;======================================================================== Revision: 2.8.0-25 Date: 2021/03/29 06:19:44 Bug-Fix: - Including /usr/sbin to PATH to start clement shell script started by cron. ;======================================================================== Revision: 2.8.0-22 Date: 2021/03/28 21:56:28 Bug-Fix: - Fixing debugging procedure tls_traceout. ;======================================================================== Revision: 2.8.0-16 Date: 2021/03/23 11:52:58 Bug-Fix: - Fixing PHP-8.0 compatibility within clement web interface (transit screen area). ;======================================================================== Revision: 2.8.0-12 Date: 2021/03/22 23:10:10 Bug-Fix: - Fixing problem not using CRLF while generating the WARNING message when email can't be sent in due time ;======================================================================== Revision: 2.8.0-7 Date: 2021/03/22 15:52:56 Bug-Fix: - Fixing problem not transmiting email using CRLF (only using LF), all email relaying use CRLF now). ;======================================================================== Revision: 2.8.0-1 Date: 2021/03/20 17:17:24 Upgrade : - Clement web site is now PHP-8.0 compatible - Better detection of CRLF Sequence during Email transmission - Source code cleaning to make valgrind happy - Detecting new header entry 'Recieved-SPF' ;======================================================================== Revision: 2.7.24-0 Date: 2020/01/19 17:07:16 Improvement: - Code source adjustement to be gcc-9.0.2 compatible - Compatible with Osukiss distribution ;======================================================================== Revision: 2.7.23-0 Date: 2020/01/14 20:13:11 Improvement: - Transit email management, better way to handle send and cancel group of email. New way seems better accepted by all avail browser. ;======================================================================== Revision: 2.7.22-0 Date: 2018/12/06 09:46:26 Improvement: - Better and more flexible way to define rejected remote IP class ;======================================================================== Revision: 2.7.21-0 Date: 2018/04/22 21:01:25 Improvement: - Not calling clamd RELOAD function, freshclam is doing it. - Better "Premature EOF" detection, when remote server disconnect link. ;======================================================================== Revision: 2.7.19-5 Date: 2018/03/11 10:10:43 Bug-Fix: - logrotate directive (clem-dovecot) with wrong create sequence. ;======================================================================== Revision: 2.7.19 Date: 2017/08/30 13:55:55 Bug-Fix: - Better Premature EOF (Link lost) detection, both in Crypted and clear transmission mode. Improvement: - Profile allow to Check for SPF SOFTFAIL ;======================================================================== Revision: 2.7.18-1 Date: 2017/05/02 21:42:29 Bug-Fix: - Change deliveryMode check from "local" to "localdelivery" ;======================================================================== Revision: 2.7.18 Date: 2017/05/02 21:05:58 Improvement: - In LDAP mode, if account include "mailForwardingAddress", "deliveryMode" status witll be check. If "deliveryMode" is set to "local", mail will be forwarded AND store in user mail-box. ;======================================================================== Revision: 2.7.17 Date: 2016/12/01 20:29:50 Bug-Fix: - Fixing Soft SPF status handling (was not properly displayed in logs). ;======================================================================== Revision: 2.7.16-2 Date: 2016/11/29 13:29:28 Improvement: - Major: * Soft-Fail SPF component are now understood as SPF error (was undertsood in previous clement version as "no SPF definition within domain"). * Some Spammer are hijacking domain with SPF using "~all" to look alike domain with SPF using "-all", this loophole allowing email phishing. * Case found; aep.com "American Electric Power" to impersonate aexp.com "American Express" via a non related IP. ;======================================================================== Revision: 2.7.16-1 Date: 2016/11/22 11:15:46 Bug-Fix: - Fixing SPF DNS text parsing. * Properly recognize multiple string ("str1" Str2") within DNS TXT or SPF field. ;======================================================================== Revision: 2.7.15-0 Date: 2016/08/04 11:01:38 Bug-Fix: - Major: * Multiple mailForwardingAddress definition within LDAP record was not handle properly, only the fist one was recognized. * Email could be lost if mailAlternateAddress and mailForwardingAddress are used within the same LDAP record. ;======================================================================== Revision: 2.7.13-0 Date: 2016/02/04 06:46:44 Bug-Fix: - Major: Wrong MIME format within the header subject line, was making the clement SMTP reader to crash. ;======================================================================== Revision: 2.7.12-0 Date: 2016/01/11 14:07:28 Improvement: - If From: Email header and enveloppe do not match report discrepancy in the web log (originator column). ;======================================================================== Revision: 2.7.9-0 Date: 2015/12/01 19:17:27 Bug-Fix: - Making sure the email 'override OK' is used even if the user seems to be a bad user. ;======================================================================== Revision: 2.7.8-0 Date: 2015/06/30 11:08:36 Bug-Fix: - notpaid.sh script is now working with new numbering version standard ;======================================================================== Revision: 2.7.6-0 Date: 2015/06/23 14:05:29 Improvement: - Adjustements to compile within el6 and el5 ;======================================================================== Revision: 2.7.4-0 Date: 2015/05/26 04:31:32 Improvement: - Changing numbering version standard. ;======================================================================== Revision: 2.6-6.9 Date: 2015/05/15 10:48:25 ;------------------------------------------------------------------------ Bug-Fix: - TLS connection, better way to detect EOF and extract remaining character in buffer (avoiding incoming Email timeout) ;======================================================================== Revision: 2.6-6.7 Date: 2014/09/23 10:06:44 ;------------------------------------------------------------------------ Bug-Fix: - Fix user's mail box full when receiving an email. Mail is rejected at SMTP protocol level. ;======================================================================== Revision: 2.6-6.6 Date: 2014/09/23 10:06:44 ;------------------------------------------------------------------------ Improvement: - User can login using its email address when domain authentication is done via LDAP. ;======================================================================== Revision: 2.6-6.5.1 Date: 2014/09/19 07:41:21 ;------------------------------------------------------------------------ Adustment: - LDAP SMTP authentication can work both with Mail and UID (Both field available within LDAP qmail). ;======================================================================== Revision: 2.6-6.4 Date: 2014/09/18 21:37:46 ;------------------------------------------------------------------------ Bug-Fix: - Fix Bug ldap, not able to find some alternate address ;======================================================================== Revision: 2.6-6.3 Date: 2014/09/18 15:51:22 ;------------------------------------------------------------------------ Improvement: - Better handling of mailAlternateAddress within ldap (not seen as email aliasing anymore) ;======================================================================== Revision: 2.6-6.1 Date: 2014/09/13 14:36:54 ;------------------------------------------------------------------------ Bug-Fix: - Fixed Shell_script spacecount.sh to properly count email space user per email account. ;======================================================================== Revision: 2.6-6 Date: 2014/09/04 00:06:09 ;------------------------------------------------------------------------ Bug-Fix: - Email error report (trouble to do email process) is now issued from "postmaster@'bad_recipien.domain'" (was previously issued from "postmaster@'originator.domain'" when sending the trouble report to originator). - Follow RFC-5322 to generate trouble report and make outlook server happy. ;======================================================================== Revision: 2.6-5 Date: 2014/08/30 11:34:53 ;------------------------------------------------------------------------ Adjustment - Production release, Removing old Fedora release enties from the "Clement Download and Install" web page. ;======================================================================== Revision: 2.6-4.9 Date: 2014/08/06 13:28:53 ;------------------------------------------------------------------------ Improvement: - Variable SSL_CIPHER_LIST is now defined within /etc/clement-2.6/clement.conf This variable allow to override Clement internal acceptable cipher selection. (Problem with me.com MX, not able to accept TLS connexion). ;======================================================================== Revision: 2.6-4.8 Date: 2014/07/01 15:38:30 ;------------------------------------------------------------------------ Bug-Fix: - Change space usage scanning script (checkcount.sh,quotamail.sh, spacecount.sh) to hanlde user usedbytes field record. Improvement: - Trace deletion within transit screen ;======================================================================== Revision: 2.6-4.7 Date: 2013/12/31 08:50:50 ;------------------------------------------------------------------------ Improvement: - Defining '!' to refuse relaying for an IP within relay liste. this allow to define one specific IP not to be relayable, while an IP range which contain it, is defined as relayable. ;======================================================================== Revision: 2.6-4.6 Date: 2013/12/30 01:04:09 ;------------------------------------------------------------------------ Bug-Fix: - AUTH PLAIN received from a MacOS-7.1 was not properly scanned when clement was used as an authenticated outgoing email server. ;======================================================================== Revision: 2.6-4.2 Date: 2013/10/16 12:35:56 ;------------------------------------------------------------------------ Bug-Fix: - Fixed an MX problem. Clement was not able to send a message (an error report) to itself, bug was was forcing secondary usage MX. Improvements: - Run cppcheck on clement code and removed warning about realloc function. ;======================================================================== Revision: 2.6-4.1 Date: 2013/09/25 07:58:28 ;------------------------------------------------------------------------ Bug-Fix: - Fixing CORE DUMP event within the banned/trusted server list generation. ;======================================================================== Revision: 2.6-4.0 Date: 2013/09/02 10:44:25 ;------------------------------------------------------------------------ Adjustement: - Increasing waiting time from 15 sec to 60 for clamav data-base reloading. On slow|busy system previous timing was not large enough to have the virus scanner detected. ;======================================================================== Revision: 2.6-3.8 Date: 2013/08/16 18:37:19 ;------------------------------------------------------------------------ Bug-Fix: - Reading the file /etc/sysconfig/clement when starting clement (/etc/sysconfig/clement is used to specify the number of checker usable to treat incoming email). Improvment: - List allow to see statistics according email status (accepted, rejected, quarantine). Graphic display is available ;======================================================================== Revision: 2.6-3.5 Date: 2013/07/11 23:59:28 ;------------------------------------------------------------------------ Bug-Fix: - Fixed problem with user authentication when the remote link for user group was set to be POP3S over a SSL link. ;======================================================================== Revision: 2.6-3.0 Date: 2013/06/20 23:14:04 ;------------------------------------------------------------------------ Improvment: - Compatible with systemd init process for Fedora distribution - Keeping display configuration within the session - Adding the "-k" option to have clement to kill its running daemon ;======================================================================== Revision: 2.6-2.17 Date: 2013/05/28 14:41:35 ;------------------------------------------------------------------------ Bug-Fix: - Fixing MySQL syntaxe to clean data-base overrides table, in the MySQL versions, overrides data were deleted every night, the learning process was impaired. ;======================================================================== Revision: 2.6-2.14.3 Date: 2013/05/28 14:41:35 ;------------------------------------------------------------------------ Improvment: - Transit screen, Clement admin can request to reseend (or cancel) ALL found transit entry by clicking on "resend" (or "cancel") graphic icon. - Better way to generate distribution dependant clement.repo file. ;======================================================================== Revision: 2.6-2.14.2 Date: 2013/05/18 11:54:13 ;------------------------------------------------------------------------ Improvment: - Better detecting if spamassassin is up and running (some version lock with spamassassin other with spamd) Bug-Fix: - Refreshing curtag file before generating a new distribution (fixing a potential wrong version numbering) ;======================================================================== Revision: 2.6-2.13 Date: 2013/05/17 14:03:34 ;------------------------------------------------------------------------ Bug-Fix: - Properly looking for variable SNMPPORT within rebounce.sh - cmailc is now running under a standard user UID (clement) instead of root. ;======================================================================== Revision: 2.6-2.12 Date: 2013/05/16 23:58:36 ;------------------------------------------------------------------------ Improvment: - Adding program clmailc to have a better piping handling. ;======================================================================== Revision: 2.6-2.9 Date: 2013/05/07 18:01:40 ;------------------------------------------------------------------------ Improvment: - Adding email piping. Lets say all email to a user named 'tobepiped' are to be piped to a shell script named 'rebounce.sh' (this script example is available within /usr/lib/clement-2.6/shell), you just need to define an alias such 'tobepiped' alias is '| rebounce.sh'. This can be done using web interface. (domains manag. -> click user domain -> aliases -> New alias). ;======================================================================== Revision: 2.6-2.0 Date: 2013/05/01 10:52:15 ;------------------------------------------------------------------------ Improvment: - Removing 'dnsbl.njabl.org' from the BLS list ;======================================================================== Revision: 2.6-1.1 Date: 2013/04/29 06:48:30 ;------------------------------------------------------------------------ Improvment: - Using yagac-lib as garbage collector. - Mergins pgsql and mysql version, decision done by sys-admin at first install. - /etc/clement-2.6/clement.conf allow sysadmin to fine tune clement configuration. - Can use LDAP as authentication chanel, retreive official email address from alternat email and use ldap to retreive aliases list. - Clement quota information are now available to dovecot to be used in IMAP protocol. - Same user can open multiple clement session in parallel. - Traffic statistics are now available and graphic can be displayed. Bug Fix: - Better MX forwarding do no loop email on itself if first priority MX to which rebounce email is not responding (case when receiving email as secondary MX and primary MX still not responding). - Able to Find IPV6 number, if the EHLO hostname is only IPV6 ;======================================================================== Revision: 2.5-148.10 Date: 2012/12/09 13:40:50 ;------------------------------------------------------------------------ Production Release Bug Fix: - Return a status if AUTH sequence is not SMTP protocol compliant. (returning a status if auth say only "AUTH PLAIN"). ;======================================================================== Revision: 2.5-148.9 Date: 2012/11/19 13:29:36 ;------------------------------------------------------------------------ Production Release Bug Fix: - Considere local plain aliase email as good originator when working in smart relaying mode. Improvement: - Removing bl.ipv6.spameatingmonkey.net from the IPV6 SBL server list. its DNS is not responding anymore. ;======================================================================== Revision: 2.5-148.8 Date: 2012/10/21 15:03:52 ;------------------------------------------------------------------------ Production Release Bug Fix: - Fixd a crash Dump, not detecting a null pointer result from routine cnv_getb64. ;======================================================================== Revision: 2.5-148.7 Date: 2012/10/11 13:54:18 ;------------------------------------------------------------------------ Production Release Bug Fix: - Forwarded email Status was improperly reported by clement web interface and reported email subject was always set to "E-mail will be forwarded". Status and Subject are now back to normal. ;======================================================================== Revision: 2.6-0.0 Date: 2012/08/29 06:48:30 ;------------------------------------------------------------------------ Improvment: - Using yagac-lib as garbage collector. - Mergins pgsql and mysql version, decision done by sys-admin at first install. - /etc/clement-2.6/clement.conf allow sysadmin to fine tune clement configuration. ;======================================================================== Revision: 2.5-148.6 Date: 2012/10/05 15:06:49 ;------------------------------------------------------------------------ Production Release Improvement: - Smart relaying take care of message allready forwarded to trappe (matching the email MSG-ID) rebounced email from the forwarded host. ;======================================================================== Revision: 2.5-148.5 Date: 2012/10/02 08:04:33 ;------------------------------------------------------------------------ Production Release Improvement: - Better logs about auxiliary daemon (clamd, spamd) status during starting phase. - Adjusting various messages and logs about multipath smart relaying. Bug Fix: - Subprocess starting clock (getmillisec()) is now fully synchronized between clement subprocess. ;======================================================================== Revision: 2.5-148.3 Date: 2012/09/30 14:30:00 ;------------------------------------------------------------------------ Production Release Improvement: - In smart relaying mode, clement check if the user is known and active. If user is using an email foreign to clement (ex: sending email as someone@gmail.com), a multipath table is provided to link such external email to a known user. Bug Fix: - When checking MX for relayed Email, try all MX until a IP is found good (was just checking MX0, if remote sys-admin, by mistake, unproperly configure relayed domain first MX, email was rejected instead to be relayed). ;======================================================================== Revision: 2.5-148.2 Date: 2012/08/28 15:48:22 ;------------------------------------------------------------------------ Production Release Improvement: - POP3TLS and IMAPTLS are now fully supported within clement. ;======================================================================== Revision: 2.5-148.1 Date: 2012/08/28 00:20:46 ;------------------------------------------------------------------------ Production Release Bug Fix: - SQL unknow type fix, was cause by improperly closing the data-base when doing 'startdoban' procedure. - POP-3 and IMAP authentification channel are working in PHP 'notls' mode by default. Improvement: - Adding POP3TLS and IMAPTLS to be able to use TLS mode for authentication on both IMAP and POP3 protocol. ;======================================================================== Revision: 2.5-148 Date: 2012/08/20 13:38:00 ;------------------------------------------------------------------------ Production Release Bug Tracking: - Inserting a core dump when detecting an SQL unknown type, such we have data to do some 'forensic' about this strange bug happening once in a while. ;======================================================================== Revision: 2.5-147.15 Date: 2012/08/13 15:39:02 ;------------------------------------------------------------------------ Production Release Bug Fix: - Fixd small memory corruption, when a remote user posting with an authentication sequence was not providing a password at all. ;======================================================================== Revision: 2.5-147.14 Date: 2012/08/12 21:17:00 ;------------------------------------------------------------------------ Production Release Adjustment: - Change module utlgac.c to include version numbering inside, this to have an autonomos utlgac module (Garbage collector) in future. ;======================================================================== Revision: 2.5-147.12 Date: 2012/08/09 16:46:15 ;------------------------------------------------------------------------ Production Release Bug Fix: - In mysql comment "--------------" are not acceptable, changed comment to be "-- -----" - Fix a segmentation violation within the banned list generator (MAJOR). ;======================================================================== Revision: 2.5-147.11 Date: 2012/08/02 14:59:05 ;------------------------------------------------------------------------ Production Release Bug Fix: - While contacting a remote smtp to send an email, report properly the status if remote reject connexion at signon level. Instead to say "error=". - Fixd the huge number of minutes reported in the Warnnig message sent to user when unexpected delay are noticed by clement sending an email outside (Thanks to Stephen Bingram). Improvement: - Better retry time tracking when unsuccessfully trying to send an email to a foreign remote server. - Echo suppression when remote exchange banned ip list, banned list was looping between 2 systems when list was transmitted via a third system. ;======================================================================== Revision: 2.5-147.10 Date: 2012/07/29 09:55:22 ;------------------------------------------------------------------------ Production Release Bug Fix: - Reverse address are now properly found when checking PTR directive within SPF record. - Fixing table banned|trusted info record definition to be 8192 instead of 4096; - Fixd a "memory violation" when not parsable banned stream data are found within the data-base and an update is applied. - Fixd a repeated satement "Yes, it is recommended to use Clement to relay..." in FAQ (Thanks to Stephen Bingram). - Fixd a coredump when spamassassin was not responding (time out) to spam check request. - Reversing "Trusting","Trusted" status display in the web "trust Management" interface. Improvement: - Reverse address are now provided/extracted within the banned/trusted record. This is to make the banned and trusted list managament easier for Administrators. Search under IP or name is now possible. - Setup a very strong Garbage Collector to recover memory assignement lost by 'Yacc Parsing error recovery phase' (IE: wrong header format in email) ;======================================================================== Revision: 2.5-147.9 Date: 2012/07/16 22:38:20 ;------------------------------------------------------------------------ Production Release Bug Fix: - IP_banned email status can be orverrided by standard user now. - Banned list scan process was staying in zombie state, locking out next scan, such update were NOT transmisted to trusted remote. (major Bug). - Group interface, cron activation days can be now ALL unselected (If at least one day was not selected, saving this new configuation was not working). - When a quarantined email is recalled, use E-From domain instead of H-from domain. If both domain were not the same, override directive was not working correctly with next Email. Improvement: - Better parsing error handling when scanning banned list transmitted from trusted remote. ;======================================================================== Revision: 2.5-147.7 Date: 2012/07/06 07:25:46 ;------------------------------------------------------------------------ Production Release Improvement: - Adding ipbin record within 'banned' and 'trusted' IP table, such IP aggregation and IP range detection is faster. ;======================================================================== Revision: 2.5-147.5 Date: 2012/07/03 08:32:25 ;------------------------------------------------------------------------ Production Release Bug Fix: - Trusted remote server list can be searched by ip number - User space count script shell is now properly working if username include a single quote (ex: o'brien). ;======================================================================== Revision: 2.5-147.4 Date: 2012/06/29 00:33:20 ;------------------------------------------------------------------------ Production Release Bug Fix: - Trusted remote IP formating is now propley normalised such the SMTP connection to feed remote with banned list can be properly done. ;======================================================================== Revision: 2.5-147.3 Date: 2012/06/27 13:40:54 ;------------------------------------------------------------------------ Production Release Bug Fix: - Status set within the 'banned' DB table was improperly set to '1' (no status) instead of '2' (banned) by 'now banned' detector (utility clmtrst, called via cron). ;======================================================================== Revision: 2.5-147.2 Date: 2012/06/27 01:20:45 ;------------------------------------------------------------------------ Production Release Bug Fix: - Available timezone list was not working with php version lower than 5.2. Code is adjusted and dependency to php >= 5.2 is set in spec file. ;======================================================================== Revision: 2.5-147.1 Date: 2012/06/19 09:26:07 ;------------------------------------------------------------------------ Production Release ;======================================================================== Revision: 2.5-146.14 Date: 2012/06/14 19:24:20 ;------------------------------------------------------------------------ Improvement: - Email address as mc'donald@domain1 or O'brien@domain2 are now fully working (need dovecot-2.0). - A new "needreverse" flag can be added to user profile and request remote server to have a full reverse-address to accept incoming email. - Clement quarantine report a now set to be coming from localhost (127.0.0.1) instead of nowhere (0.0.0.0). ;======================================================================== Revision: 2.5-146.13 Date: 2012/06/06 10:21:48 ;------------------------------------------------------------------------ Bug Fix: - Cron was not initiated at the right time but rather at Midnight when the cron was not scheduled to run the previous day. ;======================================================================== Revision: 2.5-146.12 Date: 2012/06/05 13:48:16 ;------------------------------------------------------------------------ Bug Fix: - Incoming email size was not properly counted, this make calling spamassassin even if the email is too big for it. ;======================================================================== Revision: 2.5-146.11 Date: 2012/05/27 20:48:52 ;------------------------------------------------------------------------ Bug Fix: - Script quarantinemail.sh, procedure stamtgz was not working properly in MySQL data-base configuration - Group cron shell script name was improperly set in the group creation PHP interface. Improvement: - User authentication to allow email posting can use IMAP protocol now. POP3,POP3S,IMAP,IMAPS are available to access the group authentication server. ;======================================================================== Revision: 2.5-146.10 Date: 2012/05/25 23:05:48 ;------------------------------------------------------------------------ Bug Fix: - Changing header entry "X-Clement-Spam-Level=" to "X-Clement-Spam-Level::. This was causing header reading trouble by some email reader. ;======================================================================== Revision: 2.5-146.8 Date: 2012/05/25 20:40:44 ;------------------------------------------------------------------------ Bug Fix: - Fixing base64 conversion last modification to have "AUTHENTICATE PLAIN" working back (null charactere was not properly detectedi within password subroutine). ;======================================================================== Revision: 2.5-146.7 Date: 2012/05/25 14:14:14 ;------------------------------------------------------------------------ Bug Fix: - /usr/lib/clement-2.5/support/expire.sh was not properly working with MySQL type data-base. ;======================================================================== Revision: 2.5-146.6 Date: 2012/05/25 10:11:46 ;------------------------------------------------------------------------ Bug Fix: - /usr/lib/clement-2.5/support/expire.sh was missing from RPM building process. - Fixing base64 to properly carry NULL character conversion. ;======================================================================== Revision: 2.5-146.5 Date: 2012/05/23 10:44:55 ;------------------------------------------------------------------------ Bug Fix: - /usr/bin/dig is now required(post) within the clement spec file (installtion dependancy). Improvement: - SSL (port 465) is now available to enter in crypted mode directly. ;======================================================================== Revision: 2.5-146.3 Date: 2012/05/16 14:11:31 ;------------------------------------------------------------------------ Bug Fix: - Clement's admin can now set orgdom and orgnam to be '*', such all email comming from a specific IP set to a one local domain can be rejected regardless originator email. ;======================================================================== Revision: 2.5-146.0 Date: 2012/05/01 21:10:19 ;------------------------------------------------------------------------ Major Release Bug Fix: - Trap status CHKUSR when internal remote SMTP server is not responding to confirm local user is existing. Improvement: - "Quarantine list scheduler" can now be defined from the web interface. A new sub-menu is added to group definition. Clement's admin can define, time to make the quarantine list (once a day) and the days within week to issue the list. - "IP fully banned" list is now handle. Such all recipient coming form a fully banned IP will be rejected. - Clement is now able to classified an IP as "fully banned" according previously received email. Statistic information are extracted from emlogs database table. - Database lock to access INQUEUE table is make faster, lock row instead of table. - Mysql data-base table engine is now MyISAM instead of innodb. Recovering data-base backup was too slow with previous innodb engine. MySQL data-base structure was updated when clement was updated to 2.5-146. - Same administrator ID can manage more than one group. - SMTP protocol extension, to allow server within a trusted mesh to share data about banned remote server. Keyword used to send Banned list is "TRUSTING". ;======================================================================== Revision: 2.5.0-145.12 Date: 2012/01/11 21:10:19 ;------------------------------------------------------------------------ Production Release Bug Fix: - Group default profile was not properly found when allowed user is relaying emails outside, the wrong email profile (the external one) was used instead of the group one. Improvement: - Better indexing for 'inqueue' database table (to speed up inqueue extraction). - Bad Helo (not a FQDN hostname), is now seen as a wrong MX and detection can be overrided by setting the MX flag detection to off in user profile. ;======================================================================== Revision: 2.5.0-145.10 Date: 2012/01/08 00:33:23 ;------------------------------------------------------------------------ Production Release Bug Fix: - Override directive was NOT working when email was to be sent to a better MX (Internal Email server case). This is major bug, you must upgrade if your clement is acting as a front end to an internal Email server. Improvement: - Better user's group detection when reject/warning message are composed by Clement. ;======================================================================== Revision: 2.5.0-145.9 Date: 2012/01/05 19:57:28 ;------------------------------------------------------------------------ Production Release Bug Fix: - Fixd live configuration update timing. - Versions discrepancy is now issued when clement is already EID is set to clement (This fix some clement journal log ownership). ;======================================================================== Revision: 2.5.0-145.6 Date: 2012/01/04 11:01:11 ;------------------------------------------------------------------------ Production Release Bug Fix: - Fix BASE definition problem within support shell script quotamail.sh - Fix "duplicate key violates unique constraint" within support shell script docounter.sh - Updating group number with WEB interface in relay definition menu. ;======================================================================== Revision: 2.5.0-145.5 Date: 2012/01/03 17:08:24 ;------------------------------------------------------------------------ Production Release Bug Fix: - Relayed user specific profile, (user from relayed origin AND defined within the database with a specific working profile) is now properly extracted. ;======================================================================== Revision: 2.5.0-145.4 Date: 2011/12/30 03:00:11 ;------------------------------------------------------------------------ Production Release Bug Fix: - Cron called shell script "docunter.sh" was missing from RPM definition. This script is used every day by cron to count the current day transactions. ;======================================================================== Revision: 2.5.0-145.3 Date: 2011/12/30 00:48:49 ;------------------------------------------------------------------------ Production Release Bug Fix: - Fixd data-base lock trouble when extracting a quarantined email. This bug is MySQL data-base ONLY. If you are using MySQL you must upgrade clement version (No need to update Clement if you are using PostgreSQL data-base). ;======================================================================== Revision: 2.5.0-145.1 Date: 2011/12/29 15:46:29 ;------------------------------------------------------------------------ Production Release Bug Fix: - Fixd RPM spec file, version release number was improperly set to 45 instead of 145 (no impact on Clement code itself). ;======================================================================== Revision: 2.5.0-145 Date: 2011/12/27 16:16:42 ;------------------------------------------------------------------------ Production Release ;======================================================================== Revision: 2.5.0-144.7 Date: 2011/12/22 11:12:54 ;------------------------------------------------------------------------ Release Candidate Bug Fix: - Detect 'email from domain' with MX but without IP related to MX, as a without MX domain. - User profile 'check remote MX' status is now working properly, if profile do not care about missing MX, mail will be accepted. - Change display status when internal remote is not responding from "Grey Listing" to "Need to check user, retry later". ;======================================================================== Revision: 2.5.0-144.5.5 Date: 2011/12/19 15:35:19 ;------------------------------------------------------------------------ Release Candidate Bug Fix: - Fixd MySQL syntaxe error when updating overrides tables ;======================================================================== Revision: 2.5.0-144.5 Date: 2011/12/18 19:34:33 ;------------------------------------------------------------------------ Release Candidate Improvements: - Relayed IP/mask are now linked to a groupid (one per default) and data are store within the data-base. - Updating Clement FAQ - Changing repo file, putting extra definition before test repo definition. - Adding bubble help to major configuration interfaces - Checking for SPF record (type 99) within remote domain DNS before to look for SPF within TXT (old standard). - Better journalling when remote server is sending request with syntaxe error (done for both "Mail From:" and "RCPT To:" - When probing remote internal server for carried domain, us a empty from "<>" instead of Bug Fix: - On line new configuration changes are now properly detected. - /etc/init.d/clement script, quoting variable "$hostipv4" and "$hostipv6" - Taking the alias group ID as incoming group ID when aliased name is to reach outside clement domain (to avoid group id 0). - Dovecot-2.0 was unable to deliver email localy when called by deliver.sh, the problem was caused by wrong ownership when calling database. - In MySQL setup, emltrt index components where st too small, 40 characters was not big enough as the 'session' record can reach 50 characters. emltrt_ndx component size is now 80 characters. - If an internal user (to be forwarder to an internal mail server) is like (including a quote), storage in data-base cache was not working. ;======================================================================== Revision: 2.5.0.143-5 Date: 2011/12/14 ;------------------------------------------------------------------------ Production Release Adjustment: - Clement running with clamd 0.97-3 version Bug Fix: - The m_empty case was missing in setting the email session status in case of data collection timeout. - Collecting stderr result from dovecot delivery program to feed /var/log/clement/deliver-errors.log. This is needed if /etc/dovecot/dovecot.conf set debug flags to 'yes' - Discarding found remote MX IP when the IP is "127.0.0.1" or "::1" (to avoid mean DNS setup). - Adding a "Return-path: <>" in bounced email header. - Clement now detect if a "smart" admin set up a localhost.localdomain as domain MX. ;======================================================================== Revision: 2.5.0.143-4 Date: 2011/12/10 20:40:38 ;------------------------------------------------------------------------ Production Release Bug Fix: - Better handling when a contact with an internal forwarder is not succesfully completed (ie: connection established, but no signon). - Fix the case where the internal forwarder do not respond to a double check about an email alias found previously (Clement was doing a core dump in this unexpected configuration). - Use 'postmaster' instead of 'Mailer_daemon' for email's bounce. ;======================================================================== Revision: 2.5.0.143-3 Date: 2011/12/08 20:00:50 ;------------------------------------------------------------------------ Production Release Bug Fix: - MySQL language syntax error, ROOLBACK -> ROLLBACK. This error trigger alarm in /var/log/messages and make the data-base sometime unconsistent. Update is mandatory if you running clement with a MySQL database - Fixd comstat message about unexpected status to be less prone to report an error ;======================================================================== Revision: 2.5.0.143-2 Date: 2011/11/25 15:35:23 ;------------------------------------------------------------------------ Production Release Bug Fix: - Clement install procedure now detect the case where there is no IP resolution with server name ;======================================================================== Revision: 2.5.0.143-1 Date: 2011/11/12 19:34:33 ;------------------------------------------------------------------------ Production Release ;======================================================================== Revision: 2.5.0.142-29 Date: 2011/11/12 19:30:58 ;------------------------------------------------------------------------ Improvement: - Checking current release status against clement released version as reported via DNS. ;======================================================================== Revision: 2.5.0.142-28 Date: 2011/11/11 06:06:21 ;------------------------------------------------------------------------ Test Release Bug Fix: - Set a default origin group in case we are not able to assign both a originator and a recipient owner group. - Small adjustement in transit status if senddata return ERRPROC. Improvement: - Adding spare channel in IPC (case the process exit but not yet detected). ;======================================================================== Revision: 2.5.0.142-27 Date: 2011/11/11 00:53:34 ;------------------------------------------------------------------------ Test Release Bug Fix: - Better handling of transit status in RCPT command. - properly display IP number as "?.?.?.?" if connection vanished before fully establihed. Improvement: - SPAM content detection apply to mail smaller than 1 MBytes, previous value was 256 KBytes. ;======================================================================== Revision: 2.5.0.142-26 Date: 2011/11/10 21:03:47 ;------------------------------------------------------------------------ Test Release Bug Fix: - Catching the "BOUNCE" status within eml_getcomstat procedure and returning a m_delayed status instead of m_undefined. Improvement: - Email current in transit status is now displayed as meaningful word instead of dry number. ;======================================================================== Revision: 2.5.0.142-24 Date: 2011/11/09 18:56:57 ;------------------------------------------------------------------------ Test Release Bug Fix: - Email to be set 'toforward' status are properly set to 'empty' status if no email data is provided by remote. ;======================================================================== Revision: 2.5.0.142-23 Date: 2011/11/09 12:57:10 ;------------------------------------------------------------------------ Test Release Bug Fix: - When Clement start, email to be transited already in "progress" mode in the inqueue table, (Clement quick shutdown without time to update inqueue), are set to pending mode. - Better handling of the email inqueue retry counter. - When a warning "not yet sent" is issue for an email, this email stay inqueue instead to reach the trouble queue. Only when rebounce message "can't be send" is issue, email is transfered to trouble queue. ;======================================================================== Revision: 2.5.0.142-19 Date: 2011/11/08 21:01:28 ;------------------------------------------------------------------------ Test Release Bug Fix: - Major: Transiter process is NOT able to dispatch new "tracker sender" process if one tracker process in the list is still busy. Further process in the tracker list are NOT checked for completion. The overall email sending become slow. ;======================================================================== Revision: 2.5.0.142-18 Date: 2011/11/07 20:20:59 ;------------------------------------------------------------------------ Test Release Bug Fix: - Transit file are sometime lost from sight and stay in the transit directory until manually deleted. - Bug fixing in the queue management process and cleaning shell upgrade to remove runaway file. ;======================================================================== Revision: 2.5.0.142-17 Date: 2011/11/03 21:18:29 ;------------------------------------------------------------------------ Test Release Bug Fix: - Whitelisting when remote server IP is within an IPV6 network, was not properly working. ;======================================================================== Revision: 2.5.0.142-16 Date: 2011/11/02 17:57:50 ;------------------------------------------------------------------------ Test Release Bug Fix: - Using originator from to resend email to internal server instead of "postmaster@...". If the Email was accepted by remote but a problem discovered later on by internal server, internal server postmaster was advised instead of the real original sender. Now, original sender will be warned. - Display the "folder" icon when admin is root level and domain is set remote. ;======================================================================== Revision: 2.5.0.142-15 Date: 2011/10/31 06:07:16 ;------------------------------------------------------------------------ Production Release Bug Fix: - Some remote authentication could be reported as good while the password is returned wrong (bad Synchronisation in Pop-3 response parsing). ;======================================================================== Revision: 2.5.0.142-14 Date: 2011/10/26 03:36:37 ;------------------------------------------------------------------------ Production Release Bug Fix: - Recurring crash, if the to rebounce email subject containt character like ["'`] (shell script was confused about it). Subject is now cleaned before submitted to report script. The reported subject was then "Null" which was not 'expected' by program. ;======================================================================== Revision: 2.5.0.142-13 Date: 2011/10/25 14:54:10 ;------------------------------------------------------------------------ Production Release Bug Fix: - Showing retry sending number within transit queue. - Showing the Email sender instead of postmater when forwarding Email to internal server in transit queue. - Fixing refresh time when internal user status is temporarily unknown. - If remote server is not responding while sending an email batch, do not try to send further email remaining in batch. ;======================================================================== Revision: 2.5.0.142-11 Date: 2011/10/22 00:20:54 ;------------------------------------------------------------------------ Production Release Bug Fix: - Removing some journalling logs generated by checker module but never purged from journal queue (memory leak over time). ;======================================================================== Revision: 2.5.0.142-8 Date: 2011/10/18 19:53:04 ;------------------------------------------------------------------------ Bug Fix: - Sending "not yet sent" at the third strike ONLY if the email third try was not successful - Better trace when remote host is not responding. ;======================================================================== Revision: 2.5.0.142-7 Date: 2011/10/17 15:20:50 ;------------------------------------------------------------------------ Release Candidate Improvements: - Recipient inactive status is used even if there is a specific overrides directive between originator and recipient. - If relayed Email is not sent within 3 strikes, a warning email about delay is sent to original sender. - Email sending traces are now available in "transit" email web page. - Email to be sent to remote are done in bigger crunch; multiple emails and up to a total of 200 recipients. Only a maximun of 3 channel is open to the same MX domain. - Adjusting RSET command timing delay (100 Millisec in normal mode). - The email resend time is weighted by the number of unsuccessful attempt Bug Fix: - MX host is properly found even if its TTL is defined to be 0. - If terminal error status (>500) is sent once the email was transmitted (DATA Mode), email is properly bounced and discarded. - If the same email generat multiple error (ex: more than one user unknown), as many rebounce as there is error are generated. - quarantinemail.sh shell script, last quarantine scan was displayed without the hour:minute part when sending email to users. - quarantinemail.sh shell script, fix error was subject was a single "!". - Fixing LOCK acces within Postgresql data base. ;======================================================================== Revision: 2.5.0.141-13 Date: 2011/09/23 13:58:48 ;------------------------------------------------------------------------ Production Release Bug Fix: - When sending more than one Email to same host server, do a RSET if an Email can't be sent (ex: recipient unknown), before to start the next email. Improvement: - Not checking email contents with spamassassin if Mail is bigger than 256k. - If mail size is specified within "MAIL FROM" (SIZE=), announced mail size is checked against user profile mail size limit. ;======================================================================== Revision: 2.5.0.141-10 Date: 2011/09/21 01:31:52 ;------------------------------------------------------------------------ Production Release Bug Fix: - Fixing a small memory leak withing modtrt.c, some memory not freed before exiting main process. Improvement: - Relaying IP number, 2 ways are now possible. - in the smart mode, relayed originator domain email is checked - In forced mode, relayed orginator domain email is not checked (email rebounce could reach a 'by-stander'). - If user try to authenticate without a domain part and is successful (remote authentication case), the first domain with the fist group is added to name to become its access full ID ;======================================================================== Revision: 2.5.0.141-9 Date: 2011/09/12 18:05:02 ;------------------------------------------------------------------------ Production Release Bug Fix: - Major Bug: Attachement not always fully transmitted to a remote recipient, when the link is slow and in plain transmission mode (NOT TLS). (Bug introduced with 2.5.0.141-6) ;======================================================================== Revision: 2.5.0.141-7 Date: 2011/09/09 13:18:18 ;------------------------------------------------------------------------ Production Release Bug Fix: - External user (clement user with email box on another system) are now receiving clement quarantine daily report. ;======================================================================== Revision: 2.5.0.141-6 Date: 2011/09/09 00:04:47 ;------------------------------------------------------------------------ Production Release Bug Fix: - Fixd wrong status detection problem if E-mail was fully sent to a foreign system but not acknowledged as received by the remote system. ;======================================================================== Revision: 2.5.0.141-3 Date: 2011/09/06 20:56:54 ;------------------------------------------------------------------------ Adjustement: - Moving web.clement directory to within /var/www/clement-2.5 directory instead to be /var/web/clement-2.5. selinux was puzzled and is refusing to execute CGI ;======================================================================== Revision: 2.5.0.141-2 Date: 2011/09/06 18:08:17 ;------------------------------------------------------------------------ Bug Fix: - Adding an index on emlogs table on session record, to speed up transaction record retrieval. ;======================================================================== Revision: 2.5.0.141-1 Date: 2011/09/05 18:05:20 ;------------------------------------------------------------------------ Improvement: - Session logs are store in the data-base too (seslogs table) and keep for sysconfig $timeJrl days. - Detailled logs are now open in specific browser Java window (next detailled log request do not overwrite previous request one). - Search status field is now presented in alphabetical order. - You can set a "spam limit" within user profile, if "spam limit" is not set within the user profile, spammassassin global value is used. - If within a alias list a component is without domain name, the alias domain name is used to assign component domain names. - If an alias include a foreign address, this external address is included in the overrides table as it was directly send by originator to the foreign recipient. - Clement WEB presentation is now part of the release (such Clement Doc is now included with release). - Improved email transit (out going email) logs. - Improved email transit search, you can now search both on domain and full email for originator or recipient.. - The relayed email are checked about their protocol consistency, Relayed Email must but sent using an originator domain known by clement. Unrelated/foreign/none existing domain are not accepted to post relayed email UNLESS set within 'override' table. - Relayed email are checked againt loopback, as when found MX reach the same IP as clement is binded to. - Created a demo mode ($demoversion=true within file /etc/clement-2.5/clement.php) such standard user can't change their password or auto-reply value. Bug Fix: - Mail seen "accepted with special agreement" are not checked for spam level anymore. ;======================================================================== Revision: 2.5.0.139-1 Date: 2011/06/24 13:09:02 ;------------------------------------------------------------------------ Adjustement: - Displaying request and field when reporting DNS record anomalies found. ;======================================================================== Revision: 2.5.0.139-1 Date: 2011/06/24 13:09:02 ;------------------------------------------------------------------------ Production Release ;======================================================================== Revision: 2.5.0.138-12 Date: 2011/06/23 23:58:41 ;------------------------------------------------------------------------ Release Candidate Improvement: - Authentication can be verified via the group remote authentication server using both POP3 and POP3S protocole. ;======================================================================== Revision: 2.5.0.138-11 Date: 2011/06/22 22:22:35 ;------------------------------------------------------------------------ Release Candidate Adjustement: - New SID is not displayed in log if the session is ended either by timeout or by 'quit' - Session is disconnected after a Reset if the total of error received is above a limit. - Spec file improvement to generate repo file for some distribution only. Improvement: - Can be compiled under sl6,el4,el5 and fedora-release distribution ;======================================================================== Revision: 2.5.0.138-4 Date: 2011/06/08 17:27:06 ;------------------------------------------------------------------------ Release Candidate Bug Fix: - when sending an email to stephan.o'reilly@domain.com, database 'overrides' table is properly updated. Adjustement: - Updating SPEC file to add required package (compiling under mock) ;======================================================================== Revision: 2.5.0.138-2 Date: 2011/05/30 15:04:57 ;------------------------------------------------------------------------ Release Candidate Bug Fix: - Trouble to make difference between missing DNS (not responding) and no DNS data provided. - Create a specific dns routine to check if EHLO data is a Fully Qualified Domain. - dns_gooddomdns, do not mixe up answer "no data" with "no answer", DNS request time-out is recognised as such. ;======================================================================== Revision: 2.5.0.138-1 Date: 2011/05/27 18:51:38 ;------------------------------------------------------------------------ Release Candidate Adjustement: - "Too Many RCPT" SMTP return status is now a 'terminal status' (in 500 range) instead to be a temporary status (in 400 range) - Rebounced email transation do show up in logs now. - If a "to be relayed email" is to be sent to an unknown domain recipient, email is accepted if there is special directive within the override data-base table. Email will be rejected later on to "email originator" (instead to rejected while receiving it) with the email transit process. This is a bypass to address application which are not able to fully comply with SMTP protocol and are not able to understand a reject while sending the email. Bug Fix: - Configuration check for change is now done every minute instead of every second. - checkdeleted.sh do not try to remove the '.' and '..' drectory anymore ;======================================================================== Revision: 2.5.0.137-2 Date: 2011/05/04 00:52:15 ;------------------------------------------------------------------------ Adjustement: - Email header max size increased to 65536 from 32768. ;======================================================================== Revision: 2.5.0.137-2 Date: 2011/05/04 00:52:15 ;------------------------------------------------------------------------ Bug Fix: - Data-base definition, sequences binding_bindid_seq, overrides_ovrid_seq must be set to 1 instead of 0. - IP mask value within file /etc/clement-2.5 is properly applied in IP match checking routine. improvement: - Setting a default hostipv4 when installing in case the DNS is not set properly - Checking if freshclam is started as daemon when starting clement ;======================================================================== Revision: 2.5.0.137-1 Date: 2011/04/26 18:10:08 ;------------------------------------------------------------------------ Production Release Bug Fix: - Checking the real clement spool directory ownership, overriding any symlink ownership in the middle. - Clement php intreface create user with right status. ;======================================================================== Revision: 2.5.0.136-16 Date: 2011/04/26 18:10:08 ;------------------------------------------------------------------------ Release Candidate Bug Fix: - When a domain owned by a group is discovered (remote mode), the expiration date must be kept NULL. ;======================================================================== Revision: 2.5.0.136-15 Date: 2011/04/23 14:11:58 ;------------------------------------------------------------------------ Release Candidate Adjustment: - Adding data-base backup capability in the cron. ;======================================================================== Revision: 2.5.0.136-14 Date: 2011/04/22 13:24:33 ;------------------------------------------------------------------------ Release Candidate Adjustment: - In "Advanced Search" front end space are removed from searched string. ;======================================================================== Revision: 2.5.0.136-13 Date: 2011/04/22 11:56:47 ;------------------------------------------------------------------------ Release Candidate Improvement: - Advanced Search is now available to pin-point data in logs. - Email user can have 3 status type; Active, Inactive, Deleted. * A 'deleting' script allow to move deleted user data to a temporary area, then 10 day later to remove all data. ;======================================================================== Revision: 2.5.0.136-5 Date: 2011/04/04 21:09:51 ;------------------------------------------------------------------------ Production Release Improvement: - Adding time to debug SMTP protocol traceroute - When rebouncing an email only attach the first 2000 characters instead to attache the whole Email. - Wording adjustment within clement "Admin Management" interface. - Can now display session information in more than one pop-up window. - Defining a user is not mandatory anymore when defining this username as alias. - Adding Kbytes and Mbytes in advanced research menue. - Adding override management interface. ;======================================================================== Revision: 2.5.0.136-1 Date: 2011/04/03 19:07:37 ;------------------------------------------------------------------------ Production Release ;======================================================================== Revision: 2.5.0.135-12 Date: 2011/04/01 11:55:34 ;------------------------------------------------------------------------ Bug Fix: - Trouble with archiving.sh, was removing all log older than NOW()+60 days, instead NOW()-60 days. Seems the bug fixe didn't make its way to Source! - Release Candidate 7 ;======================================================================== Revision: 2.5.0.135-11 Date: 2011/03/31 04:14:22 ;------------------------------------------------------------------------ Bug Fix: - Upgrading data-base contents With version was not working (postgresql-checkdb.sh). - Release Candidate 6 ;======================================================================== Revision: 2.5.0.135-10 Date: 2011/03/31 03:35:18 ;------------------------------------------------------------------------ Bug Fix: - UPTO date record int table INQUEUE is now working in MySQL mode (changing command Postgresql NOW()+'10 hour' to be more generic and MySQL compatible). - Release Candidate 5 ;======================================================================== Revision: 2.5.0.135-9 Date: 2011/03/30 19:37:52 ;------------------------------------------------------------------------ Bug Fix: - Email ligne "..this is line" was not transformed to ".this is line", only short line ".." was transformed to "." (a single '.' is DATA-END marker in SMTP protocol). ;======================================================================== Revision: 2.5.0.135-8 Date: 2011/03/24 13:19:53 ;------------------------------------------------------------------------ Bug Fix: - Trouble with archiving.sh, was removing all log older than NOW()+60 days, instead NOW()-60 days. - Release Candidate 4 ;======================================================================== Revision: 2.5.0.135-7 Date: 2011/03/23 15:24:15 ;------------------------------------------------------------------------ Bug Fix: - Timing problem within CVE-2011-0411 fix, link purge was done too late, while TLS connection already initiated. - Release Candidate 3 ;======================================================================== Revision: 2.5.0.135-6 Date: 2011/03/23 15:24:15 ;------------------------------------------------------------------------ Bug Fix: - Fixd database time format bug - Release Candidate 2 ;======================================================================== Revision: 2.5.0.135-5 Date: 2011/03/23 13:52:54 ;------------------------------------------------------------------------ Bug Fix: - CVE-2011-0411, fix window to "plaintext command injection" when requesting a TLS (crypted) SMTP connection. Improvement: - Fixd shell Script to work better in both MySQL and Postgresql mode; ;======================================================================== Revision: 2.5.0.135-3 Date: 2011/03/22 17:19:01 ;------------------------------------------------------------------------ Release Candidate ;======================================================================== Revision: 2.5.0.134-18 Date: 2011/03/14 17:51:52 ;------------------------------------------------------------------------ Bug Fix: - Fixd second CORE dump generation within clmsndr when user status is unexpected within modckr.c (routine sortdispatch,dodispatching). - Fixd alarm generated by modpro.c (routine pro_reportrcpt) generating an alarm as check for status 'mustfwd' was missing. ;======================================================================== Revision: 2.5.0.134-16 Date: 2011/03/14 01:56:21 ;------------------------------------------------------------------------ Bug Fix: - Fixd CORE dump generation within clmsndr when user status is unexpected. - Fixd statistic counting forwarded message. ;======================================================================== Revision: 2.5.0.134-14 Date: 2011/03/12 00:23:12 ;------------------------------------------------------------------------ Adjustment: - Removing debugging trace about counted "Receive" line. - better recipient status change handling. Bug Fix: - Fixd ipnum '0/0' to be accepted as IPV4 ipnum when comparing IP override. ;======================================================================== Revision: 2.5.0.134-9 Date: 2011/03/11 15:20:48 ;------------------------------------------------------------------------ Bug Fix: - clmsndr "unexpected status='17'" fixed. - Adding SPF capability 'exists'. - Overcome the "EXP=" SPF directive Improvement: - Detecting Email looping by counting 'Receive' entries within email header. Ajout des logs pour l'administrateurs (adminlogs) Permettre d'annuler des entrées dans transit ;======================================================================== Revision: 2.5.0.134-8 Date: 2011/03/05 00:33:03 ;------------------------------------------------------------------------ Adjustment: - Expiring old emltrt and emlogs records is now under shell script archiving.sh control, expiration date can be set within /etc/sysconfig/clement. ;======================================================================== Revision: 2.5.0.134-7 Date: 2011/03/04 18:53:59 ;------------------------------------------------------------------------ Adjustment: - Version update handling take care of release number ;======================================================================== Revision: 2.5.0.134-5 Date: 2011/03/04 15:27:40 ;------------------------------------------------------------------------ Improvement: - Better data-base version upgrade (taking care of release number). - Expiring old emltrt and emlogs records. ;======================================================================== Revision: 2.5.0.134-4 Date: 2011/03/04 04:32:02 ;------------------------------------------------------------------------ Adjustment: - Improving TERM signal trapping in clement 'transitr' sub-program. ;======================================================================== Revision: 2.5.0.134-3 Date: 2011/03/04 04:19:34 ;------------------------------------------------------------------------ Bug Fix: - Old "intusers" record are deleted when 'upto' field is older than now(). ;======================================================================== Revision: 2.5.0.134-2 Date: 2011/03/03 21:13:16 ;------------------------------------------------------------------------ Bug Fix: - When recalling a "StayPut" email from the quarantine area the overrides data-base is updated. Adjustment: - When sending a trouble report (mail not deliverable) to external site, the original recipient domain is used. Trouble orignator will be ;======================================================================== Revision: 2.5.0.133-4 Date: 2011/03/02 16:02:15 ;------------------------------------------------------------------------ Adjustment: - Forwarding is now done in behalf of "postmaster@'forwarded_domain'" - Better status Handling if clement is not able to get a clear status from to forward remote server. ;======================================================================== Revision: 2.5.0.133-3 Date: 2011/03/02 14:55:31 ;------------------------------------------------------------------------ Bug Fix: - case "m_mustfwd" was not counted as valid RCPT, such when only one recipient in "must be forwarded" was specified, Email data sequence was NOT accepted. ;======================================================================== Revision: 2.5.0.133-2 Date: 2011/03/02 12:36:03 ;------------------------------------------------------------------------ Bug Fix: - case "m_mustfwd" was missing from unieml.c:upddsp, such some "forced forward" case email couldn't be received. ;======================================================================== Revision: 2.5.0.133-1 Date: 2011/03/02 05:14:41 ;------------------------------------------------------------------------ Bug Fix: - Better handling of forward situation when the overrides status is "accept email". - "accept email" and "banned email" better status display in logs in Forward email context. - Set subject "___UNSPECIFIED____" in logs when email subject if found empty. - searching quarantine show both quarantine mode (local,and forward). ;======================================================================== Revision: 2.5.0.132-2 Date: 2011/03/01 18:34:14 ;------------------------------------------------------------------------ Bug Fix: Recalling quarantined Email in mode remote make the system crash!. rejectto is not set. Forcing rejectto contents to be not null. ;======================================================================== Revision: 2.5.0.132-1 Date: 2011/02/25 15:03:42 ;------------------------------------------------------------------------ Production Release ;======================================================================== Revision: 2.5.0.131-2 Date: 2011/02/24 20:23:04 ;------------------------------------------------------------------------ Improvement: - Added "forwarded" status when an Email is sent to an Internal server. - Alias Behalf is used only when relaying email to the outside world, when mail are kept inside the original originator (from) is used in logs. ;======================================================================== Revision: 2.5.0.130-1 Date: 2011/02/22 20:05:30 ;------------------------------------------------------------------------ Bug Fix: - Mail without DATA part (no recipient accepted) are now correctly logged within emlogs table (SQL data-base). ;======================================================================== Revision: 2.5.0.130-1 Date: 2011/02/22 03:06:18 ;------------------------------------------------------------------------ Improvement: - Rebounce caused by a user aliases is sent in behalf of aliase (not the original originator), this to comply with SPF when forwarding Email. - Icons have been reshape to have a better look. ;======================================================================== Revision: 2.5.0.129-5, Date: 2011/02/17 15:07:58 ;------------------------------------------------------------------------ Improvement: - Better URL within Clement quarantine report Email. ;======================================================================== Revision: 2.5.0.129, Date: 2011/02/15 00:30:00 ;------------------------------------------------------------------------ Test Release Improvement: - Clement is now able to receive/send mail from/to IPV6 site. ;======================================================================== Revision: 2.5.0.128, Date: 2011/02/06 19:48:00 ;------------------------------------------------------------------------ Production Release Bug Fix: - Do not disconnect if receive a protocol violation from remote SMTP server, instead wait for new command. (case where XXXX was send instead of EHLO). ;======================================================================== Revision: 2.5.0.126, Date: 2011/01/28 17:54:38 ;------------------------------------------------------------------------ Production Release ;======================================================================== Revision: 2.5.0.125, Date: 2011/01/11 19:59:08 ;------------------------------------------------------------------------ Adjustment: - Renaming dovecot log to be clem-dovecot and adjusting logrotate file accordingly. Purpose is to avoid clash with a possible dovecot genuine logrotate file. - Adding a 'grace' time to 'users' and 'domains' records. ;======================================================================== Revision: 2.5.0.124, Date: 2011/01/10 16:04:17 ;------------------------------------------------------------------------ Bug Fix: - mkgraph.sh can generate yearly graphic now. - Fixd logrotate dovecot.log file syntax error. ;======================================================================== Revision: 2.5.0.123, Date: 2011/01/07 16:19:31 ;------------------------------------------------------------------------ Improvements: - Clement take care of group,domain and user expiring date, if expired is detected, RCPT request return 536-mailbox is currently locked ;======================================================================== Revision: 2.5.0.121, Date: 2011/01/04 02:00:30 ;------------------------------------------------------------------------ Improvements: - Quarantine report is now done in user behalf, instead to use "no_reply", this to avoid sending auto-reply message to no reply. - Clement is now able to trace back domain to be rebounced. and send email to be forwarded with always the same originator (postmaster@'default_domain'). - Clement is now able to overcome loosy EHLO name (without DNS Resolution) if the From: domain name is a sub-part of the EHLO name. Still, From: must resolve to an MX. ;======================================================================== Revision: 2.5.0.120, Date: 2010/12/30 19:10:19 ;------------------------------------------------------------------------ Bug Fix: - clmsndr trap case where user email box is used up to max space. Improvements: - Adding logrotate directive to rotate file /var/log/dovecot.log ;======================================================================== Revision: 2.5.0.119, Date: 2010/12/02 20:13:40 ;------------------------------------------------------------------------ Bug Fix: - Auto-Reply text was "polluted" by '^M' when the text was entered via Outlook browser. ;======================================================================== Revision: 2.5.0.118, Date: 2010/11/30 15:23:40 ;------------------------------------------------------------------------ Bug Fix: - Quarantine report is now working with dynamickey for Internal users type. Improvements: - Trace new debug level in /var/log/messages when sending USR1 or USR2 signal to clement application ;======================================================================== Revision: 2.5.0.117, Date: 2010/11/26 13:41:41 ;------------------------------------------------------------------------ Bug Fix: - Better Handling if the remote contact is established but refused (remote busy). - 'accept' Override is now working when user previously rejected originator email and local administrator had make a global 'accept' for that originator. ;======================================================================== Revision: 2.5.0.114, Date: 2010/11/20 20:45:08 ;------------------------------------------------------------------------ Improvements: - Empty from is set to authenticated email address if acces was authenticated. - Better handling of timeout within message exchanges. Messages are removed from queue and status return is ERRPROC. - Starting 3 checker process by default. Bug Fix: Protecting data-base search access from (wrong) domainname with "'" ex: as nbnet.n.b.ca' ;======================================================================== Revision: 2.5.0.113, Date: 2010/11/17 13:35:31 ;------------------------------------------------------------------------ Improvements: Standard user can change its own password. ;======================================================================== Revision: 2.5.0.112, Date: 2010/11/14 14:51:31 ;------------------------------------------------------------------------ Improvements: TRANSIT web screen display trouble transit exchange data (by clicking on trouble time). Bug Fix: dovecot-sql.conf allow the password in crypt format decoding (very old password setup). ;======================================================================== Revision: 2.5.0.111, Date: 2010/11/06 02:06:45 ;------------------------------------------------------------------------ Improvements: Email "Undelivered in due time" are flagged "Discarded" instead to continue to display "Delayed". ;======================================================================== Revision: 2.5.0.109, Date: 2010/11/04 19:49:50 ;------------------------------------------------------------------------ Improvements: quarantinemail.sh is now taking care of user language, first userprofile, then domain and last clmgroup. Bug Fix: emlogs stamp record is not updated anymore when record status is updated. ;======================================================================== Revision: 2.5.0.108, Date: 2010/11/03 20:13:11 ;------------------------------------------------------------------------ Improvements: Continue to send Email event if STARTTLS was not agreed with remote. Better tracing about remote SMTP link to report the information if a EMail in transit is stuck. quarantinemail.sh is now taking care of a last quarantine scan at group level. ;======================================================================== Revision: 2.5.0.106, Date: 2010/10/30 18:08:50 ;------------------------------------------------------------------------ Production Release ;======================================================================== Revision: 2.5.0.104, Date: 2010/10/28 23:50:55 ;------------------------------------------------------------------------ Bug Fix: Data-base inqueue table was not updated when makecontact with remote smtp was not successful. Improvements: Can extract quarantined email and send to a remote site (mode email forward). Delaying inqueue processing if emlog for session not yet available. Such we have "delivered" as status instead of "relayed", if transit processing is really fast. ;======================================================================== Revision: 2.5.0.102, Date: 2010/10/22 18:47:07 ;------------------------------------------------------------------------ Improvements: - Duplicate RCPT are detected and return CMDOK, while discarding the entry. - Email in relayed mode without data are properly displayed as 'empty'. ;======================================================================== Revision: 2.5.0.101, Date: 2010/10/21 03:35:23 ;------------------------------------------------------------------------ Improvements: - Production release. - Increased SMTP contact to send email to remote from 20 to 120 secondes. ;======================================================================== Revision: 2.5.0.99, Date: 2010/10/20 18:47:10 ;------------------------------------------------------------------------ Improvements: - Release Candidat 6 - Clement administrator web interface display email logs rather than statistics. - Sending Email to an internal server proved to be working ;======================================================================== Revision: 2.5.0.98, Date: 2010/10/16 19:47:12 ;------------------------------------------------------------------------ Improvements: - Removing 'POP before SMTP' as post authentication mean. - clmsndr is directly interfaced to SQL data-base, no need to listen on localhost anymore. - User group management interface - Quarantine report can be done according group time zone. ;======================================================================== Revision: 2.5.0.94, Date: 2010/10/08 01:02:51 ;------------------------------------------------------------------------ Improvements: - SQL table "emlogs" store clement group ownership to improve search speed while browsing logs.