Hi all,
ASSP version 2.5.1 build 16100 is released on sourceforge.
This build contains several changes, fixes and new features (see below).
For the full description of the changes, fixes and new features, please
read the changelog.
fixes:
- the 'DoRFC822' failed, if the host name of a envelope sender address was
valid but
the domain nearest to the TLD was invalid, like in 'co.delaware.pa.us'
where 'delaware.pa.us' is invalid
- improved performance for high workload systems
- better garbage detection for the HMM and Bayesian engine
- if a message is scored in SMTP-handshake and/or header and noprocessing
and/or whitelisting is detected
in the body check, the message scrore is reduced to prevent false
positives
- some file action on unicode filenames caused a SEGV on some systems
- the default values for 'FileLogScan' and 'ClamAVLogScan' are changed
from
'scan resend folder only'(1) to 'scan resend folder and collected
files'(2)
- it is now posssible to define more than one ClamAV-Host (AvClamdPort)
- If the ASSP_AFC plugin is installed and configured, all resend mails are
scanned for viruses and
bad attachments using the configured rules - except, that bad parts are
replaced and the cleanedup
mail is resent every time.
- under certain conditions it was possible, that mails blocked by any
Plugin were not correctly
collected and the final file name was not written to the maillog.txt
- the resend link in BlockReports was missing, if a collected file was
moved from 'spam' to 'discarded'
- the collection of mails blocked by the ASSP_AFC Plugin was not working
ASSP_AFC 3,33 or 4.25 are required to solve this problem
- 'enhancedOriginIPDetect wrong detected tunneled IPv4 addresses
- faster SSL-linstener handling improves DoS and DDoS handling of
SSL-negotiation attacks
- ASSP_AFC.pm 3.33 and 4.25 detected a MIME-type mismatch for application
related compressed files
which had not the default filename extension like: zip, gz ...
- assp had tried to renew SSL-listeners in case too many handshake error
were counted
SSL handshake errors are now ignored for the listener error counting
- the address spoofing check was skipped, in case a mail was only
noprocessing because of its size
- DoNotCollectRedRe and DoNotCollectRedList were not working like expected
- attachments were destroyed on some systems, if a SSL-renegotiation was
done in the DATA section of a mail
- an authetication error was detected, if a host matched 'acceptAllMail'
and was connected to the default listener
and relayAuthUser/relayAuthPass was configured
- noTLSIP was not working for any destination IP address and the relayHost
- the recommended version of the perl module File::Scan::ClamAV is now
1.93
- if the default value 'assp.nospam' used for 'myName' and error message
is written to the maillog.txt
this value should be set to an unique hostname (FQDN)
- detecting the DATAEND sequence [CR][LF].[CR][LF] was not working and was
wrong sent to the MTA,
if the sequence was anyway separated by the client/server in to more
than one TCP packet
- 'AvClamdPort' now supports the definition of a remote host
- if a '--moveDB' was done - the GUI links and buttons to show the content
of the hashes and files, pointed still
to there old location
- if a '--moveDB' was done - the adimusersdb was no longer loaded if it
was set to a flat file,
because the config value was destroyed by assp
- 'invalidHeloRe','Regular Expression to Immediatly Blocked Invalidate
HELO*'
'Regular expression to check and block immediatly incoming HELOs.
For example: ylmf-pc
Thomas
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial! http://pubads.g.doubleclick.net/
gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
