution in latest clam config (path changed)
- Set ownership of milter queues during ms-configure
- Correct naming of debian package
- Unpack img files and include all unpackable file extensions
- Preserve all header flags in Sendmail 
- Remove deprecated clamav functions
- Fix File MIME Types checking
- Support for new Exim 4.93 queue format
- Update de rules translations
- Add report substitution to ReadExternalWarning

11/15/2019 Changes in    v5.2.1-2
==================================

- Add QUICKPEEK variable to msmilter-init
- Add libdb-dev missing debian dependency
- clamavmodule (Mail::ClamAV) deprecated with warning

11/03/2019 Changes in    v5.2.1-1
==================================

- External message warning support
- Scan silent viruses also for spam option
- Fix silent virus delivery behavior
- Keep batch during A/V scan failure and back off for 30 seconds
- RHEL/CentOS setenforce 0 (install)
- Move ownership and permissions to post (install/update)
- Eval WordDecoder Subject
- Allow scan 7z archives if 'Find Archives By Content = no' 
- Use correct callback in debug message in milter
- Honor whitelistmaxrecips in milter
- Refactor to host MailScanner using standard package management

03/03/2019 Changes in    v5.1.3-3 (unreleased)
==================================

- Additional checks for empty queue id in milter
- Update esets-wrapper-README and make sudo optional
- Better process kill handling during stop
- Reap children when stopping milter
- Fix temp file cleanup in milter during stop
- Ignore Denial of Service option (workaround)
- Add additional base packages to debian install

01/27/2019 Changes in    v5.1.3-2
==================================
- Add sudo and README for esets-wrapper
- Handle ipv6 packed socket properly in MSMilter
- Fix path for avg-wrapper in virus.scanners.conf
- Fix AVG output parsing in SweepViruses.pm
- Fix absolute path in Sophos output parsing in SweepViruses.pm
- Add config option for mailto phishing highlighting

12/23/2018 Changes in    v5.1.3-1
==================================
- Use literal 'mailto:' for mailto phishing detection
- Handle HTML entities in mailto phishing detections
- Enforce 7 bit characters for filename checks
- Revert decode_headers workaround
- Esets catch error reading archive
- FixSubstringBoundaries removed
- Add "for <...>; date-time" to MSMilter Received: header.
- Milter add 'Authenticated' note to Received: header for SASL auth mail
- Milter refactor to capture real postfix id
- Remove CRs for QMQP processing
- Display correct log warning for QMQP socket
- Milter QMQP support added
- Option to reveal URLs in links added
- Add support to detect mailto: phishing
- Get rid of artifacts in AVG output lines
- Check for Run As User during postinst and use if defined (debian)
- Refactor milter to support multiple emails per session
- Fix missing subject field following a To: header
- Quarantine support option for DOS protection added
- Fix milter to allow modified recipients
- Add postfork support to milter
- Fix milter adding previous message recipients

10/26/2018 Changes in    v5.1.2-2
==================================
- Disable rbl check if user is authenticated (postfix)
- Preserve utf-8 header data
- Add additional services to systemd unit
- Simplify esets output
- Add newline to virus.scanners.conf
- Exclude predata headers in quarantine files (milter)

10/20/2018 Changes in    v5.1.2-1
==================================
- Patch Mail::ClamAV to allow install for SuSE builds
- 7zip handle spaces in filenames
- Clamd full message scan
- Detect fax and tel links
- mime_perl_to_string fix for ignored handler
- Add Kaspersky Linux Mail Server support
- Ignore "archive damaged" in esets scanner output
- Cleanup reports, add en_uk reports
- Workaround MIME::Parser failing to decode UTF-8
- Refactor milter to fully support multiple original recipients
- Refactor milter to support large messages
- Refactor milter to reject blacklisted emails early
- Fix off by one header add in milter
- Look for all recipient records in DeleteRecipients
- Update milter doc to 1.3
- Remove invalid Apparmor code in debian package
- Fix condition concatenation in ms-update-phishing
- Fix mktemp in clamav-wrapper for FreeBSD11
- Add DrWeb virus scanner support
- Fixes for clamav on rhel variants

08/25/2018 Changes in    v5.1.1-1
==================================
- Remove space in "Clam AV" 
- Support enable_original_recipient=no in postfix
- Check CPANOPTION and add verbosity
- Better AV scanning loop with retry attempts
- Refactor AV scanning loop
- Revert escaping spaces in unrar (already strict quoted)
- Cluster friendly update scripts (check for PID before restarting)
- Milter support option for MailScanner
- Fix postfix long queue ids getting suffixed with key
- Support ClamAV 0.100.1+ configuration change in RHEL/CentOS 7

06/17/2018 Changes in    v5.0.7-4
==================================
- Switch to gzipped phishing update files
- Fix for no virus scanner defined
- Fix configuration chaining for SA rules actions in rulesets
- Fix mime decoding deprecation
- Allow wildcards in phishing lists
- Update MIME::Tools using CPAN
- Fix removal of MailScanner.conf if MailScanner is removed
- Add support for Fedora 28
- Add perl-LWP-Protocol-https (RHEL Variants)

04/29/2018 Changes in    v5.0.7-3
==================================

- Fix copy of CustomFunctions directory in debian install
- Fix untaint of $safename var in unpack7zip
- Respect process exit code of Message::SafePipe
- Fix systemd file syntax in RHEL/CentOS
- Remove rotating indication in ms-init
- Add ldconfig to end of install.sh

02/03/2018 Changes in    v5.0.7-2
==================================

- Use mtagroup for tmpfiles.d clamd.scan (CentOS/RHEL 7)
- Remove spaces from CURLORWGET = 'wget'
- Fix one typo and a bit of grammar in DE translations
- Fix ms-update-sa reload for systemd
- Fix ms-update-bad-emails for systemd
- Change current working directory on MailScanner invocation
- Fix ms-update-phishing to suppress cron output
- Remove support for systemd reload
- Use /etc/tmpfiles.d for /var/run/clamd.scan configuration (CentOS/RHEL 7)
- Update ms-update-phishing to use restart instead of reload

12/25/2017 Changes in    v5.0.7-1
==================================
- Fix parsing an email address into local-part and domain
- Fix syntax in Debian/postrm
- Escape space before passing to unrar extract
- Add gz to unzipable files
- Only run freshclam if it is not running yet (debian)
- 7zip support
- Remove execute flag on systemd service (debian)
- Add update flag to install.sh
- Fix configuration chaining for spamassassin rules actions
- Add --force for cpanm
- CentOS/RHEL 7 clamav configuration support
- Fix broken clamav install prompt block
- Include 2 perl modules for spammassassin from debian tree
- Support for Fedora 27
- Fix install.sh modifying clamav-wrapper before MailScanner is installed
- Add mariadb as a prerequisite service for mailscanner systemd unit

09/29/2017 Changes in    v5.0.6-5
==================================
- Return result of mta installation
- Automation flags for all major distros
- Fix config filename to mcp.spamassassin.conf
- Point broken links to wayback machine for mcp
- Properly detect long queue IDs for postfix
- Preserve MailScanner.conf during upgrade
- Fix finding of configured SyslogFacility
- Properly suppress removing ms-sendmail init output

08/28/2017 Changes in    v5.0.6-4
==================================
- Fixes and enhancements for ms-update-phishing
- Remove execute bit on systemd files
- Return code check added for ms-init during service reload
- Update documentation
- Add ms_cron_ps_restart to /etc/MailScanner/defaults

08/20/2017 Changes in    v5.0.6-3
==================================

- New phishing sites update script
- Unattended install options for debian build
- Fix for exim queue processing
- ms-init fixes
- Fix debian not installing sendmail
- Fix SuSE not installing packages via zypper
- Suppress freshclam error output during install
- Fix missing libbz2-devel package on suse builds
- Fix MailScanner.conf not getting updated and merged

07/24/2017 Changes in    v5.0.6-2
==================================
- Bring Spam List documentation in line with current 
  spam.lists.conf.
- Fix typo in sender.filename.report.txt (fr)
- Better systemd detection
- Prevent ms-init from mistaking itself as a MailScanner process

07/16/2017 Changes in    v5.0.6-1
==================================
- Updated ms-update-bad-sites to quiet curl and wget
- Updated ms-update-safe-sites to quiet curl and wget
- Fix race condition in ms-init during restart
- Add systemd support for ms-init using ms-systemd script
- Add ms-sendmail-init script to correctly start sendmail
  for mailscanner on init for RHEL based systems
- Add ms-sendmail, ms-sendmail-in, and ms-sendmail-out systemd
  support scripts on RHEL based systems
- Update build scripts for systemd support

04/08/2017 Changes in    v5.0.5-1
==================================
- updated SweepContent.pm to allow application/ld+json scripts 
  when Allow Script Tags = no in Dangerous Content Scanning
- Updated Postfix.pm and PFDiskStore.pm to use long queue IDs - issue #34
- Updated Postfix.pm to work with both FIFO and UNIX pipes
- rar fix to allow spaces in file names
- removed some unneeded packages from ms-perl-check
- fix for HTML tag is split across multiple lines - issue #43
- unrar fix - issue #33
- added rblspamreport to reports - issue #45
- update logging for all spam actions taken - issue #36
- increased free disk space check from 100k to 10m - issue #40
- removed re2c conf item in defaults - not used
- updated InPhishingWhitelist and InPhishingBlacklist to not check host.*
  as it is incompatible with the current structure

11/10/2016 Changes in    v5.0.4-4
==================================
- updated RHEL/Debian/SuSE install scripts
- updated cron job scripts
- updated init script
- changed Debian upstart from 80/20 to 80/80
- updated RHEL packages in install.sh
- updated SuSE packages in install.sh
- Postfix double scan during custom fix
- fixed ms-init and ms-check
- fixed ramdisk portion of install scripts
- fixed perl module declarations

08/14/2016 Changes in    v5.0.3-7
==================================
- updated init script to include a time-wait for pid files during 
  process reloads and restarts
- updated Message.pm to correctly prepend phishing notices in email
  subject
- added avast virus scanner support
- added esets virus scanner support
- added new function InitClamdParser to SweepViruses.pm 
- added new function ProcessClamdOutput to SweepViruses.pm 

05/23/2016 Changes in    v5.0.2-1
==================================
- updated chmod permissions from 0600 to 0660 on work files to address
  permission issues with clamd reading header files

05/23/2016 Changes in    v5.0.1-2
==================================
- fixed install.sh for ms-upgrade-conf

05/22/2016 Changes in    v5.0.1-1
==================================
- added logging of failed HTML disarms to Message.pm

05/13/2016 Changes in    v5.0.0-9
==================================
- RHEL installer correction: creation of /etc/mail/spamassassin/mailscanner.cf
- start levels 80 20 set in Debian and RHEL
- ms-sa-update corrected
- errant removal of /usr/lib/MailScanner corrected
- added checks to remove init.d scripts or links pre-install
- added remove to update-rc.d and chkconfig pre-install
- added add to update-rc.d and chkconfig post-install
- corrected missing variable in RHEL install.sh script
- installers refined and updated

04/30/2016 Changes in    v5.0.0-1
==================================
- New Release