Release Date: February 1, 2005
The following bug fixes and minor enhancements are included:
- Pathologically complex messages could cause PureMessage to consume a large amount of memory and CPU resources while scanning. This release introduces
support for two new configuration options to control how much work PureMessage will allow before quarantining the message with
reason MessageException:
- mime_max_total_parts
-
The maximum total number of MIME parts to allow in the entire message.
This may constraint may be triggered for messages with a large number of multipart
attachments.
Default: 1024
- mime_max_part_depth
-
The maximum level of MIME nesting permitted in the message.
This constraint may be triggered by bounces sent between two misconfigured mail servers.
Default: 16
(#34022)
- Invalid characters in Received headers could cause PureMessage to process the mail incorrectly. PureMessage now handles such characters properly. (#36194)
- PureMessage could cause corruption of messages when
it both added a header, and attached a template. This issue has been fixed. (#34454)
- The pmx-vscan service would sometimes not terminate long-running virus scanning jobs, leading
to excessive CPU and/or memory consumption in some cases. This has been fixed. (#35976)
- A new option EnableAutoStop is supported in the virus.d/sophos.conf configuration file. This
option allows Sophos Anti-Virus to monitor its
own usage of resources and terminate scanning if it detects a likely loop. (#26713)
- The pmx_phrase policy test consumes less CPU resources to parse large messages. (#35048)
- The pmx-qmeta-index no longer crashes while indexing pathologically complex headers. (#33372)
- The PPM tool silently ignored packages that were not installed, but whose files were still
on-disk. This would occur if the PPM database was ever corrupted and then subsequently fixed.
PPM now always installs packages if they are not installed. (#33694)
- The pmx-spam utility now includes the ability to enable, disable and reset rules. (#33144)
- PureMessage now includes Apache 1.3.33. (#28744)
- There are three new template variables available for dealing with attachments in policy
scripts.
- ATTACHMENT_NAME
- the name of the attachment
- ATTACHMENT_TYPE
- the content-type of the attachment (as given by the CT header)
- ATTACHMENT_SIZE
- the size of the attachment
These attachment variables are only available inside an attachment test that selects a subset
of the MIME parts in the message. These include:
- pmx_suspect_attachment
- pmx_attachment_name
- pmx_attachment_type
- pmx_attachment_size
For the template variables to work, use one of the above tests in conjunction with the
pmx_replace_body action. Only the pmx_replace_body action pays any attention to these new
template variables, as it is the only policy action that explicitly performs its action on
every selected attachment.
- The pmx_add_banner policy action no longers adds the text twice in certain cases. (#32696)
- PureMessage adds its own Received header for messages
that were processed by pmx-queue. This provides an audit trail for quarantined messages that are
released, and for other messages that have been processed through the PureMessage message queue. (#31925)
- The synthetic Received header added by PureMessage
(see #21464 below) now includes the envelope sender address, thus more fully emulating the
behavior of PureMessage-Sendmail. (#32067)
- pmx-qdigest no longer includes messages approved via the End User Web Interface. (#32571)
- pmx-qman can now approve messages from a pmdb quarantine. (#31445)
- A new scheduled job has been added to clean empty directories from the quarantine regularly.
(#36225)