annotate ChangeLog @ 139:003026deaed1 stable-5-21

add smtp auth rate limits
author carl
date Tue, 26 Sep 2006 15:21:17 -0700
parents f4746d8a12a3
children 4028de9b46dd
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
98
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
1 $Id$
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
2
136
f4746d8a12a3 add smtp auth rate limits
carl
parents: 134
diff changeset
3 5.21 2006-09-26
f4746d8a12a3 add smtp auth rate limits
carl
parents: 134
diff changeset
4 Add SMTP AUTH recipient rate limits, to help throttle infected
f4746d8a12a3 add smtp auth rate limits
carl
parents: 134
diff changeset
5 client machines and accounts with weak cracked passwords.
f4746d8a12a3 add smtp auth rate limits
carl
parents: 134
diff changeset
6
134
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix
carl
parents: 133
diff changeset
7 5.20 2006-08-02
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix
carl
parents: 133
diff changeset
8 Fully qualify all dns lookups. Fix my_read() bug. Try to convert
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix
carl
parents: 133
diff changeset
9 names that might be ip addresses via inet_aton before doing dns
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix
carl
parents: 133
diff changeset
10 lookups.
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix
carl
parents: 133
diff changeset
11
131
df355d117199 uribl lookups fully qualified; allow two component host names
carl
parents: 128
diff changeset
12 5.19 2006-08-01
df355d117199 uribl lookups fully qualified; allow two component host names
carl
parents: 128
diff changeset
13 Bug fix - add trailing dot to uribl dns lookups to make them fully
df355d117199 uribl lookups fully qualified; allow two component host names
carl
parents: 128
diff changeset
14 qualified. Check host names with only two components, since
df355d117199 uribl lookups fully qualified; allow two component host names
carl
parents: 128
diff changeset
15 spammers are now using bare http://domain.tld references.
133
b8ce1b31237d uribl lookups fully qualified; allow two component host names
carl
parents: 131
diff changeset
16 Spec file now creates an rpm that properly creates the dnsbl user.
131
df355d117199 uribl lookups fully qualified; allow two component host names
carl
parents: 128
diff changeset
17
128
9ab51896447f don't do uribl lookups on rfc1918 address space
carl
parents: 127
diff changeset
18 5.18 2006-04-27
127
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
19 Bug fix - newer sendmail versions don't guarantee envelope addresses
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
20 enclosed in <> wrapper.
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
21
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
22 Document backscatter prevention configuration for systems that are
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
23 used to mainly spam filter and then forward to mail to the internal
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
24 server.
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
25
128
9ab51896447f don't do uribl lookups on rfc1918 address space
carl
parents: 127
diff changeset
26 Never ask uribl blacklists about rfc1918 address space.
9ab51896447f don't do uribl lookups on rfc1918 address space
carl
parents: 127
diff changeset
27
126
05ae49d37896 don't do dnsbl lookups on rfc1918 address space
carl
parents: 125
diff changeset
28 5.17 2006-03-25
127
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
29 Never ask dns blacklists about rfc1918 address space.
126
05ae49d37896 don't do dnsbl lookups on rfc1918 address space
carl
parents: 125
diff changeset
30
125
8b1562482b29 put hostname in smtp message for uribl style lookups
carl
parents: 123
diff changeset
31 5.16 2006-03-16
127
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
32 Bug fix - the smtp error message for uribl filtering needs to
125
8b1562482b29 put hostname in smtp message for uribl style lookups
carl
parents: 123
diff changeset
33 reference the host name, not the ip address.
8b1562482b29 put hostname in smtp message for uribl style lookups
carl
parents: 123
diff changeset
34
123
ecd97e7eb1f0 properly return error code with reject reason
carl
parents: 122
diff changeset
35 5.15 2006-03-15
127
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
36 Bug fix - we failed to properly set the return code to indicate the
123
ecd97e7eb1f0 properly return error code with reject reason
carl
parents: 122
diff changeset
37 reason when rejecting mail for content filtering.
ecd97e7eb1f0 properly return error code with reject reason
carl
parents: 122
diff changeset
38
122
e8971c595845 fix typo in multi.surbl.org name
carl
parents: 121
diff changeset
39 5.14 2006-03-13
127
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes
carl
parents: 126
diff changeset
40 Fix a typo in the default config file and documentation for using
122
e8971c595845 fix typo in multi.surbl.org name
carl
parents: 121
diff changeset
41 multi.surbl.org
e8971c595845 fix typo in multi.surbl.org name
carl
parents: 121
diff changeset
42
117
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 116
diff changeset
43 5.13 2006-03-12
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 116
diff changeset
44 patch from Jeff Evans <jeffe@tricab.com>
121
e2506138561b uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 117
diff changeset
45 add SURBL/URIBL lookups, remove trailing dots from hostnames,
e2506138561b uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 117
diff changeset
46 allow ip address literals as hostnames.
e2506138561b uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 117
diff changeset
47 add configuration for surbl/uribl list and reject message
e2506138561b uribl patch from Jeff Evans <jeffe@tricab.com>
carl
parents: 117
diff changeset
48
115
07e5d4721213 use larger resolver buffer
carl
parents: 113
diff changeset
49 5.12 2006-01-08
07e5d4721213 use larger resolver buffer
carl
parents: 113
diff changeset
50 Use larger resolver buffer to accomodate spammers with many name
07e5d4721213 use larger resolver buffer
carl
parents: 113
diff changeset
51 servers. A current example is life-all.com which needs to retry in
07e5d4721213 use larger resolver buffer
carl
parents: 113
diff changeset
52 tcp mode to fetch the 1444 byte response.
07e5d4721213 use larger resolver buffer
carl
parents: 113
diff changeset
53
116
0094678a16d0 update all systems from tarball, make chkconfig creates dnsbl user if needed
carl
parents: 115
diff changeset
54 'make chkconfig' now creates the dnsbl user if it does not exist.
0094678a16d0 update all systems from tarball, make chkconfig creates dnsbl user if needed
carl
parents: 115
diff changeset
55
113
a893afee4b80 move to autoconf/automake/docbook
carl
parents: 102
diff changeset
56 5.11 2005-12-20
a893afee4b80 move to autoconf/automake/docbook
carl
parents: 102
diff changeset
57 switch to autoconf/automake/docbook
a893afee4b80 move to autoconf/automake/docbook
carl
parents: 102
diff changeset
58
102
d9c64bafbf60 fix compile error on fc3
carl
parents: 101
diff changeset
59 5.10 2005-10-16
d9c64bafbf60 fix compile error on fc3
carl
parents: 101
diff changeset
60 Fix a compile error on Fedora Core 3.
d9c64bafbf60 fix compile error on fc3
carl
parents: 101
diff changeset
61 Discovered by Nigel Horne <njh@bandsman.co.uk>
d9c64bafbf60 fix compile error on fc3
carl
parents: 101
diff changeset
62
101
6ac7ba4a8312 fix <> passed as <<>> to verification hosts
carl
parents: 100
diff changeset
63 5.9 2005-09-26
6ac7ba4a8312 fix <> passed as <<>> to verification hosts
carl
parents: 100
diff changeset
64 Fix a bug with empty return paths passed to the verification code.
6ac7ba4a8312 fix <> passed as <<>> to verification hosts
carl
parents: 100
diff changeset
65 That resulted in 'MAIL FROM:<<>>' being sent to the verification
6ac7ba4a8312 fix <> passed as <<>> to verification hosts
carl
parents: 100
diff changeset
66 mail server.
6ac7ba4a8312 fix <> passed as <<>> to verification hosts
carl
parents: 100
diff changeset
67
100
63e8633abc34 allow empty env_to at global context to remove all restrictions on child contexts
carl
parents: 99
diff changeset
68 5.8 2005-09-25
63e8633abc34 allow empty env_to at global context to remove all restrictions on child contexts
carl
parents: 99
diff changeset
69 Allow empty env_to at global context level to remove restrictions
63e8633abc34 allow empty env_to at global context to remove all restrictions on child contexts
carl
parents: 99
diff changeset
70 on env_to values in child contexts.
63e8633abc34 allow empty env_to at global context to remove all restrictions on child contexts
carl
parents: 99
diff changeset
71
99
f8963ddf7143 failed to return a value from parse_verify()
carl
parents: 98
diff changeset
72 5.7 2005-09-23
f8963ddf7143 failed to return a value from parse_verify()
carl
parents: 98
diff changeset
73 Failed to return a value from parse_verify() which caused failures
f8963ddf7143 failed to return a value from parse_verify()
carl
parents: 98
diff changeset
74 to load the configuration.
f8963ddf7143 failed to return a value from parse_verify()
carl
parents: 98
diff changeset
75
98
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
76 5.6 2005-09-22
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
77 Tokenizer errors now go thru the syslog code, so they are visible
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
78 when generated during config file reloads during normal operation.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
79
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
80 5.5 2005-09-21
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
81 Cleanup debug logging. Verify from/to pairs now remembers the last
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
82 from value sent to the remote server to prevent unnecessary rset
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
83 commands.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
84
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
85 5.4 2005-09-18
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
86 Add verify statement to specify the smtp host to be used to verify
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
87 envelope from / recipient pairs.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
88
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
89 Authenticated clients are now exempt from all white/black listing
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
90 in addition to the dnsbl lookups.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
91
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
92 dcc_to should not look at substitute mail_host. That is only used
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
93 by dcc_from.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
94
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
95 5.3 2005-08-07
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
96 Properly quit if the config file has syntax errors on startup. Send
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
97 mail to root if the config file needs to be reloaded since it was
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
98 modified, but contains syntax errors. In this case, we continue to
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
99 use the old configuration.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
100
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
101 5.2 2005-08-02
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
102 Patch from Stephen Johnson <stephen.johnson@arkansas.gov> fixing the
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
103 lack of a default return value in CONTEXT::acceptable_content().
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
104
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
105 5.1 2005-07-20
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
106 Add multiple syslog debug levels. Detect and silently remove
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
107 duplicate DNSBL definitions. That allows us to accept mail to
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
108 recipients in multiple domains that use the same blacklist and yet
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
109 only check that blacklist once. This may happen when your config
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
110 file directly includes as child contexts the config files used on
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
111 your clients mail servers.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
112
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
113 5.0 2005-07-16
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
114 Major changes to the syntax of the config file. Content filtering
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
115 is no longer a global mail server setting.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
116
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
117 4.6 2005-04-02
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
118 Fix enum compilation error on Fedora Core 3.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
119 Discovered by Nigel Horne <njh@bandsman.co.uk>
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
120
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
121 Remove bad html tag command from the default conf file. Spammers
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
122 seem to have abandoned this.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
123
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
124 Add toolbar.msn.click-url.com in hosts-ignore.conf. These are all
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
125 commented, but you might want to uncomment them.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
126
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
127 4.5 2005-01-22
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
128 Add uuencode decoding for old style attachments.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
129
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
130 4.4 2005-01-18
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
131 Bug fix in forked process termination that left zombies.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
132
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
133 4.3 2005-01-16
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
134 Only keep 20% of the resolver sockets in the ready pool.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
135
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
136 4.2 2005-01-08
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
137 Use the separate resolver processes even if we don't have the
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
138 resolver interfaces and need gethostbyname.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
139
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
140 4.1 2005-01-06
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
141 Use a local unix domain socket for the resolver process
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
142 communication, rather than a tcp/ip socket.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
143
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
144 4.0 2005-01-03
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
145 Initialize the thread mutex objects early, before they are needed
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
146 by possible calls to my_syslog.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
147
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
148 Fork off a separate resolver listener process, so we can do multiple
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
149 dns operations in parallel. For each simultaneous inbound email,
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
150 we have a separate sendmail process, a milter thread, and a dns
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
151 resolver process.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
152
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
153 3.7 2004-10-28
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
154 Added an 'ignore' command to the conf file, used to ignore some
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
155 hosts that might end up on the SBL and otherwise trip the content
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
156 scanning filter. In particular, many recent Microsoft Word
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
157 documents contain the string www.5iantlavalamp.com which is
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
158 associated with their smart tags stuff. That is currently hosted at
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
159 216.168.224.70, which is shared with a site that ended up on the
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
160 SBL.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
161
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
162 3.6 2004-09-08
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
163 Contributions from Dan Harkless <software@harkless.org>
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
164 Better documentation for disabling the content filtering.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
165 Don't bother looking at the body text if we are not doing
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
166 content filtering.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
167
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
168 3.5 2004-07-17
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
169 Extend the error message for content filtering when the NS record
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
170 points to an ip address on the SBL. Include the original host name
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
171 that referenced that NS name.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
172
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
173
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
174 3.4 2004-07-15
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
175 Tokens with two consecutive periods cannot be ip addresses or host
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
176 names.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
177
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
178 Updated dnsbl.spec file for building rpms from John Gunkel.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
179
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
180
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
181 3.3 2004-07-09
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
182 Drop root priviledges properly, including the group id.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
183
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
184
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
185 3.2 2004-07-09
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
186
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
187 Contributions from John Gunkel <jgunkel@palliser.ca>:
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
188 Add .spec file for building rpms, contributed by John Gunkel
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
189
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
190 Changes to file layout to conform to RedHat/LSB standards.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
191
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
192 Add some html (actually xml) tags used by Apple mac print
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
193 subsystem that were tripping the html tag detector.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
194
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
195 Help with changes required to allow dnsbl to drop root
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
196 priviledges. Move the socket to /var/run/dnsbl/dnsbl.sock
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
197
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
198 Change parser to handle &#xnnn; obfuscated urls with charaters
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
199 specified in hex.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
200
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
201 Make bad_html tags more sensitive to binary tags, to reduce false
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
202 positives in .zip or .tar.gz file attachments.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
203
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
204 Add sendmail queueid to the dnsbl syslog messages.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
205
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
206 Fix one place where host names were not forced to lower case.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
207 Discovered by Nigel Horne <njh@bandsman.co.uk>
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
208
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
209 Remove duplicate dns queries within the same smtp transaction from
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
210 the body content filtering. This helps if the mail server does not
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
211 have a nearby caching dns server.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
212
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
213 Add host_soft_limit config keyword. Use only one of host_limit or
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
214 host_soft_limit, since the last one wins. The host_limit is a hard
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
215 upper limit on the number of host names in a message. The
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
216 host_soft_limit allows unlimited host names, but only checks a
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
217 random sample of them against the dnsbl.
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
218
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
219 The main thread has dropped root priviledges, but other threads
91c27c00048f tokenizer errors now go thru syslog to be visible during config file reloads in normal operation
carl
parents: 92
diff changeset
220 are still running as root. This needs to be fixed.