ConfigServer Services Blog

New ClamAV v0.90

We have previously guarded against upgrading to this latest version of ClamAV as the developer of the perl module Mail::ClamAV has not updated his code to support this updated version of the ClamAV engine.However, vulnerabilities have now been published for versions of ClamAV prior to v0.90 so it seems prudent to upgrade to it now.To do this we have repackaged the ClamAV v0.90 distribution and added code to convert MailScanner to use clamav instead of clamavmodule for its Virus Scanner.The downside of this change is that there is a potential increase in server load over using the perl module method.You can upgrade now through the WHM MailScanner UI. You can ignore the Mail::ClamAV errors at the bottom of the installation procedure, but do make sure that MailScanner starts correctly and send a test message through your system (check /var/log/maillog).For anyone using MailScanner without our Front-End, you can upgrade using the same repackaged distribution with…

wget http://license.configserver.com/clamav-0.90.tar.gztar -xzf clamav-*cd clamav-*./configure –disable-zlib-vcheckmakemake installreplace “Example” “#Example” — /usr/local/etc/freshclam.confreplace “Example” “#Example” — /usr/local/etc/clamd.conffreshclamcd ../bin/rm -Rf clamav-*service MailScanner restart

New csf v2.65

Changes:

  • New Feature: System Integrity Checking. This enables lfd to compare md5sums of the servers OS binary application files from the time when lfd starts. If the md5sum of a monitored file changes an alert is sent. This option is intended as an IDS (Intrusion Detection System) and is the last line of detection for a

Do not upgrade to ClamAV v0.90

Don’t be tempted to upgrade to ClamAV v0.90 if you are running MailScanner. The Mail::ClamAV perl module is incompatible with it at this time, so you will have to stick with ClamAV v0.87 (why can’t they develop these things to be backwards compatible?). Hopefully the Mail::ClamAV developer will fix this soon. If you must use v0.90 then you’ll have to set virus scanners = clamav in MailScanner.conf

New MailScanner Script v2.51

Changes:

  • Further development of the workaround for the new MailScanner bug where it won’t start if /dev/shm isn’t mounted or is not writable

New MailScanner Front-End (MSFE) v4.01

Changes:

  • v4.01 – Modified installation routines to better support old OS’s (only applies to updates v4.01+)
  • Set Virus Scanning default to To: instead of FromOrTo: for new installations
  • Added Performance tweak to enable/disable outgoing virus scanning
  • Added note to Performance tweak – if Dangerous Content scanning is disabled, File Attachment checking is also disabled

New MailScanner Script v2.50

Anyone with a VPS that has upgraded to v2.49 of the script will want to upgrade again – Changes:

  • Implemented a workaround for a major bug in MailScanner v4.58.9 that breaks MailScanner if on a server (e.g. a VPS) where /dev/shm exists but is not a mountpoint for a tmpfs device – naughty MailScanner

New csf v2.64

Changes:

  • Modified lfd check for rotated system logs to re-open a log file if logs are emptied instead of rotated

New MailScanner Front-End (MSFE) v4.0

Changes:

  • Installation no longer attempts to recreate mailscanner database or update the MailScanner configuration settings if the mailscanner MySQL database already exists
  • Added whitelisting to virus.scanning.rules for mails released from quarantine (i.e. sent locally and from the postmaster@hostname address)
  • Moved to a simpler installer script using the license server
  • Timeout version checks incase version server is unavailable
  • Added check for incorrect ClamAV (or clamavconnector) installation which causes MailScanner to be disabled
  • Improved support for remote MySQL database servers

New csf v2.63

Changes:

  • Added regex support for uw-imap (imap and pop3) login failures
  • Added regex support for proftpd login failures
  • Timeout version check incase version server is unavailable