CHANGES ------- The major number changes for such things as code rewrites, changes in syntax, and/or dramatic changes in functionality. The minor number changes for corrections, enhancements, etc. made to the code. There is no set schedule for releases. --TODO-- ? Add http-proxy= option for +test-links. Requested by Quentin Campbell. ? Add support for "actions per bit", ie. tag, discard, reject. Requested by Alex Broens. --2.0.7-- * Requires LibSnert 1.75.45 ! Fixed backwards compatibility issue with DNS list options no longer supporting comman separated items in dnsListCreate(). Reported by Alex Broens. ! X-Milter-Link-Report should only be added when a URI is found to be bad. This used to be the case in 1.x. Reported by Alex Broens. --2.0.6-- * Requires LibSnert 1.75.44 ! Fix oversized SMTP reply buffer. ! Reduces initial size of some lesser used Vectors. ! Fix testURI() handling of acccess_body_combo() when an URI is white listed/ignored and caused to whole messaged to be white listed even if subsequent bad URI are seen. Reported by Oli Shacher --2.0.5-- * Requires LibSnert 1.75.43 !! Fixed two memory leaks when using +access-check-headers and/or +access-check-body. ! Fix handling of literal plus in message headers mail addresses. ! Fixed some minor memory leaks generated during initialisation, but no impact on runtime. --2.0.4-- ! Restore filterEndMessage() logging or message disposition. Reported by Alex Broens. --2.0.3-- ! Fixed access-check-body handling of white listed/ignored URI in combination with from/to to ensure that URI is not retested by the simple milter-link-body: tag lookups. --2.0.2-- ! Fixed access-check-headers and access-check-body incorrect handling of access_rcpt due to wrong equality test (== NULL should have been != NULL). Added more logging. ! Fixed access-check-headers sort/uniq of senders and recipients. --2.0.1-- ! Fixed access-check-headers to handle arbitrary order of From, Sender, To, and Cc headers. Also milter-link-from:X:To:Y combos are applied against X=(MAIL FROM, From, Sender) and Y=(RCPT TO, To, Cc) sets. --2.0.0-- * Requires LibSnert 1.75.41 + Add support finally for SpamHaus IP return codes. Requested by Alex Broens. + Add access-check-headers and access-check-body options. Commissioned by Alex Broens. --1.6.5-- + Forgot to add a date-policy option for date-required. --1.6.4-- + Added date-required option to test for the presence and conformance to RFC 5322 format. Requested by Alex Broens. --1.6.3-- ! Silence repeated log messages about "mail-bl-max reached". Reported by Alex Broens. --1.6.2-- + Added support for DISCARD action in access-db. ! Silence repeated log messages about "uri-max-test reached". Reported by Alex Broens. --1.6.1-- * Requires LibSnert 1.75.18 + Add support for milter-link-Helo: B/W tags. Requested by Alex Broens. --1.6.0-- * Requires LibSnert 1.75.8 ! Overhaulled to apply PDQ, MIME, and URI API changes in libnsert 1.75 and obtain latest library fixes. !! Fixed segmentation faults when handling of SMDB_ACCESS_ERROR was changed between between 1.4.0 and 1.5.5. --1.5.5-- ! Fix up header inclusion; also include sqlite.h when available. ! filterOpen: Add stat and debug message when an unknown access value is returned for a lookup. ! Fixed a potential seg. fault in filterMail that may come about when there is auth_authen undefined (is NULL). --1.5.4-- !! Fixed incorrect inequality concerning uri-max-tested. ! As an optimisation, when uri-max-tested is reached stop parsing for additional URI in the message body. Requested by Alex Broens. ! testURI: Moved addition of seen URI from after DNS list to just before. ! The "seen" URI and NS lists are now reset with each message. Note that "seen" MAIL list is NOT reset until end of session. --1.5.3-- (private release) * Requires LibSnert 1.74.11 + Added uri-max-test option to limit number of unique URI tested. --1.5.2-- * Requires LibSnert 1.74.2 ! Fixed libsnert version test to allow for newer versions. ! Fix bug with filterUnknown command tempfailing unknown commands intended for other SnertSoft milters. --1.5.1-- ! Add more +info details. ! Fixed a seg. fault in filterMail that comes about when a sender address fails to parse; the syslog call referred to the wrong variable when attempting to log the sender. ! Updated the documentation. --1.5.0-- * Requires LibSnert 1.73.17 + Add special SMTP command "STAT milter-link" that reports some basic process data. Can only be used from localhost for security concerns. Appears to work only with sendmail and not postfix. ! testURI: Remove duplicate code. ! When the origin host passes BL checks, add to uri_tested list. ! Do not reset mail_tested, ns_tested, nor uri_tested each message. These are lists of hosts/domains that passed the BL checks, so the results can be preserved for the SMTP session. !! Yutz bug: Added domain-bl support but forgot to actually pre- process the list into an internal form for the dnsListQueryName function call. Call me Homer DOH! ! Fix Postfix issues concerning {client_name} and {client_addr} always coming back NULL. Use smfProlog to save the client name and address supplied to filterOpen in the workspace. --1.4.0-- * Requires LibSnert 1.73.16 + Updated documentation concerning "combo" tag support added in libsnert. + Removed ENABLE_BLACKLIST macros in favour of it always being compiled in. The original argument to disable blacklisting was that sendmail already had its own mechanism; however libsnert milter support provides a richer syntax especially with the addition of combo tags. Also it makes documentation easier. !! Reengineered support for dbl.spamhaus.org by introducing domain-bl option. dbl.spamhaus.org must be moved from uri-bl to domain-bl for correct lookup operation, otherwise it is possible to cause false-positives and be banned by SpamHaus. ! Reordered tests: 1. assorted uri BL tests; 2. uri-links-policy; 3. if origin found, apply uri BL tests to origin. ! Weakened uri-links-policy test to only generate a reject for a redirection loop. Recommended by Papa Steve Freegard. --1.3.0-- * Requires LibSnert 1.73.14 + Added +version and +info command options. ! Moved uri-a-bl to last in the lookup sequence. Requested by Alex Broens based on data set sizes and likely hood of a hit vs. other lookups. ! Added support for dbl.spamhaus.org. See libsnert pdqGetDnsList and dnsListQueryName. --1.2.0-- * Requires LibSnert 1.73.10 + Added uri-ns-a-bl option. ! Fixed behaviour of uri-ns-bl; see dnsListQueryNs in libsnert. --1.1.0-- + Added uri-bl-headers list option. ! Code for uri-bl-helo was incomplete. ! Cleaned up install script. + Added uri-bl-port-list option --1.0.0-- * Initial commercial source release. + LibSnert 1.73.3 ! Renamed options dns-bl > uri-a-bl ns-bl > uri-ns-bl test-helo > uri-bl-helo test-sub-domains > uri-bl-sub-domains policy > uri-bl-policy policy-links > links-policy test-links > links-test http-timeout > links-timeout ! Updated license. --0.12.34-- + Requires LibSnert 1.71.5 + Added mail-bl, mail-bl-policy, mail-bl-headers, mail-bl-max. Commissioned on by Skull. --0.11-- + Requires LibSnert 1.71.1 ! manual.shtml.in: minor documentation correction. ! Corrections for testing redirections in (pseudo) query string elements. --0.10-- + Requires LibSnert 1.70.12 + Added dns-list-log-file and dns-list-log-what options. --0.9-- + Requires LibSnert 1.70.5 ! Conversion to the improved URI and MIME APIs. ! Conversion to using the PDQ API for DNS lookups. + Added ns-bl list option. - Removed text-vs-inline. This was previously handled archaically in the old URI/MIME parser. The newer MIME parser remains independant of such things, leaving it up to call back handlers. Currently no plans to re-implement. ! testUri: body: REJECT didn't work. data->policy had to be set to 'r' of the SMDB_ACCESSS_REJECT case, otherwise filterEndMessage would not apply the rejection. Reported by Michael Grant. ! Added addition query string check for '/' delimiter to match the behaviour of the uri CLI. ! filterHeader: added uriMimeFreeUri to clear possible URI gathered data from headers, which should not be occuring. ! filterEndMessage: make final call to mimeNextCh to signal EOF and process last potential URI in the MIME decode buffer. ! testURI: the dns-bl option was broken following conversion to PDQ. ! sample.mc.in: Removed from define(`_FFR_MILTER', `1')dnl --0.8-- + Requires LibSnert 1.68 + Added access.samples, which contains a initial list of domains that should not be queried as they tend to be good players. These entries should be added to the access database. ! Added a string macro for "black listed URL host %s by %s" so that it can be more easily changed at compile time. Requested Alex Broens. --0.7-- + Requires LibSnert 1.66 ! Fixed to find URI at the end of a message that does not end with a newline, possibly leaving a URI in the MIME hold buffer to parse. Reported by Jim Hermann. ! filterHeader() refetches the queue-id macro. Postfix doesn't set the queue-id until DATA. --0.6-- ! Fixed possible off by one error for body chunks less than 20 bytes. Reported by Ben Lentz. --0.5-- ! Corrections of compiler warning for gcc version 4.1.0 20060304 and 64-bit CPU, which is rather pedantic about char * vs unsigned char * issues. --0.4.22-- ! Fixed compiler warning on some systems concerning: 786: warning: large integer implicitly truncated to unsigned type --0.4-- + Requires LibSnert 1.63. ! testURI log message demoted from TRACE to DEBUG. - Dropped policy=later since RFC 2821 4.1.1.4 DATA paragraph 4 states that its not possible to return partial failure after receiving the message; either accept or reject. - Dropped uri-implicit-domain-min-dots in favour of a constant value of 2 for MIME content filtering. A value of one can result in too many false positives. ! The workspace subject header buffer was not reset to an empty string at the start of each mail transaction. If a message had no Subject header, then the milter would fail to add a tagged subject header in the event it was identified as spam. Reported by Larry Vaden. ! The documentation for milter-link-body when walk-about after version 0.1. ! Moved milter-link-auth from before milter-link-from to just after. + access-db now supports socket-map, flat-file, and SQLite3 lookups in addition to Berkeley DB. The SQLite3 behaviour can be disabled via LibSnert's ./configure script. ! Rejection based on access-db blacklisting now disabled. Some users prefer leaving blacklisting upto Sendmail and not the milter. Reported by Derek Balling and others. !! filterBody(): Fixed obsecure bug when the message content is less than 20 bytes long, adding a terminating NUL to the body chunk for the trace log output actually overwrote off the end of a dynamic buffer on some Linux systems causing the milter to crash. Reported by Martin Lathoud. --0.3-- !! License 1.4 which provides additional details with regards to possible license controls used, the possibility of "phone home code" and its general contents, and related privacy statement. + Add check for filterOpen() got NULL socket address pointer passed to filterOpen() which inidicates an unsupported address type. The connection is simply accepted to bypass the milter. + Add a bit-mask facility to handle aggregate lists like multi.surbl.org. For example: uribl=multi.surbl.org/10,uribl.com + Added policy-links for +test-links. --0.2-- + Requires LibSnert 1.61. !! Complete replacement of option specification and no backwards. compatibility. The newer format allows for better integration of previously undocumented libsnert options and for the inclusion of future enhancements. + Added -text-vs-inline option for to test for empty text/plain vs. inline content. + Added -test-sub-domains option to test sub-domains of a URI. ! The previous -d option has been broken into two different options uri-bl= and dns-bl= to remove internal tests to distinguish between spamhaus.org and others. This should allows for other IP based DBS BL to be used. ! Many improvements made to uri.c in particular uriHttpOrigin(); see LibSnert 1.61 changes. ! Fixed bug in mimeGetUri() boundary handling code that could cause a change in MIME content-type inappropiately. Reported by Ken Anderson . --0.1-- + Requires LibSnert 1.60. + Supports multi.surbl.org and sbl-xbl.spamhaus.org query formats. + On-the-fly processing of multipart MIME, quoted-printable, and Base64 decoding. + Handles parsing of possible links missing an http:// prefix. If it looks like a FQDN, then try to test it. + Handles processing of redirectors like: http://autotrader.com/redirect/redirector_link.jsp?to_url=http://ic.fm0rt.com http://translate.google.com/translate?u=www.fsl.com&langpair=en%7Cen&hl=en http://ad.doubleclick.net/clk;29825968;12395550;w?http://www.bocajava.com/referral.do?promo=ediets0027text