[Mimedefang] MIMEDefang 2.15 is released
David F. Skoll
dfs at roaringpenguin.com
Fri Jun 14 13:47:18 EDT 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
MIMEDefang 2.15 is at the usual spot: http://www.roaringpenguin.com/mimedefang/
Major changes:
* Added ability to limit memory usage to mitigate certain
denial-of-service attacks.
* Fixed bug in RAV virus-scanner integration.
* Sample filter now includes virus-scanner calls.
* Improved communication mechanism between C and Perl code -- fewer
small temporary files are required.
* Certain Sendmail macros are passed through to the Perl filter.
* Added filter_recipient function.
* Many internal code changes and cleanups.
Complete changelog since 2.14 follows. Please read the changelog
carefully; use your text editor to search for "INCOMPATIBILITY"
before you upgrade. There are some changes which may require
changes to your filter.
Regards,
David.
2002-06-14 David F. Skoll <dfs at roaringpenguin.com>
* Version 2.15 RELEASED
2002-06-14 David F. Skoll <dfs at roaringpenguin.com>
* Added README.SECURITY
* examples/suggested-minimum-filter-for-windows-clients: Added
calls to virus-scanner in sample filter.
* Split mimedefang.c into mimedefang.c (milter-specific stuff)
and utils.c (utilities for talking to multiplexor)
2002-06-13 David F. Skoll <dfs at roaringpenguin.com>
* mimedefang.pl.in (message_contains_virus_rav): Fixed
incorrect return code in message_contains_virus_rav
* mimedefang-multiplexor: Added "-R" and "-M" options to
limit memory usage of slaves. Strongly recommended to
help mitigate DoS attacks.
* mimedefang-multiplexor.c (limit_mem_usage): Added ability
to limit memory usage of slaves to mitigate DoS attacks which
use complicated MIME messages to consume lots of memory. All
such messages will be tempfailed forever, so keep an eye on
your logs. You'll see lines like this:
Slave 0 stderr: Out of memory!
Slave died prematurely -- check your filter rules
2002-06-11 David F. Skoll <dfs at roaringpenguin.com>
* Added filter_recipient function; added ip and hostname arguments
to filter_sender. Improved mechanism for communicating with
filter_sender, filter_relay and filter_recipient functions.
* INCOMPATIBILITY: filter_sender is now passed 3 arguments
(sender, relay_ip, relay_hostname) instead of 1 (sender). You
may have to adjust your filter rules.
2002-06-07 David F. Skoll <dfs at roaringpenguin.com>
* mimedefang.c, mimedefang.pl.in: Pass a number of sendmail macros
down to the filter.
* mimedefang.c: MAJOR internal change to communication mechanism
between C and Perl. Instead of lots of little files, the outbound
(C to Perl) direction uses three files:
INPUTMSG -- input message
HEADERS -- headers
COMMANDS -- commands
The inbound (Perl to C) uses (mostly) a single RESULTS file
to pass results back. If message is changed, we use a NEWBODY file.
2002-06-06 David F. Skoll <dfs at roaringpenguin.com>
* mimedefang.pl.in (action_replace_with_warning): Try to keep
warnings inline.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE9Ciwqxu9pkTSrlboRAiJLAJ9dJUHDtc0KEzI4ZGYSTHuZDBQfPQCgxANX
mJ0dX6ZVqzfrLjkl95oWmF0=
=FSl3
-----END PGP SIGNATURE-----
More information about the MIMEDefang
mailing list