Hi all, ASSP version 2.6.3 build 19169 is released on sourceforge. This build contains several changes, fixes and new features (see below). For the full description of the changes, fixes and new features, please read the changelog.
Thomas - queries for viruses and bad URL's to www.virustotal.com are now supported virus checks require ASSP_AFC.pm (version 5.10) - lib/ASSP_VirusTotal_API.pm (version 1.01) and the changed ASSP_AFC.pm (version 5.11) - 'VirusTotalAPIKey','The Privat API-Key for VirusTotal' 'To query www.VirusTotal.com for URIs and/or viruses (ASSP_AFC.pm), a valid API-Key is required. An API-Key is provided by VirusTotal for free, after your registration at www.virustotal.com. Such a free API-Key is limited to four queries at VirusTotal per minute. API-Keys for a higher query volume are also provided by VirusTotal. Systems that are part of the ASSP-Global-PenalyBox network can leave this value empty. They are getting an API-Key with a much higher query volume from the GPB-Server automatically, without any additionally costs. This API-Key is not shown here!' 'ASSP_AFCDoVirusTotalVirusScan','Enable VirusTotal Virus Scan' 'If a VirusTotalAPIKey is provided and this option is enabled, all MIME-parts will be (in addition to ClamAV and/or FileScan) checked by www.virustotal.com.' - DBD::MariaDB is now supported - The ClamAV-engine now uses the modern INSTREAM clamav-API. It uses less system resources and is faster than the "old" STREAM-API. - using the unix socket for the ClamAV communication failed on some systems - assp has thrown an error if the ClamAV, configuration was anyway invalid or not working, but UseAvClamd was disabled - ASSP_AFCKnownGoodEXE,'Well Known Good Executable Files' 'Put the SHA256_HEX hash of all well known good executables in to this file (one per line). If the SHA256_HEX hash (not case sensitive) of an attachment or a part of a compressed attachment (e.g. exe, *.bin MS-Macro or OLE) is equal to a line in this file, the attachment passes the attachment check for all mails (regardless its extension and the settings in UserAttach). The same applies to the following ojects in a PDF file: Certificate, Signature, JavaScript . If the SHA256_HEX hash of any of these PDF objects matches, the PDF will pass the attachment check. Comments are allowed after the hash and at the begin of a line (recommended). If configured, the analyzer and the maillog.txt will show the SHA256_HEX hash and the optional defined comment for all detected executables and PDF objects. For security reasons, virus scanning is not skipped. <b>Notice:</b> this feature is mainly created for executable files, but it will work for every attachment and every part of a compressed attachment. For example - this can be usefull, if clients regular sending or receiving documents or excel sheets, which contains every time the same MS-Macro/MS-OLE (e.g. executable). In this case, decompress the doc[xm] and calculate the SHA256_HEX hash for the vbaProject.bin or the vbaProjectSignature.bin file and register the hash here. DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! *******************************************************
_______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user
