[Mimedefang] Upgrade 2.33 to 2.35

Lucas Albers admin at cs.montana.edu
Fri Jul 18 14:26:07 EDT 2003 

I am in the process of upgrading from 2.33 to 2.35.
Not in too much hurry, because the existing installation is working great.
I am running 2.33 on Redhat 7.3 running the 2.4.21 kernel.

Here are the steps I am using to upgrade from 2.33 to 2.35.
Perhaps this will help anyone else who is performing an upgrade.
Please let me know if you see any errors in it.

Mimedefang upgrade steps from 2.33 to 2.35:
Backup:
/usr/bin/mimedefang.pl
/etc/mail/mimedefang-filter

Run a diff on these two files against the original installation default of
these two files.

Here is a sample diff of the changes I have made to /usr/bin/mimedefang.pl:
---------------------------------------------------------------------------
86,87c86
< $Features{'Virus:NAI'}      = ('/usr/local/sbin/uvscan');
< #$Features{'Virus:NAI'}      = ('/bin/false' ne '/bin/false' ?
'/bin/false' : 0);
---
> $Features{'Virus:NAI'}      = ('/bin/false' ne '/bin/false' ?
'/bin/false' : 0);
5117,5128d5115
< }
<
< #***********************************************************************
< sub filter_relay {
<   my($ip, $name, $helo) = @_;
<   return(1, "OK") if ($ip eq "127.0.0.1");   # no further checking if
localhost
< # or maybe reject only when it's an obvious forgery...
<   if (($helo =~ /^(\d{1,3})(.)(\d{1,3})(.)(\d{1,3})(.)(\d{1,3})$/) &&
<       ($ip ne $helo)) {
<       return (0, "Header forgery attempt, $ip claims to be $helo")
<   }
<   return(1, "OK");
---------------------------------------------------------------------------
I added support for Mcafee uvscan, and configured it to reject mail from
machines that give an SMTP helo that does not match their IP address.



Build the rpm package for Mimedefang 2.35.
Copy over mimedefang-2.35/redhat/mimedefang.spec to:
/usr/src/redhat/SPECS
Copy over mimedefang-2.35.tar.gz to:
/usr/src/redhat/SOURCES/mimedefang-2.35.tar.gz

Build the new rpm from the source package:
I am compiling it for 686 architecture to squeeze out more performance.
rpmbuild -ba --target=i686 mimedefang.spec

It makes a Mimedefang and Mimedefang-contrib rpm package.

Run a test upgrade for the rpm package
rpm –Uvh –-test mimedefang*2.35*.rpm and the contrib package.


Update md_log* in mimedfang-filter because Dave changed the logging function.

YOU MUST update your filter, and change all instances of
	"md_log_enable" to "md_graphdefang_log_enable" and
	"md_log" to "md_graphdefang_log"


Backup your mimedefang-filter
so you can fix it before the upgrade.
cp /etc/mail/mimedefang-filter to:
/etc/mail/mimedefang-filter.preupgrade_to.2.35

change to /etc/mail directory
.

This perl code accomplishes this:
We are replacing instances of md_log_enable and md_log to the new versions.

Run this perl code:
perl -p -i -e 's/md_log_enable/md_graphdefang_log_enable/'
mimedefang-filter.preupgrade_to.2.35
Run this perl code:
perl -p -i -e 's/md_log/md_graphdefang_log/'
mimedefang-filter.preupgrade_to.2.35

Remember the quarantine spool directory for mimedefang has changed:

	* configure.in: Changed default location of quarantine directory
	to /var/spool/MD-Quarantine.  *** NOTE INCOMPATIBILITY ***
	Use --with-quarantinedir=/var/spool/MIMEDefang if you want the
	old behaviour.


Run the rpm upgrade:
Rpm –Uvh mimedefang*2.35*.rpm

Now apply the changes you made to /usr/bin/mimedefang.pl to the new
/usr/bin/mimedefang.pl
In my case I just add in the filter_relay function and then configured for
uvscan.

You could copy over mimedefang-filter over the new mimedefang-filter.
Or at least compare the old mimedefang-filter with the new one to see if
anything else needs to be changed in your mimedefang-filter.

On an rpm upgrade it should not replace the /etc/mail/mimedefang-filter
file, so you should not need to copy over your old mimedefang-filter file.

Now restart Mimedefang and Sendmail, and look at the log files to verify
it is working.

Send through a sample spam message, sample virus, and sample normal mail.

In the mimedefang-2.35/tests directory there is a list of various email
messages and a test-filter file.
Not sure how to use these.

I am not using any of the new functionality in 2.35 I am just doing an
upgrade, after I get things working with the upgrade I can look through
and see what to enable in 2.35.
The particular items I might be interested in using in 2.35 are:

(action_replace_with_url):  Added optional "$salt" argument to
	perturb SHA1 hash calculation and avoid leaking information about
	whether an attachment has been received.  Problem noted by
	Jeffrey Goldberg.

(action_replace_with_warning): Name the warnings warning1.txt,
	warning2.txt, etc. instead of all warning.txt.  Suggested by
	Steffen Kaiser.

Good luck with your upgrades...
--Luke

More information about the MIMEDefang mailing list