8/5/2008 New in Version 4.70.1-1
================================
* New Features and Improvements *
1 Improvement to OLE document unpacking code, more likely to extract embedded
  files correctly.
1 Added new setting "Dont Sign HTML If Headers Exist" to provide finer control
  over placement of HTML signatures. If any of the named headers exist in
  the message, the message is deemed to be a "reply", and so the HTML
  signature is not attached. By default this functionality is switched off
  by not specifying any header names.

6/5/2008 New in Version 4.69.9-3
================================
* New Features and Improvements *
1 Added command-line option "--id=<message-id>" which will force it to scan
  just the message described by <message-id>. Only works when used with
  "--debug".
1 Commented out definition of ORDB-RBL to force a syntax error in setups which
  are still mistakenly using it (and not getting any mail as a result!).
1 Added comand-line option "--inqueuedir=<dir-name|glob>" which can take
  a) a directory name, or
  b) a directory name glob (or wildcard), or
  c) a text file listing any combination of (a) and (b) above.
  This specifies where to look for incoming messages. This is very useful when
  debugging, as test messages can be put in their own queue directory, and the
  main MailScanner running will not touch them, only a MailScanner run with
  this command-line option will see them.
1 Can now extract embedded files from within Microsoft Office documents and
  subject them to all the file tests like any other attachments.
1 To allow for executables embedded in zipped Office documents, default value
  for "Maximum Archive Depth" has been increased to 3. Remember that using
  upgrade_MailScanner_conf will *not* over-ride your current settings, so you
  will have to change this manually to use the new value.
3 Added new keywords available in Spam Actions, the SpamAssassin Rule Actions
  and Archive Mail locations. You can now specify _DATE_, _FROMUSER_,
  _FROMDOMAIN_, _TOUSER_ and _TODOMAIN_ keywords in any of those and they
  will be replaced with the user and domain halves of the relevant addresses
  of the original message.
  If, for example, you specify a "forward" address
  "spam.archive-_TOUSER_-at-_TODOMAIN_@mydomain.com", then a new recipient
  will be added to the message for *each* of the original recipients. So
  a message with 5 original recipients will have 5 new ones added to it.
3 Added new configuration setting "Missing Mail Archive Is =" which can take
  the values "file" or "directory". This allows you archive to mbox files whose
  name is based on the addresses of the original recipients.
4 Using the "store" Spam Action, you can now specify an arbitrary directory
  path after the '-', so
  "store-/var/spool/MailScanner/quarantine/spam/_TOUSER_._TODOMAIN_"
  will store the message in a location determined by the recipient addresses.
  Any of the _DATE_, _FROMUSER_, _FROMDOMAIN_, _TOUSER_ and _TODOMAIN_
  keywords can be used.
4 Changed "Monitors for ClamAV Updates" for ClamAV version 0.93.
5 If the image signature <img> tag includes alt="MailScanner Signature" then
  it notices the sig file is present and so doesn't add it again.
  The "alt" attribute is matched by the word "MailScanner" followed by anything
  followed by the word "Signature" in any combination of upper- and lower-case
  so you can adapt this text quite a lot. See note for "6" below.
6 Added new configuration setting "IP Protocol Version Header" which will tell
  you the IP version number used in the last hop to this server. It produces
  either "IPv4" or "IPv6" in the header. To stop the header appearing, just
  set it to be blank. Added at special request by my boss :-)
6 Added new configuration setting "Allow Multiple HTML Signatures". If the
  message has been signed with an HTML signature containing an <img> tag,
  whose "alt" attribute contains "MailScanner" and "Signature" and
  "%org-name%", then it will not be signed again if this option is set to "no".
  Once a message (with an image in the signature) has been replied to a few
  times, it starts getting very large and ugly. This option keeps the message
  size down and makes it look better. This is set to "no" by default as
  messages look better this way.
7 Debian/Ubuntu have changed the default %org-name% value to "unconfigured-
  debian-site" so I have to check for that as well in the 'Have I Been
  Configured" code at startup :-(
9 Added support for the VBA32 virus scanner from www.anti-virus.by/en/.
  The scanner is called "vba32" in MailScanner.conf.

* Fixes *
1 "IPBlock" Custom Function will start up properly without MailScanner.conf
  location on the command-line.
2 Fixed problem with file MIME type checks were being incorrectly applied.
2 Added OLE::Storage_Lite to the list output by "MailScanner -v".
4 Forced "Debug SpamAssassin" to no unless "Debug" is set to yes.
7 Fixed problem with "--debug-sa" and MailScanner freezing using 100% CPU.
8 Fixed problem with modules not reporting properly with "MailScanner -v".
8 Fixed problem where "MailScanner --lint" would sometimes report false errors.
9 Fixed problem with OLE document unpacking occasionally dying with error.
9-2 Added VBA32 -wrapper and -autoupdate to Linux packages.
9-3 Fixed problem with OLE document unpacking occasionally dying with error.

1/4/2008 New in Version 4.68.8-1
================================
* New Features and Improvements *
1 Support for the Fpscand daemon that is supplied with F-Prot version 6.
  Add this line to your virus.scanners.conf
  f-protd-6 /bin/false /usr/local/f-prot
  and set "Virus Scanners = f-protd-6" in your MailScanner.conf.
  This is very much faster than the f-prot-6 command-line scanner.
3 Improved the list of ignored web-bug filenames.
3 New update_bad_phishing_sites script to use major new fireproof delivery
  system. Many thanks to Matt Hampton for all his time and support with this.
3 Updated to Catalan translation.
3 Updated support for Vexira "vascan" virus scanner.
3 Changed location of Web-Bug Replacement image. upgrade_MailScanner_conf will
  put in the new URL. This will give significantly better response to your
  users.
3 Added new option "Log SpamAssassin Rule Actions" so that you can see exactly
  what actions fire on what messages from the "SpamAssassin Rule Actions"
  setting.
3 Added new option to the filename.rules.conf and filetype.rules.conf files.
  Instead of "allow", "deny" or "deny+delete", you can now specify a space or
  comma-separated list of email addresses. If the filename or filetype rule
  is matched, the message is sent to these new addresses instead of the ones
  given in the original email address.
3 Updated support for latest versions of Esets virus scanner from Nod32.
4 Added Net-DNS and Digest-SHA1 to the main MailScanner distributions so that
  they are installed appropriately ready for when you install Razor. This way
  they are installed as RPMs and not just plain Perl modules, as the RPM of
  Razor requires them to have been installed as RPMs.
4 New configuration option "Automatic Syntax Check" added, default is "yes",
  which causes a quick syntax check of the MailScanner.conf file and the other
  configuration files, printing out errors on the console, instead of just
  logging them to your system's mail log as it did before.
  This will hopefully make it easier for novices to get going successfully.
5 SpamAssassin Cache will no longer cache "timed out" responses.
5 Upgraded to perl-Digest-SHA1 version 2.11.
6 Added SpamAssassin MCP patch for 3.2.4.
7 Changed default supplied High-Scoring Spam Actions to "store". That way
  users don't have to work out how to change it, to reduce their spam a lot.

* Fixes *
2 Improved MakeNameSafe() to fix problems caused by f-protd-6 working with
  filenames containing spaces (which it cannot handle!).
2-2 Fixed error in --lint support for F-Protd-6.
2-3 Typo, missed out a "$" :-(
3 Fixed important bug in f-protd handling code.
4 Fixes to Ruleset-From-Function.pm Custom Function code.
5 Fixed various issues with new automatic syntax check (--lintlite) code.
6 Fixed IPBlock problem with MailScanner --lintlite.
6 Fixed Postfix milter problem (thanks Glenn!).
7 Fixed problem with Inline images in HTML signatures. Now works with nested
  multiple replies.
8 Fixed bug where original unsafe filename wasn't used correctly when auto-
  replacing attachments with zipped copies to save space in mail stores.
  Thanks to Armand Leroux at Capgemini for finding this one.

4/3/2008 New in Version 4.67.6-1
=================================
* New Features and Improvements *
1 Added support for the ESET virus scanner, from www.eset.com. Support written
  by Phil (UxBoD). Many thanks! Just use "Virus Scanners = esets" in
  MailScanner.conf and check you have installed it in the expected location or
  change /etc/MailScanner/virus.scanners.conf.
2 "MailScanner --lint" now checks to ensure unrar is installed and executable.
2 Esets autoupdater now accurately reports status results.
3 Implemented file MIME type checking, as reported by the "file -i" command.
  This includees 3 new settings, which all work just like their non-MIME
  brothers: "Log Permitted File MIME Types", "Allow File MIME Types" and "Deny
  File MIME Types".
  The main use is via the filetype.rules.conf file, where a new optional field
  may be added just after the regular expression field (just after the 2nd
  field in each line). If this field is added, then the "file -i" command is
  run on every batch of messages and the output checked against the MIME types
  specified in the newly inserted 3rd field (out of fields 1-5 on each line of
  filetype.rules.conf files).
4 Added compatibility for BitDefender 7.5 to bitdefender-wrapper.
4 --debug now tells you when it's waiting for its batch of messages, and how
  big the batch is.
4 "Use TNEF = replace" behaviour changed to add attachments with their original
  potentially very long filenames instead of a sanitised one.
4 Linux RPM install.sh fixed for Fedora Core 8. Thanks to scud@etailengine.com for that one.
4 Improvement to the phishing net to allow all the links that look like this:
  Name of my Blog - http://site.blogspot.com/
4 Installation order of Perl module changed to install File::Spec before ExtUtils::MakeMaker, which should help the Solaris folks.
5 Made warning about %org-name% containing illegal characters a lot more
  obvious when running "MailScanner --debug" as well as "MailScanner --lint".
5 Any mail headers inserted with spaces in them will have spaces replaced with
  hyphens.
5 When "MailScanner --debug --debug-sa" is run, the start of every line of
  SpamAssassin debugging output now has the current time stuck on the front
  of it. This makes looking for pauses a whole lot easier.
6 Improvements to the init.d scripts for the RPM distributions. While waiting
  for the MailScanner processes to die of natural causes, they periodically
  send them another kill signal as there are a few cases in which the kill
  signals are ignored. This should result in far more reliable restarting.
6 "sophos-autoupdate" improved to handle new "suspicious" threat data files
  whose names start with "sus".

* Fixes *
4 Improved definition of "Scan Messages" when using Postfix, to attempt to
  avoid occasional double delivery of unscanned messages on heavily loaded
  servers.
5 Maliciously crafted attachment filenames could circumvent the 'very-long-
  filename' rule in filename.rules.conf. Fixed.
5 Fix to include "ClamAVModule" in log outputs from it.
5 Symantec Scan Engine support problems now fixed. Set the path in
  MailScanner's virus.scanners.conf to "/opt/SYMCScan". If set to that value,
  it expects to see the Linux command-line scanner in the file
  /opt/SYMCScan/ssecls/ssecls.

4/1/2008 New in Version 4.66.5-3
================================
* New Features and Improvements *
1 New optional configuration setting "Syslog Socket Type". By default this is
  left blank, as it will work it out according to the operating system you
  are using. Some Solaris users may want to set this to "native".
1 Addition of new message property for use by MailWatch 2.
1 Update of Sophos.install for Sophos version 6.
2 Updated to handle new MailTools 2.02. This includes the use of several new
  Perl modules, so you'll have to use the install.sh to install all the
  requirements of the new MailTools code (unless you are doing clever things
  with yum repositories).
3 Improvement to the phishing net for multiple "blocked::" prefixes on links.
3 Improvements to speed up StartTiming() and StopTiming() greatly.
3 Updated to MIME-tools 5.425. This should solve lots of problems people are
  having with using yum repositories.
4 Added startup code to check for consistent version numbers with MIME-tools.
4-2 Better install.sh for RHEL and CentOS 5.
4-3 Added some more modules to the compulsory list for RHEL and CentOS 5.
    These are all labelled "yes" in the right-most column of the module list
    near the bottom of install.sh.
5 Improved eTrust-wrapper and -autoupdate to handle latest version 8.1 of
  eTrust, and allow more flexibility in setting of eTrust location in
  virus.scanners.conf. Can now just put /opt/CA if you are running 8.1 or later.
5 Improved easy-to-install ClamAV & SpamAssassin package so that it will always
  install my patched Mail::ClamAV and Mail::SpamAssassin modules even if un-
  patched versions are already installed.
5-3 Changed Perl IO module to always force installation.

1/11/2007 New in Version 4.65.3-1
=================================
* New Features and Improvements *
1 Added support for F-Secure version 5.5.
  In virus.scanners.conf, set the path to "/opt/f-secure/fssp".
2 Added log output when bad watermark causes raise in spam score.
2 RedHat RPM-based install.sh no longer forces installation of anything on
  RedHat 5, CentOS 5 or hopefully some clones thereof. No change on Fedora.
2 Improvement to upgrade_MailScanner_conf and upgrade_languages_conf so that
  if either is run when there is no .rpmnew file (and hence you don't need to
  run it) then no harm will be done, the .conf will be copied to the .new file.
3 Improved install.sh support for Mandriva which has /usr/src/rpm not .../RPM.
3 Changed syslog output of virus infections so scanner names are all 1 word.

* Fixes *
2 Fixed bug with "notify" action in "SpamAssassin Rule Actions" setting.
2 Fixed RBL check return address for anti-spam.org.cn's weird blacklist.
2 Fixed "MailScanner --value=..." (for testing rulesets), when MTA is not
  sendmail.

1/10/2007 New in Version 4.64.3-2
=================================
* New Features and Improvements *
1 The MailScanner book is now also available for purchase from the EU with
  much lower shipping costs. Go to www.lulu.com/mailscanner.
1 Solaris check_mailscanner code now uses pgrep.
1 "MailScanner -v" now lists version of Date::Parse which was missing.
1 Added "$datenumber" to the inline spam warning report.
1 "MailScanner --lint" now checks your %org-name% to ensure it only contains
  safe characters (i.e. a-z, A-Z, 0-9 and -).
1 Added "allow" rule to filename.rules.conf for the XML filenames inside
  Microsoft Office 2007 (e.g. *.docx) files which are actually archives.
1 F-Prot-6 autoupdater improved to tell you whether it actually downloaded
  a new virus signatures file or not.
1 Tar distro now includes ChangeLog.
1 "Treat Invalid Watermarks With No Sender as Spam" can now be set to a number
  greater than zero. This value will be added to the spam score.
1 Watermark spam header reports refer to them as "watermarks" and not
  "null headers" as that is easier to understand.
2 Changed the default value "ClamAV Full Message Scan = yes". It has a slight
  speed impact, but is worth it for the extra spam-spotting ability, especially
  if you are using any extra ClamAV additional databases of spam signatures.
3 Changes required for MailWatch v2. Provided for Steve Freegard.

* Fixes *
1 Now set the umask of the directory into which the TNEF attachments are
  unpacked by the external TNEF expander. Thanks to derek@csolve.net.
1 Fixed bug which caused crash when using a ruleset on "Filename Rules" setting
  when the file listed in the ruleset does not exist. Thanks to Ugo Bellevance.
1 Added line to stop EOCD Format errors being output in UnpackZip. Thanks to
  Rick Cooper.
2 Added fix to reported spam scores in some messages sent to multiple
  recipients. Provided by Derek Buttineau.

4/9/2007 New in Version 4.63.8-1
================================
* New Features and Improvements *
1 Improved init.d script, so that 'service MailScanner restart' or
  '/etc/init.d/MailScanner restart' runs faster. It pauses for just long
  enough for the old MailScanner to die gracefully, and starts up the new one
  as soon as the old one has died. Previously, it just waited for a fixed
  length of time which was much longer than needed for most people.
1 Improved tar installer so the directory created for MailScanner includes the
  build revision number as well as the main version number.
1 Improved phishing net logging to log entire real URL not just hostname.
1 Improvement to update_spamassassin to stop cron-generated mail.
1 New setting "Phishing Bad Sites File" which is a live continuously-updated
  list of known bad sites that have been reported to various mechanisms around
  the world. Please don't ask me for more information as I can't give it to
  you, but every site on the list has been manually tested and the list can be
  relied upon. Your installation should update this file every hour.
  NOTE: Run upgrade_languages_conf after installing this upgrade!
2 Reduce default "Restart Every" time to 2 hours so that updates to the
  known bad phishing sites list are re-read more frequently.
2 Added *.fdf to the list of dangerous filenames. Opening a .fdf file can
  cause the loading of any file on the internet into Adobe Acrobat.
2 Added 2 new variables to the sender reports: $size = size of message in bytes
  and $maxmessagesize = maximum allowed size of this message in bytes.
2 Added new setting "Check Filenames In Password-Protected Archives = yes" so
  that the filename checks can be suppressed on encrypted archives to allow
  a few people to get exe's and so on through the mail as part of their
  business needs. Normally leave this setting at "yes".
2 Added new setting "Include Binary Attachments In SpamAssassin = no" which
  can be used to tell SpamAssassin to look at all attachments, not just the
  ones containing text (or HTML, etc) which is its normal behaviour.
  Changing this setting to "yes" will have no effect without a patch to the
  SpamAssassin code, which you can fetch from
  http://www.mailscanner.info/mcp.html#patches
  It will slightly slow down SpamAssassin some of the time, and is therefore
  disabled by default.
  This can be very useful if you want to look for rude or derogatory content
  in messages, and do not want the huge speed impact of using MCP. It can
  successfully scan the content of Microsoft Word documents, for example. It
  won't be effective on PDF files however, as these are compressed internally
  so there is no readable text anywhere in the file.
3 Added a long $PATH to f-prot-autoupdate so we can find wget on most OS-es
  including Solaris.
3 Improved Sophos.install to disable the savupdate cron job and switch off
  the unwanted Sophos services.
3 Added a feature to the "SpamAssassin Rule Actions". You can now specify
  "SpamScore" and a number comparison, instead of just giving a SpamAssassin
  rule name. So you can say
  SpamAssassin Rule Actions = SpamScore>25=>delete
  and this will cause all messages scoring over 25 to be deleted. You can use
  this to set different actions at different spam scores, in addition to the
  normal spam actions and high-scoring spam actions. The numerical tests you
  can use are ">", ">=", "==", "<=" and "<".
4 The "action" in each "RULE=>action" in "SpamAssassin Rule Actions" can now
  be a comma-separated list of actions, so you can easily specify multiple
  actions per rule.
6 Added support for F-Prot version 6. Must be specified by
  "Virus Scanners = f-prot-6" in MailScanner.conf.

* Fixes *
1 Improvement to phishing net to allow HTML tags with contents split over
  multiple lines.
1 Changed options to ClamAVmodule so it doesn't hit false positives with the
  phishing and scam email detection signatures.
1-2 Fixed bug where --lint gives "MailScanner.conf file not found" error.
2 Stopped writing a PID file when "MailScanner --lint" is run.
2 update_spamassassin no longer produces any output, so no crond email.
2 Fixed bug where clamavmodule scanner name wouldn't always be logged correctly.
2 Bugfix in ZMDiskStore.pm ZMailer support from Leonardo Helman.
3 Force installation of perl-Getopt-Long to try to solve the problems with
  command-line options producing 'config file not found' errors.
3 Commented out sample rules in max.message.size.rules file.
3 Fixed MailScanner.conf Sophos-specific settings for Sophos 5.
5 Fixed problem where MTA=sendmail would cause ruleset to not be used on
  Sendmail2 setting.
8 Fixed bug when specifying multiple actions in "SpamAssassin Rule Actions"
  for one rule name.

1/8/2007 New in Version 4.62.9-3
================================
* New Features and Improvements *
1 Improved non-Linux installer.
1 Improved Linux installer.
1 Updated OpenBSD installation guide. Thanks to Jeremy Evans for this.
1 Upgraded MIME::Base64 to 3.07.
1 Improved error reporting for clamd permissions problems. Thanks Rick.
2 Added SAUPDATEARGS to /etc/sysconfig/MailScanner and
  /usr/sbin/update_spamassassin. For a good use of this, see
  http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt and search
  for "HOWTO" in the Subject: line of the MailScanner-discussion list archive.
  This process replaces RulesDuJour entirely.
  Another good ruleset to add to your setup is
  http://www.peregrinehw.com/downloads/SpamAssassin/contrib/KAM.cf
  To download this automatically every night, fetch
  http://www.mailscanner.info/files/4/KAM.cf.sh and put it in /etc/cron.daily
  and make it executable (type "chmod +x /etc/cron.daily/KAM.cf.sh").
3 Added "Known Web Bug Servers" so you can blacklist images from known servers
  of web bug services.
3 Added functionality of "milter-null" to MailScanner so you no longer need to
  run this separately. It is called "Watermarking" and there is a whole
  section for the settings in MailScanner.conf. They are
  Add Watermark	= yes
  Skip Spam Checks If Watermark Valid = yes
  Watermark Header = MailScanner-%org-name%-Watermark:
  Watermark Lifetime = 432000 # in seconds, = 5 days
  Watermark Secret = SET-THIS-TO-A-SECRET!
  Also added Digest::MD5 to the required list of Perl modules, this is needed
  for the watermarking code.
3 Added optional image to the clean message signature. You can also use this
  to add an arbitrary image attachment to any message, if you so wish. The
  main point is to be able to have graphical HTML signatures on messages.
  The settings are
  Attach Image To Signature = no
  Attach Image To HTML Message Only = yes
  Signature Image Filename = %report-dir%/sig.jpg
  Signature Image <img> Filename = signature.jpg
4 Added support for Kaspersky kav4fs. Set virus.scanners.conf entry to
  point to /opt/kaspersky.
4 Changed default value to "Max SpamAssassin Size = 100k" as modern PDF spams
  are getting quite large, and PDFInfo.pm doesn't work with cropped messages.
4 Improved Clamd parser to handle Sane Security ClamAV signature databases
  which detect spam and so on from the contents of the headers, and hence
  find infections without attachment filenames. Thanks to various people for
  help with this, you know who you are :-)
4 Improved upgrade_MailScanner_conf so that it checks that the 'Monitors for
  ClamAV Updates' setting looks for inc and cvd files. Problems have recently
  been suffered by many due to the value of this setting being out of date.
  It doesn't automatically re-write their setting in case they have installed
  ClamAV somewhere odd and have customised it.
4 Changed 'Monitors for Sophos Updates' setting default value to point to
  appropriate file for Sophos version 5 and upwards, and have added check
  in upgrade_MailScanner_conf to ensure their setting now points to a new
  location. It prints a warning if sophos-av does not appear in the path.
4 Added configuration setting "SpamAssassin Rule Actions". This setting is
  very powerful and can be used to implement many things that MCP can do,
  without having the processing overhead of MCP. The documentation for it is
  in the MailScanner.conf file. Its power is limited by your imagination :-)
  Start combining it with rulesets and you can take (or _not_ take) any
  combination of actions dependent on any bit of content in the message or its
  headers. You could try out new SA tests by storing in quarantine every
  message that matches a new particular SpamAssassin rule (or meta-rule for
  creating more complex expressions).
5 Added "custom" spam action, which takes a parameter. This is passed into the
  CustomAction function in CustomAction.pm in the CustomFunctions directory.
  This can be used to implement anything your heart desires, depending on the
  contents of a message.
7 When clamav, clamavmodule or clamd parsers are being used and new setting
  "ClamAV Full Message Scan" is set to "yes", pass each of the entire
  messages to ClamAV as well as the attachments so that the signatures that
  detect spam can work reliably. This is set to "no" be default as it has a
  speed impact.
7 The watermark options have been tweaked and renamed a bit, and one new
  feature has been added. "upgrade_MailScanner_conf" will show you the renames
  and the new feature is designed to save resources on sites with more than
  1 MailScanner. Currently, if you have a message delivered to a secondary MX
  (with MailScanner) which relays mail to the primary MX (also with
  MailScanner) for delivery to users' mailboxes, the spam checks will be
  done twice; this is a waste of resources. The new setting "Check Watermarks
  To Skip Spam Checks = yes" will remove this waste by skipping the spam
  checks on the primary MX as the secondary has already done them.
7 "Virus Scanners = auto" will detect multiple types of ClamAV installed and
  tend towards the most useful one. It will use clamd else clamavmodule else
  clamav. This helps if you have all 3 installed, which is quite likely.
8 Greatly improved "MailScanner --lint". It now actually tests every virus
  scanner that you have installed, and checks that they can successfully scan
  a message containing the Eicar test-virus pattern. It reports the results
  from each scanner and warns you about checking any that are not reported.
9 Added check to "MailScanner --lint" to check envelope_sender_header in
  spam.assassin.prefs.conf is correct and matches MailScanner.conf.
9 Added new setting "Use Watermarking = yes" to give overall control of all
  watermarking features.
9 Fixed error with "MailScanner --lint" when not using sendmail.

* Fixes *
2-2 Fixed error in RPM installer.
2-3 Fixed error in update_spamassassin.
3-2 The watermarking code should do something now :-)
3-3 Rewrote the watermarking docs so they reflect the truth.
4   --lint now reads all the Custom Functions properly.
4   Bug in auto-zip fixed where attachments could be deleted without being
    added to zip. Thanks to Matt Hampton.
4   Bug with '-' in HTML attribute names confusing phishing net fixed. Thanks
    to John Wilcock.
5   Fixed 2 bugs in MSRBL clamav-signature handler. Thanks to UxBoD.
6   Fixed bug from October 2006 involving McAfee finding infections in headers.
7   Fixed bug when unpacking TNEF files with external decoder.
7   Fixed 'monitor files' check in upgrade_MailScanner_conf so it doesn't check
    inadvertently when doing an upgrade_languages_conf.
7-3 Fixed bug in full message file creation in scanning dir as permissions
    were wrong.
9   Added use POSIX to top of MessageBatch.pm so WNOHANG is defined.

2/7/2007 New in Version 4.61.7-2
================================
* New Features and Improvements *
1 Direct support for the "clamd" virus scanner -- now talks directly to the
  clamd daemon without any overhead of calling clamd-wrapper or clamdscan.
  As a result, this should be faster than the previous clamd support.
  It also has a much smaller memory footprint than the "clamavmodule" scanner.
  This is all thanks to Rick Cooper who wrote the original code.
  New configuration options are
  - Clamd Port = 3310
  - Clamd Socket = /tmp/clamd
  - Clamd Lock File = /var/lock/subsys/clamd
  - Clamd Use Threads = no
  The use of these settings is explained in the MailScanner.conf file.
2 Changed session handling in direct clamd virus scanner support.
3 'MailScanner --lint' now finds clamd virus scanner.
3 Made clamd subsys lock file blank by default, so it works on non-Linux
  systems.
3 Added another example to the Allowed Sophos Error Messages setting for
  password-protected files.
4 Renamed "sa-update" command and cron job to "update_spamassassin".
4 Added ability to easily disable update_virus_scanners script.
4 Added conditional call to sa-compile to update_spamassassin cron job.
4 Added to $PATH in update_phishing_sites for Solaris 10 locations.
5 Watermarking functionality has had to be withdrawn due to patent issues.
  Sorry about this, but it would cause huge problems in the USA where
  software patents are legally enforceable and it would cause problems with
  including patented code in GPL software too.
6 Added facility to change SpamAssassin's temporary working files directory,
  using the new option 'SpamAssassin Temporary Dir'. By default this is put
  under the Incoming Work Dir location, as that is (hopefully) mounted using
  tmpfs. If an attempt to use this directory fails, it reverts to /tmp.
7 Fixed bug in finding PERL5LIB in installers. Thanks to Sean Coleman.

* Fixes *
2 Fixed bug in auto-zip feature with a message containing 2 attachments with
  the same filename.
2 Fixed bug in auto-zip feature that would allow zipping of an attachment
  which had been cleaned out of the message.
3 Fixed "identified/found" bug in AVG parser.
3 Fixed bugs in Panda and AVG parsers courtesy of Rick Cooper.
3 Fixed bug in Postfix handler which caused a problem with empty messages.
4 Fixed bug in SuSE init.d script stopping MailScanner reload working properly.
4 Changed method for getting MCP to decode binary attachments (the interesting
  ones have "application" in their MIME type). New patch for SpamAssassin 3.2.1
  Util.pm required now. No other SpamAssassin patches required at all.
4 Added definition of "noticesizeinfected" to languages.conf.
4 Added speedup (courtesy of Glenn Steen) to the new Postfix milter support.
4 Fixed rare bug in Postfix milter header support (from Glenn Steen).
5 Fixed problems with /usr/sbin/update_spamassassin not calling sa-update.
7 Removed second delay from update_spamassassin as one already exists in the
  cron job.

1/6/2007 New in Version 4.60.8-1
================================
* New Features and Improvements *
1 Improved Sophos.install script so that it sets up /etc/ld.so.conf ready for
  installation of Perl-SAVI module required for "sophossavi" virus scanner.
1 Custom Functions can now receive parameters not only to their Init and End
  functions, but also to their run-time calculation functions (i.e. the real
  custom function itself used when processing each message). The Custom
  Function is now passed not only the message, but also a ref to a list of
  parameters specified in the MailScanner.conf file.
1 Improvement to phishing net.
1 'clamavmodule' scanner no longer detects encrypted zips/rars as viruses,
  leaving MailScanner to do the check later in the dangerous content scanning.
  The consequence is that MailWatch will allow them to be released from
  quarantine.
2 Updated a whole load of Perl modules in the pre-requisites lists for both
  MailScanner and SpamAssassin.
2 Added a "--nomodules" command-line option to the MailScanner install.sh
  script to skip installing required Perl modules.
2-2 Fixed bugs introduced by 4.60.2 in generic installer. Only affects 'other
  Linux and non-Linux' installer.
2-4 Fixed more non-Linux installer problems.
4 Added more modules to the list output by "MailScanner --version".
4 Improved phishing net detection of HTML tags, courtesy of snifer_@hotmail.com.
4 Added patches to provide full "p record" support in Postfix 2.3 and 2.4,
  courtesy of Glenn Steen <glenn.steen@gmail.com>.
5 Added a new feature, to compress all the attachments in a message and
  replace them with a single zip file.
  Set "Zip Attachments = yes" (no by default), and
  set "Attachments Zip Filename = MessageAttachments.zip"
6 Added 2 new configuration options for the "Zip Attachments" feature:
  Attachments Min Total Size To Zip = 100k
  Attachment Extensions Not To Zip = .zip .rar .tgz .gz .mpg .mpeg .mp3 .rpm
  Hopefully these are fairly self-explanatory.

* Fixes *
1 Phishing net now correctly handles HTML tags inside links.
1 Deprecated clamscan flag replaced with supported one to stop it printing
  the summary.
1 Added '-b' to nod32-1.99 command-line options in SweepViruses.pm to stop
  scanner producing licensing details. Thanks to UxBoD.
1 Removed test in RPM distribution's test for RedHat 6 as it will clash with
  RHEL 6 and Fedora. Anyone still running RedHat 6 has bigger problems! :-)
1 Worked round Perl bug in returning number of RBLs hit by a message.
1 Fixed problem causing some password-protected RAR archives to be missed.
3 Fixed bug introduced in earlier beta in RBL code.
6-2 Patch to Exim to handle named ACL variables as well as numbered ones.
    Courtesy of Maarten Vink.
7 Added v320.pre to mcp directory.
7 Postfix 2.3/2.4 patch fix.

1/5/2007 New in Version 4.59.4-2
================================
* New Features and Improvements *
2 Changed locations monitored for ClamAV updates to fit new ClamAV 0.9 layout.
2 Added support for clamdscan and clamd. Use "Virus Scanners = clamd".
3 Changed check ordering so that mail from blacklisted addresses is still
  marked as spam even its size exceeds the max spam message size check.
3 Improved detection of empty <A HREF= tags in phishing detection. Thanks to
  snifer_@hotmail.com for this.
4 Added support for Avast "avastcmd" virus scanner. Use
  "Virus Scanners = avast" to use it.
4 Added support for Avast "avastd" virus scanning daemon, which must be
  configured and running first. Use "Virus Scanners = avastd" to use it.
  In /etc/avastd.conf, be sure to set "archivetype = A", in all the sections
  of the file where the setting appears.

* Fixes *
1 Exim fix by Debian Maintainer: Simon Walter.
1 Incoming Work Group not honoured for files with a leading dot in their
  filename. Again, fix by Simon Walter.

1/2/2007 New in Version 4.58.9-1
=================================
* New Features and Improvements *
1 Added accessor functions to Config.pm to enable implementation of ruleset
  evaluation within a Custom Function.
4 New example Custom Function to show how to evaluate a ruleset from within
  a Custom Function.
5 Checks the SA cache more intelligently now, to use the required score from
  the right message always. Thanks to Olaf.Ohlenmacher@colt.net for this.
5 Supporting code for BarricadeMX. If you haven't got this superb package
  yet, contact Fort Systems (www.fsl.com) for an evaluation licence RIGHT NOW!
  It's superb, and even runs on Windows with Exchange, in addition to all
  the other platforms normally supported. Say goodnight to all your spam
  problems. It will reduce the load on your mail servers so much that you
  won't be needing any upgrades for a few years, which will save you a
  whole load of money!
5 "MailScanner --lint" now checks the version number of the MailScanner.conf
  file to ensure you are not behind with your settings and need to run
  upgrade_MailScanner_conf.
6 Improvement to check_MailScanner script so it prints Done or Failed as
  appropriate.
7 Mail sent out to split mail queues will only be picked up when the MTA
  next scans the queue. This problem will be rectified in the next release.
  I didn't want to change the code so close to the release date, I will fix
  it very soon. This does not affect the vast proportion of users.
7 Okay, I've changed my mind. The new code is in for testing.
8 Mail sent out to multiple mail queues will all cause the MTA to be
  "kicked" into knowing there are new messages in the outgoing queue
  waiting to be delivered.
8 Added new configuration option
  "Notify Senders Of Blocked Size Attachments = no".
  This is to stop notifying senders of 0-length files which are generated
  by some broken viruses and worms. It does also control sender notifications
  for other sizes of attachments that are outside your pre-set limits set
  in other configuration options.
9 Added setting of TMPDIR shell variable so that SpamAssassin will store
  all its temporary files in tmpfs (under /dev/shm) to speed it up a bit.

* Fixes *
1 Small addition to Config.pm for one customer.
2 Don't use 4.58.1, bug introduced in Config.pm.
4 Bug fixed where {Fraud?} Subject: tag would not appear when appropriate.
5 Fixed bug in Exim delivery code that would leave stray defunct processes
  lying around in some situations.
5 Now kicks Sendmail/whatever about all messages in all outgoing queues.
5 MCP doesn't pick up sa-update rules any more. Thanks to Jason Desai.
5 AVG7 support improved.
6 Bug fixed where 1 disarmed message followed by another 1 non-disarmed
  message would cause the 2nd message to be tagged disarmed in the Subject:
  line, but only if the message batch would be processed in exactly 1
  particular order.
6 Fixed bug with extra "Disarmed" tags where there shouldn't be.
8 Postfix support for split queue kicking fixed. Sendmail support working well.
8 Fixed potential DoS attack bug with very long headers in ZMailer support.
  Patch from Leonardo Helman.


16/12/2006 New in Version 4.57.7-1
==================================
* New Features and Improvements *
1 Added new configuration setting
  Max Spam Check Size = 150000
  If a message is bigger than this size, then all the spam checks are
  skipped and the messages is not spam.
  This saves a lot of time decoding and matching against huge messages.
  New languages.conf setting needing translation:
    skippedastoobig = not spam (too large)
2 Improved install-Clam-SA.tar.gz so that it contains version numbers of
  contents.
2 Phishing Whitelist is now also used with less strict phishing net.
3 Add of the "Modify Subject" configuration options now also take the values
  "start" and "end", so that you can move any of the Subject: line tags to
  the end of the line in case that is what you need to do.
4 Speeded up the relaunch of MailScanner child processes. So the detrimental
  effects of the delays caused by a MailScanner "restart" will be greatly
  reduced.
4 Released as release candidate for 4.57 on December 1st.
5 Bug in spam handling (spam would be delivered when it should not be) fixed.
  Thanks to Mirko Acimas for spotting and reporting this one.
5 Bug in ham handling (same problem was spam handling).
5 spam.lists.conf updated.
7 Added a few accessor functions for LastSpam.com.

09/10/2006 New in Version 4.56.8-1
==================================
* New Features and Improvements *
1 Added a complete new set of configuration settings to report on
  messages and attachments that are outside the size limits set in
  MailScanner.conf. These are:
  Sender Size Report
  Stored Size Message Report
  Deleted Size Message Report
  Size Modify Subject
  Size Subject Text
  These are used in exactly the same way as the other sets of options
  that tag and modify the message for other reasons.
3 Improved report of "message too large" case.
3 Updated Catalan language files courtesy of Jordi Sanfeliu.
3 Increased default max SpamAssassin message size to catch more single-image
  spam messages.
3 Solved compatibility with Postfix 2.3.
3 Upgraded Sys::Syslog to 0.18 which fixes all the compatibility problems of
  0.17 and 0.16.
3 Upgraded Kaspersky support to 5.5.
4 Added new features to "Max SpamAssassin Size" setting:
  <number> --- behave as before
  <number n> trackback --- get n bytes then backtrack looking for the start
                           of the attachment we are in the middle of.
  <number n> continue <number m> --- get n bytes then continue up to a maximum
                                     of m extra bytes looking for the end of
                                     the attachment we are in the middle of.
5 Upgraded to tnef version 1.4.3.
5 Upgraded Archive::Zip to 1.16. Builds properly on x64 architectures.

* Fixes *
1 When 'Outgoing Queue Dir' was changed from the default, kicking sendmail
  into attempting delivery of a new processed message in the outgoing queue
  would just wait for the next regular run of the queue. Now fixed so that
  a delivery attempt is made immediately. This fix only affects users who
  have changed the "Outgoing Queue Dir" setting and who are also using
  sendmail as their MTA.
2 Missed 2 "defined" checks on variables before using them.
  Thanks to Andy Kirkpatrick for spotting that one.
2 Fixed version number check.
3 Fixed output bug in less strict phishing net. Does anyone use this?
3 Fixed bug in Sendmail KickMessage() function. Thanks to Martin Billy.
4 Removed Postfix 2.3 extra, and reverted to simple regexp as Holger's version
  is buggy (mismatched ')').
5 Changed number of viruses found reported to be max of each AV package's value.
6 Rewrote logic of addenvto so it should now work correctly when the setting
  is blank.
6 Put in new version of Postfix 2.3 regexp.
8 Fixed error when using k, m or g multipliers in Max SpamAssassin Size.

1/8/2006 New in Version 4.55.9-1
=================================
* New Features and Improvements *
1 Added educ.ar and uba.ar to country.domains.conf for less strict phishing net.
1 Code tidy up in Message constructor.
1 Speed improvements to ZMailer attachment extraction to keep up with the
  other MTAs.
1 "Log Speed = no" now does what it says on the tin. (UK in-joke :-)
1 Added "stopms" option to Linux init.d scripts.
1 Improved behaviour when %percentvars% at start of MailScanner.conf have not
  been configured at all. It now uses the fully-qualified hostname to guess
  the domain name and website address. It used to refuse to run which was
  very impolite.
1 Added Sys::Hostname::Long to list of required modules to implement the above.
2 Documentation rationalisation. Most up to date versions are all on the web.
3 Now output lock type in use with "--lint".
4 Improvement to Sophos.install for Sophos Version 5 so that email logging is
  disabled.
4 Now use syslog "notice" priority instead of "info" when issuing messages
  that are nearly warnings. This helps you drastically reduce the amount of
  syslog output by just logging priorities greater than or equal to "notice".
5 Added a "Contact Us" web page instead of just a mailto: link.
6 Improved Help guidance in Contact Us web page.
6 New command-line option: "-c" or "--changed".
  This will print out a table of all the configuration settings that have
  been changed from the default values hard-coded into MailScanner. Note
  this may not be quite the same as the differences from the supplied
  default MailScanner.conf file.
6 Updated hard-coded defaults to better match MailScanner.conf settings.
6 Improved handling of broken Custom Functions. Having a broken Custom
  Function will now just result in the setting's default value being used.
7 Bugfix for "--changed" printing when using Custom Functions.
8 Improved syslog-ing code so it doesn't matter is syslogd dies.
8 Upgraded DBD-SQLite to version 1.12 as it builds a lot more easily.
8 Improved handling of Postfix virtual users. Thanks to jpabuyer@tecnoera.com.
9 Added catch to commercial virus scanning code to allow syslogd to die during
  a virus scan.
9 Improved speed logging to remove chatter.
9 Upgraded Sys::Syslog to 0.17 which builds okay, unlike 0.16.
9 MCP timings are no longer output if MCP checks are disabled.

* Fixes *
1 Put back in the checks of free disk space that were in 4.53.1 but then lost.
1 Fix in check_MailScanner for MacOSX.
3 Default lock type for sendmail is now posix, as it should be.
4 Fix to phishing net so that links to "www.domain.com." are accepted as legal.
6 Fixed problem with dangerous filenames in TNEF archives when using the
  external TNEF expander.
8 Fixed problem with long SpamAssassin report in report files getting truncated
  at % signs.
8 Fixed phishing net problem with some cases of outbind://\d+/.... URLs.
9 Stopped logging code producing ridiculous numbers.
9 Improved Denial-of-service attack detector to handle multiple virus scanners
  more quickly. Now clears detection in 2 x Virus Scanner Timeout, as expected.
9 Fixed minor bug in TNEF handling of bad messages.
9 "service MailScanner reload" should work properly now.

27/5/2006 New in Version 4.54.6-1
=================================
* New Features and Improvements *
- sa-update cron job disabled by default
- Support for Sophos version 5. This just requires new sophos-autoupdate and
  sophos-wrapper. There are no changes to the core MailScanner code.
- The Sophos.install script is not needed for version 5 of Sophos. But it
  won't do any harm and will print some useful information on how you
  should configure it, and it will make its best attempts to update the
  virus.scanners.conf file to point to your new version 5 installation.
  So I would still strongly advise that you run Sophos.install to install
  Sophos, even with version 5.
- When the SpamAssassin cache is being used, the phrase "cached" or "not cached"
  is added to the start of the SpamAssassin detailed report in the headers.
  These words are defined in the languages.conf file so you can change them to
  anything you like, and translate them into your local languages. Please post
  all translations back to me for inclusion in the standard distribution.
- Added a reference to the message batch in the call to look up "lastafterbatch"
  so that MailWatch can get the batch statistics.
- Updated loads of Perl modules to more modern versions where there have been
  any significant updates to them. Minor doc and test tweaks have been ignored.
- Updated many Perl modules in ClamAV+SA easy-to-install package.
- ClamAV+SA package does not add extra loadplugin lines if they are already
  present in the init.pre and v310.pre files.
- Added more examples to /etc/MailScanner/rules/README to show all of the
  allowed formats of a numerical IP address range.
- Upgraded to Filesys::Df 0.90.
- Added Spanish translation of rejection.report.txt. Thanks to Leonardo Helman.
- Improved filetype rule for scripts so it doesn't accidentally trigger on
  JPEG images with full metadata tags.
5 Added Net::IP Perl module as it is needed for SpamAssassin and Net::DNS.
5 Improved handling of Unicode encoded subject lines with a few trailing spaces.
5 Fresh translation of German languges.conf file.

* Fixes *
- Fixed bug in output formatting of phishing net. This could leave HTML links
  open.
- Fixed major problem with Web Bug processor.
- Fixed bug in handling of multi-line Subject: lines in Postfix. Thanks to
  James for this fix and his patch.
5 Fixed bug in sophos-wrapper caused by confusion between Sophos V4 and V5.
5 Fixed bug stopping regexp rule /^$/ from working properly in rulesets.
6 Fixed packaging error with perl-Net-IP.

5/5/2006 New in Version 4.53.8-1
================================
* New Features and Improvements *
- Attachment extraction now checks for available disk space and a DoS attack
  using messages with high expansion ratios will fail even quicker than it
  did before.
- Added new setting "SpamAssassin Local State Dir" to support the sa-update
  tool provided with MailScanner these days, to provide a way of auto-
  updating the core SpamAssassin rulesets. The default value is set to what
  you need for Linux (/var/lib).
- Added new cron job to run sa-update every night. The location of the
  sa-update program is read from /etc/sysconfig/MailScanner.
- Added support for new header -H file format in Exim 4.61.
- Added 2 new configuration options "Gunzip Command" and "Gunzip Timeout" to
  enable unpacking of gzip-ed files for filename and filetype checking.
  Even if this is disabled, gzip-ed files will still be virus scanned.
- Added support for numerical entries in phishing.safe.sites.conf file.
- Added support for optional multipliers in numbers in MailScanner.conf.
  So you can now write "50M" instead of "50000000". The multipliers supported
  are "k", "m" and "g" to denote 1 thousand, 1 million and 1 billion (10^9)
  in upper or lower case.
  You must *not* put any spaces between the number and the multiplier character.
- Added a new configuration option "Ignored Web Bug Filenames". This allows
  you to whitelist a bunch of filenames that can appear in the URLs of
  potential web bugs. So if you decide that all potential web bugs with
  "spacer" or "pixel.gif" in the filename are just padding for page layout,
  then you can make it ignore them by adding them to this list. A sample
  list is provided in MailScanner.conf.
  This is disabled by default, as spammers may start to use this as a means
  of circumventing the Web Bug trap.
- When Web Bugs are disarmed, the URL used to replace the original web bug
  can now be set using the new configuration option "Web Bug Replacement".
  If this is not specified, then the old value of "MailScannerWebBug" is used.
  The default value supplied in the MailScanner.conf file is the address of
  an untracked 1x1 pixel transparent gif (51 bytes) hosted on the MailScanner
  web site. This will not be tracked other than to supply an overall count of
  the number of hits this image gets, for overall statistical purposes.
- Added Razor2 to the list of plugins automatically enabled by the ClamAV+SA
  easy-to-install package, due to the recent change in licence. Now if DCC
  could go the same way...
- Updated Catalan translations.

* Fixes *
- Fixed bug in DoS attack handler. Thanks for Jorge for this.
- Commented out setting of "SpamAssassin Local State Dir" in MailScanner.conf.
- Reorganised logic of phishing net to improve reliability and performance.

1/4/2006 New in Version 4.52.2-1
=================================
* New Features and Improvements *
- Added 2 new settings and another configuration data file.
  You can now set "Use Stricter Phishing Net = no" which will make the
  phishing net just check the name of the company owning the website, along
  with any country code of course. There is a configuration file containing
  a list of all the 2nd and 3rd level domain names in use by all countries,
  it lists domain endings such as "org.uk" which are used by a country to
  describe a whole type of websites within their country. So if the website
  is "www.hello.company.com" it knows to check just company.com, whereas
  given "www.byebye.charity.org.uk" it will check charity.org.uk.
  The configuration file "Country Sub-Domains List" lists all the entries
  required for this to work in any country, 1 per line. You shouldn't need
  to touch this file.

11/3/2006 New in Version 4.51.6-1
=================================
* New Features and Improvements *
- Syntax checking of Spam Actions (and its brothers) at run time.
  Message will be delivered if an error is found.
- Improved detection of Solaris GCC in the installers.
- New option "Use TNEF Contents" allows you to add the contents of winmail.dat
  attachments to messages in TNEF format. This means that users not running
  Microsoft Outlook can read attachments put there by badly-configured
  Outlook or Exchange systems. Valid values are "no", "add" or "replace" which
  do pretty much what they say. Explanations are in MailScanner.conf.
- Improved PID handling in sendmail on SuSE systems.
- Improved logging of overall batch timing.
- When headers are modified (e.g. Subject: line tagging), all occurrences
  of the header are modified, not just the first one. Thanks to ian@blenke.com
  for this patch.

* Fixes *
- "Use TNEF Contents = replace" didn't work in release 4.51.4. Fixed.
- Important fix for "Use TNEF Contents = replace" when processing messages
  containing delivery reports.

2/2/2006 New in Version 4.50.15-1
=================================
* New Features and Improvements *
- Speed increased significantly! Caches SpamAssassin results.
  Note you need to run my install.sh script to get the new modules required.
- If "Virus Scanners = auto" (ie. the installed default value) then it
  searches for and uses every available installed virus scanner.
- Added SpamAssassin cache analyser (analyse_SpamAssassin_cache) to the
  distributions. 99% written by Steve Freegard of MailWatch fame.
- Upgraded ClamAV+SA bundle to ClamAV 0.88.
- Added default headers that Thunderbird 1.5 will use to automatically
  identify spam based on SpamAssassin's spam headers.
- Added UU-decoder to automatically extract files from attachments that were
  stored in uu-encoded form. This behaves similarly to the zip and rar
  decoders. The virus scanners should check inside these files for themselves
  anyway, but this assists them when they do not. It also allows for filename
  and filetype checking of files stored in uu-encoded attachments.
- Added configuration option "Find UU-Encoded Files" to set whether uu-encoded
  files are decoded or not. These files are very rarely used, and the
  overhead of finding them is fairly large as it involves reading all
  existing attachments looking for the signature of them. So the default is
  to not look for them. A ruleset can be used to protect particularly
  vulnerable recipients or senders.
- You can now start up MailScanner without changing MailScanner.conf at all.
  It will auto-detect SpamAssassin and all available virus scanners.
- Changed default setting to "Use SpamAssassin = yes" and now auto-detect
  installation of SpamAssassin, logging installation instructions if
  it is not already installed and working.
- Added DBI and DBD::SQLite Perl modules. Please use my install.sh scripts
  when you upgrade or install this version.
- Added American spelling of "analyze_SpamAssassin_cache" as well as English
  spelling of "analyse_SpamAssassin_cache".
- DBI installation is forced in RPM distributions.
- Improved RPM installer to handle DBI module dependencies better. It now
  installs cleanly on the systems I have tested it on. These include Fedora
  Core 3, Fedora Core 4, SuSE 9.3, SuSE 10, RedHat Enterprise 4.
- Made log warnings more obvious when DBI/DBD::SQLite/Digest::MD5 are not
  all installed properly.
- Improved comments about "Allow Filenames" and "Allow Filetypes" in
  MailScanner.conf.
- Improvement to F-Prot output parser to handle new strings.
- Changed filename/type traps to account for new vulnerability in TNEF files.
- Adapted trend-autoupdate for 2006 onwards.
- --help implemented so you can see how to use it now.
- --debug now written. Works just like "Debug = yes" in MailScanner.conf.
- --debug-sa now written. Works just like "Debug SpamAssassin = yes".
- --check ruleset-checker now written. Takes max 1 from address, multiple to
  addresses, client IP address and virus name.
- Added a new command-line parameter "--lint" to verify the config file.
- --lint now prints what virus scanners you have chosen to use, and what
- --lint now checks SpamAssassin configuration too.
  scanners it can find installed.
- Added hi-res timing so the batch speed timings are now displayed to micro-
  second accuracy.
- Added Time::HiRes to the list of required modules. You must use ./install.sh
  to upgrade to, or install, this version in order to get the new module.
  Time taken to process the entire batch is logged, and time taken to do
  "Always Looked Up Last" is logged separately if it is being used at all.
- Added check that MailScanner.conf has at least been customised to set the
  organisation name, long name and web site.
- Added "SpamAssassin Cache Timings" configuration option for the few people
  who need to adjust these settings. Do *not* change it unless you really
  know what you are doing, the default settings will work nicely.
- Updated important perl modules.
- Removed duplicate logging of warnings about infected messages.
- Added detection of no virus scanners being installed, giving the user
  advice about how to install ClamAV using my easy-installation package.
- Improved ClamAV+SA easy-installation package so that it automatically
  enables the updates by commenting out the "Example" lines.
- Changed default Lock Type for sendmail to "posix" instead of "flock" as
  new Linux systems (the most popular platform by far) run sendmail 8.13 or
  later, which requires this to be "posix".
- Upgraded Sys::Hostname::Long and HTML::Parser in ClamAV+SA package.
- Disabled movie format "deny" rules in filetype.rules.conf and have enabled
  filetype checking by default.
- Updated man pages.
- Updated AVG parser to handle latest version 7.1.
- Added "Always Looked Up Last After Batch" which is looked up after the
  "Always Looked Up Last" option. The 2nd of those is looked up once for
  each message, the "...After Batch" value is looked up once for the
  entire batch. It is only intended for use with a Custom Function, its
  value is ignored.

* Fixes *
- Improved reliability of Bayes rebuilds a lot.
- Force installation of DBI as previous versions cause problems.
- Removed broken patch I was given, which was temporarily in 4.50.
- Packaging bug in 4.50.9-1 fixed. MailTools version typo.
- Fixed bug where temporary files were not cleaned up properly.
- Fixed missing HTML-Parser 3.48 package.
- Added check for creation of SpamAssassin cache database file.
- Fixed problems with --lint when not run as root.

1/1/2006 New in Version 4.49.7-1
==================================
* New Features and Improvements *
- Speed improvements for sendmail systems by changing the
  way temporary files are handled and how attachments are parsed. This
  should be really noticeable if I've got it right.
  Thanks for the great help of the Vodafone SHARK team.
- Added speed improvements for Exim.
- Added speed improvements for Postfix.
- Now changes the command line listed in `ps` (ie $0) to show what
  MailScanner is doing. Should help diagnose slow system problems.
- 4 new configuration options, which list patterns against which filenames
  and filetypes are matched to see if we should allow them or block them.
  This is implemented for the benefit of web-based configuration systems for
  MailScanner, it is not really intended for human use as it will complicate
  the filename/filetype matching unless you understand it. Read the comments
  in the MailScanner.conf and suggest better explanations!
  "Allow Filenames", "Deny Filenames", "Allow Filetypes", "Deny Filetypes".
  Note: There are 2 new entries in languages.conf so remember to
        run an upgrade_languages_conf.
- Upgraded tnef program to 1.3.4.
- Added message 'actions' property for MailWatch reporting.
- Custom Function filenames must end in .pm or .pl. Others will be logged
  and skipped.
- Various minor speed improvements.

* Fixes *
- Changed Postfix code to better support latest revision of Perl.
- Now stops MailScanner more reliably on SuSE systems.
- Logging of <img> tags only done if logging HTML tags.
- Fixed minor array ref problem in Perl 5.8.7 on FreeBSD 6.0.

1/12/2005 New in Version 4.48.4-2
=================================
* New Features and Improvements *
- Added a new configuration option "Reject Message". This is designed to be
  used with a ruleset. Any message matching the ruleset will be deleted and
  the "rejection.report.txt" email message will be sent back to the original
  sender of the offending message. To save a copy of the message as well as
  reject it, use the "Archive Mail" setting.
- Rearranged SpamAssassin spam.assassin.prefs.conf file, it is now read by
  SpamAssassin via a link called "mailscanner.cf" in the site_rules directory.
  It is no longer read directly by MailScanner, it is just read by Spam-
  Assassin during its normal initialisation process.
- Enabled blocking of messages containing web bugs. Note this may have some
  false alarms, as a web bug is any image of 2x2 or smaller.
- Improved ClamAVmodule scanning by adding new suggestions from ClamAV author.
- Changed ClamAV parser to not generate warning output when it sees lines it
  wasn't expected, as there are so many false positives that no-one ever
  looks at them anyway.
- Improved Sophos wrapper script to allow for EM library installations.
  No support for Sophos V5.0 yet.
- Upgraded ClamAV to 0.87.1.
- Added HTML::Parser to the list of Perl modules installed by my ClamAV+SA
  package so it can be used separately from MailScanner, without needing
  MailScanner to be installed first.
- Improved Clam+SA package and other installation scripts to create the soft-
  link whenever possible.
- Rewritten comments at the top of spam.assassin.prefs.conf.
- Speed improvement changing &POSIX::WNOHANG to WNOHANG in sub Explode.

* Fixes *
- Added "report-type" MIME attribute to spam notification multipart/report
  messages as the RFC says it should be there, and this lacking caused a
  problem in a few email apps. Thanks for Georg@hackt.net for this.
- Added missing ", 0777" from mkdir call in internal TNEF code.
- Fixed startup problems reading rulesets from LDAP on first message batch.
- Subject lines are all MIME-decoded properly now.

1/11/2005 New in Version 4.47.4-2
=================================
* New Features and Improvements *
- Automatically updates your phishing.safe.sites.conf file with new additions
  (and any subsequent deletions) from a master file I keep on
  www.mailscanner.info. All your local changes and additions will be kept of
  course, it will just add any new sites listed in my master list. If you want
  to *not* list a site which is in my master list, just put a "REMOVE site.com"
  line in your phishing.safe.sites.conf and that will make it ignore any
  listing for site.com that appears in my master list.
  Updates are done once per day.
- Quietened ClamAV log output when it scans 0-length files.
- Improved ClamAV+SA install.sh to add the 3 missing plugins to init.pre.
- Improved init.d scripts for RedHat and SuSE so they setup the queue dir
  ownerships automatically and generally help new users get started without
  them having to follow all the instructions to the letter.
- Added news about fire at ECS and moved all hosting out of Southampton.

* Fixes *
- Corrected rare problem where an empty X-MailScanner-SpamCheck header
  could appear in a non-spam email.
- Problem with empty or null filename.rules.conf or filetype.rules.conf fixed.
- Problem with Max Attachments setting not be honoured fixed.
- Problem with "Highlight Phishing Fraud" being ignored fixed.
- Fixed problem where SuSE init.d script crept into RedHat distribution.

1/10/2005 New in Version 4.46.2-2
=================================
* New Features and Improvements *
- Improved phishing net JavaScript detection to make reports more sensible.
- Loads of additions to phishing net safe sites list (thanks Denis!).
- Improved Install-Clam-SA package so that it sets up your /etc/ld.so.conf
  file for you, by adding /usr/local/lib if necessary.
- Increased the default expansion factor of archives for the clamav scanner.
- Removed -j3 from call to Kaspersky in kaspersky-wrapper, on advice from
  Kaspersky users.

* Fixes *
- Fixed problem with a few TNEF files and the internal TNEF decoder,
  caused occasional crashes.
- Fixed warnings with numeric tests in a couple of places.
- Tested against SpamAssassin 3.1.0, one minor problem found and fixed.
- Fixed minor bug in "actions" parser in ZMailer support code.

1/9/2005 New in Version 4.45.4-1
=================================
* New Features and Improvements *
- Added MCP patches for SpamAssassin 3.0.4.
- Added extra output about nodeps switch with install.sh for RPM.
- Added "no bytes" lines to cancel out "use bytes" as it causes problems
  with multi-lingual subject lines.
- Improved phishing net so that when you have multiple MailScanner servers
  all handling your incoming mail, links caught by the first one won't also
  be caught by the following ones. This caused the final message to contain
  multiple warnings about the same link. There is now just 1 warning.
- New "Quarantine Modified Body" setting, default is "no". This will cause
  all modified messages to be quarantined, including messages which have
  had their HTML disarmed. Also optimised this so it never archives twice.
- Added syslog-ing to BitDefender updater.
- Improved web bug handler when disarmed by multiple MailScanners.
- Added new configuration options to control whether you want to highlight
  phishing fraud links or modify the subject line or both.
  New options are :-
  Highlight Phishing Fraud (= yes        by default)
  Phishing Modify Subject  (= "{Fraud?}" by default)
  Phishing Subject Text    (= no         by default)
- Phishing detection now handles URL's containing %xx characters pointing to
  web site names with &eacute; in them (and characters written like that).


* Fixes *
- Corrected bayes_file_mode in spam.assassin.prefs.conf on advice from
  Matt Kettler.
- 'MailScanner -v' now prints out the version number of Convert::TNEF.
- Group memberships problem on BSD fixed. Spam quarantine membership
  should now always be correct on BSD systems.
- Tweaked ClamAV+SpamAssassin package so it skips the zlib-vcheck version
  check, it doesn't appear to be important and holds up newbies, which is
  a Bad Thing(TM).

1/8/2005 New in Version 4.44.6-2
================================
* New Features and Improvements *
- Published new version of the book, but advise you don't purchase until
  3rd week of August so I get to check a copy off the press first.
- Optimised situation where spam archive is being kept clean but many
  messages are being deleted. Thanks to yavor.trapkov@wipe.int for that.
- Improved logging to show what sort of HTML tags have been disarmed.
- Added "Scan Messages" option (intended to be a ruleset) which is an
  easy way of disabling all scanning and processing of messages. Great
  for customers who don't want scanning of any sort on their messages.
- More phishing net improvements and additions to the safe sites list.

* Fixes *
- Resolved dependency problems by "tweaking" /usr/lib/rpm/perl.req to
  produce no output.
- Added more Postfix temporarily-invalid-message checks.
  This is working perfectly reliably now.
- Added disk full checks for MailScanner/incoming space.
- Added missing object instantiate in the generic spam scanner.
- Fixed reporting and scoring bugs in Custom Spam Scanner.
- Made Postfix hash depth measurement more tolerant of stray files such
  as Razor logs appearing in the hold queue directories.
- Delete temporary TNEF files created by internal TNEF decoder/expander.
- Removed stray tar.gz files from tar distribution that shouldn't be there.

2/7/2005 New in Version 4.43.8
==============================
* New Features and Improvements *
- Added "Custom Spam Scanner" so that you can very easily plug in your
  own spam scanner, for example dspam. See MailScanner.conf and
  .../MailScanner/CustomFunctions/GenericSpamScanner.pm for more details.
- "Allowed Sophos Error Messages" now works for SophosSAVI scanner as well
  as the command-line Sophos scanner.
- "\n" can be used to insert line breaks in just about any configuration
  setting or languages.conf string.
- Optimised scanning of messages when spam/mcp archive is not kept clean.
- Updated Clam+SpamAssassin package for SpamAssassin 3.0.4.

* Fixes *
- Fixed bug in upgrade_MailScanner_conf so that it puts in the new value of
  "MailScanner Version Number" rather than copying it over from the old one,
  and it now gets all the comments right around this option when the
  "--keep-comments" command-line switch is used.
- Syslogging of files with allowed Sophos errors should now be correct.
- Fixed missing syslog entry for MCP actions taken on a non-delivered message.
- Fixed bug where infection could be reported for wrong message ID as well
  as correct message ID.
- Modified panda-wrapper to process entire batch in one call instead of
  per message.
- If message parsing failed, the pipe might not exist and this wasn't caught.
- Improved fault auto-detection and auto-correcting of Postfix formatting
  problems.
- Added missing "use" in MailScanner main script.

1/6/2005 New in Version 4.42.9
==============================
* New Features and Improvements *
- Now automatically detects and warns if the "Incoming Work Directory"
  setting contains any links. It also corrects the path (but not in the
  MailScanner.conf file) and continues to work properly.
- Added support for Sophos 3.93.2. You must use the sophos-autoupdate from
  this version if you want Sophos to work (both the sophos and sophossavi
  scanner settings).
- Tar and RPM distribution installation scripts now look for gtar if GNU
  tar was not found, and is happy if /usr/local/bin/perl and /usr/bin/perl
  point to the same place.
- SophosSAVI errors are detected as if they were viruses, and are not
  ignored.
- Panda support completely reimplemented a lot better by Rick Cooper.
- Upgraded File::Temp, Compress::Zlib and ExtUtils-MakeMaker to latest
  releases.
- New options "Disarmed Modify Subject" and "Disarmed Subject Text" now
  provide the ability to alter the Subject: line if any HTML tags in the
  body of the message were disarmed (by having their "Allow .... Tags" set
  to "disarm". This is switched on by default.
- New option "Spam Lists To Be Spam" now provides the ability to set how
  many Spam Lists a message must appear in before it is considered to be
  spam. The default is 1 as that mimics the previous behaviour.
- Improved output of SuSE MailScanner init.d script.
- Reversed spam and disarm tags to leave spam tag at start of Subject:.

* Fixes *
- Fixed problem that could cause harmless header files to be left in the
  temporary working directories when using Postfix.
- Fixed problem where attachment size checks were made on the contents of
  zip files and not just the zip files themselves.
- Hopefully fixed problem with ClamAV missing Worm.Sober.P occasionally.
- No longer import missing whine method from MIME-tools.
- Fixed problems with incomplete reporting of viruses in zip files.
- Fixed problem with "Delete" MCP action not being logged in syslog.
- Fixed problem with the "null MIME boundary" vulnerability test.
- Added check to upgrade_MailScanner_conf and upgrade_langages_conf so they
  check to ensure all input files have content before starting.
- Fixed bug where clean header was being applied to unscanned mail when using
  virus scanning rulesets.
- Fixed wrong build number for 1 Perl module in install.sh scripts.
- Fixed typo in upgrade_MailScanner_conf.
- Made significant changes to child worker process management and re-spawning,
  to try to avoid problems reported by a few users with MailScanner "slowly
  stopping working" over the space of several hours.

1/5/2005 New in Version 4.41.3
==============================
* New Features and Improvements *
- Improved install.sh to work on AMD64 Fedora Core 3 systems.
- Added * wildcard support to phishing.safe.sites.conf, so you can list
  *.safedomain.com instead of having to list subdomains and other servers
  individually. Useful for listing your own domain.
- Improved IPv6 support as sendmail on Linux adds "IPv6:" on the front of
  the IPv6 SMTP client address.
- Improved support for \ characters in URLs in phishing net.
- Better handling of subdirectories in RAR archives.
- Duplicates removed in quarantine postmaster notice.
- Added filetype entry to allow PostScript files.
- Improved phishing net by adding detector for numeric IPs which do match
  but warn as they might be part of a fraud.
- Added new entry to languages.conf which needs translating.
- Improved phishing net to improve handling of numbered website references
  automatically inserted by some Unix text-only email clients.
- Improved handling of ClamAV output when it scanned zero-length attachments.
- Updated phishing net safe-sites list.
- Added comment to MailScanner.conf about Maxium Archive Depth being a ruleset.
- Changed default auto-whitelisting to "no".
- Installation support for Solaris 10, in main ./install.sh and ClamAV-SA
  installation script.
- Changed blacklisting so it doesn't override whitelisting if you always
  want to get the SpamAssassin results header.
  So if you whitelist an address@domain.com and blacklist *@domain.com,
  it works as you would expect it to.
- Upgraded ClamAV+SA tarball to SpamAssassin 3.0.3 and ClamAV 0.84.

* Fixes *
- RAR archive handling: creation of directory only archive entries, both
  windows and *nix created archives (caused problems for SAVI).
- RAR archive handling: possible false Encrypted file trigger on file names
  containing the word "Encrypted".
- RAR archive handling: full path names used when extracting archived files,
  extracted to safe file name without out path.
- Removed harmless error message when clearing out empty working directories
  at startup in debug mode.
- Fixed problem where using rulesets to scan messages for dangerous content
  but not for viruses would cause the messages to be scanned by viruses anyway.
- Fixed problem where filename/type checks were still being done on messages
  which had rulesets saying they should not do dangerous content checking.
- Fixed problem in tar distribution install script where it would not
  correctly find the installed tnef expander binary.

2/4/2005 New in Version 4.40.11
===============================
* New Features and Improvements *
- The "clamavmodule" scanner cannot unpack archives of RAR version 3.
  2 new configuration settings allow you to unpack the latest RAR archives
  for testing by the "clamavmodule" scanner.
  It also enables the contents of the RAR archive to be checked for illegal
  filenames and filetypes, and also to see if they are password-protected.
  Unrar Command = /usr/bin/unrar
  Unrar Timeout = 50
- "Allow Password-protected Archives" can now be a ruleset when using the
  clamavmodule virus scanner.
- Multiple "Subject:" lines are removed. The 1st one is kept.
- If the "Unrar Command" is defined and points to an executable program,
  it will automatically be used by the "clamav" scanner. No -wrapper
  tweaking is needed to do this any more.
- You can now use shell environment variables such as $HOSTNAME or
  ${HOSTNAME} in MailScanner.conf and its relatives.
- More improvements to the phishing net.
- More additions to the starter phishing.safe.sites.conf file.
- Removed my spam.assassin.prefs.conf file in favour of the one from
  www.fsl.com, with just enough changes to produce an identical file
  layout to my previous versions.
- Re-enabled ALL_TRUSTED rule after comments from Matt Kettler. Thanks!
- Added long comment about ALL_TRUSTED rule, many thanks to Matt Kettler.
- Improved screen behaviour of RPM-based init.d script.
- Greatly improved RAR archive handler, thanks to Rick Cooper.
- Changed IPBlock DSN to 550 and made it easily configurable.
  Look for "$FailCode" in the CustomConfig.pm code and the IPBlock cron job.
- Changed the "Envelope-From" and "Envelope-To" headers to include your
  organisation's name.
- Made date and time stamps consistent across whole system.
- Added extra rules to the phishing net to avoid false alarms with some
  examples of Microsoft's .NET system.
- Added Custom Functions to implement multiple input and output queues for
  ZMailer users. Many thanks to MailScanner-devel@pert.com.ar (Leonardo
  Helman and Mariano Absatz) for all their hard work implementing this.
- Improved RedHat init.d script so reload is handled better for Postfix.
- Changed default supplied values for "Allow xxxxx Tags" to disarm all of
  these tags.
- Added 20 minute timeout to bitdefender's autoupdate script. Easy to set
  the timeout to your own value, just look at the start of the script.
- Added support for non-hashed queue directories for Postfix 2.2.

* Fixes *
- Fixed problem with missing Attachment-Warning when encountering a virus
  that is both silent and non-forging.
- Improved output format of Sender warning, and removed duplicate lines.
- In IPBlock facility, changed MTA dsn to 451 to temporarily refuse the
  connections, rather than the total block it used to do.
- Removed erroneous log output from SpamAssassin bayes-rebuilder.
- Postfix problem fixes.
- Fixed SpamAssassin Bayes database rebuild timeout problem.
- Fixed Exim problem with removing multiple "Subject:" headers.
- Fixed Postfix problem with removing multiple "Subject:" headers.
- Fixed problems in new Unrar code when renaming files in archives.
- Fixed problems in earlier betas with occasional missing attachment warnings.
- Fixed directory problem in vexira-autoupdate.
- Fixed problems with defunct processes when not virus scanning.
- Fixed problem with filename checks not happening without virus scanning.
- Fixed problem extracting RAR archives with filenames containing special
  characters.
- Fixed problem where 2 matching "No" rules would cause message to be checked
  for spam, if SpamChecks is moved in ConfigDefs.pl.

2/3/2005 New in Version 4.39.6
==============================
* New Features and Improvements *
- If the AttachmentWarning message put into a message is empty (zero-length)
  then the empty attachment won't be added to the message at all.
- Added scanning of PE's by default to clamavmodule scanner.
- Added feature when IP address in a ruleset has all 4 numbers, so that a
  full string match is done against the client IP, not a substring match.
- Added support for output from latest F-Prot and archive bomb detection.
- Set all virus scanners to SUPPORTED so no tweaking needed by users.
- Added 4 new configuration options for setting all ClamAV settings when
  using the "clamavmodule" scanner:
  ClamAVmodule Maximum Recursion Level
  ClamAVmodule Maximum Files
  ClamAVmodule Maximum File Size
  ClamAVmodule Maximum Compression Ratio
- Phishing net now traps website names containing unicode characters.

* Fixes *
- Corrected problem with <a> tags that have no text contents and no </a>.
- 2 minor typos in the Swedish reports.
- Changed check_MailScanner to check_mailscanner in cron job.
- Fixed problem where files with no extension, inside a zip file, were
  extracted with ".dat" added onto the end of them.
- Fixed problem with phishing net being confused by some malformed URLs.
- Syslog calls are forced to 8-bit characters.
- Fixed problems with nested input queues not being used consistently.
- Custom Function reader no longer includes Debian dpkg files it should ignore.
- Fixed problems with messages being rebuilt just because they contain <A>
  or <IMG>.
- Fixed problems with some messages with sendmail nested input queue but
  flat output queue.
- Fixed problems where an infected spam message containing a broken zip
  file could break MailScanner when delivered as an RFC-822 attachment
  to a new message.

2/2/2005 New in Version 4.38.10
===============================
* New Features and Improvements *
- Upgraded to MIME-tools 5.417.
- Added new filename restrictions using Microsoft vulnerability report from AUScert.
- Improved /etc/sysconfig/MailScanner so that it finds Incoming Work Dir and
  Incoming Queue Dir automatically from MailScanner.conf file.
- Can now use $from, $id and $subject in inline signature for signing clean
  messages.
- Any entry in the "Archive Mail" setting can contain _DATE_ which will be
  replaced with the current date in yyyymmdd form, so you can backup or move
  yesterday's archive safely knowing that it won't be written to today.
- Added zero score for ALL_TRUSTED rule in SpamAssassin as it is known to
  cause problems.
- Added "Also Find Numeric Phishing" setting (on by default) so that all
  numeric IP addresses in links are flagged as being dangerous.
- Added "$postmastername" to the list of variables available in many reports.
- ClamAV -autoupdate script now logs all warnings and errors from freshclam.
- Postfix support added to "IPBlock" functionality for SMTP connection
  throttling. Many thanks to Rakesh for writing this.
- Updated German translations. Many thanks to Felix for doing this.
- Added PDF version of new MailScanner advertising "flyer".
- Added "Log Dangerous HTML Tags" configuration setting, and removed old
  "Log IFrame Tags" configuration setting, so that all potentially dangerous
  HTML tags are now logged. This helps when you are developing your white-
  list of safe sources of HTML tags, such as newsletters and daily cartoons.
- Added "Phishing Safe Sites File" configuration setting to point to a file
  containing a list of fully-qualified hostnames which are ignored in the
  phishing detection tests. Any links to any of these hostnames are ignored
  in the phishing tests.
- Added "Eicar" to non-forging viruses list, so it's easier for testing.
- Upgraded to latest HTML::Parser version 3.45.
- Changed logging about HTML disarming to only log if it actually changed
  the message.
- Improved comments about ruleset filenames for Spam Actions et al.
- Upgraded to latest Net::CIDR version 0.10.
- Improved phishing net to handle links which look like email addresses.
- Upgraded Vexira to handle new version. Note that support for the old
  version of Vexira has been dropped. You *must* upgrade to use this release.
- Upgraded install-Clam-SA.tar.gz script (on the downloads page) to install
  ClamAV 0.81 and SpamAssassin 3.0.2.
- Better updated translations of pt_br by Eduard Michels.
- Improved logging of numeric-ip based phishing attempts.

* Fixes *
- Fixed problem where some spam was delivered even if the Spam Actions was set
  to "store delete" if the messages were not to be virus-scanned.
- Fixed harmless uninitialised variables in HTML disarming.
- Removed 2nd copy of tnef sources from tar distribution.
- Fixed problem in phishing net where empty <A> tags would cause false alarm
  on the previous normal link.
- Fixed problem in a few situations where logging would say content disarming
  was happening when actually it wasn't.
- Fixed problem where messages that were not virus-scanned did not have
  arbitrary headers removed.
- Subject lines are now MIME decoded before writing to Postmaster notices.
- Fixed bug in SpamAssassin score counting in MCP functionality.
- Fixed bug in handling of phishing safe sites file.

1/1/2005 New in Version 4.37.7
================================
* New Features and Improvements *
- When stripping HTML messages to plain text, the contents of script and
  style tags are omitted.
- Phishing net improved to ignore email addresses.
- Now supports split sendmail queues where any incoming mqueue.in directory
  can have qf, df, xf, tf subdirectories, each containing the appropriate
  type of file for each message. This will greatly speed operation on big
  queues as the directories will be less than half the size of a combined
  queue directory.
- New option "Keep Spam And MCP Archive Clean" which forces it to virus scan
  all spam that is quarantined. Any spam (or MCP messages) found to be virus-
  infected are removed from the quarantine, so you can safely let your users
  have access to the spam archive safe in the knowledge that they cannot get
  any viruses out of it.
  Note: This feature is disabled by default, as most people won't want the
        performance hit of all the extra scanning, as they don't their users
        access to the spam quarantine anyway.
- Changed Postfix handling so that "Archive Mail" feature creates files
  with unique names so that re-used message-ids don't cause overwriting of
  older files in the same day with the same message-id.
- Spam and MCP actions (and of course their non- and high-scoring- alternatives
  can now include extra headers which are added in each case. These entire
  headers must be contained in double quotes. So for example, you can have
  Spam Actions = header "X-Spam-Status: yes" deliver
  and the message will be delivered but with the extra header
    X-Spam-Status: yes
  added to the message.

* Fixes *
- Fixed sendmail and ZMailer problem where subject lines starting with a
  line-break were not tagged correctly.
- Fixed minor problems with multi-line Subject: headers.
- Fixed bugs with some MTAs when keeping spam archive clean.
- %vars% in MailScanner.conf are now handled properly in "other" settings.
- Fixed problem with correctly removing Phishing frauds from badly formatted
  html with missing <a> tags before corresponding </a>.
- Fixed problem with message duplication on some sendmail systems.
- Worked around Perl bug causing crashes with a few bounces from Hotmail.
- Fixed problems stopping SPF checks working properly.

1/12/2004 New in Version 4.36.4
===============================
* New Features and Improvements *
- Improved URL trimming in phishing net.
- Various improvements and fixes in phishing net.
- Added support for RedHat Enterprise Linux 4.
- Added check for Password-Protected Archives setting when using clamavmodule.
- Added support for "fast" parameter to all installation scripts.
  This reduces all waits to 1 second, greatly speeds installation!
- Improved logging when there are too many attachments.
- Added message ID to log of phishing attempts.
- Added autoupdater for Panda.
- Added %variables% to text and HTML report messages, so the email "signature"
  added to the end of each report is customised centrally from
  MailScanner.conf. This currently uses %org-long-name% and %web-site%.
- Added upgrade_languages_conf script to automate upgrading of
  the languages.conf file in whatever translation directory you use.

* Fixes *
- Fixed outstanding problem in bitdefender-autoupdate, so that it works
  properly on new installations.
- Fixed logging problem with phishing net on a few malformed messages.
- Removed /var/tmp files from MailScanner-MIME-Base64 rpm build.
- Fixed problem in Vexira parser.
- Fixed problem where All-Viruses would cause every problem to be silent.

4/11/2004 New in Version 4.35.11
================================
* New Features and Improvements *
- SpamAssassin 3 SPF checks are now fully supported.
- Added Disposition-Notification-To and Return-Receipt-To to the list of
  headers I advise you to remove.
- Added "Log Silent Viruses" configuration option.
- Mandrake Linux 10 is now supported by the RPM installation script.
- Added new configuration option "Find Phishing Fraud". This will scan HTML
  messages for links which don't link to the site they appear to. This
  should catch most "phishing" fraud attacks. It uses new text in the
  languages.conf file, so you will need to add the extra lines to yours.
- Added support for F-Secure 4.6x.
- Removed pre-built tnef programs from bin directory of distribution.
- Moved "virusscan" from "First" to "All".
- Tweaked generic-autoupdate so it apparently does nothing.
- Support Mail::ClamAV 0.12 and upwards. Dropped support for 0.11.
- Support ClamAV 0.80 and upwards. Dropped support for 0.75 and earlier.
- Added support for Kaspersky 5.0 autoupdater.
- Upgraded to Archive::Zip 1.14.
- Filenames are sanitised before being put into virus reports.
- Added a default empty string for Lock Type so upgrade_MailScanner_conf
  works more smoothly.
- Improved logging of attachment size errors.

* Fixes *
- Fixed bug where filetype checks that matched no rules were not logged
  properly.
- Fixed problems with MIME::Base64 dependencies.
- Fixed bug with @INC path reversal when loading MIME::Base64 and
  MIME::QuotedPrint.
- Fixed bug where MCP files were quarantined with the wrong owner.
- Fixed bug where MCP files were incorrectly logged if they were also spam.
- Fixed issue where Postfix insisted (quite correctly) on having a space
  after "Subject:" in the headers.
- Moved Envelope-From header for SpamAssassin to the top of the headers sent
  to SpamAssassin.
- Fixed existence check bug in antivir-autoupdate.
- Fixed problem where some parent reports were masked by child reports.
- Fixed problem with rules with multiple results and multiple tests.
- Messages with a null MIME boundary are now rejected instead of passed.
- Got MIME boundary fix rolled back into MIME-tools code.
- Added X-MailScanner-From header definition to SpamAssassin setup so
  that SPF checks and NO_DNS_FOR_FROM checks work properly.
- Completely new MIME::Base64 that lives in /usr/lib/MailScanner/utils.
- Fixed bug in minimum attachment size checking.

1/10/2004 New in Version 4.34.8
===============================

* New Features and Improvements *
- Added "Bounce Spam As Attachment" and "Bounce MCP As Attachment" options.
  These will cause the original message (up to the Max SpamAssassin Size so
  it cannot be used for denial-of-service attacks) to be included in the
  bounced message as an RFC/822 attachment, which some mail clients can read
  very nicely. This lets the original sender see what message got bounced.
- Updated the Qmail support. See opencomputing.sf.net for more info on Qmail.
- Changed default supplied values for a few settings. This will have no effect
  on upgraded installations, but will improve resource use for new
  installations, such as not quarantining silent viruses which is pretty
  much a waste of disk space and i/o load.
- Added POSIX back-compatibility switches to scripts wanting to use "tail".
- Added "Remove These Headers" setting to allow arbitrary headers, such as
  delivery receipt requests, to be removed from mail.
- Implemented MCP support for SpamAssassin 3.0.0.
- Published packages for RPM and non-RPM systems to install ClamAV and
  SpamAssassin 3.
- Adapted code to run with MIME-tools 5.412.
- Removed most of the MIME-tools version checks as the new code doesn't
  specify versions for its components.
- Added a load more optional modules to the version number list so we get
  all the modules required by SpamAssassin 3 and Mail::ClamAV.
- Added MIME-tools 5.413 and MIME-Base64 3.03. You must have these installed.
- Updated Catalan reports.
- Added support for NOD32 2.04.
- Added $longspamreport to sender.spam.sa report.
- Update Trend-autoupdate script so it supports Trend's new opr.ini file.
- Added 4 new MCP options to provide the same subject line modifications as
  you can do with spam messages: "MCP Modify Subject", "MCP Subject Text",
  "High Scoring MCP Modify Subject", "High Scoring MCP Subject Text".
  The defaults are the same as for spam.
- Added a "generic" virus scanner. This enables you to write your own
  virus (or other "nasty content") scanner, which produces input which is
  read by MailScanner and used to mark certain files as virus-infected.
  The spec of what output is required from your scanner is in the
  "generic-wrapper" script. It's very simple to use.
- When a child process is HUPped it will now attempt to kill any running
  child scanner processes, to avoid problems with uvscan consuming 100% CPU.
- Timeout code added to AntiVir updating script.
- Added a new setting "First Check" so you can control whether the MCP or
  the spam checks are done first. It is MCP by default as that is how it has
  run in the past, but you may well want to do spam checks first if you
  delete most spam.

* Fixes *
- Fixed another Postfix perl buffering error on a few OS's.
- Added remaining MCP definitions to languages.conf files.
- Fixed installation problems with MIME-Base64.
- Fixed bug in Exim.pm where case of MAIL sender wasn't properly preserved.
- Fixed problem causing bitdefender-autoupdate to hang.

1/9/2004 New in Version 4.33.3
==============================

* New Features and Improvements *
- When converting an HTML message to plain text, HTML comments are removed.
- Now prints more realistic Perl version with -v, and includes Net::DNS.
- Custom Functions can now take parameters. These are passed to the Init
  and End functions corresponding to each Custom Function.
- Updated Czech translations.
- McAfee -autoupdate script improved to handle situation where McAfee upgrade
  was manually installed and previous installation was not removed first.
- Added all the MCP settings to the shipped MailScanner.conf file.
- Added support for the "Symantec Scan Engine" scanner.
- Non-RPM installer never opts for RPM install.
- Upgraded Archive::Zip to 1.13.
- Improved "MailScanner -v" output so it gives kernel and OS release
  information if it can find any. Also now logs version of MIME::Base64.
- Added setting to SpamAssassin so that Version 3.0 will use fast non-NFS
  file locking, as most MailScanner users don't access Bayes across NFS.
- Configuration compiler much more tolerant of errors and missing files.

* Fixes *
- AntiVir is now forced to run in English.
- RAR archives that cannot be handled by ClamAV's internal RAR unpacker are
  now handled properly.
- Couple of minor fixes to ZMailer support.
- Added a space in the Postmaster report to improve formatting.
- Fixed bug in spam score number formatting.
- Now set the charset in messages that are "notices to".
- Now catch the case where SpamAssassin fails to set the autolearn status.

27/7/2004 New in Version 4.32.5
===============================

* New Features and Improvements *
- Per-domain white and blacklisting now supports IP address checks.
- Disarmed web bugs now tell you where they came from.
- New "Run In Foreground" option which will be useful if you are trying to
  use another tool to monitor MailScanner's health and restart it auto-
  matically if it dies for some reason.
- New "--perl=" switch for install.sh on non-RPM systems.
- Added extra strings to languages.conf to support new feature of reporting
  the fault with a message in the subject line of the postmaster report.
- CheckModuleVersion now supports the "-v" command-line option, to make its
  output more verbose.
- Upgraded Archive::Zip to 1.12.
- Added *.job to the list of banned filenames.
- New "Spam Score Number Format" option to allow numeric formatting of the
  number that is substituted for _SCORE_ in the spam score outputting.
- Added "--version" (or "-v" or anything that looks roughly like "-v").
  This will make MailScanner print the version number of all the modules
  that MailScanner uses, along with its own version number.
- Improved MailScanner.conf settings to explicitly say that "Virus Scanners"
  cannot be a ruleset.
- Improvement to installer for non-RPM systems to catch broken MakeMaker on
  some Solaris systems.
- Updated OpenBSD manual installation instructions.
- Added $MailScanner::Config::ConfFile so that Custom Functions can find the
  configuration directory easily.
- Updated Spanish translations.

* Fixes *
- Postfix file corruption problem remaining on a few systems, now fixed.
  It was a Perl bug.
- tar distribution check_mailscanner.cron file now calls check_mailscanner
  and not check_MailScanner.
- Comments output in upgrade_MailScanner_conf made more consistent.
- Moved "Spam List" so it matches the first rule, not all rules. This enables
  you to apply rules for entire domains and exceptions for certain addresses
  within those domains.
- Improved zip of death detection.
- Changed web bug disarming so alt text is only provided if there is a 'src'.
- Fixed bug where autolearn status was reported incorrectly with SpamAssassin 2.
- Fixed bug causing symptom of missing identically-named nested zip files.
- Fixed bug in ZMailer.pm from Mariano.
- Fixed bug involving '+' characters in address patterns in config compiler.

1/6/2004 New in Version 4.31.4
==============================
* New Features and Improvements *
- Added install.sh script for tar distribution which builds all Perl modules,
  tnef decoder and MailScanner automatically.
- Added configuration option "Dangerous Content Scanning" to allow you to
  disable all the content scanning except for the virus scanning.
- Added support for Vexira virus scanner.
- Implemented support for F-Secure 4.61.
- Implemented support for Nod32 2.01. If you are still running 1.99, you
  will need to edit /etc/MailScanner/virus.scanners.conf.
- Reports can now contain %variables% such as %org-name%.
- Changed default installation location of Bitdefender to /opt/bdc.
- Upgraded tnef to latest release from sourceforge.
- Moved ExtUtils::MakeMaker into list of normal perl modules to install.
- Linux distributions now auto-detect MTA setting in /etc/sysconfig/MailScanner.
- Can now detect very small images in a message, that may be "web bugs" to
  track you. These can be disarmed if you want.
- Changed documentation to just list single-instance version of Postfix.
- Changed init.d scripts to work well with both single and double instance of
  Postfix.
- Improved init.d script to support SuSE 9.1 properly.

* Fixes *
- Forced AVG to run in English.
- Corrected problem with negative failure counts from RBLs and SA.
- Fixed bug in LDAP ruleset handling.
- Sendmail code now auto-detects the correct lock type to use, flock or posix.
- That code has just been removed.
- Sendmail qf files no longer have to define an IP address.
- Corrected report when archive is nested too deeply.
- ZMailer forwarding fix provided by Mariano.
- Fixed Postfix message corruption on recent Postfixes on some architectures.
- Worked around latest tweaks to Postfix spec.
- Fixed problems with PDF docs when signing messages.

1/5/2004 New in Version 4.30.3
===============================
* New Features and Improvements *
- Zip files can now be located either by filename or by file contents, so
  you can effectively control whether your users can avoid zip file checking
  by renaming ".zip" to "_zip" for example. Note this does not affect virus
  checking, the contents of zip files will still be scanned for viruses.
  Note that this works with self-extracting zip files as well. The
  configuration option is called "Find Archives By Content" and is on by
  default.
- Tightened up MIME decoder to catch more of the tests at www.testvirus.org.
- Added support for Grisoft AVG virus scanner. Thanks to Rick Cooper for his
  hard work on this.
- BitDefender wrapper and autoupdate scripts now support both old and new
  versions without any modifications needed. They find the version
  automatically.
- The upgrade_MailScanner_conf command now preserves all your custom
  %variable% settings.
- Linux cron job scripts added to tarball distribution.
- Made the spam tag come before the virus tag on infected messages so that
  spam can be dumped more easily automatically.
- Added support for SpamAssassin version 3.
- Added new configuration options so that RBL's (and SpamAssassin) can have
  their network checks disabled is they fail more than a certain fraction of
  the time. This is very good for finding unreliable RBL's that don't always
  fail and are therefore not found by the "max timeouts" settings.
- Added new configuration option "Ignore Spam Whitelist If Recipients Exceed"
  to catch spammers who deliver messages to lots of recipients, including
  one recipient who chooses to receive all their spam.
- Added link to the Ellen MacArthur Trust to the home page. Please support
  this charity, they perform excellent work in an area that is very close to
  my heart.
- Improved update_virus_scanners so it ignores the lock if it is old.
- Added scanner name to log output from library-based virus scanners modules.
- Improved building of SRPMs so they work on all RedHat and SuSE versions.

* Fixes *
- Debian fix for their different dir structure causing problems with
  update_virus_scanners.
- Fixed problem where some HTML messages from Yahoo did not have the clean
  message signature added to their HTML portion.
- Fixed problem with some systems not rewinding file extraction directory
  properly.
- Fix to avoid problems in Qmail with regular expression match which reading
  Qf file.
- Messages with too many attachments should get a proper report now.
- Quarantine and Incoming Queue group memberships should now work properly
  for non-root users.
- Now only signs text/plain and text/html sections, so some PDF files and
  Outlook messages are not corrupted.

1/4/2004 New in Version 4.29.7
==============================
* New Features and Improvements *
- More robust MIME decoding, should catch postmaster bounces a lot better
  when they include the entire message with broken MIME headers.
- Clam -wrapper script adds /usr/ucb to end of $PATH for Solaris users.
- Moved cron job maximum update delay to /etc/sysconfig/MailScanner so it
  is preserved across upgrades.
- <Script> tags in HTML message bodies can now be filtered out or disarmed,
  just like what can be done already with <Form> tags and similar.
- <Object Data> tags handled as well as <Object Codebase> tags.
- Now unpacks self-extracting Zip archives.
- Now logs when a message is whitelisted.
- Added example rule for matching *@domain.com and *@*.domain.com in 1 rule.
- Now decodes binhex-encoded attachments, as well as binhex-encoded data
  hidden in the text portion of a message.
- McAfee wrapper script now detects extra.dat and uses it if present.
- Implemented support for a directory full of Custom Functions files, these
  will all be used automatically if present in the directory.
  Uses new "Custom Functions Dir" setting to point to the directory.
- Simplified logging of invalid message files.
- Improved error messages relating to Custom Functions directory.
- Rewrote Bayes database rebuilder to be able to capture its error messages.
- Zip archives detection improved to work by content rather than filename.
- Added "$longspamreport" to the inline.spam.warning.txt to let you add the
  table of rules information into a spam "attachment" action.
- Added support for Wietse's little "additions" to his Postfix queue files.
  Why he won't just document this stuff defeats me.

* Fixes *
- When not checking archives at all, they are now passed through correctly.
- Max Archive Depth should have been settable per-message.
- F-Prot output parser re-fixed so that it lets through password-encrypted
  archives as it should. Don't know what I was thinking when I blocked them
  here :-(
- Various waiting speedups by JJH.
- More speedups by me :-)
- Fixed problem with messages with lots of attachments being labelled as
  being nested too deep.
- Postfix support for latest snapshots implemented.
- Fixed problem where MSP+spam actions = delete ==> mail not delivered.
- Trial fix for problem where virtual domains weren't always used in Postfix.
- Fixed problem where bad TNEF messages were not always removed completely.
- Fixed problem where some circumstance server would quarantine warning
  instead of infected message.
- Fix to SpamAssassin "last hop" RBL checking for ZMailer.

8/3/2004 New in Version 4.28.6
==============================
* New Features and Improvements *
- It will now unpack zip archives up to the nesting depth set by the
  "Maximum Zip Archive Depth" setting so that virus scanning and filename
  checking can be done on files within zip archives.
  NOTE: This has not been very well tested yet, I hope to do something rather
  better in future.
  NOTE: You will need to install the "Archive::Zip" Perl module yourself
  before this version will run.
- It will now detect password-protected zip files, which is controlled by
  the option "Allow Password-Protected Archives". The default is to block them.
- Have now rewritten most of the password-protected zip handling code. There
  is a new keyword allowed in the Silent-Viruses list which is "Zip-Password".
  This will stop password-protected zip files being notified to the senders.
  Please add this to your Silent Viruses list.
  Now should only remove the infected part of the message and leave the rest
  intact when it sees a zip file it doesn't like.
- Setting the maximum archive nesting depth to 0 while banning password-
  protected zip files will result in the attachments being checked to ensure
  they are not password-protected, while not enforcing any other file rules
  on the contents.
- Improved the MIME decoder speed a little bit.
- The keyword "Zip-Password" can be added to the list of Non-Forging Viruses
  so that it over-rides the "All-Viruses" setting in the list of Silent
  Viruses.
- The Compress::Zlib and Archive::Zip Perl modules are now installed as part
  of the RPM distributions.
- Reports about password-protected archives and unreadable archives can now
  be customised and translated.
- More logging added to ClamAV autoupdate script.
- Timeout protection added to Symantec CSS autoupdate script.
- Sophos.install script now has a much better try at uncompressing the .Z
  archive you download from Sophos.
- Unsupported encrypted archives found by F-Prot are now blocked.

* Fixes *
- Fixed problems with messages containing both password-protected zip files
  and unprotected zip files.
- Won't reject .tar.gz and .tgz files it can't unpack.
- Password-protected zip files can no longer be "disinfected", just "cleaned".
- Password-protected zip files now tagged as dangerous content and not a virus.
- Debian users should get files unpacked into the correct directory

1/3/2004 New in Version 4.27.7
===============================
* New Features and Improvements *
- Improved Linux init.d scripts so that postfix and postfix.in settings are
  used throughout the init.d script.
- Added support for F-Secure 4.52.
- When lots of consecutive SpamAssassin timeouts occur, all network tests
  are now stopped, not just RBL checks.
- Added support for Qmail. You will need the contents of qmail/qmail-queue.zip.
- Added Exim d2mbox to distribution.
- Improved logging output from Trend autoupdater.
- Improved logging output from Trend parser.
- Added old and new queue ids for Postfix to make for easy message tracking.
- Brazilian Portuguese reports are now all translated.
- Added "Enable Spam Bounce" ruleset for selectively switching on permission
  to bounce spam for your most important customers.
- Fixed small bug in Exim d2mbox script for very long headers.
- Made the MIME parser much more robust to find messages hidden in messages.
- Also made it more robust against parsing errors by the virus scanners.
- Removed 2 confusing harmless log entries in Postfix queue discovery.
- Added $subject to Subject: line in sample recipient.spam.report.txt to show
  it can be used. Should ideally get all other languages translated.
- Much improved clamav-wrapper, courtesy of Kevin Spicer.
- Added comment about absolute path to Incoming Work Dir config option.
- Added options to add new headers containing the envelope sender and/or
  envelope recipients addresses. The names of the headers are, of course,
  configurable.
- Added "Non-Forging Viruses" list which works the opposite way around to the
  "Silent Viruses" list. If a virus report contains any words in this list,
  then the silent status is over-ridden by this. The net result is that you
  can put All-Viruses in the silent viruses list, so that by default no
  warnings are sent to senders. But put markers for joke programs or macro
  viruses in this list and the senders will still be warned about them, as
  they are known not to forge the From address.
- Improved Welsh translation of recipient spam and mcp reports.
- Added support for Symantec CarrierScan virus scanner (css).
- Improved robust MIME decoding speed slightly.
- Improved Symantec scanning support, courtesy of Kevin Spicer.
- Replaced original Catalan reports with new ones, with correct directory name.
- Added optional random delay to update_virus_scanners cron job so as not to
  overload virus update servers once per hour.

* Fixes *
- Fixed bug in "Rebuild Bayes Every" feature on Solaris.
- Exim bug with empty Subject headers being corrupted fixed.
- Add an option to Delete MailScanner Spam Bounces? Default this to no but
  need to explain why it is there. Not sure about this one yet.
- Fixed bug in directory reading in new MIME parser code.
- Exim multiple ACLs now supported for SPF compatibility.
- Outstanding: Quarantining warning message bug - cannot reproduce on any OS.
- Corrected all signature separators to "-- " instead of "--".
- Worked around Perl bug in inclusion of @ in report files.
- Fixed silent/noisy detection code when noisy list is empty.
- Changed default MTA to sendmail in SuSE /etc/sysconfig/MailScanner.
- Fixed bug in minimum number of stars!=0 not always generating X-Spam-Score
  header.

2/2/2004 New in Version 4.26.8
===============================
* New Features and Improvements *
- Improved configuration engine so that rules can now contain 2 tests
  separated by "and".
- Added "notify" Spam Action and High Scoring Spam Action. This will cause a
  short text notification message to be sent to the recipients of the spam
  message. The filename of the report is set with the "Recipient Spam Report"
  configuration setting. There is also an MCP equivalent of this
  functionality. See the MCP documentation for details of the settings.
- Removed the "bounce" spam action.
- Added regular rebuild of Bayes database. Has 2 options associated with it
  which I haven't included in the conf file yet.
- Added "Rebuild Bayes Every" and "Wait During Bayes Rebuild" options to
  configure the operation of the regular Bayes database rebuilds.
- Added commented "bayes_auto_expire 0" line to spam.assassin.prefs.conf as
  you will want to uncomment this line if you are using the regular scheduled
  Bayes database expiry feature given above.
- Added "Minimum Stars If On Spam List" setting so that people who just filter
  on the "Spam Stars" can catch messages which only trigger the "Spam List"
  trap.
- Added "Log Non Spam" option to allow logging of all non-spam, which can be
  coerced into logging SpamAssassin scores of non-spam mail.
- Added support for Norman virus scanner (www.norman.de).
- Added logging of ids of dropped silent viruses.
- Added "Too Many Attachments" error report in a message instead of old
  report saying it could not analyse the message.
- No longer stops or restarts after RPM upgrade.
- Added MCP patches for SpamAssassin 2.61 and 2.63.
- Added 'SpamAssassin Site Rules Dir' setting to locate /etc/mail/spamassassin.
- Spanish translations of languages.conf updated from Debian translators.
- Added Catalan translation of all report files.
- Added bogusmx list to supplied spam.lists.conf.
- Added spamhaus-XBL and SBL+XBL lists to supplied spam.lists.conf.
- Changed the version number scheme from major.minor-teeny to major.minor.teeny.
- Forced owner to be root.root in both RPM spec files, so can be re-built by
  non-root users.
- Added my Amazon.co.uk "wish list" to the donations page.
- Detailed spam report now includes auto-learn status if it was auto-learnt.

* Fixes *
- Fixed creation of MCP quarantine directory bug.
- Fix to Postfix message duplication problems. Must find "end of message"
  record now.
- Fix to duplicate recipient listing in postmaster notices.
- Fixed bug so filename/filetype rules configuration setting can be blank.
- Exim per-message log files are deleted correctly now.
- Fixed recipient duplication problems in sender messages and other reports.
- Fixed bug where extra ": " appears in VirusWarning.txt when MailScanner's
  own checks find multiple problems with 1 attachment.
- Fixed bug where _SCORE_ in subject line modifications is never more than 60.
- Fixed bug where rules generated a harmless warning in the log.
- Implemented workaround for bug in "Rebuild Bayes Every" on Solaris. Code
  works find on Linux, doesn't on Solaris. So on Solaris systems ensure this
  setting is 0.

2/12/2003 New in Version 4.25-14
================================
* New Features and Improvements *
- Added support for "disarm" option on all HTML tag detectors, which will
  disarm those tags while leaving the rest of the HTML intact.
- Added support for more ways of specifying IP ranges in rulesets.
  Can now do all of:
	152.78
	152.78.
	/^152\.78/
	152.78.0.0/16
	152.78.0.0-152.78.255.255
- Added support for retrieving configuration from LDAP.
- Added support for changing uid, gid and permissions of both Incoming Work
  Dir and Quarantine Dir.
- Added facility to limit the size of any individual attachment.

- Added support for DrWeb virus scanner, courtesy of Konrad Madej
  <kmadej@nask.pl>.
- Added support for Mail::ClamAV perl module, enabling ClamAV to scan without
  having to call any external programs at all.
- Panda version 7.0 supported.
- Improved ClamAV parser to handle errors printed when processing viruses
  containing corrupted zip files.
- Improved F-Prot output parser.
- Added inoculan autoupdater courtesy of "W-Mark Kubacki" <wmark@hurrikane.de>.
- Improved bitdefender-autoupdate script to support BitDefender 7 rather better.

- Greatly improved IPBlock code that throttles incoming SMTP connections
  when a host sends too many messages per hour. Now support netblocks in all
  sorts of different formats, and is enormously faster than previous code.
  It works much more reliably and effectively too. See CustomConfig.pm.
- Changed SpamAssassin timeout handler to kill processes and not process group.
- Improved documentation in virus.scanners.conf.
- Improved documentation of "disarm" configuration settings.
- Added optimisation to LDAP ruleset compiler that identifies 1-line rulesets
  which hold the default value.
- Improved Linux install.sh script so it spots *.rpmnew files in amongst
  -wrapper and -autoupdate scripts.
- Added 'spamblacklisted' message property for use by MailWatch.
- Added a new Custom Function to provide multiple outgoing queues for spam,
  high-scoring spam, and real email.
- Improved Linux init.d script so the "restart" delay is configurable in
  /etc/sysconfig/MailScanner as that is preserved across upgrades.
- Improved error message when unknown virus scanner name is used.
- Added SORBS RBLs to spam.lists.conf.
- Added some subject line sanity checks to cope with Outlook's bizarre
  behaviour.
- Added speed logging of different parts of the processing of a batch.
  See the new "Log Speed" configuration setting.
- Changed error handling in ruleset parser so it doesn't die if it finds
  syntax errors, it now just warns you instead.
- Improved syntax checking of rules in configuration ruleset files.

* Fixes*
- RPM distribution install.sh script now checks and creates pod2text properly.
- Fixed bug whereby the same message files could be deleted more than once,
  which could delete unprocessed messages using MTAs that name files after
  the inode and not the time.
- Syslogging should now start successfully on all versions of Solaris and IRIX.
- Bug fix in Postfix file handling code from Stefan Baltus which will
  hopefully patch up the last Solaris Postfix problem.
- Fixed bug causing uid+gid to be ignored when quarantining whole messages.
- Fixed bug causing Maximum Message Size not to be enforced properly.
- Fixed bug where sender of bulk precedence mail would be sent some warnings
  if their mail was identified as spam.
- Fixed duplicate logging of New Batch messages. Abandoned support of
  syslog-ng until I can test it properly on my own systems.
- Removed Infinite Monkeys from supplied list of RBLs, as it no longer exists.
- 4.25-13 : Removed "Infinite-Monkeys" from supplied "Spam List" setting.
- 4.25-14 : Fixed Subject: replacement code that was doubling up subject lines.

6/10/2003 New in Version 4.24-5
===============================
* New Features and Improvements *
- Added option "SpamScore Number Instead Of Stars" so that the spam stars
  header can be replaced by a number specifying the score instead.
- Added "Max Normal Queue Size" setting so that MailScanner will switch into
  a faster mode when collecting messages. This will stop it processing
  messages in order of date, and just pick them apparently randomly from the
  queue. This may delay some messages considerably, so set it so it is only
  used in emergencies. It should be at least several thousand. After the queue
  has shrunk below the threshold size, it continues to stay in this mode for
  another 40 batches in an attempt to completely clear the queue.
- Added "Maximum Attachments Per Message" setting so that messages which
  accidentally have thousands of attachments are rejected. I have seen this
  happen on 1 MTA when repeatedly bouncing a message between 2 addresses,
  enclosing the headers in a new attachment every time.
- Filename and Filetype allow/deny rules files now have a third option in
  addition to 'deny' and 'allow', you can now do 'deny+delete' (or any word
  containing 'deny' and 'delete'). This will stop the denied attachment
  from being quarantined. Very useful against Sobig worm as you can
  'deny+delete \.pif$' to simply strip all PIF files without quarantining them.
- Added Custom Function to implement per-IP messages-per-hour rate limiting.
  See CustomConfig.pm for more details (IPBlock).
- Added Custom Function to implement high-speed "spam List" and "Spam Domain
  List" lookups for use with very large rulesets. There are some restrictions
  on the types of rule you are allowed, see the code comments for more
  details (FastSpamList and FastSpamDomainList).
- The subject line text for tagging spam can now include "_SCORE_" which will
  be replaced with the numeric spam score.
- For use with the "attachment" spam action, changed "digest" to "report"
  to encourage MUAs to display the message correctly.
- Improved handling of "Filename Rules" and "Filetype Rules" so they are
  just-in-time compiled, which is needed when using Custom Functions for them.

- Added support for Kaspersky 4.5.0. This is totally different to all
  previous versions, bless them :( It's more sane though.
- Sophos-autoupdate fixed up for Sophos 3.74 and its international swpmess file.
- Improved sophos-wrapper to handle multi-lingual output of Sophos 3.74.
- Updated F-Secure parser for 4.51.
- Added Solaris check to update_virus_scanners for xpg4 path.
- New update to Tony Finch's mcafee-autoupdate script.
- F-Prot updater improved so downloading happens while MailScanner is running
  normally. Lock out only happens for a fraction of a second.
- Improved rav-autoupdate so it times out after 5 minutes.
- Changed default waiting time in init.d script restart operation to 10 secs.

- Added client IP address logging of infected messages.
- Changed the default values relating to warning senders about what happened
  to their message.
- eTrust added to OS vs virus-scanners grid table.
- Added new Debian package to downloads and news.
- Dutch reports updated with better translations.
- Spanish reports updated with better translations.
- Documentation now includes link to Mail Process Flow Diagram.
- Added "--keep-comments" command-line option to "upgrade_MailScanner_conf"
  command. By default this is off so you get to read about all the new
  whizzy options that can be used with existing configuration options.

* Fixes*
- Opened logging in f-prot-autoupdate so status logging happens.
- Fixed typo in Config.pm.
- changed SA and MCP pre-compilation code so it should now handle the bugs in
  this area of SpamAssassin. Am awaiting response on a fix to SA for this.
- Undone previous fix, SA have fixed their code in RC4.
- Oh no they haven't. Still buggy in their released code too :-(
- Fixed bug in quote replacement in SQL logging in CustomConfig.pm.
- Fixed typo in log text in 1 rule in filename.rules.conf.
- Added fix for bug in message handling on busy Postfix systems.

1/9/2003 New in Version 4.23-11
===============================
* New Features and Improvements *
- Implemented special "silent viruses" list keyword "All-Viruses" which matches
  the name of any virus. This means you can make messages silent which contain
  just viruses and none (or a combination) of the HTML hacks that are detected.
- Implemented "Use Default Rules With Multiple Recipients" configuration
  option to force predictable results when faced with a message with multiple
  recipients who have conflicting user preferences.
- Implemented various new parameters so that messages which only have
  dangerous content, and nothing else wrong with them, get a "dangerous
  content" warning rather than a "virus" warning.
- Added "Definite Spam Is High Scoring" configuration option so that spam
  that is blacklisted is treated using the "High Scoring Spam Actions".
- Added 3 new options to allow fine-grained control of notifications to
  senders, so that you can notify senders of bad filenames but not
  viruses, for example. The 3 new settings are:
  Notify Senders Of Blocked Filenames Or Filetypes
  Notify Senders Of Other Blocked Content
  Notify Senders Of Viruses
- Added support for eTrust Antivirus. Assumes installation directory of
  /opt/eTrustAntivirus as recommended by their AdminGuide manual.
- Added "Virus:" type to things you can use in rulesets so you can do
  stuff like only quarantine particular virus infections and not others.
- Added Message Content Protection (MCP) system to be able to quarantine
  messages that contain banned content in text and/or HTML sections. This
  has produced a whole new section in MailScanner.conf with stacks of
  configuration settings.

- All virus scanner package installation paths have been moved to
  virus.scanners.conf so they are not in any of the wrapper or autoupdate
  scripts.
  *NOTE*: If you are not using my "update_virus_scanners" global updater
  *NOTE*: script, but have written your own cron jobs, then you must add
  *NOTE*: the installation path to the autoupdate commands. To see the
  *NOTE*: default path, read virus.scanners.conf.
  *NOTE*: If you don't do this, your autoupdates may not work.
- Improved error detection in bitdefender-autoupdate.
- Added 5 minute timeout to clamav-autoupdate.
- Better mcafee-autoupdate script from Tony Finch. Allows non-root user
  more easily, and can delete old files if you want it to.
- Improved ClamAV wrapper so it safely attempts extra command-line flags.
- Improved rav-autoupdate so it fixes RAV permissions for non-root users.
- Added simple F-Secure autoupdate script.
- Added Trend autoupdate script.
- Added timeout support (10 minutes) to F-Prot autoupdate script.
- Sophos autoupdater now handles Sophos beta releases neatly.
- Improved logging output of global updater.

- Messages bigger than the max SA testing size are now checked by SA, just
  only the first n bytes of the message will be checked.
- Logging now handles syslog-ng better, as it will attempt to re-open the
  syslog connection if it dies while logging to it.
- Now check that at least 1 file matches all of the filename patterns
  specified in "Monitors For Sophos Updates".
- "Include Scanner Name In Reports" now also includes the name "MailScanner"
  at the start of the report lines that come from MailScanner's own
  internal filename, filetype and content checks. The exact wording used can
  be customised in languages.conf.
- Improved handling of Allowed Sophos Error Messages. To allow more than 1
  string, put each string in quotes and separate them with commas. For example
  Allowed Sophos Error Messages = "corrupt", "format not supported"
- Added ZMailer support to RedHat init.d script.
- Improved SuSE init.d script handles sendmail and Postfix.
  It will handle Exim once I can get it to build.
- Changed default path of lockfile in update_virus_scanners so it is more
  compatible with systems that don't have /var/lock.
- Produced patches for SpamAssassin versions 2.55 and 2.60 that allow TCP
  to scan the contents of non-text attachments, such as Microsoft Word
  documents. See docs/install/tcp/index.html for instructions.
- Improved "Spam Checks" description in MailScanner.conf.
- Added comment about virus.scanners.conf file to MailScanner.conf.
- Improved handling of messages containing viruses but no MIME structure.
- Removed Osirusoft spam lists, added NJABL.

* Fixes *
- Corrected minor typo in check_MailScanner cron job.
- Corrected typo in SweepOther.pm.
- Corrected handling of non-archives in kavdaemonclient scanner.
- SQL Logging code now translates '' into 'NULL' before inserting into table.
- Corrected minor bug in safe filename logging in CustomConfig.pm.
- Fixed bug in RAV output handling.
- Worked around bug in RAV directory traversal by improving wrapper script.
- Fixed bug in RBL result processing when RBL returns 127.0.0.10.
- Fixed bug in Exim handling of client IP address.
- Fixed bug in Command anti-virus detecting viruses in zip files.
- Fixed bug in DoS-attack handling code.
- Fixed bug in insertion of virus warning message that affects entire
  message.
- Fixed trend-autoupdate.
- Fixed logging format bug.

3/7/2003 New in Version 4.22-5
==============================
* New Features and Improvements *
- New mcafee-autoupate script.
- Address patterns in rules can now be filenames, which will be read for a
  list of patterns for the current rule. Files can be nested.

* Fixes *
- A few perl versions on odd OSes were incorrectly checking filenames
  which contained spaces. More efficient now too.
- RBL upper/lower case bug fixed.

1/7/2003 New in Version 4.22
=============================
* New Features and Improvements *
- Added support for checking file content types regardless of their filename.
  This uses the "file" command to work out the types of different files.
  New additions to MailScanner.conf are "file command", "file timeout",
  "filetype rules" (which work just like filename rules) and "log permitted
  filetypes".
- Added "Allow Form Tags" configuration option to ban HTML forms from email.
  Requires almost no additional CPU load and is useful protection.
- Added "Maximum Message Size" configuration option to limit the size of
  messages for certain users. Handy for dialup users to save their download
  phone bills. Obviously it works with a ruleset.
- "Spam Actions", "High Scoring Spam Actions" and "Non Spam Actions" are now
  set up so that the first matching rule will be used, rather than the sum of
  all the matching rules. This means you can have 1 setting for a domain, but
  before that have a rule for an individual user that over-rides the domain
  setting.
- MailScanner.conf file can now include "%name% = value" definition lines.
  These "%name%" variables can then be used later in the MailScanner.conf
  file and the rulesets, where they will be substituted with the appropriate
  "value". This greatly eases switching languages.
- Sophos.install script improved to make new versions work with sophossavi.
- f-prot-autoupdate script improved to handle new F-Prot version 4.
- Added bitdefender-autoupdate script from Alessandro Bianchi.
- Added "default" overall black- and white-lists to per-domain black/whitelist
  code in CustomConfig.pm.
- Added code to CustomConfig.pm to implement internal-only accounts that
  cannot send mail to external addresses.
- Improved comments in MailScanner.conf for "Max Children" setting.
- Added (commented out) instruction to not use Bayesian stats engine in
  MailScanner, with a comment about its need.

* Fixes *
- "channel error" detection bug in ZMailer support fixed.
- All sender.* reports now have To: From: and Subject: in English to keep
  sendmail and e-mail applications happy.
- "$reportword" appearing in Postmaster notices fixed.
- Added call to get logging working properly in clamav-autoupdate.
- RBLs are converted to lower-case when read from MailScanner.conf.
- Fix in signing clean messages containing single uuencoded attachments that
  are then read using certain versions of Outlook 97.
- MailScanner does not support Postfix without hashed queues. This situation
  is detected and reported if it is found.
  By default in all recent releases of Postfix (both 1.x and 2.x) hashed
  queues are enabled, so just don't disable them.

2/6/2003 New in Version 4.21
=============================
* New Features and Improvements *
- Can now handle non-spam messages with the same options as spam messages.
  This allows you to archive non-spam separately so you can spot missed spam
  messages in it and feed them into SpamAssassin or adjust your configuration.
  Note: bouncing non-spam is not available as it makes no sense.
- Cron job will not start MailScanner if it has been stopped manually with
  the init.d script. This protects you while you are in the middle of upgrading.
- SpamAssassin configuration no longer zeros out DCC rules and specifies
  normal path to dccproc.
- McAfee autoupdater script replaced by much better one from Tony Finch.
- When using SophosSAVI virus scanner and updating virus definitions very
  frequently, MailScanner will only be reset when the zip file of definitions
  actually changes. No reset is done if you downloaded the same set of
  definitions as you already have.
- Better handling of virus scanner lock files when not running as root.
- Improved logging and handling of child process exit codes.
- Added Hungarian (hu) translation of reports.
- Added new "Spam Lists To Reach High Score" setting so that "Spam List" hits
  can cause a message to be considered to be High Scoring Spam. Default is
  high enough that it won't ever be reached. Setting this to 1 might have
  uses in setting all Spam List messages to be treated as high scoring.
- Added support for 15th virus scanner, Bitdefender.
- Added "Include Scores In SpamAssassin Report" option to allow the
  inclusion of numerical score values in SpamAssassin reports. Default is yes.
- Added "Report" to the languages.conf so it can be translated.
- Added "inline.spam.warning.txt" to all languages. Needs translating!
- Added "attachment" Spam/Ham action allowing original message to be turned
  into an RFC822 attachment of itself, with a configurable warning file
  placed at the top of the message. This stops web bugs dead in their tracks.
- Added special k