| @@ -0,0 +1,8793 @@
+---------------------------------------------------------------------------
+ April 23, 2007
+amavisd-new-2.5.0 release notes
+
+
+COMPATIBILITY WITH 2.4.5
+
+The 2.5.0 is upwards compatible with 2.4.* versions.
+
+Nevertheless, default notification and logging templates are
+enhanced to take advantage of new macros and new concepts,
+so it is prudent to update templates if defaults are overridden,
+e.g. $log_templ, $notify_*_admin_templ, ...
+
+
+NEW FEATURES AT A GLANCE
+
+- new concept: blocking contents category;
+
+- true per-recipient defanging/sanitation of a mail body (previously
+ a true per-recipient handling was available for mail header edits,
+ but not for mail body modifications);
+
+- added interface code to invoke Anomy Sanitizer or the 'altermime' program
+ allows defanging or adding disclaimers by external utilities on a
+ per-recipient basis;
+
+- rewritten SMTP client code: get rid of the troublesome module Net::SMTP;
+ new code now supports pipelining, client-side LMTP, IPv6, Unix sockets,
+ more reliable error handling, passes on ORCPT parameter, passes on ENVID
+ parameter unmangled, is bare-CR-clean, tidier code (no workarounds for
+ rough corners in Net::SMTP), fewer context switches (handshake handovers)
+ due to pipelining if pipelining is offered by MTA (which usually is);
+
+- makes available pedantically parsed addresses from a mail header:
+ From, Sender, To, Cc. Addresses from mail header may be needed for
+ deciding on inserting disclaimers, signing mail (DKIM), custom hooks
+ (like 'vacation'-type applications), and other future applications.
+ Get rid of inexact parsing by module Mail::Address, provide own parser;
+
+- phishing fraud as returned by ClamAV is now treated as spam, no longer
+ as a virus;
+
+- compatible with SpamAssassin 3.2.0;
+
+- enhancements to amavisd-nanny: shows more detailed states of processes;
+
+- enhancements to amavisd-agent: shows average processing times per message;
+
+- extended AM.PDP protocol with an attribute 'policy_bank' which may be used
+ in a client's request to require loading additional policy banks;
+
+- add support for 7-Zip archives if external utility 7z is available;
+
+- custom hooks allow custom code to be called at few strategic places;
+
+- penpals can now also match replies which reference previous outgoing mail
+ by its MessageID (taking into account References or In-Reply-To header
+ field);
+
+- new key 'originating' in policy banks generalizes a MYNETS policy bank;
+
+- a documentation rewrite for setting up amavisd-new with Postfix
+ by Patrick Ben Koetter (one of the two authors of The Book of Postfix).
+ Previous documentation has been renamed to README.postfix.old and will be
+ removed in the next version; the new documentation is README.postfix.html,
+ and its automatically converted plain text version is README.postfix.
+ A big thanks to Patrick for his efforts!
+
+
+BUG FIXES
+
+- if a sender is both white- and black-listed at the same time, then
+ inserted X-Spam-* header fields were inconsistent, e.g. X-Spam-Level,
+ X-Spam-Flag and X-Spam-Status reflected a whitelisted status (no asterisks,
+ not a spam), while X-Spam-Score showed 64 points; now whitelisting prevails
+ in all X-Spam-* header fields;
+
+- relax argument parsing in amavisd-release to allow releasing of
+ quarantine id containing a body hash in a name (%b in template);
+ reported by Ron Rademaker;
+
+- skip a SQL-logging database operation if an associated clause in %sql_clause
+ is disabled, e.g. set to undef or ''; this allows for example to selectively
+ disable SQL logging based on a policy bank; thanks to Riaan Kok;
+
+- let LHA decoder (do_lha) recognize also other listing formats, e.g. MS-DOS,
+ symlinks, not just plain Unix archives; problem reported by Ryuhei Funatsu;
+
+
+OTHER
+
+- catch and log uncaught '__DIE__' and '__WARN__' Perl pseudo-signals
+ which would otherwise go to stderr and not be noticed with a daemonized
+ process; patch by Alexander 'Leo' Bergolth <leo@strike.wu-wien.ac.at>;
+
+- insert 'X-Spam-Flag: NO' if spam level is above tag level but below tag2
+ level, previously it was not inserted at all (it is still redundant, but
+ some may appreciate an explicit statement nevertheless);
+
+- drop support for Archive::Tar; main drawback of this module is: it either
+ loads an entire tar into memory (horrors!), or when using extract_archive()
+ it does not relativize absolute paths (which makes it possible to store
+ members in any directory writable by uid), and does not provide a way to
+ capture contents of members with the same name. Use pax program instead!
+
+- represent score in X-Spam-Status header field as a single numeric field
+ instead of the previous explicit sum of a SA score and a score boost,
+ which some MUAs don't know how to interpret and label mail spaminess
+ incorrectly;
+
+- recipient notifications (in their default template) keep the original
+ To and Cc header fields, instead of placing a recipient envelope address
+ into a To header field; suggested by Jorgen Lundman;
+
+- no longer removes an X-Amavis-Alert header field (as inserted by some
+ foreign MTA), it does not hurt to keep it;
+
+- kavscanner AV entry (Kaspersky Antivirus): added a new entry to the
+ search list of paths to a binary, kavscanner changed its default
+ installation location again; provided by Gary V;
+
+- added a rule into a $map_full_type_to_short_type_re list, mapping a
+ file(1) type 'RIFF...animated cursor' into '.ani'; a patch by Eric;
+
+- add example rules (commented-out) to block animated cursors (ANI) and icons
+ to configuration files amavisd.conf and amavisd.conf-sample;
+
+- suppress bounces not only for Precedence: (bulk|list|junk) or null return
+ path (as before), but also for mail with a 2822.From header field matching
+ one of: *-request | *-owner | *-relay | *-bounces | owner-* | postmaster |
+ mailer-daemon | mailer | uucp, and for mail containing a header field
+ List-Id (RFC 2919). Note that this new rule practically never occurs in
+ practice, true bounces and common mailing list traffic is already covered
+ by previous checks;
+
+- make available a list of detected virus names in
+ an Amavis::In::Message object (virusnames), suggested by Tom Sommer;
+
+- split SQL documentation into three files:
+ README.sql general SQL considerations and some examples
+ README.sql-mysql MySQL-specific notes and schema
+ README.sql-pg PostgreSQL-specific notes and schema (also SQLite)
+
+- README.sql-pg now adds CHECK (x >= 0) for fields that are supposed
+ to contain unsigned integers; suggested by Hanne Moa;
+
+- repurpose/rename a contents category CC_TEMPFAIL to CC_MTA; it is turned
+ on when MTA rejects or tempfails a mail when amavisd attempts to pass it
+ back after checking it; (this should not normally happen, MTA should
+ be doing most of its checks (e.g. recipient validation) before passing
+ mail to a content filter, not after);
+
+
+NEW FEATURES
+
+- custom hooks allow custom code to be called at few strategic places:
+ * during child process initialization: allows initialization of custom
+ code, including establishing an additional SQL session or similar;
+ * after built-in checks: allows custom code to inspect and/or modify
+ results of checks;
+ * before sending, allows for additional quarantining and for sending
+ additional notifications;
+ * at the end of message processing: allows inspecting results of checks
+ and status of mail forwarding (e.g. for statistics or logging purposes).
+
+ Mail processing sequence:
+
+ child process initialization
+ *custom hook: new()
+ loop for each mail:
+ receive mail
+ mail checking and collecting results
+ *custom hook: checks() - may inspect or modify checking results
+ deciding mail fate (lookup on *_lovers, thresholds, ...)
+ quarantining
+ sending notifications (to admin and recip)
+ *custom hook: before_send() - may send additional notifications,
+ additional quarantining, may modify mail
+ forwarding (unless blocked)
+ sending delivery status notification (if needed)
+ issue main log entry, manage statistics (timing, counters, nanny)
+ *custom hook: mail_done() - may inspect results
+ endloop after $max_requests or earlier
+
+ If Amavis::Custom::new returns undef then no further custom calls are made.
+ Otherwise, this method is supposed to return an object, thus enabling
+ other custom hooks, which receive this value as their first argument.
+
+ See amavisd-custom.conf for an example, and the example invocation
+ of amavisd-custom.conf at the end of file amavisd.conf-sample;
+ thanks to Kasscie (Yohanna Monsalvez);
+
+
+- formerly penpals could only match replies to previous outgoing mail
+ where envelope sender and recipient addresses are exactly reversed.
+ Now, in addition to this, penpals can also match replies which reference
+ previous outgoing mail by its 'Message-ID' (taking into account the
+ 'References' or 'In-Reply-To' header fields), even if the envelope
|
