New csf v1.61

New release, new major feature:

  • Tighten up some of the csf rules
  • Added new fature – LF_SCRIPT_ALERT when enabled will scan /var/log/exim_mainlog for extended exim logging lines that show the cwd= line for paths in /home which indicate emails sent from scripts. If LF_SCRIPT_LIMIT emails from the same path are sent within an hour, an email alert is sent using scriptalert.txt containing the first 10 probably exim mainlog line matches and also likely mailing scripts within the identifed path – an ideal tool to help identify spamming scripts sending out email through exim. The option is disabled by default as you do need to enable extended exim logging first as