Server Software and Configuration Services
New csf v3.01
Changes:
- Tightened DNS port configuration restrictions as the old rules were being catered for by iptables connection
- Added Kerio Mailserver POP3/IMAP regex’s
Changes:
Changes:
A reminder that support for PHP v4 was dropped by the PHP developers at the end of last year. For security and stability (yeah, right) reasons, you should be moving over to PHP v5 exclusively ASAP:http://php.net/#2007-07-13-1
Changes:
Changes:
We’ve released a new version of MSFE that will upgrade ClamAV and configure and install the clamd ClamAV Daemon process. The procedure will also reconfigure MailScanner to use clamd instead of the Mail::ClamAV perl module which will now no longer be required.We’ve made these changes for two reasons:1. It separates the dependency we’ve had on Mail::ClamAV keeping up with ClamAV developments. The current problem of incompatibility between v0.20 of Mail::ClamAV and ClamAV v0.92 has happened before and held back the upgrade to the latest version of ClamAV2. There is an added benefit that we’ve discovered where this change reduces each MailScanner child processes memory footprint by ~32MB. The clamd process uses around the same amount of memory, but there’s only a need for a single process. So, the saving on the typical system that runs 3 MailScanner children is ~64MBYou will notice that if you attempt to upgrade ClamAV through MSFE before upgrading MSFE itself, you’ll receive an error instructing you yo upgrade MSFE first.
You can ignore any subsequent mrtg errors referring to ETH1.
The latest version of ClamAV just released (v0.92) is incompatible with the current latest version of the Mail::ClamAV module (v0.20), so you should not upgrade to ClamAV v0.92 until the Mail::ClamAV developer updates their code. This affects anyone using the ClamAV Module in MailScanner. For the time being, you should stay on/install only ClamAV 0.91.2
Changes:
In CURRENT and EDGE releases of cPanel (v18335) cPanel have added their own Dictionary Attack ACL to exim. We would encourage users to use this new feature in preference to our long standing Dictionary Attack ACL.The cPanel version takes advantage of the new exim ratelimit feature and means that exim does not have to resort to running a perl script and storing IP addresses in a file. This ought to have less performance impact on exim.The cPanel ACL will block SMTP connection attempts after 5 consecutive failures rather than the 4 that we configured in ours. It maintains the block for one hour. cPanel also have a whitelist for IP’s.