ConfigServer Services Blog

New csf v4.76

Changes:

  • Added check for FrontPage extensions to Server Check as they should be considered a security risk as they were EOL in 2006
  • Added support for the impending cPanel v11.25 Security Tokens feature

New cmm v1.13

Changes:

  • Added new option “Manage Mail Hourly Limits” to modify per domain outgoing email limit

New csf v4.75

Changes:

  • Added a [block] section to the Login Failure alert.txt template. This new report template will be copied to /etc/csf/alert.txt.new on existing installations, rename it to alert.txt to use it
  • Modified existing lfd alerts to use currently used tags instead of appending block information to the IP address (alert.txt modified as above)
  • Added new options trigger for RT_LOCALHOSTRELAY_* to csf.conf for email sent via a local IP addresses, separating the trigger from RT_LOCALRELAY_* which is now only for /usr/sbin/sendmail. See csf.conf for more information
  • Added Relay Tracking to Direct Admin running exim. See RT_* and SMTPRELAY_LOG in csf.conf for more information
  • Added csf.mignore to allow ignoring of specified usernames or local IP addresses from RT_LOCALRELAY_ALERT
  • Modified csf UI to use a single dropdown for all lfd ignore files
  • Added proftpd regex matching for “UseReverseDNS on” in proftpd config

New csf v4.74

Changes:

  • Removed FUSER from csf.conf as it is no longer used
  • Added UNZIP to csf.conf which is required for Country Code to CIDR functions
  • Modified the Country Code allow/deny/allow_filter feature to generate CC CIDRs from the Maxmind GeoLite Country database instead of using iplocationtools.com. Note: GeoLite is much more accurate that the previous zones used. This also means that there are usually more CIDRs for each CC which adds to the burden of using this feature

The latest version of Archive::Zip (v1.29) breaks MailScanner

If you receive the following error while attempting to start MailScanner:

Bareword “Cwd::getcwd” not allowed while “strict subs” in use at /usr/lib/perl5/site_perl/5.8.8/Archive/Zip.pm line 552. Compilation failed in require at /usr/mailscanner/lib/MailScanner/Message.pm line 48. BEGIN failed–compilation aborted at /usr/mailscanner/lib/MailScanner/Message.pm line 48. Compilation failed in require at /usr/mailscanner/bin/MailScanner line 107. BEGIN failed–compilation aborted at /usr/mailscanner/bin/MailScanner line 107.

then it’s likely Archive::Zip has upgraded to v1.29, which causes this problem.Edit (1st July 2009 08:20): The author of Archive::Zip has now released a bugfix for this issue and you can easily fix the issue with:

/scripts/perlinstaller –force Archive::Zip

Check that it installs v1.30 of the perl module, then restart MailScannerNote that if the cpan mirror you are using is stuck on v1.29 and will not update to 1.30, you will need to manually upgrade Archive::Zip:

wget http://search.cpan.org/CPAN/authors/id/A/AD/ADAMK/Archive-Zip-1.30.tar.gztar -xzf Archive-Zip-1.30.tar.gzcd Archive-Zip-1.30perl Makefile.PLmakemake install

New csf v4.73

Changes:

  • Added checks before Net::CIDR:Lite calls to ensure inputs are CIDR’s to prevent module failures
  • New feature – LF_CPANEL_ALERT. Send an email alert if anyone accesses WHM via root. An IP address will be reported again 1 hour after the last tracked access (or if lfd is restarted)

New csf v4.72

Changes:

  • Modified mail sending code to use a common procedure that copes better with differing combinations and variations of From:, To:, LF_ALERT_TO and LF_ALERT_FROM settings for lfd alerts

New csf v4.71

Changes:

  • Code speedups in csf –grep
  • Added csf.allow and GLOBAL_ALLOW lookups during lfd blocking and note added to alert if ip match found
  • Modified Server Check for Fedora v9 EOL now that Fedora v11 has been released
  • Modified iptables output from csf.pl to exclude the Fedora v11 intrapositioned negation messages
  • Fixed typo in integrity.txt alert template for new installations
  • Modified the email header for csf –mail
  • Fix Relay Tracking from 127.0.0.1 to always report as a LOCALRELAY
  • Modified lfd output filehandle names to avoid read/write conflicts
  • Added Advanced Allow/Deny Filters for csf.dyndns. See readme.txt for an example
  • Added new option CC_ALLOW_FILTER as an alternative to CC_ALLOW where only listed Country Codes are allowed, however normal port and packet filter rules are still applied to those connections. All other connections are dropped

New ClamAV v0.95.2

Changes:

This version improves handling of archives, adds support for –file-listin clamscan and clamdscan, and fixes various issues found in previousreleases.