


j-chkmail Change Log

	
Oct 04 2002 - Jose Marcio Martins da Cruz
	j-chkmail 1.3RC4
        [UPDATE] Some documentation updates, some checks...
	
Sep 30 2002 - Jose Marcio Martins da Cruz
	[FEATURE] - Content check code is completed. Body and body content
          may be verified agains a list of regular expressions. If the number
	  of matches is greater than the threshold, message is rejected.
	  Experimental feature. Too much time consumming.
	[FEATURE] - Messages which body is completely encoded in base64 or
	  quoted-printable to avoid content checking may be refused. I'm
	  not talking about attachment encoding, but entire message body 
	  encoding. Experimental feature - don't use it as it may block
	  legitimate messages.
	[BUG] Problems when configuring j-chkmail to use tables in the
	  database format. Corrected, but this is allways an experimental 
	  feature.
	
Sep 24 2002 - Jose Marcio Martins da Cruz
	j-chkmail 1.3RC1
        [FEATURE] - this minor address the vulnerability generated by sending
	  fragmented messages (message/partial MIME type).
          Problem reported by the alert 
            http://www.securiteam.com/securitynews/5YP0A0K8CM.html
	[FEATURE] - some minor changes to verify the vulnerability of sending
	  attached files by reference (message/external-body MIME type).
	  At the moment, this vulnerability wasn't announced anywhere, in
          my knowledge.
	[FEATURE] External (antivirus or spam) scanners are now launched 
	  by a pre-forked server instead of a concurrent server.
	[FEATURE] Interface to user defined mail scanner.
	[FEATURE] Configuration tables storage format selectable between
	  text files or database files (db, ndbm or gdbm) formats. This is
	  experimental. Not all tables are already ported to database 
	  formats.
	[FEATURE] Mail filtering according to mail gateway DNS resolution 
	  (failure or forged)
	[FEATURE] Access (black/white list), allowing to override bad DNS 
	  resolution results.
        [FEATURE] Temporal quota management of number of connection allowed 
	  to gateways without or forged DNS declarations.
	[FEATURE] More options add to j-printstats (see j-printstats -h)
	[PORT] j-chkmail was tested under Solaris 9. Thanks to J.B. Bronson
	  from Aurora Health Care Center
	[BUG] - Some configure values - mainly directories - were not taken 
	  into account 
	[UPDATE] Validation of j-chkmail under FreeBSD platforms. 
	  Thanks to Stephane Lentz and Egon Niederacher.
	[UPDATE] As allways, code related to experimental features was replaced
	  by cleaner and optimised code as soon as experimental features 
	  becomes validated.
	[FEATURE] - validation of experimental features of previous versions

Sep 18 2002 - Jose Marcio Martins da Cruz
        j-chkmail 1.2p1
        [FEATURE] - this minor address the vulnerability generated by sending
	  fragmented messages (message/partial MIME type).
          Problem reported by the alert 
            http://www.securiteam.com/securitynews/5YP0A0K8CM.html

Jul 01 2002 - Jose Marcio Martins da Cruz
	j-chkmail 1.2
	[BUG] - Antivirus interface does not handle SIGINT signals correctly.

Jun 20 2002 - Jose Marcio Martins da Cruz
	j-chkmail 1.1
	[FEATURE] - Possibility of mail filtering based on the connection rate,
	  the recipient rate of peer and the number of recipients of the 
	  message.
	  This is an experimental feature.
	[FEATURE] - option to change the SUBJECT header when sending warning 
	  messages
	  This is an experimental feature
	[FEATURE] - Reject messages if headers contains
	  <HTML> or <SCRIPT> tags
	  This is an experimental feature
	[BUG] - j-chkmail dies when reloading configuration file under Linux, 
	  after receiving a SIGHUP. This is a problem of what Linux thinks a 
	  thread is.
	[UPDATE] - configure scripts were updated in order to be compatible 
	  avec new versions of GNU autoconf and automake 

	TAKE a look at README

Jun 07 2002 - Jose Marcio Martins da Cruz
	j-chkmail 1.1 RC2 Release
	[BUG] - connection clean-up didn't free all storage in some special 
	  conditions
	[BUG] - av server daemon wasn't launched when reloading configuration
	  and changing an checking
	[FEATURE] - command line options added to j-printstats
	[BUG] - j-chkmail.cf man page was installed in section 5 instead of 
	  section 4 (File Formats)
	[BUG] - State files were, by default, installed at /var/tmp, instead 
	  of /var/jchkmail
	[FEATURE] - added "with-work-dir" and "with-spool-dir' options to 
	  configure script in order to configure default values for this 
	  directories at compile time
	[FEATURE] - add RESOLVE_FAIL and RESOLVE_FORGED options to reject 
	  connection if {client_resolve} sendmail macro returns FAIL or 
	  FORGED for the relay. This is an experimental feature
	[FEATURE] - add CHECK_THROTTLE option to reject connection if client
	  throttle exceeds max allowed. This is an experimental feature
	
May 30 2002 - Jose Marcio Martins da Cruz
	j-chkmail 1.1 RC1 release
	[FEATURES]
	- possibility to call external antivirus scanners interface was added
	  to Sophos sweep, McAfee uvscan, and Trendmicro vscan
	- possibility to save rejected messages for further analysis
	- some other filtering capabilities (see documentation) such as
	  - mail filtering accordingly to the number of recipients and the IP
	    network smtp connection comes from
	- j-chkmail behavior to signals
	  HUP - reloads configuration files
	  USR1 - dumps internal counters
	  USR2 - reset internal counters
	- some fault tolerant possibilities. Now, there is a supervisor process
	  which control runtime behavior of filters and control communications 
	  between them.
	- periodical task, such as dumping internal statistics counters are 
	  controled by supervisor process. There is no more need to set up 
	  cron tasks.
	- man pages
	- two new command lines 
	  - j-printstats - which prints internal counters values	  
	  - j-scanfile - a command line version of j-chkmail built-in scanner,
	    which you may use to scan mail files by hand or (maybe) use it 
	    with postfix (not checked).

Apr/30/2002 - Jose Marcio Martins da Cruz
	j-chkmail 1.01 Release
	[BUG] - Replacement message contained a null char at its end. This 
	  could cause problems with some mail clients
	[PORT] rpm packaging - thanks to Henri Gomez
	
Apr/18/2002 - Jose Marcio Martins da Cruz
	j-chkmail 1.0 - First official release


	
