Copyright (c) 2003-2006, James Lick All rights reserved. See LICENSE file for information on your legal rights to this software. Version 1.2.3 - Added error checking when temporary message file is made. Previously problems here would go undetected and cause empty or truncated messages being passed through, or silently disappearing if the filesystem were full or the file writing failed for some other reason. Thanks to Asheesh Laroia for reporting the problem. - Santiago Vila and Nick Price suggested that the configure.ac file be added to the distribution tar file so that distribution maintainers can more easily customize their install. - Santiago Vila requested that clean and distclean targets be added to the Makefile. Version 1.2.2 - Changed clamscanner options string to be set by the configure script. As part of this change, changed --disable-summary flag to --no-summary when clamscan is used because --disable-summary is being deprecated and may be removed. Also --mbox is not used when using clamdscan as that option is not needed. clamdscan still uses --disable-summary as despite the documentation, --no-summary doesn't work with clamdscan yet. - ClamAV version 0.80 no longer reports which program is being used (clamscan, clamdscan, etc.) when displaying the version string. Added code to have clamassassin add this back in. This defaults to on with ClamAV 0.80 and higher, devel, and unrecognized versions. The default is off for versions earlier than 0.80. As a side effect, echo was added as a prerequisite. - Added configure options --enable-name-adding and --disable-name-adding to override the default of whether the scanner name is added to the version header. - ClamAV version 0.80 reports the signature versions as part of the version string, so having clamassassin add it as well is redundant. Made it the default to not add it for 0.80 and higher, devel, and unrecognized versions. The default is off for versions earlier than 0.80. - Added configure options --enable-signature-version and --disable-signature-version to override the defaults of whether the signature versions should be reported. These changes were suggested quite a while ago by Dimitrios Michelinakis but gained new urgency when ClamAV 0.80 made it a requirement. - ClamAV version 0.80 uses a different version string format. Fixed configure to correctly parse the new version (and still parse the old). - Converted some repetitive tasks to shell functions to make things more modular and easy to change: error checking, exit cleanup, and creation of temp files. - Removed tr as a dependancy. Was replaced with a clever bit of sed that melts my brain when I try to think about it. Version 1.2.1 - Fixed bug that caused configure to fail when ClamAV 0.70 or older is installed. - Added ClamAV version checking in configure to check for compatibility. clamdscan will be disabled on incompatible versions. - Added --disable-version-check to skip compatibility checks. - Updated README to fully document compatibility. Version 1.2.0 - Converted to using gnu autoconf to make the "configure" script. Now all external pathnames are autodetected. The functionality of the old configure script was rewritten from scratch with similiar functionality as before. - In prior versions, the program name "ClamAssassin" was used in the X-Virus-Checker-Version header. For consistency with all other usage of the program name, this has been changed to all lower case. - --enable-subject-rewrite[=message] flag added to ./configure script to turn on Subject: header rewriting. A generic message will be used if one is not provided. - configure script now chooses alternate /tmp path via the TMP environment variable. - Now includes a simple Makefile so that people used to just doing "./configure ; make ; make install" will be happy. - It was reported by Mark Miksis that he was still experiencing the bug supposedly fixed in version 1.1.0 where the X-Virus-Report: header is set to 'OK'. The processing for the report header was completely rewritten in the process of fixing this bug finally. - In the above X-Virus-Report: header processing, usage of head and grep were eliminated from the script and tr was added as a requirement. - The X-Virus-Report: will now show if the message contains multiple infections. Unfortunately due to limitations in the current version of ClamAV, multiple infections are reported when using clamscan, but not clamdscan. - The signature versions are now included in the X-Virus-Checker-Version. This code is based on code by Robert Allerstorfer with some additional optimizations. This checks the actual signature files themselves, so there is a small possibility that clamd might not have the same versions loaded. Version 1.1.1 - With the 1.1.0 release, a problem cropped up with the paths to the common unix utilities. They were hardcoded to be in /bin which is true of many but not all systems. In particular, many Linux systems place the head utility in /usr/bin instead of /bin. There were also some reports of other path problems, but head seems to be the most common problem. Path to head changed to /usr/bin/head. This was reported by too many people to thanks individually. Version 1.1.0 - Changed file handling so that clamdscan could be used. (See README for requirements.) Too many people suggested this to acknowledge all of them. Thanks to all of them. Be sure to see the README to make sure your system is properly configured to use clamdscan. - Added -f flag to invocations of formail. This tells formail not to reformat certain headers and not to create a 'From ' line at the beginning. If this is not done, some mail systems such as cyrus would lose mail or be unable to display messages because of formatting problems. Thanks to Scott A. McIntyre for the suggestion. - Added X-Virus-Checker-Version header to include version information of the clamassassin script and which scanner and the version of ClamAV used. - Added option to rewrite the Subject: header with *****VIRUS***** at the front to warn users who manually sort mail, or use mail sorters that can't use arbitrary headers. This is similiar to SpamAssassin with the rewrite_subject setting on. Thanks to Tom Mollerus for the suggestion and sample code. - Added simple ./configure script to automatically set paths to formail, mktemp, and clamscan or clamdscan. Thanks to Andrej Kacian for the suggestion. - Previously the script had no error handling in the case that formail did not run properly. This most commonly would be due to misconfiguring the path for formail, so the automatic configuration in this version should help there. Nevertheless, formail could fail to run for other reasons and without any error checking this could lead to the message being lost. Not a good thing. clamassassin will now check if formail failed and if so it will exit with whatever code formail exited with. This will cause the message to be requeued or bounced, depending on the configuration of your MTA. Thanks to Jordan Russell for notifying me to the potential of the problem. - While fixing the error handling for formail errors, it was discovered that temp files may not be removed in some cases if the script exits with an error. This oversight was corrected. - During testing it was found that some viruses include more than one attachment in the message, which would cause some mishandling by clamassassin. While messages would properly be identified as infected, the X-Virus-Report line may only say 'OK', and non-compliant headers inserted after it. It has been recoded to show the first first infection detected. If there are multiple infections in different attachments, only the first will be shown. Please let me know if there's a strong need to have all infections reported, or if just one is sufficient.