Re: [Exim] ANNOUNCE: exiscan-4.12-22

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Tom Kistner
Date:  
À: Sheldon Hearn
CC: exim-users
Sujet: Re: [Exim] ANNOUNCE: exiscan-4.12-22
Sheldon Hearn wrote:

> There's no indication of _what_ configuration incompatibilities you've
> introduced. :-(


I hate writing documentation :)

Anyway, here are the details.

The following configuration options have been replaced with compile-time
defines, and thus do not exist any more:

exiscan_spamd_buffer_max_chunks
exiscan_spamd_buffer_init_chunk
exiscan_av_buffer_max_chunks
exiscan_av_buffer_init_chunk

The following configuration options have been added (quoting the docs):

-------------------------------------------------------------------------
De-MIME facility (demime) options
---------------------------------------------------------------------


     exiscan_demime_condition    (string, default unset)
     ---------------------------------------------------
     If this condition evaluates to "true", exiscan will unpack MIME
     and UUENCODE containers in the message, while doing basic syntax
     checks. This includes check for overlong file names and other known
     MIME "exploits" that target faulty email clients. In addition,
     this facility tries to mimic the tolerant behaviour of Microsoft's
     MIMEOLE as closely as possible.
     IMPORTANT: Most modern virus scanners can scan inside MBOX-style
     files. This should make it unneccessary to unpack MIME containers
     for them. Unfortunately, their MIME implementations are not as
     tolerant as the typical Microsoft MUA, making them vulnerable to
     certain exploits.
     It is recommended to set this condition to "1", unless you absolutely
     trust your AV products MIME implementation
     Note: This facility will automatically be switched on if the condition
     exiscan_extension_condition (see further below) evaluates to true,
     since scanning for MIME filenames requires parsing of the MIME con-
     tainers.


     Example: Unpack MIME containers in all messages


              exiscan_demime_condition = 1



     exiscan_demime_action     (string, default 'pass')
     --------------------------------------------------
     This defines the action exiscan should take when it finds a malformed
     MIME container or other known MIME "exploits" in the message.
     Possible values are 'pass','reject','blackhole','freeze' or
     'redirect <address>'. When this option is unset, it defaults to
     'pass'.
     Important: Please read the "Setting Actions" section below for more
     information on actions.


     Example: Reject broken MIME messages


              exiscan_demime_action = reject


----------------------------------------------------------------------

To get the same behaviour than with older versions, add only this line
to your exim config file:

exiscan_demime_condition = 1



/tom

--
Tom Kistner <tom@???>
ICQ 1501527 dcanthrax@efnet
http://duncanthrax.net