Changes and new features:
- Added workaround to restart the bandmin acctboth chains if csf is stopped or (re)started
- Rewritten the way RELAYHOSTS works so instead of using an iptables chain a check is done at block time on the IP address and if it is in /etc/relayhosts then it will be treated as if it is listed in csf.ignore
- Enabled RELAYHOSTS by default, which is now a boolean on off (1 or 0) instead of a time interval
- Added exe:/usr/local/cpanel/bin/logrunner to csf.pignore
- Added new options PT_USERMEM and PT_USERTIME to report excessive user process usage and optionally PT_USERKILL to kill such processes. An alert is sent using resalert.txt
We’ve recently started including the following SpamAssassin score modifications to help boost the identification of incoming spam with MailScanner. To do it yourself, create a file called /etc/mail/spamassassin/configserver.cf and add the following lines:
score BAYES_99 5.0score URIBL_SBL 5.0score URIBL_AB_SURBL 5.0score URIBL_OB_SURBL 5.0score URIBL_PH_SURBL 5.0score URIBL_SC_SURBL 5.0score URIBL_WS_SURBL 5.0score URIBL_JP_SURBL 5.0
Then reload MailScanner:
service MailScanner reload
That’s it. This makes your Bayesian database have a greater say in what is very likely to be spam and also boosts the scores of emails that contain URI’s in known spam from various URI RBL spam lists
Stability and performance improvements:
- Added csf lock procedure to avoid iptables race conditions if multiple /simultaneous instances of csf or lfd are executed
- Added check for child reaper looping to dramatically reduce lfd load
- Fixed bug where %age of space used report wasn’t showing mailboxes in excess if they had a quota set
To upgrade just reinstall.
- Modified queue entry regex to better identify broken spool messages
- Added expand/collapse of additional email recipients in queue view so that each message is shown one per line unless expanded
- Top aligned cells in the queue view table
To upgrade simply follow the installation instructions.
We’ve decided to simplify our cPanel Server Service packages to a single package (with a MailScanner option). This has been done for a one main reason – we’ve found that many people who were purchasing the smaller packages were needing the security features of the large packages and weren’t benefitting from them, frequently purchasing additional services from us to bring their servers up to the Full Service spec.To better service our customers we’ve created a single package that tackles all of the apsects of server security and management that we deal with. We’ve reduced the price of what was the cPanel Full Service package for the new all encompassing package.We have not removed any features at all whilst doing this.We hope the change benefits our customers in making their servers more secure and managable.