Another fortnight, another release. I hope the pace will slow down
considerably in the coming weeks :P
You should upgrade if you are using the demime facility with the "pass"
action, or if you use it with "reject" and have problems with false
positives.
OK, if you don't mind a quick compile after lunch, go for it anyway.
You'll be rewarded with two new useful options, exiscan_loglevel, and
exiscan_demime_pickyness (see below).
---CHANGELOG---------------------------------------------------------
rev 26: Fixes:
- allow base64 lines to be terminated
with \r\n. This should fix problems
with the IMP webmail interface.
- fixed operation break when demime
facility was scoring a "hit".
Additions:
- added version number output with
exim -bV
- added exiscan_loglevel option.
(see docs)
- added exiscan_demime_pickyness option,
which defines the "pickyness" of the
demime facility. Default is "1", which
skips the more problematic tests.
(see docs !)
- exiscan_demime_action defaults
to "reject" now.
- exiscan_demime_condition defaults to
"1" (equals "on")
--------------------------------------------------------------------
----FROM THE DOCS---------------------------------------------------
exiscan_demime_pickyness (string, expandable, default "1")
------------------------------------------------------------
This option must expand to a numeric value from 0 to 2. It defines
how "picky" the MIME parser behaves when it finds anomalies in MIME
containers. Here is how the value is treated:
"0": No MIME error checking. The facility will try a "best effort"
to unpack files.
"1": Normal MIME error checking (default)
This will check and trigger on the following:
- line length exceeds MIME_SANITY_MAX_LINE_LENGTH bytes
- message/partial content type
- proposed filename exceeds MIME_SANITY_MAX_FILENAME bytes
- boundary string length exceeds
MIME_SANITY_MAX_BOUNDARY_LENGTH bytes
- wrote more than MIME_SANITY_MAX_DUMP_FILES (number of MIME
parts) for one message
- BASE64 line contains characters not in the BASE64 alphabet
"2": Extra MIME error checking (recommended for security
aware admins)
This will check those in addition to the "1" setting:
- double headers of type Content-type, Content-Disposition,
Content-Transfer-Encoding
- uuencode line not a multiple of 4 characters
- uuencode line is longer or shorter then proposed data length
- base64 line is longer than MIME_SANITY_MAX_B64_LINE_LENGTH
(76 by RFC)
- base64 line is not a multiple of 4 bytes long (usually wrong
number of padding chars)
- illegal character in quoted-printable encodings
The constants shown in CAPS in the text above can be found in
exiscan.h. You can tweak them before compiling, but that is only
recommended if you know what you are doing.
When one of the activated conditions match a message, the delivery
outcome is determined by exiscan_demime_action (see below).
--------------------------------------------------------------------
http://duncanthrax.net/exiscan/
264f136ae3786b2a4201a38b025b9d80 exiscan-4.12-26.tar.bz2
1a961627da2ec65b3f5e43638a0a690e exiscan-4.12-26.tar.gz
--
Tom Kistner <tom@???>
ICQ 1501527 dcanthrax@efnet
http://duncanthrax.net
