****************************************************************************************** CHANGELOG (2011..year 08..month 12..day) the names in () supplied fixes, reported bugs or suggested improvements 2011 07 30 - Clamav 0.97.2 - added fix for monit, if not activated - removed some gui and shell outputs, for having a better overview - reworked stop - start output for each service (see more on screenshots) 2011 07 24 - added workaround for copfilter_spamd in start section, for correct logs - removed the squid_cache.log in Copfilter GUI Tests & Logs, because of wrong user rights 2011 07 21/22 - added workaround for privoxy, to work correctly - added missing docs for privoxy (thanks to FischerM for reporting) - removed anomy and all entries, which belongs to anomy and p3pmail (thanks to FischerM) - added squid.cache to Copfilter Tests & Logs (thanks to FischerM) - added missing rm command, to remove the test.txt in tmp path 2011 07 15 - removed p3pmail, which isn't used anymore (thanks to FischerM) - fixed F-Prot path in copfilter_cron for periodic update 2011 06 26 - added imspector to copfilter_monit - added workaround for empty folder error messages in copfilter_cron - fixed some rights for p3scan and copfilter_cron (thanks to FischerM) - fixed squid part in copfilter_havp - added syslogd restart for p3scan log file in setup_util 2011 06 25 - added missing Perl Module Mail::Address and Time::Parse (required for Mail::DKIM) 2011 06 23 - changed start order in copfilter_status.cgi (thanks to FischerM) - fixed imspector network device output (thanks to FischerM) - language files rewritten (thanks to FischerM) 2011 06 22 - fixed monit destination address in copfilter_status.cgi and copfilter_monit.cgi (thanks to FischerM for report and fix) - added imspector to monitrc (thanks to FischerM for reporting) - added prepared german language file from FischerM 2011 06 18 - commented tmp path in clamd.conf (thanks to FischerM for reporting) 2011 06 15 - removed imspector checks from cgi, which are a problem, if you try to restore your settings from a previous version 2011 06 13 - fixed uninstall routine in setup_util, added workaround for removing entries in squid.conf and proxy.cgi, if no modification was done (for example you install and uninstall copfilter, without using it), the complete content of squid.conf and proxy.cgi was deleted - updated to newest binaries, used with copfilter (list would be too long, to list) - added a new option to setup_util: -p, or --permissions for setting file permissions 2011 06 12 - compiled all actual PerlModules - Imspector 0.9 and adaptions 2011 06 11 - Monit 5.2.5 - ClamAV 0.97.1 - spey 0.5.3pre1 - PHP 5.2.17 - DB 5.2.3 - DCC 1.3.140 - rsync 3.0.8 - altermime 0.3.10 - anomy 1.95 2011 06 08 - added GUI content (buttons, etc. see the screenshots) 2010 12 21 - released as copfilter 0.85.2 - removed the "score FH_DATE_PAST_20XX 0.0" entry in local.cf (is fixed in SA 3.3.1) - activated SA plugin "Mail::SpamAssassin::Plugin::AWL" - removed the ! on line 578 in setup_util 2010 12 20 - released as copfilter 0.85.1 - some perl modules were still missing => used the perl modules from karesmakro spamassassin package 3.3.1 2010 12 04 - released as copfilter 0.85 - clamav 0.96.5 - imspector 0.9 - monit 5.2.3 - added some missing perl modules 2010 11 25 - released as copfilter 0.84beta5 - clamav 0.96.4 and updated config - spamassassin 3.3.1 and updated config - privoxy 3.0.17 and updated config - havp 0.92a and updated config - compiled newest perl modules - updated sendEmail to 1.56 - privoxy not working after upgrade changed "forward / :10080" to forward / 127.0.0.1:10080 (also with listen-address) - added karesmakro copfilter_ip_conn_fix.tar.gz fix to "config_fwrules" section of /etc/rc.d/init.d/copfilter_proxsmtpd (20100627) - added karesmakro copfilter_status_cgi_fix.tar.gz fix (20100114) - added karesmakro mailscanner_modified.tar.gz fix (solving some problems with multiple mail senders) (ver 20100420) - added karesmakro send_q_mail_virus_fix.tar.gz (ver 20100107) - added karesmakro copfilter_lang_patch.tar.gz (ver 20090305) - added karesmakro p3scan webgui cgi fix, so that page stops loading when starting p3scan (wow!) - added karesmakro p3scan fix p3scan_orange_fix.tar.gz (ver 20091227), but leaving 995 firewall rules intact - added "ftp_sanitycheck off" to squid.cond and proxy.cgi - copfilter wiki 9. "Privoxy inactive after clearing squid cache" 20090323 - clamav 0.95 - privoxy 3.0.12 20090222 - released as copfilter-0.84beta4 - fixes from karesmakro: restore of original header.png excellent fix to stop clamd daemon 20090221 - updated copfilter_status.cgi from Jens - changed WAIT interval to 5 in copfilter_clamd from FischerM - updated languate files from mfischer - increased timeout = 60 in p3scan.conf (FischerM) - copfilter_functions fix "corrupted emails" (FischerM) 20090208 - added a chmod 0644 of clamav virdb directory into cron.daily script - added a minor fix from Jens for mailscanner.sh 20090205 - fix for send_q_mail.sh from karesmakro - switched back to sendEmail 1.52 because of http://copfilter.endlich-mail.de/viewtopic.php?p=12337#12337 - added typo corrections from FischerM 20090204 - fix from karesmakro (rsync path) - fix from severus (use current sanesecurity files) - fix from severus regarding emptying the quarantine 20090203 - altermime 0.3.10 - imspector 0.8 - clamav 0.94.2 - rsync 3.0.5 - dcc 1.3.102 - ripmime 1.4.0.9 - php 4.4.9 - privoxy 3.0.10 - language fix es.pl es.sh 20080903 - added fixes from jens (copfilter_cron to reduce logging -checks for disabled services - and removed tabs) - added feature from jens and sergey (sent by Igor) for the quarantine sections: 1. Almost 100% correct display of From: To: and Subject: fileds in SMTP quarantine. 2. Using correctly recovered email adresses to resend mail from quarantine. 3. Resending mails from quarantine with(!) attachments. 4. Displaying Subjects in Russian languange instead of =?koi8-r?B?4sDE1sXUydLP18HOycU=?-like encoding. - changed in havp.config CLAMMAXSCANSIZE 100 CLAMMAXFILESIZE 25 CLAMMAXRECURSION 16 CLAMMAXFILES 10000 - turned of debug mode in /var/log/copfilter/default/opt/tools/bin/DMZS-sa-learn.pl due to some reports in the forum that caused errors because of too much debug information - update havp 0.89 - update clamav 0.94 20080813 - re-enabled code to exit check-updates_rulesdujour.sh script if rule update check is turned off - copfilter_cron: check for disabled services, tabs in front of the schedule entries prevent start (jens) 20080716 - updated copfilter_functions (jens) - updated de.pl (forum user: welt_am_draht) 20080714 - update clamav 0.93.3 - changed in mailscanner.sh and send_q_mail.sh 20080705 - added small mailscanner.sh and copfilter_status.cgi fix from jens - upgrade to proxsmtp 1.8 20080703 - enabled privoxy basic logging - fix neilvandyke.action in config - recompiled privoxy with zlib support and enable web-edit 20080629 - added virus signatures again, because it is better to have a immediate working copfilter after installing - thanks to jenkins velez who submitted a fix for imap scanning (imap login process was sending the length of the password along with the password, fixed so that only password is being submitted when logging into an imap server) - reverted back to sendEmail 1.53 (SMTP-AUTH didn't work for jens with sendEmail 1.55) - added 2 fixes from jens (some temporary files were not deleted from /tmp) 20080628 - added updated german translation file from fischerm - added patch from severus to add secure smtp authentification with monit - added rsync binary so that clamav scamdb can be downloaded with less bandwith consumption - added additional log suggestions from severus - to save space package does not come with virus signatures, an update is automatically initiated upon installation (argos) - fixed some html errors in cgi scripts (argos) - updated link in copfilter testing section (argos) - updated WAIT time from 1 to 3, so that all clamav process have enough time to stop (karesmakro) - updated some fprot versioning stuff (severus) 20080626 - added changes from severus in copfilter_antivirus.cgi, cron.daily, copfilter_functions in order to make use of some more advanced clamav signature database files if you want the additional signature information to be displayed in the email header/body then remove the relevant commented lines in /var/log/copfilter/default/etc2/copfilter_functions - added PDF and deeper EXE file scanning (recommendation from argos) - from forum/bugs section: added 4 lines in de.pl (fischerm) - connected string missing issue - from forum/bugs section: changed 2 lines in nl.sh - from forum/bugs section: replaced crontab.pl (severus) (antivirus reporting) - rearranged order of virus scanners in frox.conf (fischerm) - increased SERVERNUMBER to 20 in havp.config 20080624 - update monit 4.10.1 - integrated jens mickerts FP6 (fprot 6) installation pacakge 20080623 - update clamav 0.93.1 - update php 4.4.8 - update dcc 1.3.92 - update havp 0.88 - update spamassassin 3.2.5 - update imspector 0.6 - fixed 2 small bugs (reported by jens) 20071111 released as copfilter-0.84beta3a - updated sendEmail to 1.55 (plain smtp auth and TLS auth is now supported) - updated mailscanner.sh from jens 20071107 released as copfilter-0.84beta3 - installed french translation file from below sender # Relecture francaise par Charbonnel Damien : leso at ipcop.ath.cx (25/10/2007) corrections from jens: - updated spam_mail_daily_digest - updated cleanup script 20071012 corrections from jens: - readded (new version) of ixhash - moved from IpInSubnet.pl to his self written IpInSubnet.sh - updated spam_mail_daily_digest - updated cleanup script 20071007 - updated clam to 0.91.2 - updated php to 4.4.7 - updated ripmime to 1.4.0.7 - updated spamassassin to 3.2.3 - updated razor to 2.84 - updated dcc to 1.3.64 - changed start order of clamd according to http://copfilter.endlich-mail.de/viewtopic.php?t=1213 - added MSRBL clamav signatures according to http://copfilter.endlich-mail.de/viewtopic.php?t=1664 - added spamhaus to local.cf according to http://copfilter.endlich-mail.de/viewtopic.php?t=1293&highlight=spam+erkennung - added imspector 0.3 (testing) to use it change in file ~/copfilter/etc/global_settings (theres is no webgui yet) IM_SCAN=on then /etc/init.d/copfilter_imspector start log files are stored in ~/copfilter/opt/imspector/var/log fixes from jens: - updated phishing URL from sanesecurity, added SCAM signatures (cron.daily) - updated clean_white_and_blacklist.sh - added free disk space checking - replaced rulesdujour by sa-update channels 20070503 - fixed bug: when mailserver:port was used in email settings the mailserver and port where entered wrong in monitrc so monit was not able to send anymore emails (thanks to Piero Piutti for reporting this) - should now have fixed bayes.mutex permissions once and for all - implemented parts of your rbolzendahls imap choosing folder functions - set XClient to on in proxsmtpd.conf - added # ImageInfo Plugin for SpamAssassin 20070421 released as copfilter-0.84beta2 - fixed logging problem syslogd now runs as syslogd user and hence didn't have permission to write to some log files any more, change permissions of log files so that everybody can write to them (rw for user, group and others) 20070419 - changed order of "restart all services" now privoxy starts after havp thx Severus http://www.endlich-mail.de/forum/viewtopic.php?t=1505 - updated havp to 0.86 to resolve Transfer-Encoding issue in squid http://copfilter.endlich-mail.de/viewtopic.php?t=1489 - added option to register commercial avg version through setup_util 20070418 - fixed problem with a duplicate trusted_networks parameter in local.cf http://copfilter.endlich-mail.de/viewtopic.php?t=1492 thx skaplin, florian from the forum 20070417 - updated clamav to 0.90.2 20070405 - fixed permissions of bayes.mutex in /var/log/copfilter/default/opt/mail-spamassassin/var/bayes/bayes.mutex (aneubau) 20070403 - released as copfilter-0.84beta1.tgz 20070328 - deactivated syntax checking of fqdn smtp host, since this ipcop routine does not allow numbers after the dot 20070325 - fixed some bugs introduced with new versions of software, thanks to great feedback from jens who was testing the pre-release version 20070321 - implemented the use of a different port number to send emails - updated clamav to 0.90.1 - updated havp to 0.85 - updated monit to 4.9 - updated dcc to 1.3.55 - updated php to 4.4.6 - changed "gzip -d" to "gzip -df" to force overwriting in cron.daily, thanks to forum user DaPinky for reporting this bug - added fix from forum user evilzenscientist to increase IMAP Buffer - removed the extra _ in the score parameter in local.cf http://www.endlich-mail.de/forum/viewtopic.php?t=1271 thanks to forum user raffe! - fixed a bug when deleting spam folder with a huge amount of files http://www.endlich-mail.de/forum/viewtopic.php?t=1223 thanks to copfilter forum users invertedflyboy and mdages for finding and fixing the problem - commented sanitizing code in mailscanner.sh so that nobody accidently enables it in global_settings - fix from jens, to be able to display spam quarantine, even if it contains a huge amount of emails http://www.endlich-mail.de/forum/viewtopic.php?t=1231 - fixed some typos (thanks to forum user reballard) - updated to neilvandyke.action,v 1.2233 2006-11-12 - added code from copfilter forum user taurus to be able to sort the columns in the spam quarantine (possibility to sort by score level), thanks! http://copfilter.endlich-mail.de/viewtopic.php?t=1307 (thanks!) 20070219 - updated rules_du_jour to 1.30 - updated spamassassin to 3.1.8 - updated clamav to 0.90 - updated havp to 0.84 - updated monit to 4.8.2 - updated dcc to 1.3.51 - updated php to 4.4.5 - updated proxsmtp to 1.6 - updated renattach to 1.2.4 - updated privoxy to 3.0.6 - if copfilter was running for a long time proxsmtp/tmp directory would get filled, added to crontab that files will be removed from proxsmtp and p3scan temp directories if older than the POP3_VIRUS_QUARANTINE_REMOVAL_DAYS and SMTP_VIRUS_QUARANTINE_REMOVAL_DAYS thanks to Alevizos Dimitrios for reporting this 20070108 - changed max children forks of spamd from 2 to 4 in /etc/rc.d/init.d/copfilter_spamd 20061203 - fix from jens mickerts, because of these threads: http://copfilter.endlich-mail.de/viewtopic.php?t=1297 http://copfilter.endlich-mail.de/viewtopic.php?t=1336 mailscanner.sh 297,298c297,298 new: < # Removed to extract the email address from the email rather than relying on Proxsmtpd to deliver the Sender new: < # if [ "x${CURRENT_SCAN}" = "xPOP3" ];then --- old: > old: > if [ "x${CURRENT_SCAN}" = "xPOP3" ];then 301c301 new: < # fi --- old: > fi 20061029 - added fix from http://copfilter.endlich-mail.de/viewtopic.php?t=1161&start=15 to /var/log/copfilter/default/opt/tools/bin/check-updates_clamav.sh 20060901 - changed sa-learn, now instead of a "." a "o" is shown as a progress indicator 20060824 copfilter-083beta3a - fixed sa-learn permissions (bayes imap spam training wasn't working) 20060815 cofilter-0.83beta3 - minor change in clean_white_and_blacklist.sh - thanks to jens who tested the prerelease 20060813 copfilter 0.83beta3pre1 - update havp 0.82 - update proxsmtp 1.4 - update spamassassin 3.1.4 - update dcc 1.3.42 - update php 4.4.3 - added improvement from jens for faster outgoing whitelist handling (use sort instead of grep) and daily remove obsolete whitelist entries (if already covered by a domain whitelist entry) - fixed a few minor bugs which were reported in the forum 20060809 - reviewed and added patches from sklink copfilter forum user -> thanks! its more secure use mktemp instead of temporary files 20060723 - added new german translation from http://www.computerjockey.de - jens found another bug: translation files were in dos format, i changed format to unix again (i copied the files as i received them :( 20060714 - jens mickerts found and fixed a bug: when using full version of avg mails were not correctly sent 20060710 copfilter-0.83beta2.tgz - update: clamav 0.88.3 20060701 - readded "copfilter scanned" disclaimer 20060630 thanks to a copfilter forum users i implemented - creating eicar.com virus on the fly so that virus scanners don't detect virus in copfilter download - fixed a problem when deactivating all options in http webpage caused a red error screen 20060629 - set clamav parameter ArchiveMaxCompressionRatio to 300, since 29/06/2006 15:15:51 127.0.0.1 GET 200 http://my.opera.com/Miraculix/homes/files/opera9usbde.zip 246+5315383 VIRUS Clamd: Oversized.Zip eventhough it didn't contain more than 250 levels of zip files, with 300 it worked 20060628 thanks to feedback from copfilter user Nukelodeon, he found a few bugs which are now fixed: - fixed typo in de.sh instelliert - fixed havp statistics (new havp version has different log format) - changed backup script to include havp whitelist and blacklist 20060627 copfilter-0.83beta1a.tgz - fixed spam statistics (new spamassassin version uses new log format, old logs from backup will be displayed wrong) - fixed "update fprot" button in antivirus page - fixed sa-learn permission denied problem when executing imap spam learning - added new german translation from http://www.computerjockey.de 20060626 copfilter-0.83beta1.tgz - fixed "Client is part of our network, skipped SpamAssassin" not showing up in mail header, thanks jens for reporting this - added option to turn on/off every virus scanner in HTTP Scanning 20060620 - fixed avg library issue - fixed bug report from Sandis: The IP Alias NAT does not work correct (does not use RED IP alias for outgoing messages) when the "Enable ProxSMTP to filter incoming traffic on RED and forward to internal Email Server * ***" is off and "Enable ProxSMTP to filter outgoing traffic on GREEN*"is on It only worked when both where on, but it should work as in above configuration as well (SNAT entry was missing) - update havp 0.81 - new option in webgui: REJECT_INSTEAD_OF_DISCARD_EMAIL to use 550 instead of 250 smtp code when discarding email PRO 550: 1. If spammer A runs smart spamming software, a 250 response could tag the email address as accepting spam, triggering more spam 2. If legit email is deleted as spam, the legit sender wont get a non-deliverable email notice. CON 550: 1. For every of those thousands of 550 rejected spam email, the sending email server would generate a NDR back to the sender. If the sender address has been forged, the wrong person will get the NDR, causing confusion and unnecessary internet traffic. Of course, if the sending mail server is a spam bot, then the spam bot would most probably not send a NDR, but if the sending mail server is a misconfigured mailserver (for example an open mail proxy), then NDR would be generated. Most spam emails are sent through spam bots, so activating Rejection instead of Discarding is recommendend. 20060616 - improvement by sandis silins (virus name doesn't cut in clam statistics) - removed p3pmail option since it breaks image attachments in emails 20060615 - update havp 0.80 - update razor-agents 2.82 - update spamassassin 3.1.3 - update dcc 1.3.36 - update monit 4.8.1 - fixed bug in whitelist/blacklist handling where one address once entered more than once into whitelist, when adding email address to whitelist automatically was enabled - added spam tagging in pop3 mode if email address is in blacklist, instead of just letting it through 20060508 - added german translation de.pl from computerjockey.de 20060501 - update clamav 0.88.2 20060425 - fixed bug: in webgui the option phishing option was still on, even if turned off - fixed bug: not adding email address to whitelist if email is an internal autoreply example: out-off-the office or mail delivery notification 20060424 - bugfixing and repackage, hope this is the last test build - new feature: allow incoming email only from one ip address 20060423 - wanted to release today, its my birthday :-) but i need one more test and hope to release in 1-2days 20060422 - minor fix 20060420 - bugfixing, rebuilding and sending to testers - new parameters now automatically get added to global_settings after a restore (no setup_util -d necessary anymore) 20060420 - bugfixing, rebuilding and sending to testers thanks to all testers for confirming functionality and finding bugs - added patch to count # of spams and virus emails in quarantine thanks to copfilter forum user shirka ! - added header to incoming email to allow spamassassin to correctly do SPF checking thanks to copfilter forum user paul for this! 20060419 - bugfixing, rebuilding and sending to testers 20060418 - updated monit to 4.7 - updated spamassassin to 3.1.1 - updated razor-agents to 2.81 - updated renattach to 1.2.3 - updated dcc to 1.3.31 - updated ripMIME to 1.4.0.6 - updated alterMIME to 0.3.7 - fixed bugs reported by testing crew (jens and l8ermo - gary) - updated rules_du_jour to 1.28 - fixed copfilter_cron script to run correct automatic rules_du_jour script - instant update of rules_du_jour - added note that after an upgrade a setup_util -d has to be performed in order to get activate new parameters - request by shirka to replace all smtpclient with sendEmail -> done reason was qmail: 552 Mail with no Date header not accepted here smtpclient didn't send a Date header, sendEmail does - forum user Sunday requested that if using red_ip_alias address then the mail server's outgoing traffic should be getting NAT'd with the same IP Address as the red_ip_alias address being used for incoming email 20060417 - fixed relativ path issue if ./setup_util was called with -avg ../avgXXXX - fixed issue in mailscanner.sh cat: /tmp/mailscanner_sh.log_20060417092523: input file is output file thanks to gary for testing and reporting - fixed white/blacklisting searches for email address test@ll.list.ru with placeholders such as *@ll.list.ru *@*.list.ru *@*.ru - added avg to email header 20060414 - activated by default in avg: Heuristic analysis, Detection of "Potentially Unwanted Programs", Processes archives - received a new sendEmail version which should fix the bug that no special charachters are possible in smtp-auth, so i added opt/tools/bin/sendEmail-1.53 (needs to be renamed to sendEmail) for users to test it (the default is still sendEmail in version 1.52, which works, but without sp. char.) - finished implmenting avg into various files, webgui, binaries etc, too many to mention - some fixes from jens for mailscanner.sh and copfilter_spamd - during havp service restart, it now automatically configures to use clam, fprot and avg if there are available and running - during frox service restart, it now automatically configures to use clam, fprot and avg if there are available and running 20060414 - continued implementing avg - implemented a new option of choosing the port to where the mails should be port forwarded to - virus found by havp now included in clam antivirus stats page (havp now uses clamd instead of the clamav libraries to scan for viruses) 20060413 - started implementing avg 20060410 - fixed a problem, where a rule for incoming smtp was missing if REDIFACE was ppp0 thanks to steve for letting me examine the problem on his machine 20060330 - fixed a problem with the netmask when using ifconfig in copfilter_proxsmtpd thanks to copfilter forum user flavio for reporting this !! this can now be configured through the web interface 20060313 copfilter-0.82.1 - added bayes selection update to spam webgui - Thanks to Jens Mickerts for sending this update! - updated to havp 0.78 20060309 - fixed a typo in havp virus detected page (accesss) - added a header description to spam stats page - fixed bug: when disabling frox in webgui, "Enable Spamassassin" was disabled - added an option to the AntiVirus webgui page to enable detection for additional phishing signatures to clamav (phish.ndb) +daily updates from http://www.sanesecurity.com/clamav/ 20060302 - added last year, last month to HAVP stats - fixed spam stats bug 20060226 - update to php 4.4.2 - update to sqlite 2.8.17 - update to spey 0.3.3 20060210 (00:30-01:15) - update to havp 0.77 20060209 (00:00-00:30) - integrated files which i received from Jens Mickerts (http://www.mickerts-partner.de/): * fixes a problem with white/blacklist checking (unmatched email addresses) * faster white- and blacklist checking (if whitelist was greater than 500KB, timeouts could have occured) * change in the "add email address whitelist from outgoing emails": if the email is an "out of office reply" from outlook or lotus notes, then it will not be added to the whitelist * spam digest email now contains not only the sender email address but also the original subject of the email Thanks a lot to Jens for sending this great improvements !! 20060115 (11:30-13:30) copfilter-0.82 - update to havp 0.76 - update to clamav 0.88 - added -y to install and setup_util script as promised to gui82 :) 20051208 - fixed some temporary files leftovers: /tmp/mailscanner_sh.log_20051208 thanks to mrkaehler for reporting this 20051117 copfilter-0.81.9 - update havp to 0.74 - update proxsmtpd 1.3.91 (inofficial version to fix crashes) 20051115 - added user.action and neilvandyke.action to copfilter backup 20051113 - fixed bug (bayes is now deactivated if not being used), thanks dayne for reporting this bug 20051108 (22:45-23:30) copfilter-0.81.8 - fixed rules_du_jour automatic updating (bug in copfilter_cron) 20051107 (20:30-21:20) - updated clamav to 0.87.1 20051101 (11:00-19:30) copfilter-0.81.7 - dayne sponsered me a fprot mail scanner version so i am integrated it into copfilter (havp is not yet using fprot mail scanner, reported the bug to havp author) (author replied that no more than one virus scanner is possible at once) (reverted to havp without fprot, kaspersky) - update to php 4.4.1 (security issues) - update to havp 0.73 (i compiled one version with clam and one with fprot, default is clam) /root/copfilter/opt/havp/default/bin/havp_with_clam /root/copfilter/opt/havp/default/bin/havp_with_fprot if you want to use havp with fprot instead of clamav, then cp -p /root/copfilter/opt/havp/default/bin/havp_with_fprot /root/copfilter/opt/havp/default/bin/havp vi /root/copfilter/opt/havp/etc/havp.config uncomment these 2 lines: FPROTSERVER 127.0.0.1 FPROTPORT 10200 restart havp havp only works with mailscanner version of fprot 20051101 (23:30-02:00) - updated proxsmtpd to 1.3 - recompiled havp 0.72 with kaspersky and f-prot support 20051013 - updated french translation from Jean Pierre Bargheon 20051010 22:00 - updated havp to 0.72 20051008 - fixed: "table does not exist" messages when booting 20051006 - updated french translation files from Jean Pierre Bargheon 20050926 copfilter-0.81.6.tgz - fixed p3scan file write error copfilter bug introduced with 0.81.5 20050926 copfilter-0.81.5.tgz - update to p3scan 2.2.1 - removed some old "test" phishing mails (thanks to preiti for mentioning this!!) - david given (developer of spey) replied with a fix to the segmention fault problem its now working without crashing, will now focus on integration into copfilter 20050925 copfilter-0.81.4.tgz - website updates - working on spey 20050924 - working on spey - greylisting, sending bug reports to developer developer is very responsive, hope to have this segmentation faults fixed soon - statistics links on status page for easier access 20050922 (20:30-2:30) - changed default value in proxsmptd.conf from MaxConnections: 24 to MaxConnections: 48 - ftp download was not working when proxy settings where manually defined in browser - fixed - frox debug mode was still on when starting ipcop and frox debug had been run - fixed - added Polish Translation by Ramiro Pinto - thanks ! 20050921 (20:00-01:30) - fixed whitelist and blacklist when there was a * in them example *@domain.com or test@*.domain.com thanks dayne for reporting this 20050920 (21:00-00:30) - p3scan's disk space detection is faulty, informed the developer disabled disk space check in the meantime - warning message for pop3 spam quarantine, could cause email clients to hang - separated pop3 spam quarantine to quarantining and sending a notification 20050918 (22:30-01:20) - updated SendEmail (forum) - fixed "Email Address" links in webgui (forum) - fixed havp statistics (forum) - compiling, settup up, testing spey 20050917 (00:00-02:45) copfilter-0.81.1.tgz - fixed VERSION in global_settings when restoring 20050916 (20:00-00:00) copfilter-0.81.tgz - update to clamav-0.87 - update to havp-0.70 - fixed setup_util -f when fprot archive was in /tmp - fixed adding recipients email address to whitelist was not working in certain cases - update to p3scan 2.2 (now stable) 20050915 (20:30-23:00) copfilter-0.80.tgz - changed xclient to no in proxsmtpd.conf - fixed spam statistics again - updated docu 20050914 (22:00-01:00) copfilter-0.79.tgz - fixed spam statistics - fixed dead links in spam and virus quarantine views - built new test version for dayne to test - fixed backup/restore scripts 20050913 (23:00-02:40) - some minor docu updates, most of it is still outdated - havp problem, virus got through even though it got detected in the logs -> bug report to havp developer 20050912 (22:00-04:00) - updated to havp 0.69 havp still reports 0.67 -> bug report to developer - fixed some problems dayne reported 20050911 (11:15-12:00 19:00-23:00) - fixed bug: when whitelist contained an asterisk, the copfilter whitelist would not recognize the email to be whitelisted - added section to privoxy to easily whitelist domains: enable privoxy and point your browser to config.privoxy.org then choose "View & change the current configuration" then click on Edit right beside "/var/log/copfilter/default/opt/privoxy/etc/user.action" then in the first section (scroll down one page) where you will see the domain ".copfilter.org" click on the add button and add your domain in this manner ".yourdomain.com" (don't forget the leading dot) - added weekly graphical virus statistics - some text output (like in emails) was not translation compatible, fixed 20050910 (16:00-22:00) - fixes new bugs when changed to webgui - start/stop feature on status page - added ixhash to dnsrbl checks in spamassassin (custom plugin from heise magazine iX) similar to DCC - updated spanish translation from antonio 20050909 (19:00-20:00) - changing webgui 20050908 (20:00-22:00) - changing webgui - p3scan testing 20050906 (19:30 - 22:00) - frank_xyz allowed me to log to his machine so i could track down the frox ftp bug ! -> fixed frox ftp bug, where every downloaded file was recognized as a VIRUS -> fixed gui, where it wasn't possible to turn off all services - added option to select which ethernet alias interface should be used 20050905 (18:30-02:15) - spam scanning was not working reliably anymore! this was caused by the spam rules i added ... problem (found in spamd debug mode): debug: running raw-body-text per-line regexp tests; score so far=1.164 logmsg: error: Can't locate unicore/PVA.pl in @INC (@INC contains: lib ....... line 80._ No such file or directory, continuing solution: copied perl module from ipcop compile enviroment to perl_modules/lib/unicore/PVA.pl - updated p3scan with new test version - included bayes in backup, and wrote a warning message to uninstall dialog 20050904 (11:00 - 22:00) - added pop3 ssl support, configure your email client to check for email on port 995 without SSL ! since you are doing normal pop3 on port 995, p3scan will know that you want a ssl pop3 session and will then open poo3-ssl session to your mail server - changed default f-prot installation procedure from downloading to file installation example: setup_util -f fp-linux-ws.tar.gz - created statistics from havp,antivirus and antispam, compiling perl modules, customizing scripts, testing, lots of work ... - added to spamassassin: http://bl.csma.biz/#assassin http://psbl.surriel.com/howto/ http://wiki.apache.org/spamassassin/iXhash http://antispam.imp.ch/rules/nigeria_newgen.cf http://antispam.imp.ch/rules/nigeria_german.cf http://antispam.imp.ch/rules/casino.cf http://antispam.imp.ch/rules/lasertoners.cf http://antispam.imp.ch/rules/obfuscated.cf http://antispam.imp.ch/rules/medtable_obfu.cf http://antispam.imp.ch/rules/rbl-combo.cf http://antispam.imp.ch/rules/sexmail.cf http://antispam.imp.ch/rules/sober_g.cf http://antispam.imp.ch/rules/sober_p.cf http://antispam.imp.ch/rules/worm_found.cf added rulesdujour rulesets SARE_EVILNUMBERS0 SARE_EVILNUMBERS1 SARE_EVILNUMBERS2 SARE_OBFU - backup now also backs up the following log files (to keep statistics) $BASEDIR/opt/clamav/var/log/clamd.log \ $BASEDIR/opt/mail-spamassassin/var/log/spamd.log \ $BASEDIR/opt/havp/var/log/access.log \ $BASEDIR/opt/havp/var/log/error.log - added daily spam digest for dayne lucas recipients get a email with email addresses from quarantined spam email from the last 24h 20050902 - added privoxy rules from neilvandyke http://www.neilvandyke.org/privoxy-rules/ removed blocking of all .info and .biz sites 20050901 (00:00-01:30) copfilter-0.1.0beta11.tgz - fixed pop3 timeout problem when a virus email was quarantined (thanks to dayne for finding this bug, and letting me test the fix on his machine) - fixed copfilter header (p3scan instead of copfilter version was displayed) 20050831 (22:30-06:10) - fixed a problem that proxmsmtpd was being monitored, even when it was configured as OFF, thanks to "SuizidJoker" for reporting the bugfix - fixed a wrong message (copfilter_settings) in the spam and virus test mail messages thanks to "alphenit" for pointing this out - implemented blacklist for smtp only (pop3 doesn't support email discarding while in retrieval mode) - updated to havp 0.68 (now includes whitelisting) - webgui updates - p3scan testing, now added 2.1.99-03dev BETA ! - added option to choose if one wants to deliver virus notifications and/or spam messages in smtp mode 20050830 (18:30-03:40) - dayne allowed me to use his ipcop machine to reproduce the spam quarantine problem, so i was able to fix the p3scan timeout issue when pop3 quarantine was enabled - added spanish translation (thanks to antonio !) - added some basic clamav statistics (request from bill klumper) - added checkbox to delete all spam mail in quarantine view (for copfilter forum user kermit :-) - after various tests, last p3scan 2.2 preview version was working !!!! fine :-))) - updated testimonials on website 20050829 (19:00-02:30) - testing p3scan 2.2 preview version, reporting to jack and testing fixes (developer fixed problem in scanner_bash.c -length of called line, quotes in subjects are now being replaced with whitespaces so that we can call the bas script with the subject as a parameter) - minor fix mailscanner.sh (&virus notifications) - proxsmptd, renattach and p3scan now log into own log files + update webgui - added dutch translation (thanks to John Poussart) 20050828 (18:00-23:00) - compiled and installed p3scan 2.1.99-02dev tested jack's new scannertype=bash, which i asked for .. after a small fix in "scanner_bash.c" on line 110, the new p3scan works great only thing is that in debug mode no scanner debug lines are displayed bug report to jack + new wishlist: disabling subject field so i can write my own, logging to a file instead of syslog, use of autoconf tools for p3scan (configure) - modified mailscanner.sh for new p3scan 20050826 (11:30-16:00 23:00-1:30) - new screenshots on website - virus name is displayed in virus quarantine - new option in quarantine view to delete email (copfilter forum wishlist) - fixed bug that email address was added more than once to whitelist in quarantine view - webgui updates 20050825 (20:00-01:40) - improved quarantine views - webgui comments - web proxy transparent mode will be also automatically disabled if transparent http scanning in copfilter is turned to off (copfilter forum wishlist) 20050824 (18:00-21:45) copfilter-0.1.0beta10a.tgz - implemented: web proxy will be automatically started if it is not running when http virus scanning has been enabled - changed minimum antispam score to 4 (instead of 5) (copfilter forum wishlist) 20050823 (18:00-03:30) copfilter-0.1.0beta10.tgz - website updates + launch of new website - website updates - minor fixes - update to havp 0.67 (nice new templates instead of error -60 ...) - imap bayes testing, debugging, improving, imap bayes mail notification, now works 100% 20050821 (23:00-06:10) - implemented imap bayesian learner via webgui for spam/ham mails result will be emailed - implemented red ip alias support (copfilter forum wishlist) - changed whitelist to copfilter whitelist, which is 100% independant of spamassassin whitelist 20050821 (02:00-04:00) - implemented pop3 spam quarantining for dayne (copfilter forum) user gets notified 20050821 (16:00-02:00) - fixed rules_du_jour - worked on making webgui xhtml conform (validator.w3.org) minimized errors from about 600 to 40 - smaller updates in antivir, antispam updating, better logs - if sender=recipient, then recipient auto whitelist will be disabled (we don't want our own address in our whitelist !! -> cause then all spam would come through!) - webgui updates 20050820 (15:00-01:30) - clamav debug mode in init script - implemented remote commands, multiple lines possible, recipient of mail doesn't matter, mail won't be sent user gets a results of whitelist operation back via email copfilter_add_to_whitelist email addresses copfilter_remove_from_whitelist email addresses 20050819 (20:00-23:30) - spam quaranting issues (now working) - recompiled p3scan (P3SCANID was in p3scan virus message) - trusted_path and internal_networks (copfilter forum dayne) - changed default parameters in DMZS-sa-learn.pl (thanks for beta testers from the forum) - webgui update 20050818 (22:30-23:45) - spam quaranting issues 20050816 (19:00-23:00) - changed whitelisting possibility in spam quarantine view (now selectable for every email) - webgui updates (test section) - added to copfilter_spamd: automatic addition of trusted_networks parameter 20050815 (19:00 - 22:00) - updated spam and virus quarantine view - added option to resend emails from quarantine copfilter forum wishlist - added option to whitelist email from spam quarantine window when resending 20050813 (09:00-18:00) - updated website - updated havp to 0.66 much less havp processes are now started ! fixes a bug (changing from https to http, and some error -60 ) discovered by copfilter users ;) - updated p3scan to 2.1.99-01dev with madlener patches see opt/p3scan/2.1.99-01dev/src for more details this version fixes a bug (-File Error! Could not erase virusdir-) which was discovered by copfilter users ;) - webgui updates - new gui config: block encrypted archives via clamd 20050811 (18:00-22:00) - implemented spam quarantining - redesigned quarantine view - implemented discarding (intead of message rejected) copfilter forum wishlist 20050805 - change the way renattach works, now the email is only modified if a bad attachment is found this should solve the problems that pictures in html email where not viewable anymore after they were scanned for bad attachments with renattach (thanks for reporting problems with renattach -copfilter forum) 20050805 - compiled havp 0.66rc1 and uploaded for Jon Star to test, he had some problems when viewing web sites - website update - reduced MaxConnections in proxsmtpd.conf from 64 to 24 to make spam mail viruses a more harder time - minor webgui changes - fixed a bug in mailscanner.sh (renattach was not working anymore, since my change from 20050804, only a missing space ..) 20050804 (00:00-05:30) copfilter-0.1.0beta9.tgz - RE-fixed - wasn't working: modified monit email subject to fit copfilter - increased proxsmtpd timeout from 60 to 180sec to allow enough time for scanning - fixed bug when large attachments could not be sent via proxsmtpd (was a problem with renattach, now if renattach is unsuccessful (which means the mail would have size 0) then the mail is being sent the way it was before being attachment scanned 20050803 (19:30-00:00) copfilter-0.1.0beta8b.tgz - contacted p3scan developer regarding p3scan -File Error! Could not erase virusdir- crashes: http://sourceforge.net/mailarchive/forum.php?thread_id=7883578&forum_id=37097 recompiled p3scan with applied patches: p3scan-2.1-erase.patch.gz and p3scan-2.1-malform.patch.gz - fixed a problem in one of my building scripts which overwrote the monit config file i changed to fix hanging of frox using 100% CPU - modified monit email subject to fit copfilter - fixed a bug in uninstall script when stopping monit (monit was still running after uninstallation) 20050803 (09:30-10:00) copfilter-0.1.0beta8a.tgz - fixed problems with hanging of frox and possible hangs with all other services when restarting monit 20050802 (18:00-0:00) copfilter-0.1.0beta8.tgz - created own monitoring section in webgui - added comments to webgui - fixed sa-learn (error messaged appeared stating that a perl module was missing) - init scripts: when starting a service the script entered firewall rules and started the service, now the script removes the firewall rules again in case the service did not successfully start - updated clamav to 0.86.2 - updated dcc to 1.3.12 - updated php to 4.4.0 - updated razor to 2.75 - updated havp to 0.65 20050801 (23:00-02:45) - webgui now also displays latest beta version - changed p3scan and proxsmtpd back to running as user p3scan and proxsmtp - spamd now stays off if p3scan and proxsmtpd are disabled in webgui - email from address from webgui is now used as from address in monit (request from a forum user) - changed monit stuff (since forum users reported problems) it now works like this: monit init script checks to see if a process is enabled or disabled, if enabled it starts monitoring, if disabled it stops monitoring if somebody stops a service then this will automatically stop monitoring, since i guess that if somebody stops a service that person would probably want the service to stay off, so this will stop the monitoring of that service now if the stopped service will be started again, then monitoring of this started service will **NOT** be enabled again automatically, /etc/rc.d/init.d/copfilter_monit restart would have to be executed to enable monitoring off that restarted service again (monitoring will only be enabled on that service, if the setting in the webgui hasn't changed and is for example still enabled) at boot time the monit service is started last, so that it won't interfere with the start of the other services) 20050722 (15:00-02:17) copfilter-0.1.0beta7.tgz - fixed havp start script to correctly start web proxy if it had not been enabled yet in transparent mode - implemented backup/restore/default config + tested - monit corrections, now gets started by init !! - webgui implementation of monit - fixed bug where squid was not enabled on blue when starting havp 20050720 (22:30 - 00:15) - configured monit to work properly, customized all other programs init scripts to work with monit 20050714 (21:30-00:30) - configured monit for copfilter services, ssl support, using ipcop htpasswd support updated webgui 20050713 (0:30-3:10) - run p3scan and proxstmpd as root to see if this solves stability problems - fixed 2 bugs found by gerhard koerting (admin notif with smtpauth, and pop3 mail notif with smtpauth) - updated to havp 0.64 templates are now available for virus, dns error messages in /var/log/copfilter/default/opt/havp/etc/ found virus is now displayed in error message - compiled and installed monit 20050704 (23:15-00:25) - removed spam_webgui duplicate directories - updated to havp 0.63 - updated to clamav 0.86.1 20050623 (23:45-01:00) copfilter-0.1.0beta6 - updated havp to 0.62 - updated clamav to 0.86 - repackaged to beta6 20050618 (22-00:00h) - disabled ArchiveBlockEncrypted option in clamav - typo in virus notification mail - virus notifacion mail improvement: virus message only gets displayed if a virus was found - fixed the cat -v ^M problem in the body function - fixed a possible double "Copfilter" entry in the ipcop menu when squidgard was installed 20050611 (23-04:00h) 20050612 copfilter-0.1.0beta5 - http and spam testing - updated havp to 0.60 - fixed some problems in havp and privoxy start scripts changed start order of copfilter scripts in rc.local (setup_util) - fixed a problem with a missing perl module for spamassassin - readded anomy so that people can continue to test the body function - packaging & testing 20050609 (19-21:30h) - added fprot ftp scanning to frox if fprot is installed f-prot ftp download virus scanner tests were ok each "VirusScanner" option in frox.conf is parsed and executed, if only one results in an error code other than "0" then the file transfer is aborted and the log shows a "VIRUS_INFECTED" message, otherwise (if all scanners return "0") this message is logged: "VIRUS_CLEAN" updated /etc/rc.d/init.d/copfilter_frox script to automatically add the fprot virus scanner line to frox.conf if fprot scanner is installed this feature has been added as a paid request from sammy 20050608 (18-22h) - updated clamav to 0.85.1 - updated spamassassin to 3.0.4 - updated dcc to 1.3.5 - updated havp to 0.59 - basic tests 20050527 (19-21h) - search for 2 smtp scanning bugs, found and fixed them, updated website 20050526 (19-20h) - fixed an uninstall bug, squid did not work correctly after uninstalling copfilter 20050517 (21:30-3:00h) copfilter-0.1.0beta4 - recompiled all tools (except p3scan) on new compile enviroment for 1.4.6, using new zlib! - reconfigured privoxy and havp in this order inet <-> havp <-> privoxy <-> squid <-> client in order to lessen squid changes, and to not affect squid logs and analysis should also allow urlfilter to work, maybe even advanced proxy - now using squid -k reconfigure instead of restartsquid to speedup - havp startup script now starts and enables squid automatically in transparent mode if it has not been enabled yet - fixed privoxy and havp start scripts - testing & packaging 20050516 (20-21) - added clamav 0.85 + test 20050512 (21-01:30h) copfilter-0.1.0beta3.tgz - fixed error messages in webgui, now appear again in a red outfit - fixed another whitelist issue: if sender was in whitelist and mail was smtp, then spam checking was still done, now it is skipped -> improves performance in pop3 this was already working - email address whitelisting was case sensitiv -> changed to case insensitiv email addresses get lowercased before they are checked 20050511 (21-01h) - FIXED a severe bug in the smtp scanning part of mailscanner.sh: tested mail header functions, removing CR is not always working, -> simplified mailscanner.sh script, and changed header insertion routing (now header gets inserted at the beginning of the header instead of the end) - now allowing again access to port 800 (always), but in order to prohibit anybody to bypass the virus scanner i now redirect port 800 directly to havp before it reaches squid, this way i don't have to deactivate port 800 for squid on the GREEN interface there is still a problem though when havp is activ and somebody tries to access squid via port 800 (by using the proxy settings in the browser), anybody will then get some websites stating that the webpage cannot be found this is a problem with havp and the developer will get it fixed in about a month (problem is that havp then sends these kind of request to squid: http://www.server-side.de//www.server-side.de/ ) 20050509 (22-0h) - packaging to release copfilter-0.1.0beta2.tgz - install from scratch- test setup with beta2 was ok, will now release - setup_util privoxy fix 20050508 (20-21h) - added log directory clamav.log frox.log havp_access.log havp_error.log mail-spamassassin_spamd.log p3scan_logs_to_syslog php_error.log privoxy_jarfile privoxy_logfile proxsmtp_logs_to_syslog razor-agent.log - added setup_util option to restore default configuration - basic testing 20050507 (20-22h) - fix in havp and privoxy start script to not change squid config if havp and/or privoxy are not started - packaging for new beta, testing and fixing 20050506 - fix: automatic whitelisting was still done, even if turned off - changed header inserting method to formail again - fix: deny access to port 800 when virus scanning is enabled, so that nobody can workaround the virus scanner 20050505 - upgrade to havp 0.57 - upgrade to spamassassin 3.0.3 - upgrade to clamav 0.84 - upgrade to ripmime 1.4.0.5 - upgrade to proxsmtp 1.2.1 - fix: clamav update email didn't work when clamav was outdated - copfilter forum: automatic whitelist adding not working upgrade from 1.4.2->1.4.4 caused this to fail, now fixed - changed privoxy,havp,squid http scanning now it works like this: internet <-> privoxy .. squid .. havp <-> client this has the following advantages: * all transparent, no web browser client proxy settings necessary * no need to clear web proxy cache when testing havp * better web browsing performacne since privoxy filters out junk needed stuff first, before passing along to squid - ported my scripts to use compiling scripts (named M scripts) from niki waibel, makes updating to new versions much easier - removed buggy and experimental stuff from the webgui (actually i commented them, cracks can still enable them again by editing global_settings if they want to do further testing) - copfilter forum: added comment that mail server could become an open mail relay if relaying is prevented by only allowing internal ip addresses -> mails will originate from the ipcop firewall using its internal ip address, so mail server would become an open mail relay if no other precautions are taken 20050502 - fixed fprot install script (copfilter forum) * fixed ftp download location * added md5 check of the downloaded file * fixed script to use a already downloaded file (not doing a md5check if script is called with an explicit to use file, should be done by the user after downloading manually) - fix: copied en.sh to all other languages (copfilter forum) 20050501 - absolute path to iptables in rc startup files /etc/rc.d/rc.red start would otherwise result in an error message 20050430 - error report from copfilter forum: ipcop menus not working - fixed - error report from copfilter forum: tar extraction unsuccessful - improved error message - report from copfilter forum: how does http scanning work rewrote some copfilter.cgi docu so that http scanning is easier to understand 20050419 == copfilter-0.1.0beta1.tgz - packaging, minor fixes, testing - at 6:35 in the morning: copfilter_devel_200504190623.tgz = copfilter-0.1.0beta1.tgz !!! finally - now i can go on vacation - not joking :) i'm off to finnland today wanted to get this beta version done before i go, enjoy ! 20050418 -docu -fixes 20050417 -docu -packging -fixes copfilter.cgi 20050416 -docu 20050415 -docu 20050414 -docu 20050411 - copfilter.cgi lang fixes (+added havp and frox to restart all services section) - copfilter.cgi added proxsmtp debug button - copfilter.cgi customized docu file links so that they can be translated - implemented feature to remove emails in quarantine if they are older than a specific date configurable in webgui 20050407 - making init scripts translatable - some init scripts fixes 20050406 - making setup translatable 20050405 - testing and resolving bugs - info: it is now not anymore necessary to logout/login from the terminal after installing copfilter - info: it is not anymore necessary to increase the pop3 timeout value on the clients, since the new p3scan version now sends some packets (NOOP) to the client, while downloading the email, so the client doesn't timeout - started making setup translatable ... 20050404 - packaging and scripting - md5 checks inside the script (not for security reasons, just to check if the file was really fully downloaded ) 20050403 - combining install.sh, install_fprot.sh, uninstall.sh into one script added option to readd copfilter webgui entry in header.pl - setup script improvements 20050402 - started packaging for release - changed packaging scheme 20050401 - new feature to add email adresses in outgoing mail to whitelist is working - new php version, new dcc version - add db_file,dbi and NET::LDAP perlmodules for spamassassin (for bayes) - got bayes working in spamassassin - added fetchmail, in order to add ham+spam mails from a remote mailserver (like an IMAP srv) to the spamassassin bayes db with sa-learn 20050331 - started with a new feature to add email adresses in outgoing mail to whitelist 20050330 - installed php for below - installed a webgui (webuserprefs - http://sourceforge.net/projects/webuserprefs/) to manage spamassassin's white- and blacklists - my girlfriends birthday - hiphiphurray :-)) 20050329 - a few tests failed, with the add body comment feature with anomy, fixed a few cases with missing or too many dots in the mail file 20050328 - got body comment working with anomy, not very clean though, i guess some special cases are still not covered ! 20050328 - started implementing add body comment with anomy, tests 20050327 - implemented virus notification message for proxsmtp (finished) - implemented virus notification message for p3scan (changed the source code, diff is in p3scan/2.1.99-00dev/src directory) - tests and some cleanup - altermime didn't correctly add headers in some emails, now using & testing formail (from procmail pacakge) 20050326 - implemented quarantines - implemented "send a copy of virus notification message to an administrator" 20050324 - searched for alternatives to altermime, again same result, there aren't really much choices, only altermime, defang and mailman can append text to a body of an email, whereas i had some emails which altermime formatted incorrectly (ex. appending text after the dot !) another test resulted in altermime putting a header into the body of a email either i find something else or i'll remove this feature.... - testing and found a way to use anomy to alter email bodies, will implement tommorrow - started implementation of proxsmtp email virus notifications (proxsmtp doesn't come with one) - implemented quarantine feature 20050323 - changes in webgui - performance tests with anomy - got rules du jour working properly, now user gets an email update notification - fixed clam update script - searched for alternatives to altermime, (some mime altering didn't work correctly) only alternative mimedafang (but don't want to use sendmail, which is a prerequisite) 20050322 - fixed bug with frox (not scannig for viruses when squid did a ftp request) took me the whole day find a working hack (pretty dirty) via iptables and a squid parameter - webgui updates 20050321 - re-implemented add header,add body,modify subject on an email this not by modifying email manuall with sed/awk commands, but by using altermime - finished frox & havp 20050320 - havp - frox - webgui 20050319 - webgui, features, tests, bugs,... - webgui form actions - fixed rules_du_jour manual update bug 20050318 - webgui .. starts looking pretty :) - new features 20050317 - webgui & new features (whole day!) 20050316 - recompiled /usr/local/bin/copfilter* - webgui 20050316 - webgui 20050313 - implemented subject rewrite, header line additions, body additions including used sw, versions and antivirus date signatures 20050312 - changed wait times in copfilter start/stop scripts + tests - added information about how much time a process used in mailscanner.sh if p3scan runs in debug mode, this information will be visible like this: p3scan[4957]: ScannerLine: 'Process duration: 5.88 seconds' - fixed bug in copfilter_proxsmtpd where 1 rule was missing if rc.firewall was restarted copfilter_proxsmtpd gets called in rc.firewall.local - developed a new webgui design on paper - changes in mailscanner.sh to allow new config options in new planned webgui 20050311 - documentation updates: FEATURES, BUGS - updated renattach, ripmime 20050310 - proxsmtp init script changes MAIL Server can be on ORANGE (recommended) or on GREEN 20050308 - proxsmtp - firewall testing - updated proxsmtp init scripts (fw rules get updated when ipcop redials) - a few simple tests - install.sh changes - docu update: FAQ about network issues with iptables, howto link etc 20050307 - compiled proxsmtp - compiled and installed proxsmtp - proxsmtp - firewall testing with mail server in GREEN - very basic, but first successful test with proxsmtp (all manual) (sent an email from an external machine to my internal SMTP server) - initial proxsmtp start script - improved p3scan start script - fixed BUG in spamd startscript ( used pidof -x instead of pidof to find running processes ) debug mode couldn't be stopped, now its fine 20050306 - dl and recompiled almost everything (incl. perl modules) - created Makefile for usr/local/bin/copfilter binaries and recompiled them 20050305 - started dl and recompiled almost everything (incl. perl modules) - updated compile scripts 20041106 - copfilter 0.0.95.1 - copfilter_200411060253.tgz - added nixspam dns rbl (thanks to celtar ) - fixed pathname in p3scan.mail (thanks to simon parsons) - update FAQ from various email responses i got - fixed copfilter_restartspamd (thanks to anthony wrather) 20041105 - fixed some missing perl module messages which appeared when spamd was in debug mode - fixed bug: when subject was empty, mail was not tagged as spam - fixed bug: when skip_rbl was set to "0" some emails were not scanned for spam 20041104 - compiled and added clamav 0.80 - recompiled all perl modules via cpan - compiled and added spamassassin 3.0.1 (as a perl module, opt/spamassassin/default links now to the perl modules directory) 20040909 - added test network traffic reporting email delivery (daily, monthly) via vnstat and ipacsum to compare results 20040830 - copfilter 0.0.95 - copfilter_200408300326.tgz - solved problem in uninstall.sh - found bug: rules_du_jour update not working from webgui (not yet solved) - solved installation bug, script now logs to /var/log/messages that no email adr has been set, if an update occurs and an email is about to be sent 20040828 - tests and a few changes in install.sh removed all cf files (except local.cf) for lower memory requirements 20040825 - found bug: if mail arrives without subject field, mail will not be tagged in subject (not yet solved) 20040824 - fixed razor (perl module issue) - change "save" on webgui to "save settings" and "save settings and activate" - change location of privoxy bookmarklet 20040821 &22 &23 (tough weekend ...) - updated all software - fixed rules_du_jour update bug - fixed 2 spamassassin perl module bugs - fixed spamassassin @INC Path - added smtp-auth to scripts - fixed spamassassin high memory requirements by removing bigevil.cf and blacklist-uri.cf (removed from my_rules_du_jour as well) 20040817 - added sendEmail smtp-auth entries to webgui, get saved to global_settings 20040816 - back from vacation :-) - added sendEmail with smtp-auth support (only binanies, have not yet configured the scripts to use it) 20040622 - first response from a user using the new webgui, seems ok - bug has been found, thanks to Jan dot Just at schmerzbefreit dot de (fprot installation fails) corrected install_f-prot.sh - added network question to FAQ thanks to simon dot parsons at jrc dot co dot uk, for testing this - added network question to FAQ from peter dot schnuerer at schnuerer dot com 20040614 - copfilter 0.0.94 copfilter_200406131833.tgz - small bugfixes - added privoxy bookmarklet to copfilter.cgi - install.sh uninstall.sh script changes - testing the package 20040613 - updated some scripts, minor fixes - created a screenshot for docu - tested on a new installation 20040610 - bufixes - minor docu update INSTALL and FEATURES (updated versions) - thanks to jens heinemann for reporting that clamd doesn't start if /tmp/clamd exists socket is now in /var/log/copfilter/default/opt/clamav/etc/clamd.socket and in start script the file is deleted after clamd is stopped and before clamd is started also configured the clamav.conf FixStaleSocket option 20040609 20040610 - bugfixes - added documentation link in webgui - added version number in webgui - removed unnecessary information from fprot signature infos 20040608 20040607 20040606 - updated razor to 2.40 - updated clam to 0.72 - removed db (not needed for bayes) - updated p3scan to 1.0.99-03dev - updated spamassassin to 3.000000-r6577 - added dcc-dccd - dcc works !! - fixed stuff to get dcc,spamassassin,razor2.40 working - new spamassassin uses spamcop-uri !! - fix in install.sh - updated wget to 1.9.1 20040605 - removed copfilter.cgi bugs - updated en.pl - added pid status display to copfilter.cgi - updated installation script 20040526 - wrote uninstall script - webgui and installation script bugfixes - noticed that if skip_rbl is changed to 0, that some mails won't contain a spam report are these emails scanned for spam ? -> need to check this again 20040521 - fprot signature download bugfix - thanks to jens heinemann 20040520 - webgui bugfixes - installation script changes 20040519 - removed clamav rar scanning since jens tested it and told me that it was buggy - updated spamassassin FAQ section on how to improve spam recognition 20040513 - worked on webgui, ... removed various bugs from various scripts added make_test and p3scan debug box - if mail contains a virus, mailscanner.sh will now not scan for spam, but exit immediately - enabled rar scanning (thanks jens) - jens reported that memory use was high with clamav (don't know if this is normal or not) (12mb per clamd, per email another 12mb, seems high to me as well) .. just googled for memory usage on clamav, seems everybody else is also having this 20040512 - worked on webgui, ... compiled suid binaries to restart programs virus update script buttons working 20040511 - worked on webgui, ... perl script save action, tests in script.. 20040509 0342 - working on webgui: final layout, display of current virus signature version working - add --daemon-notify to freshclam so that clamd daemon is notified when new virus signatures are being downloaded - fixed 2 paths in MANUAL (old paths were showing to /usr/local/opt/...) - add to FAQ: i configured lots of settings in varios configurations files, and after updating all changes are gone are they lost ? no they, all of the files you configured are still in the /var/log/copfilter/ after copying all perlmodules from /usr/lib/perl5 (development computer) to ipcop this error was solved -> have to isolate the module (probably some html module) - recompiled all spamassassin perl module by hand on 1.4.0b2 CVS - compiled and installed razor on 1.4.0b2CVS (spamassassin not configured to use razor yet) - compiled and installed renattach on 1.4.0b2CVS (configured in p3scan.conf but left it still commented) uncomment if you want to use it (untested) - compiled and installed p3scan on 1.4.0b2CVS - compiled and installed calmav on 1.4.0b2CVS (updated to 0.67) - compiled and installed p3scan on 1.4.0b2CVS (with overwrite patch) - compiled and installed wget on 1.4.0b2CVS (updated to 1.9, since there was a library problem with libssl.so.2, compiled without ssl support) - updated install.sh - removed link creation bug in install_fprot.sh 20040229 - merged HINTS_AND_TIPS and FAQ - updated to spamassassin to 2.63 - updated FAQ where to modify white and blacklists (darren) - start spamd before p3scan in rc.local (darren) - removed strace and telnet from public package (billy) 20040228 - added FAQ - updated docu: CHANGELOG DEVELOPERS ETC_DOCU FEATURES INSTALL MANUAL TESTING TODO - change the way old p3scan temp files (like virus infected emails) get deleted: now every day at 5:55 (volker) all files older than 3weeks in /usr/local/opt/p3scan/default/var/spool/p3scan/ get deleted - add possibility to install fprot by executing install_f-prot.sh with a already downloaded fprot archive (volker) usage: install_f-prot.sh ...script tries to download the program from the fprot server usage: install_f-prot.sh fp-linux-ws-4.3.3.tar.gz ...script uses fp-linux-ws-4.3.3.tar.gz to install fprot - updated docu in FEATURES (volker) - merged USED_SOFTWARE AND FEATURES 20040222 - add versioning info to FEATURES (volker) - updated docu: ETC_DOCU, FEATURES, HINTS_AND_TIPS, INSTALL, MANUAL, TESTING (volker) 20040217 -fixed bug where update of virus signatures didn't work on ipcop 1.3 (jens) -fixed bug where spamd init script was reporting that spamd wasn't running although it was 20040211 -fixed bug where proxy.cgi was not accessable through admin webpages after package installation -fixed installation bug in cronentry routine in install_f-prot.sh -fixed bug where every email was recognized as a virus in mailscanner.sh, problem was that a temporary file could not be overwritten (ipcopforum) -added short note in virus notification email where the original file containing the virus infected email can be found -added testing sectin in INSTALL -identified bug: if a spam mail contains html code, the mail doesn't get scanned for spam, this is not yet solved!! 20040210 -removed location of ipcop_addon_settings file (so that it is world readable, before there was a permission problem -changed location of startup scripts to rc.local -ipcop_addon_settings file now gets backup up and restored if installing a new package -removed lots of bugs from install.sh script (thanks to lots testers email responses) -simplified crontab/fcontab detection/installation 20040207 -the last package didn't work at all since etc directory was missing added it again! - sorry for the trouble! -updated docu: MANUAL,INSTALL -made install.sh 1.3.x compatible (crontab/fcrontab issue), smaller upates -changed location of adding squid parameter from /etc/squid/squid.conf to /home/httpd/cgi-bin/proxy.cgi 20040205 -remove bug (check for hosts file) in installation script -found by darren -added install_f-prot.sh installation script to automatically download and install fprot -updated fprot to 4.3.4 20040204 -made p3scan and spamassassin 1.4.0a10 compatible (perl issues) -made fport 1.4.0a10 compatible (perl issues) -changed some installation directories and files -tested with 1.4.0a11 CVS code -added wanip host in /etc/hosts which is dns name of current wan ip address 20040203 -updated ripmime to 1.3.0.5 -updated to p3scan 1.0 (compiled from ipcop LFS) -updated/changed/renamed some installtion and configuration directories -added fcrontab compability 20040101 -resolved problem: when p3scan died, and pid file still existed, p3scan wouldn't start anymore -updated virussignatures -changes to docu 20031218 -removed pop3vscan since it is outdated -added p3vscan as successor to pop3vscan -updated spamassassin from 2.60 to 2.61 -updated clamav from devel to 0.65 stable version -added version information about virus program in email sent to user and to syslog -changed inserting of firewall rule so that rules won't be entered twice when aborting from debug mode -added docu of squid parameter changed during install