New csf v2.50


  • Removed option ALLOW_RES_PORTS from new installs, setting is ignored
  • Check for LF at the end of form data for files edited through the WHM UI and append one if omitted
  • Following the changes in 2.48 the LOGDROP chain doesn’t distinguish between incoming and outgoing blocks. So, LOGDROP has now been split into LOGDROPIN and LOGDROPOUT

ORDB RBL is closing down

Quote from

We regret to inform you that, at the ripe age of five and a half, is shutting down. It’s been a case of a long goodbye as very little work has gone into maintaining ORDB for a while.
We encourage system owners to remove ORDB checks from their mailers immediately and start investigating alternative methods of spam filtering.

So, if you use in exim RBL ACL, or ORDB-RBL in the MailScanner “Spam List” setting, remove it asap.Note: We do not configure either exim or MailScanner to use this RBL when we perform the MailScanner Sevice package work

New csf v2.48


  • csf will now specify ! lo as the main ethernet device unless otherwise defined in ETH_DEVICE. This will mean that the firewall is applied to all ethernet devices on the server unless otherwise specified in the configuration

New cmm v1.04


  • UI changes when browsing a mailbox when within a directory only show the current directory and emails. Added Go Up button to return to the top of the mailbox
  • Added selected delete of files when browsing a mailbox
  • Added empty directory when browsing a mailbox
  • Added cPanel account quota check before allowing edit of filters or forwarders or adding a new mailbox to prevent data loss in the event of quota exceeded for the account

ClamAV errors

If you’re unexpectedly seeing the following in /var/log/maillog for emails blocked with zip file attachments:ClamAVModule::INFECTED:: Oversized.Zip::Then you may have not reinstalled the Mail::ClamAV perl module after upgrading ClamAV recently. The MailScanner Front-End does upgrade the perl module for you, but if you perform the ClamAV upgrade manually, then you need to be sure to run:

/scripts/perlinstaller –force Mail::ClamAV

It’s important to use –force otherwise the perl module most likely won’t be reinstalled (i.e. if the version of the perl module hasn’t changed).Then restart MailScanner:

service MailScanner restart

New csf v2.47


  • Modified DYNDNS code to set listed domains IP addresses to be ignored as if they were listed in csf.ignore
  • If adding an IP address to csf.allow that is already in csf.deny, the IP address will now be removed from csf.deny first and the DROP removed from iptables. It will then be added to csf.allow as normal

New csf v2.46


  • Added auto-detection of additional exim port (same as SSH port) which will be added to TCP_IN on csf installation (or if in TESTING mode)
  • Only report PT_USERMEM and PT_USERTIME PIDs once