mimedefang (2.83-1) unstable; urgency=medium * New upstream version 2.83 * mimedefang.pl: Add an extra level of subdirectories in the quarantine to avoid 32K subdirectory limit on ext3. * Make mimedefang and mimedefang-multiplexor write their PID files as root to avoid an unprivileged user tampering with the pidfiles. * Update contrib/graphdefang with improvements from Kevin A. McGrail. * Terminology change: Change "slave" to "worker" everywhere. * Add a new -V maxLifetime option to mimedefang-multiplexor that terminates worker processes after maxLifetime seconds (approximately). This is in addition to the -r maxRequests option. * update watch file to check download signature -- Christoph Martin Fri, 24 Nov 2017 16:53:57 +0100 mimedefang (2.79-2) unstable; urgency=medium * move project to git on collabmaint * change recommends for graphdefang from php5 to php (closes: 849165) * Switch to dpkg-source 3.0 (quilt) format * Update debhelper compat version to 9 * Update standards version * change init stop action to always wait for deamon to exit (closes: #807078) -- Christoph Martin Fri, 23 Dec 2016 10:33:53 +0100 mimedefang (2.79-1) unstable; urgency=medium * New upstream release * Improve Postfix compatibility by trying to get QueueID after first RCPT command, and if not found, at the EOH milter phase. * Make mimedefang-multiplexor exit with a successful return code upon receipt of SIGTERM. * Use 64-bit variables where supported for some statstics counters that could overflow with only 32-bit variables, yielding incorrect statistics * fix graphdefang.cgi (closes: #799583) * add pt_BR debconf translation (closes: #816943) -- Christoph Martin Tue, 08 Nov 2016 17:46:16 +0100 mimedefang (2.78-1) unstable; urgency=low * New upstream release * Fix bug in logic that coalesces multiparts to single-parts if possible; the bug broke DKIM signing. Fix is courtesy of Peter Nagel. * Change old author's name to "Dianne Skoll" in many places. * Add support for filter_wrapup callback. This is called at the very end and permits header modifications, but not body modifications. Useful for DKIM-signing. * Fix FTBFS with -Werror=format-security (closes: #646347) * remove obsolete dependency from libfile-scan-perl -- Christoph Martin Thu, 11 Jun 2015 17:24:23 +0200 mimedefang (2.75-1) unstable; urgency=high [ Christoph Martin ] * New upstream release * Add rcpt_addr, rcpt_host and rcpt_mailer to default set of macros that we ask for. * Do not invokve smfi_setsymlist unless "-y" option to mimedefang is given. smfi_setsymlist leaks memory in versions of Sendmail prior to 8.14.4. * Implement new "load1" md-mx-ctrl command which gives statistics in more useful format than "load" * watch-multiple-mimedefangs.tcl: Major improvements; see the new -n, -r, -s and -t command-line options. * Add action_add_entity function. * don't leave temp files on debconf handling of /etc/default/mimedefang and remove old ones on package purge (closes: #715002) * New upstream release -- Christoph Martin Tue, 14 Oct 2014 11:34:09 +0200 mimedefang (2.73-2) unstable; urgency=low [ gregor herrmann ] * Fix "modifies conffiles (policy 10.7.3): /etc/default/mimedefang": - debian/{dir,rules}: install configuration file under /usr/share - debian/mimedefang.postinst: copy it to /etc/default if necessary - debian/mimedefang.postrm: remove it on purge - debian/config: also handle no/false case (Closes: #688196) [ Christoph Martin ] * Add MD_ALLOW_GROUP_ACCESS and MX_RECIPOK_PERDOMAIN_LIMIT to the reference configuration in /usr/share/mimedefang/mimedefang.conf and hint to NEWS (Closes: #687344) -- Christoph Martin Mon, 08 Oct 2012 12:40:36 +0200 mimedefang (2.73-1) unstable; urgency=low * New upstream release * Pass along the client port number, server IP address and server port number to all filter functions. This feature was sponsored by Scayl. * Add "-G" option to mimedefang and mimedefang-multiplexor. This makes their sockets group-readable and group-writable. * Fix Graphdefang to handle new md_syslog output style. * Change md_syslog to log the Sendmail Queue-ID if it is available. * add new nb debconf translation (Closes: #654452) * correct some lintian warnings -- Christoph Martin Tue, 24 Jul 2012 16:25:00 +0200 mimedefang (2.71-2) unstable; urgency=low [ Salvatore Bonaccorso ] * Use Digest::SHA instead of Digest::SHA1. Remove libdigest-sha1-perl from (Build-)Depends (Closes: #625870). [ Christoph Martin ] * include Danish debconf translation (Closes: #623091) -- Christoph Martin Mon, 29 Aug 2011 10:10:17 +0200 mimedefang (2.71-1) unstable; urgency=low * New upstream release * Fixed a bug in embedded Perl: We have to call PERL_SET_CONTEXT after forking or Perl gets confused. In particular, setting signal-handling dispositions using $SIG{FOO} = sub { ... } breaks. * really include spanish debconf translation (closes: #580200) -- Christoph Martin Wed, 25 Aug 2010 11:54:00 +0200 mimedefang (2.69-1) unstable; urgency=low * New upstream release (closes: #586168) * Fix bug with Perl 5.10 and embedded perl NOTE: This is a bug in Perl, not MIMEDefang, but we need to work around it. (closes: #516913) * Try hard not to lose any STDERR messages before reaping a slave. * Make relay_is_blacklisted and relay_is_blacklisted_multi handle IPv6 addresses. Patch loosely based on submission by Michiel Brandenburg. NOTE: relay_is_blacklisted_multi and relay_is_blacklisted are DEPRECATED. Use the CPAN module Net::DNSBL::Client instead. * The functions add_recipient, change_sender, delete_recipient, action_add_header and action_insert_header can be called from outside message context (that is, from filter_sender and filter_recipient). Based on suggestion from D. Stussy. * Add new "-y" option to mimedefang-multiplexor. This limits the number of concurrent "recipok" commands on a per-domain basis. * Remove obsolete code that used to attempt to generate working directory names. Deactivate the no-longer-needed "-M" mimedefang option. * Remove Anomy::HTMLCleaner support. * refer to correct GPL license file * update to standards version 3.8.4 (no changes) * include spanish debconf translation (closes: #580200) -- Christoph Martin Wed, 23 Jun 2010 16:36:07 +0200 mimedefang (2.67-3) unstable; urgency=low * because of change in apt-get/aptitude change recommends on tk8.3 | wish, sendmail to suggests (closes: #555657, #531530) -- Christoph Martin Thu, 12 Nov 2009 10:31:12 +0100 mimedefang (2.67-2) unstable; urgency=low * Fix watch file (closes: #554490) * Include fix for embedded perl (closes: #516913) -- Christoph Martin Fri, 06 Nov 2009 12:19:31 +0100 mimedefang (2.67-1) unstable; urgency=low * New upstream release * embperl.c, configure.in: Fix problems with embedded Perl on Debian HPPA architecture. * Added support for FPROTD version 6 daemonized scanner. -- Christoph Martin Tue, 24 Feb 2009 16:20:36 +0100 mimedefang (2.64-6) unstable; urgency=low * fix init script to not exit with error when stopping and daemon is not running (closes: #497503) * include fix from upstream to correctly invoke embedded perl interpreter and make it run on hppa again (closes: #495070) * update japanese debconf translation (closes: #490666, #494116) * update swedish debconf translation (closes: #491948) -- Christoph Martin Tue, 2 Sep 2008 10:23:51 +0200 mimedefang (2.64-5) unstable; urgency=low * disable embedded perl on hppa to fix build problem -- Christoph Martin Fri, 11 Jul 2008 16:19:30 +0200 mimedefang (2.64-4) unstable; urgency=low * update standards version * update build-depends * reformat NEWS.Debian to make lintian happy -- Christoph Martin Fri, 13 Jun 2008 13:31:15 +0200 mimedefang (2.64-3) unstable; urgency=low * Debconf translations - Dutch. Closes: #474765 - French. Closes: #479435 - Basque. Closes: #483467 -- Christoph Martin Wed, 4 Jun 2008 16:37:42 +0200 mimedefang (2.64-2) unstable; urgency=low * add LSB formatted dependency info in init.d script (closes: #469747) * include pointer to mimedefang-multiplexor manpage in debconf template on using an embedded perl interpreter (closes: #461307) * include updated ta.po, ru.po, pt.po, vi.po, it.po, gl.po, cs.po, fi.po, nb.po, nl.po (closes: #470516, #470563, #470565, #470598, #471145, #470527, #471045, #470593) * fix some lintian warnings * update to standards version 3.7.3 (no changes needed) -- Christoph Martin Mon, 7 Apr 2008 12:34:16 +0200 mimedefang (2.64-1) unstable; urgency=low * New upstream release * mimedefang.pl.in: Make md_check_against_smtp_server include the Sendmail Queue-ID in the syslog message. * embperl.c: Fix Perl's $$ variable so it reflects the actual PID of the slave process. If you are using Embedded Perl, this should remove a major source of irritation (log messages previously used the PID of the master multiplexor process.) * Add support for Sophos "savscan" scanner (Adam Lanier) * Add support for NOD32 command-line scanner (Dusan Zovinec) * watch-multiple-mimedefangs.tcl: Works better with Tcl/Tk 8.5. Displays message volumes/day in more human-readable form. New -archive option logs statistics to files. * apply patch from debian-l10n-english team (closes: #461013) * include Tamil, Galician, Basque, Finnish, Italian, Russian, Norwegian debconf translation (closes: #461842, #461749, #462345, #462685, #463702, #463727, #463939) * include updated Portuguese, German, French, Vietnamese, Dutch, Czech debconf translation (closes: #455075, #455288, #461743, #461847, #462311, #462381, #462435, #463735) -- Christoph Martin Wed, 6 Feb 2008 12:42:52 +0100 mimedefang (2.63-2) unstable; urgency=low * fix init-script (closes: #455295) -- Christoph Martin Mon, 10 Dec 2007 14:51:39 +0100 mimedefang (2.63-1) unstable; urgency=low * New upstream release * mimedefang.c: A new "-N" flag causes Sendmail not to make filter_recipient callbacks for invalid recipients. Only works with Sendmail/Milter 8.14.0! Note that without the -N flag, MIMEDefang now works the same with 8.14.0 and 8.13.x -- you always see all recipients by default, even invalid ones. * mimedefang.pl.in: A new "change_sender" action lets you change the envelope sender. Only works with Sendmail/Milter 8.14.0 and newer! * You can invoke mimedefang like this: mimedefang prcap and it prints details about the version of libmilter it's linked with and exit. * examples/init-script.in: Added MD_SKIP_BAD_RCPTS init script option (suggested by John Nemeth) * graphdefang now recommends php5 (closes: #432240) * fix sendmail call via unix-socket (closes: #439432) * fix typo in debconf template (closes: #421590) * include Dutch and Portuguese debconf translation (closes: #423058, #434283) * fix build to make DEB_BUILD_OPTIONS=nostrip working (closes: #437567) -- Christoph Martin Fri, 7 Dec 2007 17:57:59 +0100 mimedefang (2.61-1) unstable; urgency=low * New upstream release (closes: #416147) * mimedefang.c: Fix filter registration so MIMEDefang works correctly against libmilter from Sendmail 8.14 * mimedefang.c: Major changes: We build up the contents of COMMANDS in memory and write it out in one big chunk per milter callback. Not only does this reduce the number of system calls, but we also now _check the return code_ of those calls! * mimedefang.pl.in(item_contains_virus_fprotd): More careful inspection of F-PROT output to determine virus name. (Jan-Pieter Cornet) * Added a new tool (watch-multiple-mimedefangs.tcl) for monitoring a cluster of MIMEDefang scanners * Modify multiplexor and mimedefang.pl.in so slave status updates work correctly (the -Z multiplexor flag.) Previously, the slave status wasn't being reset correctly. * mimedefang.pl.in(read_commands_file): If the COMMANDS file did not end with an F, the slave would give up and become idle, but not inform the multiplexor. As a result, the multiplexor would think the slave was busy, and the slave would be unavailable until the busy timeout elapsed and it was killed by the multiplexor. This bug has been fixed. * move /etc/mail/mimedefang.conf to /etc/default/mimedefang (closes: #335988) * spamassassin >= 3.1.5 now finds automatically updates in /var/lib/spamassassin. mimedefang.pl includes some code to only set the spamassassin statedir if version is < 3.1.5 (closes: #366636) -- Christoph Martin Tue, 27 Mar 2007 12:00:34 +0200 mimedefang (2.57-5) unstable; urgency=low * Remove obsolete mbox switches from clamscan command line (closes: #413606) * initial German debconf translation (closes: #413902) * Updated Czech translation (closes: #413218) -- Christoph Martin Thu, 8 Mar 2007 18:05:15 +0100 mimedefang (2.57-4) unstable; urgency=high * add depend on adduser (closes: #408255) * fix japanese debconf translation (closes: #403488) -- Christoph Martin Fri, 26 Jan 2007 14:43:57 +0100 mimedefang (2.57-3) unstable; urgency=low * update japanese debconf translation (closes: #402618) -- Christoph Martin Wed, 13 Dec 2006 15:11:01 +0100 mimedefang (2.57-2) unstable; urgency=high * change group of /var/spool/MIMEDefang back to defang, because we no longer depend on sendmail (closes: #398368, #398996) * add if available user smmsp to group defang (closes: #381335) -- Christoph Martin Fri, 17 Nov 2006 16:33:42 +0100 mimedefang (2.57-1) unstable; urgency=low * New upstream release * mimedefang-multiplexor: New scheduling algorithm tries to keep commands "sticky". For example, when looking for a slave to run "recipok", we prefer to use a slave that recently ran "recipok". NOTE!!! If your filter incorrectly retains state from earlier callbacks into filter_begin, this scheduling change WILL expose the bugs in your filter. * mimedefang-multiplexor.c: New "md-mx-ctrl hload" command keeps track of load for past 1, 4, 12 and 24 hours. Gives long-term data to complement the short-term "md-mx-ctrl load" data. * mimedefang.pl.in: Pass LOCAL_STATE_DIR => '/var/lib' to Mail::SpamAssassin constructor. If your LOCAL_STATE_DIR is elsewhere, you'll have to hack the Perl code, I'm afraid. (closes: #366636) * change depends on sendmail to recommends, since mimedefang can run on different host than sendmail (closes: #373300) -- Christoph Martin Mon, 7 Aug 2006 17:55:31 +0200 mimedefang (2.56-1) unstable; urgency=low * New upstream release (closes: #351288) * mimedefang.c: The new '-R' option lets you reserve a specified number of slaves for connections from localhost. The idea is to try to allow clientmqueue runs to succeed even on heavily-loaded systems. * mimedefang.pl.in: The filter_begin function is now passed a single argument ($entity) representing the parsed message. *** NOTE INCOMPATIBILITY *** filter_begin NOW TAKES ONE ARGUMENT, NOT ZERO. IF YOUR FILTER HAS A PROTOTYPE FOR filter_begin, YOU SHOULD FIX OR REMOVE THE PROTOTYPE * mimedefang.c, mimedefang.pl.in: Added new action_insert_header to prepend headers (rather than appending them). Only works properly with Sendmail 8.13; on older versions of Sendmail, falls back to action_add_header. Based on patch from Matthew van Eerde. * mimedefang.pl.in: Added new function md_get_bogus_mx_hosts. Allows to test for sender domains with bogus MX hosts (such as hosts that resolve to the loopback or private IP addresses.) * mimedefang.c: Do NOT strip "bare CR" characters from e-mails by default. The new "-c" command-line option enables the older behavior. *** NOTE INCOMPATIBILITY *** WE NO LONGER STRIP BARE CR's FROM MESSAGES BY DEFAULT. TEST YOUR FILTERS CAREFULLY TO MAKE SURE THEY CAN COPE WITH THIS, OR USE THE -c FLAG. * mimedefang.c(rcptto): If you returned ACCEPT_AND_NO_MORE_FILTERING from filter_recipient, the spool files wouldn't get cleaned up, eventually clogging the spool directory. This has been fixed. -- Christoph Martin Mon, 13 Mar 2006 17:17:12 +0100 mimedefang (2.53-2) unstable; urgency=low * added swedish debconf translation (closes: #331556) * updated french debconf translation (closes: #332329) -- Christoph Martin Mon, 13 Mar 2006 16:08:54 +0100 mimedefang (2.53-1) unstable; urgency=low * New upstream release (closes: #312278) * mimedefang.pl: We don't detect and load Perl modules until the detect_and_load_perl_modules() function is called. * should bring speed improvements * include alternate dependency on debconf-2.0 * fix type on debconf template (closes: #312788) * include virnamese debconf translation (closes: #312787) * add french debconf translation (closes: #302651) * include japanese debconf translation (closes: #310162) * add czeck debconf translation (closes: #319851) -- Christoph Martin Tue, 27 Sep 2005 17:26:15 +0200 mimedefang (2.51-2) unstable; urgency=low * make mimedefang again read /etc/mail/sa-mimedefang.cf (closes: #295467) * reformulate debconf templates files and correct Description line (closes: #294936) * add french debconf translation (closes: #295962) -- Christoph Martin Wed, 23 Feb 2005 15:53:15 +0100 mimedefang (2.51-1) unstable; urgency=high * New upstream security fix release * fixes a possible security hole in function percent_encode * Added "-q" option to mimedefang. This permits the multiplexor to queue new incoming connections. It may make higher utilization of slaves and improve throughput. -- Christoph Martin Fri, 11 Feb 2005 18:31:44 +0100 mimedefang (2.49-1) unstable; urgency=low * New upstream release * mimedefang.c: Fix stupid logic error that made MIMEDefang ignore the Sendmail {if_addr} macro when setting IP address for X-Scanned-By: header. * embperl.c: Soften warning about file descriptors being opened in filter. Some systems seem to do this (Solaris). * change group of user defang from nogroup to new group defang (closes: #285998) * put spam_assassin_init in mimedefang-filter into filter_initialize to remove warning about opened file descriptors outside a function when using embperl (closes: #283495) * include debconf support * ask for embedded perl usage -- Christoph Martin Fri, 4 Feb 2005 15:48:52 +0100 mimedefang (2.48-1) unstable; urgency=low * New upstream release (closes: #279558) * SECURITY FIX: mimedefang.c: Tempfail message if RESULTS file doesn't terminate with 'F' line. (Detects disk-full condition.) * mimedefang-multiplexor.c: Added mechanism for slaves to send back "status reports" to the multiplexor. The command "md-mx-ctrl slaves" now shows the current status of busy slaves (eg, "Running SpamAssassin", "recipok ", etc.) * Added support for Command "csav" anti-virus. * mimedefang.pl.in: append_html_boilerplate and append_text_boilerplate refuse to tamper with S/MIME messages. They won't descend into multipart/signed or multipart/encrypted parts. Similarly for remove_redundant_html_parts. * mimedefang.pl.in: Split-and-rebuild algorithm is greatly improved. In particular: In filter_end, the $entity->head correctly contains all message headers. And we try to avoid creating useless multipart containers -- if we would end up with a multipart/mixed or multipart/alternative with only one sub-part, we "pop" the sub-part up to the top level. * mimedefang.c: Add IP address of scanning host to X-Scanned-By: header. * mimedefang.pl.in: flatten_mime removed. * action_add_part revamped completely; -- Christoph Martin Fri, 12 Nov 2004 17:28:53 +0100 mimedefang (2.45-2) unstable; urgency=low * install sa-mimedefang.cf in correct location and remove the wrong one (closes: #275295) * make description more precise (dependency on sendmail) (closes: #275787) -- Christoph Martin Mon, 11 Oct 2004 17:26:44 +0200 mimedefang (2.45-1) unstable; urgency=low * New upstream release * mimedefang-multiplexor.c: Add the "-a" command-line option for opening a socket that only allows unprivileged commands. These are commands that fetch status, but can't affect operation of multiplexor. * mimedefang.pl.in: Added filter_create_parser user-supplied callback to create a MIME::Parser object. This lets you customize how parsing happens. * mimedefang.pl.in (md_check_against_smtp_server): Add optional $port argument to specify checking against a port other than 25. * watch-mimedefang.in: Huge rewrite. Displays a lot more info about the MIMEDefang server. Can monitor a remote MIMEDefang server over a low-bandwidth SSH connection. * mimedefang.pl.in: Implemented a new set of RBL lookup functions that perform multiple lookups in parallel and allow you to set a timeout (the timeout applies to ALL lookups, not each individual lookup.) These new functions require the Net::DNS module. * move Depends: tk8.3 | wish to Recommends to help install mimedefang without X11 and tcl (closes: #273752) -- Christoph Martin Mon, 4 Oct 2004 18:55:16 +0200 mimedefang (2.44-1) unstable; urgency=high * remove patch for #256927 which causes a segfault with newer perl version (5.8.4) and makes it unusable (closes: #262590) * new upstream version (closes: #263490) * NEW: Support for Sendmail's SOCKETMAP map class. * NEW: Support for Sendmail's QUARANTINE feature. This leaves quarantined messages in your mail queue, and is NOT THE SAME as MIMEDefang's quarantine. * mimedefang.pl.in: Add "Precedence: bulk" headers to all MIMEDefang-generated notifications. * mimedefang-multiplexor.c (sigterm): If multiplexor is killed, we kill all slaves with SIGTERM. We wait for up to 10 seconds, and if there are still slaves that haven't exited, we kill them with SIGKILL. * remove sleep while restarting. Issue should be solved by upstream (see above) * change mimedefang.pl so that more variables can be set via mimedefang.pl.conf (closes: #261651) -- Christoph Martin Thu, 5 Aug 2004 18:02:49 +0200 mimedefang (2.43-2) unstable; urgency=low * fix watchfile -- Christoph Martin Wed, 28 Jul 2004 11:21:58 +0200 mimedefang (2.43-1) unstable; urgency=low * new upstream version (closing: #256833) * filter_relay, filter_sender and filter_recipient can return a fifth element specifying a delay before returning a code to the SMTP client. This lets you implement tarpitting without tying up a Perl slave. However, the delay does tie up a libmilter thread. * Modified C and Perl code so that filter_relay is called when remote client connects rather than after MAIL FROM. * mimedefang-multiplexor.c: Add -X option to run a "tick" request every so often. Added -Y option to set syslog label. * mimedefang.pl.in: Call md_openlog lazily so users can call it from filter to change syslog label. * fix X_SCANNED_BY option processing in init script (closes: 251077) (thanks to Jonathan Hankins) * backport memory-leak fix from 2.44Beta (closes: #256927) -- Christoph Martin Mon, 5 Jul 2004 15:28:05 +0200 mimedefang (2.42-1) unstable; urgency=low * new upstream version * mimedefang.pl.in (md_copy_orig_msg_to_work_dir): Added md_copy_orig_msg_to_work_dir and md_copy_orig_msg_to_work_dir_as_mbox_file functions to help virus-scanners that want the entire message, or want it in UNIX mbox format. * mimedefang.pl.in (spam_assassin_mail): Add support for SpamAssassin 3.0.0's new Perl API. -- Christoph Martin Tue, 4 May 2004 11:41:30 +0200 mimedefang (2.41-2) unstable; urgency=low * include new package graphdefang * remove *conffiles to get rid of lintian warning -- Christoph Martin Wed, 31 Mar 2004 11:21:15 +0200 mimedefang (2.41-1) unstable; urgency=low * new upstream version * mimedefang.pl.in (send_quarantine_notifications): Include host name in quarantine mail body (Dirk Mueller). * mimedefang.pl.in (entity_contains_virus_clamd): Check for "ERROR" return message from clamd (Nate Carlson). (action_quarantine_entire_message): Do not send out an e-mail message if $msg is non-blank (pointed out by many users...) (entity_contains_virus_hbedv): Replace -allfiles with correct --allfiles (Ken Cormack) (entity_contains_virus_sophos): Add -mime option for Sophos sweep (Dirk Mueller) * include a backported fix from 2.42-BETA-1 to close the syslog file descriptor before others -- Christoph Martin Tue, 30 Mar 2004 15:00:58 +0200 mimedefang (2.40-1) unstable; urgency=low * new upstream version * mimedefang.pl.in: Added message_contains_virus and entity_contains_virus functions to mimedefang.pl.in. They use *every* installed virus scanner. Based on idea from Chris Myers. *** NOTE INCOMPATIBILITY *** The previous example filter defined functions called message_contains_virus and entity_contains_virus. These are now defined in mimedefang.pl itself; you should remove the definitions from your filter! * Default action for viruses is now discard. * Added a new "notification" facility to allow external software to react to changes in multiplexor state. * We now pass both the raw input message and the unpacked, decoded parts to the virus scanner. This makes virus detection much more reliable. -- Christoph Martin Tue, 16 Mar 2004 16:53:24 +0100 mimedefang (2.39-1) unstable; urgency=low * new upstream * mimedefang-multiplexor.c: Added support for embedding a Perl interpreter, which should improve performance a fair bit. * mimedefang.pl.in: Added support for "filter_initialize" function that gets called once each time a slave is activated. If you are using an embedded Perl interpreter, read the mimedefang-filter man page carefully, especially the INITIALIZATION AND CLEANUP section! * (doHistogram): Added "histo" command to md-mx-ctrl. It prints a histogram showing how often a given number of slaves have been busy. * examples/suggested-minimum-filter-for-windows-clients: Made the filter_bad_filename tests less paranoid. (closes: #231078) * add a sleep of 3 seconds to make restart not fail sometimes (closes: #201990) * change permission of /var/spool/MIMEDefang to 750 and group smmsp to make sendmail able to read (closes: #225785) -- Christoph Martin Wed, 18 Feb 2004 17:28:48 +0100 mimedefang (2.38-2) unstable; urgency=low * add X_SCANNED_BY config option (closes: #220504) -- Christoph Martin Mon, 17 Nov 2003 16:33:53 +0100 mimedefang (2.38-1) unstable; urgency=low * new upstream ( for all changes see upstream Changelog ) * mimedefang.pl.in: Disable action_notify_sender if a virus is detected. (closes: #212222) * mimedefang.h: Change SMALLBUF definition from 4096 to 16384 for longer SpamAssassin reports. -- Christoph Martin Tue, 21 Oct 2003 16:50:27 +0200 mimedefang (2.37-1) unstable; urgency=low * new upstream ( for all changes see upstream Changelog ) * mimedefang.c: Make more conservative use of file descriptors. Added "-C" option to enable ultra-conservative use of file descriptors (by closing/reopening files in each callback.) * examples/suggested-minimum-filter-for-windows-clients: Proper regexp to detect CLSID attacks (Nik Clayton) * mimedefang-multiplexor.c, mimedefang.c: Added -D option to stay in foreground instead of daemonizing (Ben Kamen). * mimedefang.pl.in: Initialize $SALocalTestsOnly to 1. -- Christoph Martin Wed, 8 Oct 2003 16:59:57 +0200 mimedefang (2.35-1) unstable; urgency=low * new upstream ( for all changes see upstream Changelog ) * (action_notify_administrator): action_notify_administrator can be called OUTSIDE a message context, in which case it immediately sends e-mail to the administrator. (Suggested by Dirk Mueller.) -- Christoph Martin Mon, 7 Jul 2003 13:04:41 +0200 mimedefang (2.34-1) unstable; urgency=low * new upstream ( for all changes see upstream Changelog ) * Renamed md_log to md_graphdefang_log. YOU MUST update your filter, and change all instances of "md_log_enable" to "md_graphdefang_log_enable" and "md_log" to "md_graphdefang_log" * New feature: Added the filter_unknown_cmd hook so user-filters can extend the MIMEDefang protocol. Updated md-mx-ctrl as well. See mimedefang-protocol(7) and mimedefang-filter(5) for details. * mimedefang.pl.in (spam_assassin_mail): More fixes to the headers that get generated for SpamAssassin (Dirk Mueller). Also created and documented the $AddApparentlyToForSpamAssassin variable. * mimedefang-filter.5.in: Documented md_syslog. md_syslog is now an officially-supported API function. * mimedefang.c, mimedefang.pl.in: Allow Perl filters to specify SMTP reply codes (4xx, 5xx) and DSN status codes (4.x.y, 5.x.y) (Suggested by user "jkohan" on the MIMEDefang Web site.) * unset HOME in init script to prevent SpamAssassin from trying to use root's home directory when restarting from the command line (closes: #198428) -- Christoph Martin Mon, 7 Jul 2003 09:49:47 +0200 mimedefang (2.33-1) unstable; urgency=low * new upstream ( for all changes see upstream Changelog ) * mimedefang.c: Clean up working directory sooner in many different places. * mimedefang.c(eom): Delete all but the first "Content-Type:" header in the e-mail message, and log a warning if there is more than one such header. * syslog-fac.c: Added "-S" option to mimedefang and mimedefang-multiplexor to set syslog facility. Also, created and documented global variable $SyslogFacility in mimedefang-filter. * mimedefang.pl.in (synthesize_received_header): Add a Received: header when remailing messages. -- Christoph Martin Fri, 4 Jul 2003 09:46:07 +0200 mimedefang (2.32-1) unstable; urgency=low * new upstream ( for all changes see upstream Changelog ) * Updated documentation (mimedefang-filter.5, mimedefang-protocol.7) to reflect current reality. * mimedefang-multiplexor.c: Major changes to the internal logic of the slave scheduler. Should be more efficient than the old system. * mimedefang.pl.in: Added remove_redundant_html_parts() to delete HTML parts if a corresponding text/plain part is present in the message. * mimedefang.pl.in (replace_entire_message): Added replace_entire_message function to replace the entire message with a user-supplied MIME::Entity in filter_end. * From filter_begin to filter_end, the hash %RecipientMailers contains rcpt_mailer, rcpt_host and rcpt_addr for each recipient. * The function filter_recipient gets passed three additional arguments: $rcpt_mailer, $rcpt_host and $rcpt_addr, which are taken from the corresponding Sendmail macros. See the Sendmail documentation for more information. *** NOTE INCOMPATIBILITY *** filter_recipient is passed three additional arguments; if you use function prototypes, you may need to adjust your filter! -- Christoph Martin Fri, 25 Apr 2003 14:44:21 +0200 mimedefang (2.30-1) unstable; urgency=low * new upstream ( for all changes see upstream Changelog ) * Better syslog messages on certain system call failures * Add handling for filter_cleanup, that lets you run Perl code just before a slave is killed. * Multiplexor reads commands in chunks rather than a character at a time. Greatly reduces system-call overhead, but not likely to make much difference except on incredibly busy mail servers. * Add support for Trophie scanning library. * Log the Sendmail QUEUE-ID in most logging messages * For filter_relay, filter_sender and filter_recipient, use 'CONTINUE', 'TEMPFAIL' and 'REJECT' instead of 1, -1, and 0. Also add 'ACCEPT_AND_NO_MORE_FILTERING' to accept mail without further processing. The old numeric return codes still work,but are deprecated. * More explicit log messages. * Set global variables in filter_relay, filter_sender and filter_recipient based on the information available so far in the SMTP transaction. * Quarantine notifications no longer sent unless you explicitly ask for them. * Added send_quarantine_notifications routine which actually sends quarantine notifications. Unless you call this function in filter_end, quarantine notifications are NO LONGER SENT. * Added md_check_against_smtp_server to check recipient addresses before accepting them. * fix typo in init script (closes: #177557) -- Christoph Martin Mon, 17 Feb 2003 16:46:06 +0100 mimedefang (2.24-2) unstable; urgency=low * fix problem with wrong DEFANGUSER in init script (closes: #167294) -- Christoph Martin Mon, 4 Nov 2002 11:39:12 +0100 mimedefang (2.24-1) unstable; urgency=low * new upstream * mimedefang.pl.in: Many functions which only make sense if called from filter_begin, filter, filter_multipart or filter_end syslog error messages if they are called from outside one of those functions. * mimedefang-multiplexor.c (activateSlave): Reset signal handlers to default before starting Perl filter program. * Added md-mx-ctrl program and watch-mimedefang GUI. Tcl/Tk is required for "watch-mimedefang". * mimedefang-protocol.7.in: Updated protocol documentation. * mimedefang.pl.in (resend_message): Do not remove angle brackets from $Sender when resending message. * SECURITY UPDATE: An attacker with sufficient bandwidth may be able to crash mimedefang-multiplexor for versions up to 2.22. This attack cannot be used to execute attacker's code; it's only a denial-of-service attack. * mimedefang.pl.in: Added action_delete_all_headers * mimedefang.pl.in: Added $VirusName variable (John Kirkland) -- Christoph Martin Thu, 31 Oct 2002 11:05:52 +0100 mimedefang (2.21-1) unstable; urgency=low * new upstream * SECURITY UPDATE: Default filter rejects attachments of type "message/partial". See http://online.securityfocus.com/archive/1/291514 * mimedefang-multiplexor.c (statsLog): Do not log the date/time if we log stats using syslog; it's redundant. We still include a UNIX timestamp. * mimedefang.pl.in: Quarantine functions try to make a hard link when copying messages; fall back to actual copy if hard link fails. This can greatly improve performance. * examples/suggested-minimum-filter-for-windows-clients: More "dangerous" extensions; tighter conditions for suspecting CLSID attack (thanks to Nik Clayton). * examples/suggested-minimum-filter-for-windows-clients: Added three new "dangerous" extensions: .app, .fxp and .prg. Thanks to Marco Berizzi. * examples/suggested-minimum-filter-for-windows-clients: Allow filenames like "foo@bar.com,innocuous.txt" rather than choking on the ".com," part. * mimedefang.c (cleanup): Use an internal C implementation of "rm -rf" rather than forking and execing /bin/rm. This should improve performance on heavily-loaded systems. * corrected include of /etc/mail/mimedefang.conf in init script (closes: #162044) * change priority to extra, because we depend on sendmail, which is extra -- Christoph Martin Thu, 26 Sep 2002 13:52:58 +0200 mimedefang (2.19-1) unstable; urgency=low * new upstream * mimedefang.pl.in (send_mail): Invoke Sendmail with "-odb" (background delivery) rather than "-odi" (immediate delivery). * mimedefang.c (eom): Write a final 'F' line to signify end of COMMANDS file. * mimedefang.c (eom): Fixed dumb error in which cmdFP was closed before the final command was written. * All internally-generated messages and resent messages are delivered in "deferred" mode now. * Fixed warnings about uninitialized variables. * Lowered some syslog output to "debug" level. * mimedefang.pl.in (signal_complete): Improved quarantine notification message. -- Christoph Martin Thu, 29 Aug 2002 17:08:38 +0200 mimedefang (2.16-3) unstable; urgency=low * exclude /usr/local/bin from PATH in configure script to prevent it to find localy installed virus scanner (closes: #156699) * improve description (closes: #156536) -- Christoph Martin Fri, 16 Aug 2002 10:39:25 +0200 mimedefang (2.16-2) unstable; urgency=low * added some missing builddepends (closes: #156418) -- Christoph Martin Tue, 13 Aug 2002 11:30:55 +0200 mimedefang (2.16-1) unstable; urgency=low * Initial Release. (closes #130634, #155124) -- Christoph Martin Wed, 7 Aug 2002 15:08:57 +0200