Re: [Exim] ANNOUNCE: exiscan-4.12-22

Top Page
Delete this message
Reply to this message
Author: Patrick Boutilier
Date:  
To: Tom Kistner
CC: exim-users
Subject: Re: [Exim] ANNOUNCE: exiscan-4.12-22
Tom,

exiscan_unpack_mime has also been removed (replaced with
exiscan_demime_condition). :-)



Tom Kistner wrote:
> Sheldon Hearn wrote:
>
>> There's no indication of _what_ configuration incompatibilities you've
>> introduced. :-(
>
>
> I hate writing documentation :)
>
> Anyway, here are the details.
>
> The following configuration options have been replaced with compile-time
> defines, and thus do not exist any more:
>
> exiscan_spamd_buffer_max_chunks
> exiscan_spamd_buffer_init_chunk
> exiscan_av_buffer_max_chunks
> exiscan_av_buffer_init_chunk
>
> The following configuration options have been added (quoting the docs):
>
> -------------------------------------------------------------------------
> De-MIME facility (demime) options
> ---------------------------------------------------------------------
>
>
>     exiscan_demime_condition    (string, default unset)
>     ---------------------------------------------------
>     If this condition evaluates to "true", exiscan will unpack MIME
>     and UUENCODE containers in the message, while doing basic syntax
>     checks. This includes check for overlong file names and other known
>     MIME "exploits" that target faulty email clients. In addition,
>     this facility tries to mimic the tolerant behaviour of Microsoft's
>     MIMEOLE as closely as possible.
>     IMPORTANT: Most modern virus scanners can scan inside MBOX-style
>     files. This should make it unneccessary to unpack MIME containers
>     for them. Unfortunately, their MIME implementations are not as
>     tolerant as the typical Microsoft MUA, making them vulnerable to
>     certain exploits.
>     It is recommended to set this condition to "1", unless you absolutely
>     trust your AV products MIME implementation
>     Note: This facility will automatically be switched on if the condition
>     exiscan_extension_condition (see further below) evaluates to true,
>     since scanning for MIME filenames requires parsing of the MIME con-
>     tainers.

>
>     Example: Unpack MIME containers in all messages

>
>              exiscan_demime_condition = 1

>
>
>     exiscan_demime_action     (string, default 'pass')
>     --------------------------------------------------
>     This defines the action exiscan should take when it finds a malformed
>     MIME container or other known MIME "exploits" in the message.
>     Possible values are 'pass','reject','blackhole','freeze' or
>     'redirect <address>'. When this option is unset, it defaults to
>     'pass'.
>     Important: Please read the "Setting Actions" section below for more
>     information on actions.

>
>     Example: Reject broken MIME messages

>
>              exiscan_demime_action = reject

>
> ----------------------------------------------------------------------
>
> To get the same behaviour than with older versions, add only this line
> to your exim config file:
>
> exiscan_demime_condition = 1
>
>
>
> /tom
>
> --
> Tom Kistner <tom@???>
> ICQ 1501527 dcanthrax@efnet
> http://duncanthrax.net
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##
>