Current Clement Release and Changes Purpose of this Change File, is to report all modification done within clement. ;---------------------------------------------------------------------- ;---------------------------------------------------------------------- Revision: 2.1.0.290, Date: 2008/06/14 16:16:03 - Improvement * Clement is using clamav-0.93.1 now ;---------------------------------------------------------------------- Revision: 2.1.0.289, Date: 2008/05/27 10:06:16 - Marker * mise en place la production sur sarnen ;---------------------------------------------------------------------- Revision: 2.1.0.288, Date: 2008/05/14 13:58:44 - Improvement * adjustement within clement/shell/daily.sh to avoid cron warning. ;---------------------------------------------------------------------- Revision: 2.1.0.287 , Date: 2008/05/03 12:49:19 - Improvement * Compiled with clamav-0.93 libraries ;---------------------------------------------------------------------- Revision: 2.1.0.280, Date: 2008/04/07 03:57:13 - Improvement * Rejecting to big email received if one of recipient can't accept it ;---------------------------------------------------------------------- Revision: 2.1.0.277, Date: 2008/01/30 19:47:19 - Improvement * added a shell script to remove old mail pending within mails/domain.name/user.name/{new,cur} clement's directory ;---------------------------------------------------------------------- Revision: 2.1.0.275, Date: 2007/12/21 21:34:38 - Improvement * clement require now php rather than php-cli ;---------------------------------------------------------------------- Revision: 2.1.0.274, Date: 2007/12/18 16:26:32 - Improvement * Using Clamav-0.92 ;---------------------------------------------------------------------- Revision: 2.1.0.273, Date: 2007/12/01 15:30:59 - Improvement * web log show the server origin information when and E-mail is rejected or delayed. ;---------------------------------------------------------------------- Revision: 2.1.0.270, Date: 2007/11/19 21:13:56 - Bug-Fix: * Properly receiving E-mail contents if E-mail lines are very long and splited by '\r' instead of '\n' - Improvement * Scanning E-mail for Spam (spamassassin) only if E-mail is smaller than 500K ;---------------------------------------------------------------------- Revision: 2.1.0.269, Date: 2007/10/27 20:37:15 - Bug-Fix: * Removing Debug trace about WEBGOOD from source ;---------------------------------------------------------------------- Revision: 2.1.0.268, Date: 2007/10/27 17:35:07 -Improvement * Insert domain definition witin configuration file (clement.conf) to set reference to goodmail website. ;---------------------------------------------------------------------- Revision: 2.1.0.266, Date: 2007/08/26 17:05:16 -Bug Fix: Witinh E-mail data segment CRLF.CRLF was improperly send and this caused problem to FirstClass type mail server. ;---------------------------------------------------------------------- Revision: 2.1.0.264, Date: 2007/08/24 13:31:58 -Improvement: * A new process "virus scanner" is now dedicated to detect virus, previously each clement iteration was doing it. This reduce memory consumption a lot ;---------------------------------------------------------------------- Revision: 2.1.0.262, Date: 2007/08/23 02:53:44 - Bug-Fix: * Closed numeros small memory leak ;---------------------------------------------------------------------- Revision: 2.1.0.256, Date: 2007/07/19 13:27:00 - Bug-Fix: * Remove CL_DB_PHISHING_URLS option from Viruses scanning... was detecting false positive. ;---------------------------------------------------------------------- Revision: 2.1.0.255, Date: 2007/06/19 14:46:44 - Bug-Fix: * Clement was not handling very long line (above 5K) coming from some remote SMTP client in E-mail data part. (RFC 2821 say line 1000 bytes long at max for data-part, does it?). * Clement does accept very long header line with this version. ;---------------------------------------------------------------------- Revision: 2.1.0.251, Date: 2007/04/19 14:50:36 -Improvement: * Working with clamav-0.90-2 * Quarantined E-mail are now embedded within a MIME part in a new E-mail. * added a delay on RSET command reply (answer was to quick for Outlook to follow). ;---------------------------------------------------------------------- Revision: 2.1.0.242, Date: 2007/01/18 21:34:44 - Bug-Fix: * Shell script gespas.sh fix to extract clement UID/GID properly. ;---------------------------------------------------------------------- Revision: 2.1.0.241, Date: 2006/11/27 14:22:18 - Marker * Release Marker ;---------------------------------------------------------------------- Revision: 2.1.0.221, Date: 2006/10/16 13:04:04 - Bug-Fix: * Fixed loop between collectdata and getstream when E-mail data-part end abnormalie (not detecting stream contents empty). ;---------------------------------------------------------------------- Revision: 2.1.0.220, Date: 2006/10/15 23:26:44 - Bug-Fix: * Fixed Email header mist-match when there is no '\n' within the received data line, this bug was a side effect of 2.1.0.216 bug-fix. ;---------------------------------------------------------------------- Revision: 2.1.0.217, Date: 2006/10/14 22:45:12 -Improvement: * Web log show up difference between delayed E-mail and Rejected E-mail. ;---------------------------------------------------------------------- Revision: 2.1.0.216, Date: 2006/10/14 20:13:59 - Bug-Fix: * Fixed case where header line was longer than 512 characteres (line is not splitted anymore) -Improvement: * ipc_getpost routine, return the message stamping date up to the millisec. ;---------------------------------------------------------------------- Revision: 2.1.0.211, Date: 2006/09/22 19:00:00 - Bug-Fix: * Fixed generated Core-Dump when quarantine was not local and more than one recipient was set in the E-mail with the same remote sender. -Improvement: * Better way to transmit checker and sender pid to SMTP server. This PID are critical to messages exchange, /etc/clement-2.1/children file doesn't existe anymore. ;---------------------------------------------------------------------- Revision: 2.1.0.209, Date: 2006/09/03 17:18:42 - Bug-Fix: * Fixed problem about undue relaying, was caused by storing relais status within existing user cache. * When trying to find hostname ipnumber, local definition was not used, such it was impossible to overcome "No MX or IP linkable to originator domain" problem ;---------------------------------------------------------------------- Revision: 2.1.0.208, Date: 2006/08/30 18:23:08 - Bug-Fix: fixed gespas.sh (shell utility) to set the 'domain'/.passwd file ownership to clement instead of mail (not critical). ;---------------------------------------------------------------------- Revision: 2.1.0.202, Date: 2006/08/22 10:56:42 - Marker: Build ready for Fedora (Spec file adjustement) ;---------------------------------------------------------------------- Revision: 2.1.0.197, Date: 2006/08/18 14:52:01 - Marker: Release Fedora Extra. ;---------------------------------------------------------------------- Revision: 2.1.0.193, Date: 2006/08/15 14:30:03 - Improvement: (clement) * Spec File Fine tunning * Adjustement to store wrong E-mail in the 'fromqueue' if sender is not available. ;---------------------------------------------------------------------- Revision: 2.1.0.192, Date: 2006/08/14 23:18:06 - Improvement: * Clement is now run as group clement and user clement * Tansponder process should be able to detect child zombie process within 2 seconds instead of 6. ;---------------------------------------------------------------------- Revision: 2.1.0.186, Date: 2006/08/11 01:06:15 - Bug-Fix: * WEB Interface (PHP), when user changed the working language, page stop to be displayed as the CGI was not able to access log file. ;---------------------------------------------------------------------- Revision: 2.1.0.184, Date: 2006/08/10 18:38:59 - bug-Fix: * Alias definition was crashing when only one user was defined without domain. - Improvement: * Clement starting shell (/etc/rc.d/init.d/clement) do not define the iptable rule 'clement' if no redirection is defined within file iptables.conf. ;---------------------------------------------------------------------- Revision: 2.1.0.183, Date: 2006/08/05 20:05:24 - Marker: Release pour Fedora Extra ;---------------------------------------------------------------------- Revision: 2.1.0.182, Date: 2006/08/02 23:32:20 - Improvement: * Sorting WEB logs informations is now done by new executable name 'clxtract'. * WEB logs file are moved from /usr/share/clement-2.1/logs to /var/spool/clement-2.1/wlogs ;---------------------------------------------------------------------- Revision: 2.1.0.181 , Date: 2006/07/29 18:28:34 - Bug Fix: (clement) * In Case the "Mail From:" originator is like <%aname@domain.dom>, the '%' is now handle properly. ;---------------------------------------------------------------------- Revision: 2.1.0.179, Date: 2006/07/26 16:49:26 - Bug Fix: (clement) * 'QUARANTINE_LOCAL' variable (clement.conf) was not properly read when set as default or 'All_Other_Domains'. ;---------------------------------------------------------------------- Revision: 2.1.0.177, Date: 2006/07/25 14:56:13 - Bug Fix: * If QUARANTINE_LOCAL is set to 'No" (clement.conf) and a to be quarantined E-mail is aliases to an OUTSIDE domain (not known by clement), the process to flag spam inside the E-mail subject was crashing (major). - Improvement: * fine fine tuning the SPEC file. ;---------------------------------------------------------------------- Revision: 2.1.0.176, Date: 2006/07/11 14:11:25 - Improvement: * Further SPECS file fine tunning to be fully compliant to Fedora-Extra package guideline. ;---------------------------------------------------------------------- Revision: 2.1.0.175, Date: 2006/07/06 00:48:34 - Bug-Fix: * SMTP AUTH command was not working anymore, fixed the CHKID messages format. format. * Fine tuning about SPEC to avoid warning while doing rpmbuild. File clembase.phpi is now named clement.php and moved from /var/www/clement-2.1 to /etc/clement-2.1. WARNING: Previously installed clement MUST be manually adjusted! ;---------------------------------------------------------------------- Revision: 2.1.0.173, Date: 2006/07/04 14:27:31 - Improvement: * SPAM marker inserted inside the E-mail subject can be adjusted according QUARANTINE_HEADER and QUARANTINE_EXTRA within the clement.conf file. * New clement.conf variable can be now managed via the Clement WEB interface. * File clement.conf, .domain and .domain are now written by clement itself when management is done via the WEB interface - Bug-Fix: * No Zombie process after a user ID check. ;---------------------------------------------------------------------- Revision: 2.1.0.162, Date: 2006/06/22 17:50:24 - Bug-Fix: * If SMTP line is very long (are line length > 512 RFC compliant??), line is not cut anymore. (hotmail is sending 'To:' in E-mail header, with multiple recipients and line was bigger than previously set limit). Input line can't be bigger than 64K. ;---------------------------------------------------------------------- Revision: 2.1.0.161, Date: 2006/06/22 14:10:54 - Improvement: * Better 'click' addition done to SPAM flagged E-mail to advice mentor it is a good E-mail. Fix insertion problem when MIME contents type was used. ;---------------------------------------------------------------------- Revision: 2.1.0.159, Date: 2006/06/20 19:54:55 - Bug-Fix: * Fixed "CERT Vulnerability Note VU#738331" found in unidns.c ;---------------------------------------------------------------------- Revision: 2.1.0.158, Date: 2006/06/16 15:01:33 - Improvement: * Quarantine policy (kept local or transmitted to end user) can be now decided within clement.conf (can be set within binding definition). * AT SMTP protocol level, if From: is empty (allowed by RFC), From: is set as Mailer_daemon@domainname, where 'domainname' is extracted from the helo/ehlo command. - Bug-Fix: * In case of "RSET" within the SMTP protocol exchange session number is now always updated. * Batch procedure 'clrquar' was core-dumping when executed (Major bug, created in 2.1-153) ;---------------------------------------------------------------------- Revision: 2.1.0.153, Date: 2006/06/14 14:06:33 - Improvement: * E-mail set quarantine are now sent to user with a special marker within the subject. * Quarantine local advice (no Mentor) can have a Spam limite set by domaine within clement.conf New Keywork 'SPAMLIM'. - Bug-Fix: * Signal are not in "SA_RESTART" mode anymore (to avoid loop within waitpid when a SIGALRM is received). * closed a small memory leak. * "Mentor Service" icone was sometime missing when user was properly authenticated within Clement * Message to Mentor without answer expected have now a special reference ID (called ONWAY) ;---------------------------------------------------------------------- Revision: 2.1.0.139, Date: 2006/05/29 19:39:42 - Marker: * Stable Release. - Improvement: * Clement initscript shell can work even there is no redirection defined within /etc/clement-2.1/iptables.conf ;---------------------------------------------------------------------- Revision: 2.1.0.135, Date: 2006/05/26 14:44:40 - Improvement: * Clement is not dispatching IPC messages anymore, message are directly sent to the checking module functions. * Implementation start to allow spam tagging then sending them to user (instead keeping them within a clement area). ;---------------------------------------------------------------------- Revision 2.1.0.133, Date: 2006/05/16 18:22:17 - Bug Fix: * If both ANY_ADDR (symbole '*') and another IP address are defined to bind on the same port, 'Multiple Binding' is now avoided by giving precedence to the ANY_ADDR. * In case ANY_ADDR is selected as binding the MX checking (in case 'DOMAIN=All_Other_Domains' set within clement.conf) id now properly done. - Improvement: * Child exiting signal trapping improvement. ;---------------------------------------------------------------------- Revision: 2.1.0.133, Date: 2006/05/16 18:22:13 - Improvement: * Clement is now sending 'relaying' flag information when sending 'CHKRCPT' and 'RFRESH' message to Mentor (is used when checking for remote spammer status). ;---------------------------------------------------------------------- Revision: 2.1.0.131, Date: 2006/05/12 13:07:17 - Bug Fix: * Long aliases list was not working properly, domain without name were added to the list. ;---------------------------------------------------------------------- Revision: 2.1.0.130, Date: 2006/05/10 18:18:14 - Marker: * Stable Release. ;---------------------------------------------------------------------- Revision: 2.1.0.126, Date: 2006/05/08 17:46:31 - Bug Fix: * If (by mistake) the '-Q' file in queue is corrupted (no 'from' defined), E-mail is stored in the trblq. * Configuration changed to really use the generated file 'poprelay', created from the file 'pibsmtp.lst'. 'poprelay' can/is used by Clement to know about relayed IP number. ;---------------------------------------------------------------------- Revision: 2.1.0.125, Date: 2006/05/05 18:04:56 - Improvement: * Clement use now clamav-0.88.2 version * clement daily.sh is changed to clean 'trblq' area from file older than 20 days. * Clement Pop_Before_SMTP is now properly working. ;---------------------------------------------------------------------- Revision: 2.1.0.116, Date: 2006/05/03 14:25:54 - Improvement: * Aliases are now fully implemented, aliases of aliases are possible. Aliases are meaningful only with domain set as 'keeplocal'. ;---------------------------------------------------------------------- Revision: 2.1.0.115, Date: 2006/04/27 14:41:14 - Improvement: * Clement starting shell (/etc/rc.d/init.d/clement) is now able to start properly the iptables function when binding address is the wildcard "*". * Clement, when sender is rejecting an E-mail while it was accepted by Clement, mail is stored within a sender structure with the 'trblq' directory. Process continue to send next E-mail within the queue. ;---------------------------------------------------------------------- Revision: 2.1.0.114, Date: 2006/04/26 01:13:33 - Improvement: * Clement refuse E-mail at SMTP protocol level, if the MAIL FROM: domain address is not resolvable as an IP or an MX. ;---------------------------------------------------------------------- Revision: 2.1.0.113, Date: 2006/04/25 14:00:00 - Improvement: * The waiting for a socket connection is not forever anymore but only for 5 second, allowing calling program to do checking task time to time. ;---------------------------------------------------------------------- Revision: 2.1.0.112, Date: 2006/04/17 20:20:02 - Bug-Fix: * If the subject include a '%' caractere the modtra.c can cause a crash (% was inderstood as printf directive). ;---------------------------------------------------------------------- Revision: 2.1.0.111, Date: 2006/04/15 16:21:44 - Bug-Fix: * Clement main daemon was crashing when recipient Email was given as "" ;---------------------------------------------------------------------- Revision: 2.1.0.110, Date: 2006/04/10 14:55:54 - Improvement: * Clement is now working ready for openwebmail, when a user is created. An new directory (named owmboxes) is now part of clement. This directory handle all file needed by OpenWebMail to manage 'keeplocal' clement's users. ;---------------------------------------------------------------------- Revision: 2.1.0.108, Date: 2006/03/27 15:53:09 - Improvement: * Mentor Improvements to detect spamer site. ;---------------------------------------------------------------------- Revision: 2.1.0.103, Date: 2006/03/22 01:54:48 - Bug-Fix * clement password change is now working (crypted password uppercase letters are kept) ;---------------------------------------------------------------------- Revision: 2.1.0.102, Date: 2006/03/15 20:27:36 - Improvement: * Mentor Email count improvement. ;---------------------------------------------------------------------- Revision: 2.1.0.100, Date: 2006/03/13 01:14:48 - Bug-Fix * No Core-DUMP when remote sender is not on-line, While an E-mail address need to be croschecked. - Improvement: * Better Timer management within gesipc.c ;---------------------------------------------------------------------- Revision: 2.1.0.99, Date: 2006/03/06 18:28:10 - Adjustement: * Loop to get IPC message is waiting 10000 Usec instead of a full second. ;---------------------------------------------------------------------- Revision: 2.1.0.99, Date: 2006/03/06 18:28:10 - Bug-Fix * Add pam-devel in the SPEC file as required to build clement from the RPM source. ;---------------------------------------------------------------------- Revision: 2.1.0.98, Date: 2006/03/02 18:01:41 - Improvement * Starting clement shell script is now improved while working on iptables rules. ;---------------------------------------------------------------------- Revision: 2.1.0.97, Date: 2006/03/01 18:55:59 - Improvement * mentor Changes ;---------------------------------------------------------------------- Revision: 2.1.0.95, Date: 2006/02/27 21:01:03 - Improvement * mentor Changes ;---------------------------------------------------------------------- Revision: 2.1.0.94, Date: 2006/02/27 19:08:57 - Improvement * Clement can bind on ANY address for a specific port, 'binding' directive in clement.conf must have a '*' as hostname. * When remote originator is granted to 'relayable' status by Clement, E-mail is transmitted to recipient, regardless the spam level detected by spamassassin. ;---------------------------------------------------------------------- Revision: 2.1.0.93, Date: 2006/02/23 20:09:52 - Bug-Fix * 'grep' used in /etc/rc.d/init.d/clement detect only string IPT if present at the begining of the line. ;---------------------------------------------------------------------- Revision: 2.1.0.92, Date: 2006/02/20 18:19:09 - Improvement * Recipient domain MX is not cross-checked anymore if the domain is defined within clement.conf * adding yum reference for fast downloading ;---------------------------------------------------------------------- Revision: 2.1.0.89, Date: 2006/02/17 14:54:41 - Bug-Fix * Clement can now accept email address with a quote (like o'brien) * Better IPC messages recovery processus. * Mandrake-2006 version, fixed call to clamav virus scanner. Doesn't return "virus found in the E-mail" anymore, when a big zipped file attachement is included within E-mail. * Cron Shell script is now executed under ID 'mail'. ;---------------------------------------------------------------------- Revision: 2.1.0.84, Date: 2006/01/30 23:59:42 - Improvement * Better Mentor data-base management. ;---------------------------------------------------------------------- Revision: 2.1.0.83, Date: 2006/01/30 19:55:00 - Bug-Fix * Some "SENT" message un-needed acknowledge were pilling up within the IPC area (Major!), causing an IPC bottleneck after a while. Then "error in processing" was answered to every mail received. ;---------------------------------------------------------------------- Revision: 2.1.0.82, Date: 2006/01/29 15:22:39 - Bug-Fix * Relaying stopped to work with 2.1.0.80, (missing code!). * Variable SMTPSRV within clement.conf is now working. ;---------------------------------------------------------------------- Revision: 2.1.0.80, Date: 2006/01/29 00:44:25 - Bug-Fix * Better handling if a remote Mentor is not on line (clement work then in stand alone mode). * An 'Error in processing' stop de clement iteration, such IPC still messages in the queue can be removed cleaning and have other iteration continue to work. ;---------------------------------------------------------------------- Revision: 2.1.0.76, Date: 2006/01/26 18:32:47 - Bug-Fix * "." at the end of E-mail was not always seen by (Firstclass) SMTP daemon when mail was forwarded to the local server. ;---------------------------------------------------------------------- Revision: 2.1.0.74, Date: 2006/01/26 03:23:45 - Improvements * Event log report, now show the exact status and comment returned by local sender when probing to know if user is existing ;---------------------------------------------------------------------- Revision: 2.1.0.72, Date: 2006/01/22 20:36:41 - Bug-fix * clement starting script was doing the wrong configuration on postfix (looking for /etc/etc/postfix directory instead of /etc/postfix). - Improvements * Better handling of UNIQID info not transmitted to Mentor (Mentor channel is declared but not responding) ;---------------------------------------------------------------------- Revision: 2.1.0.71, Date: 2006/01/21 20:36:39 - Bug-fix * Under some condition, clement exiting process was sending a signal TERM to proces '-1'. * No need to rely on 'postmaster' E-mail id to double-check relaying E-mail condition. ;---------------------------------------------------------------------- Revision: 2.1.0.70, Date: 2006/01/21 01:35:12 - Reliability-fix * cron-daily check if directores are existing before to 'cd' to it. ;---------------------------------------------------------------------- Revision: 2.1.0.69, Date: 2006/01/20 20:32:32 - Improvements * Connection to remote sender is kept longer (5 minutes) in case we have further E-mail to transmite * Multiple connection to same Mentor are seen now as different connections as long the CHKCODE is differente, is the CHKCODE is the same, only one connection to the remote Mentor is kept open. ;---------------------------------------------------------------------- Revision: 2.1.0.68, Date: 2006/01/18 19:40:23 - Bug-Fix: * Adding release.php in www directory to display the correct release number on clement Web Page * Better handling in case the remote sender (SENDER definition in clement.conf) is not accessible to check user ID. ;---------------------------------------------------------------------- Revision: 2.1.0.66, Date: 2006/01/16 20:41:34 - Bug-Fix: * Clement was not able to bind on all number specify by variable BINDING in clement.conf, only first number in the line was used to make binding. ;---------------------------------------------------------------------- Revision: 2.1.0.65, Date: 2006/01/16 15:56:27 - Bug-Fix: * /var/crash/clement-2.1 definition missing from spec file ;---------------------------------------------------------------------- Revision: 2.1.0.64, Date: 2006/01/16 15:38:29 - Bug-Fix: * clrquar was running as root when called by cron (file .lisq were set with the wrong ID) * Adjustment in clement starting daemon to have the NAT done correctly * fix in support/addconf.sh in the iptable.conf generator. ;---------------------------------------------------------------------- Revision: 2.1.0.57 , Date: 2006/01/07 14:13:03 - Improvement * Spec file prepared to be Fedora-Extra acceptable. * Username local status (user unknown etc...) is stored with a 30 Minutes cache * In none-relayed mode, up to 50 recipients names can be accepted (unlimited in relayed mode). ;----------------------------------------------------------------------