ConfigServer Services Blog

New MailScanner Script v2.82

Changes:

  • Added hook for new msfe option to continue MailScanner if clamd stopped
  • “Spam List” setting now defaults to an blank setting on new installations – this is best done in the cPanel exim configuration
  • “Max Spam Check Size” now defaults to 600k on new installations

New MailScanner Front-End (MSFE) v4.33

Changes:

  • Modified MailWatch.pm to silence the spurious “commit ineffective with AutoCommit enabled” messafe on MailScanner restart
  • Added virtual pagination to MailScanner Configuration WHM UI
  • Modified the WHM UI presentation
  • Added new option to WHM UI which allows you to toggle whether MailScanner stops (loops) or continues if clamd is not running
  • Removed the need to go into MSFE WHM UI and save settings on install

New cmm v1.16

Changes:

  • When any delete/empty action is performed any local maildirsize file is removed to force free maildir space rebuild
  • Added SpamAssassin SA Learn button to learn spam against a directory if our MailScanner script is installed

New cxs v2.06

Changes:

  • Fixed bug in application type detection introduced in v2.04 which restricted script specific regex detection from working correctly
  • Exploit fingerprint definitions database additions

New csf v5.21

Changes:

  • Added port 500 to DROP_NOLOG for new installations
  • Corrected the LF_APACHE_404 lfd log line output
  • Added startup failure on invalid PORTFLOOD settings
  • Make csf.pignore item selector case-insensitive (e.g. exe: and EXE: )
  • All user: item selector examples removed from the default csf.pignore for all new installations (e.g. user:mailman). csf.pignore examples for some common processes can be found here:http://forum.configserver.com/viewtopic.php?f=6&t=2059
  • Updated DA and GENERIC default csf.pignore files for new installations
  • csf UI Firewall Configuration virtual pagination improvements
  • Updated Sanity checks for settings in csf.conf
  • Modified Sanity checks for settings in csf.conf to always show the recommended range in the UI
  • Set LF_GLOBAL to 0 instead of an empty string by default on new installations
  • Added new option LF_LOOKUPS to toggle rDNS IP address lookups

New cxs v2.04

Changes:

  • Added Quarantine UI option to block FTP IP addresses in csf
  • Fixed Quarantine UI display problems
  • Added option –tscripts [list] which is a comma separated list of scripts that –options [T] will detect if you want to restrict which types are checked
  • Exploit fingerprint definitions database additions

New csf v5.20

  • Updated installation scripts to distinguish between IPv4 and IPv6 port report
  • Modified Virtuozzo VPS numiptent check to distinguish between host and client servers
  • Added exe:/usr/sbin/ntpd to csf.pignore on new installations
  • Don’t perform the runlevel check on Debian/Ubuntu servers as it isn’t indicative of a potential security issue as with other Linux distros
  • Added new option PT_DELETED_ACTION which if defined with an executable script will run if PT_DELETED is triggered passing the process PID, executable and account. An example script is provided in: /etc/csf/pt_deleted_action.pl
  • If CC_LOOKUPS enable for the MaxMind City Database then also display the Region, where available
  • Added csf UI Firewall Configuration virtual pagination
  • Rearranged csf.conf for csf UI Firewall Configuration virtual pagination
  • Re-instated sanity check highlights in csf UI Firewall Configuration
  • Improved Server Check recursion checking in included configuration files
  • Added new options LF_APACHE_404 and LF_APACHE_404_PERM. This option will keep track of the number of “File does not exist” errors in HTACCESS_LOG. If the number of hits is more than LF_APACHE_404 in LF_INTERVAL seconds then the IP address will be blocked. See csf.conf for more information

New cxs v2.03

Changes:

  • Improvements to –decode [file] – don’t process ignore file
  • Speedups for –options [D]
  • Speedups for cxs Watch daemon startup
  • Fixes to cxs Watch daemon when processing new and –Wadd [file] directories where –ignore [file] and –filemax [num] were not applied
  • Improvements to hdir, hfile and hsym processing for –ignore [file]
  • Adjustments to –Wloglevel [num]
  • Improvements to FTP IP detection

New cxs v2.02

Changes:

  • Fixed bugs in –decode [file] output report and improved content of the report
  • Exploit fingerprint definitions database additions