${INSTALL_DATA} ${FILESDIR}/CHANGES.port ${DOCSDIR}

	cd ${WRKSRC} && ${INSTALL_DATA} ${DOC_FILES} ${DOCSDIR}

	cd ${WRKSRC}/docs && \

		${FIND} * -type d -exec ${MKDIR} ${DOCSDIR}/{} \; && \

		${FIND} * -type f ! -name "*.orig" -exec \

			${INSTALL_DATA} {} ${DOCSDIR}/{} \;

.endif

	cd ${WRKSRC}/docs/man && \

		${INSTALL_MAN} ${MAN5} ${MAN5PREFIX}/man/man5 && \

		${INSTALL_MAN} ${MAN8} ${MAN8PREFIX}/man/man8

%%PORTDOCS%%%%DOCSDIR%%/MailScannerFlyer.pdf

%%PORTDOCS%%%%DOCSDIR%%/QuickInstall.txt

%%PORTDOCS%%%%DOCSDIR%%/README.FreeBSD.port

%%PORTDOCS%%%%DOCSDIR%%/README.sql-logging

%%PORTDOCS%%%%DOCSDIR%%/Sophos.install.freebsd

%%PORTDOCS%%%%DOCSDIR%%/book.cover.gif

%%PORTDOCS%%%%DOCSDIR%%/building.txt

%%PORTDOCS%%%%DOCSDIR%%/docs.html

%%PORTDOCS%%%%DOCSDIR%%/donations.shtml

%%PORTDOCS%%%%DOCSDIR%%/downloadgraphs.shtml

%%PORTDOCS%%%%DOCSDIR%%/downloads.shtml

%%PORTDOCS%%%%DOCSDIR%%/ecs.css

%%PORTDOCS%%%%DOCSDIR%%/ellen2.jpg

%%PORTDOCS%%%%DOCSDIR%%/faq.shtml

%%PORTDOCS%%%%DOCSDIR%%/images/JulianField1_small.jpg

%%PORTDOCS%%%%DOCSDIR%%/images/bigmailscannerlogo.gif

%%PORTDOCS%%%%DOCSDIR%%/images/smallmailscannerlogo.gif

%%PORTDOCS%%%%DOCSDIR%%/images/thumb_JulianField2.jpg

%%PORTDOCS%%%%DOCSDIR%%/images/thumb_JulianField3.jpg

%%PORTDOCS%%%%DOCSDIR%%/images/thumb_JulianField4.jpg

%%PORTDOCS%%%%DOCSDIR%%/images/thumb_JulianField5.jpg

%%PORTDOCS%%%%DOCSDIR%%/index.html

%%PORTDOCS%%%%DOCSDIR%%/index.new.html

%%PORTDOCS%%%%DOCSDIR%%/install/ClamAVModule.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/OS-virus-scan-web.htm

%%PORTDOCS%%%%DOCSDIR%%/install/README.trend

%%PORTDOCS%%%%DOCSDIR%%/install/SAVI.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/codestatus.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/conf.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/exim-old.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/exim.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/filesnscripts.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/gcc.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/index.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/linux.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/mailscanner.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/mcafee.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Message.pm.patch.3.1.1

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Conf.pm.patch.3.1.1

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/PerMsgStatus.pm.patch.3.1.1

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Conf.pm.patch.2.55

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Conf.pm.patch.2.60

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Conf.pm.patch.2.61

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Conf.pm.patch.2.63

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Conf.pm.patch.3.0.0

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Conf.pm.patch.3.0.3

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Conf.pm.patch.3.0.4

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Conf.pm.patch.3.1.0

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Message.pm.patch.3.0.0

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Message.pm.patch.3.0.3

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Message.pm.patch.3.0.4

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/Message.pm.patch.3.1.0

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/PerMsgStatus.pm.patch.2.55

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/PerMsgStatus.pm.patch.2.60

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/PerMsgStatus.pm.patch.2.61

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/PerMsgStatus.pm.patch.2.63

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/PerMsgStatus.pm.patch.3.0.0

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/PerMsgStatus.pm.patch.3.0.3

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/PerMsgStatus.pm.patch.3.0.4

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/PerMsgStatus.pm.patch.3.1.0

%%PORTDOCS%%%%DOCSDIR%%/install/mcp/index.html

%%PORTDOCS%%%%DOCSDIR%%/install/mime-tools-patch.txt

%%PORTDOCS%%%%DOCSDIR%%/install/mime-tools-patch2.txt

%%PORTDOCS%%%%DOCSDIR%%/install/mime-tools-patch3.txt

%%PORTDOCS%%%%DOCSDIR%%/install/mime-tools-patch4.txt

%%PORTDOCS%%%%DOCSDIR%%/install/osborne.txt

%%PORTDOCS%%%%DOCSDIR%%/install/other.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/perl.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/postfix.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/sendmail.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/solaris9.txt

%%PORTDOCS%%%%DOCSDIR%%/install/sophos.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/spamassassin.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/tnef.shtml

%%PORTDOCS%%%%DOCSDIR%%/install/zmailer.shtml

%%PORTDOCS%%%%DOCSDIR%%/introduction.shtml

%%PORTDOCS%%%%DOCSDIR%%/last-spam-logo.jpg

%%PORTDOCS%%%%DOCSDIR%%/mailscanner_trans.gif

%%PORTDOCS%%%%DOCSDIR%%/man/MailScanner.8

%%PORTDOCS%%%%DOCSDIR%%/man/MailScanner.8.html

%%PORTDOCS%%%%DOCSDIR%%/man/MailScanner.conf.5

%%PORTDOCS%%%%DOCSDIR%%/man/MailScanner.conf.5.html

%%PORTDOCS%%%%DOCSDIR%%/mrtg.shtml

%%PORTDOCS%%%%DOCSDIR%%/newinv4.shtml

%%PORTDOCS%%%%DOCSDIR%%/nextversion.shtml

%%PORTDOCS%%%%DOCSDIR%%/oldnews.shtml

%%PORTDOCS%%%%DOCSDIR%%/osdir.png

%%PORTDOCS%%%%DOCSDIR%%/performance.shtml

%%PORTDOCS%%%%DOCSDIR%%/phishing3.png

%%PORTDOCS%%%%DOCSDIR%%/phishingcartoon.gif

%%PORTDOCS%%%%DOCSDIR%%/poetry.shtml

%%PORTDOCS%%%%DOCSDIR%%/poweredby.google.gif

%%PORTDOCS%%%%DOCSDIR%%/poweredby.transtec.gif

%%PORTDOCS%%%%DOCSDIR%%/phishing.html

%%PORTDOCS%%%%DOCSDIR%%/phishing.jpg

%%PORTDOCS%%%%DOCSDIR%%/phishing2.jpg

%%PORTDOCS%%%%DOCSDIR%%/phishingnet.info/index.html

%%PORTDOCS%%%%DOCSDIR%%/phishingnet.info/PhishingNet.gif

%%PORTDOCS%%%%DOCSDIR%%/pressreleases.html

%%PORTDOCS%%%%DOCSDIR%%/presentations.html

%%PORTDOCS%%%%DOCSDIR%%/press.html

%%PORTDOCS%%%%DOCSDIR%%/qmail/qmail-queue.zip

%%PORTDOCS%%%%DOCSDIR%%/readme.shtml

%%PORTDOCS%%%%DOCSDIR%%/reject.html

%%PORTDOCS%%%%DOCSDIR%%/sobig.html

%%PORTDOCS%%%%DOCSDIR%%/store.html

%%PORTDOCS%%%%DOCSDIR%%/support.html

%%PORTDOCS%%%%DOCSDIR%%/transtec.logo.gif

%%PORTDOCS%%%%DOCSDIR%%/users.shtml

%%PORTDOCS%%@dirrm %%DOCSDIR%%/qmail

%%PORTDOCS%%@dirrm %%DOCSDIR%%/man

%%PORTDOCS%%@dirrm %%DOCSDIR%%/install/mcp

%%PORTDOCS%%@dirrm %%DOCSDIR%%/install

%%PORTDOCS%%@dirrm %%DOCSDIR%%/images

%%PORTDOCS%%@dirrm %%DOCSDIR%%/phishingnet.info

--- ../MailScanner-install-4.53.7.orig/docs/man/MailScanner.8	Wed May  3 21:16:27 2006

+++ docs/man/MailScanner.8	Wed May  3 21:33:13 2006

@@ -1,10 +1,10 @@

-.TH "MailScanner" "8" "4.49.7" "Julian Field" "Mail"

+.TH "MailScanner" "8" "4.52.2" "Julian Field" "Mail"

 .SH "NAME"

 .LP 

 MailScanner \- Virus/Spam Scanner for Sendmail, Exim and Postfix

 .SH "SYNOPSIS"

 .LP 

-\fBMailScanner\fR [\fI\-v\fR] [\fIconfigfile\fR]

+\fBMailScanner\fR [\fI\-v\fR] [\fI\-\-lint\fR] [\fI\-\-debug\fR] [\fI\-\-debug\-sa\fR] [\fI\-\-help\fR]  [\fIconfigfile\fR] 

 .SH "DESCRIPTION"

 .LP 

@@ -29,6 +29,21 @@

 \fB\-v\fR

 Prints version information for Mailscanner and all used perl\-modules.

+.TP 

+\fB\-\-lint\fR

+Checks config file, print what virus scanners you have chosen to use and check SpamAssassin configuration as well.

+

+.TP 

+\fB\-\-debug\fR

+Starts MailScanner in debug mode. See MailScanner.conf "Debug=yes".

+

+.TP 

+\fB\-\-debug\-sa\fR

+Starts MailScanner in debug spamassassin mode. See MailScanner.conf "Debug SpamAssassin=yes".

+

+.TP 

+\fB\-\-lint\fR

+Test MailScanner config and SpamAssassin config.

 .SH "MTA SETUP"

 .LP 

 It is important that your MTA only queues incoming mail and does not deliver it automatically. You need two mail queues (incoming and outgoing). Moreover you should setup two instances of your MTA. One that accepts incoming mail and puts it to an incoming queue and one that sends out mail that resides in the outgoing queue. 

--- ../MailScanner-install-4.53.7.orig/docs/man/MailScanner.8.html	Wed May  3 21:16:27 2006

+++ docs/man/MailScanner.8.html	Wed May  3 21:33:15 2006

@@ -1,5 +1,5 @@

 <!-- Creator     : groff version 1.19 -->

-<!-- CreationDate: Wed Jan  4 13:45:56 2006 -->

+<!-- CreationDate: Wed May  3 21:32:34 2006 -->

 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"

 "http://www.w3.org/TR/html4/loose.dtd">

 <html>

@@ -40,7 +40,9 @@

 <td width="11%"></td>

 <td width="89%">

 <p><b>MailScanner</b> [<i>&minus;v</i>]

-[<i>configfile</i>]</p>

+[<i>&minus;&minus;lint</i>] [<i>&minus;&minus;debug</i>]

+[<i>&minus;&minus;debug&minus;sa</i>]

+[<i>&minus;&minus;help</i>] [<i>configfile</i>]</p>

 </td>

 </table>

 <a name="DESCRIPTION"></a>

@@ -78,15 +80,81 @@

        cols="4" cellspacing="0" cellpadding="0">

 <tr valign="top" align="left">

 <td width="11%"></td>

-<td width="3%">

+<td width="9%">

 <p><b>&minus;v</b></p>

 </td>

-<td width="8%"></td>

+<td width="2%"></td>

 <td width="78%">

 <p>Prints version information for Mailscanner and all used

 perl&minus;modules.</p>

+</td>

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="9%">

+

+<p><b>&minus;&minus;lint</b></p>

+</td>

+<td width="2%"></td>

+<td width="78%">

+

+<p>Checks config file, print what virus scanners you have

+chosen to use and check SpamAssassin configuration as

+well.</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

+<p><b>&minus;&minus;debug</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Starts MailScanner in debug mode. See MailScanner.conf

+&quot;Debug=yes&quot;.</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

+<p><b>&minus;&minus;debug&minus;sa</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Starts MailScanner in debug spamassassin mode. See

+MailScanner.conf &quot;Debug SpamAssassin=yes&quot;.</p>

+</td>

+</table>

+<!-- TABS -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="5" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="9%">

+

+<p><b>&minus;&minus;lint</b></p>

+</td>

+<td width="2%"></td>

+<td width="73%">

+

+<p>Test MailScanner config and SpamAssassin config.</p>

+</td>

+<td width="5%">

 </td>

 </table>

 <a name="MTA SETUP"></a>

--- ../MailScanner-install-4.53.7.orig/docs/man/MailScanner.conf.5	Wed May  3 21:16:27 2006

+++ docs/man/MailScanner.conf.5	Wed May  3 21:33:05 2006

@@ -1,4 +1,4 @@

-.TH "MailScanner.conf" "5" "4.50.1" "Julian Field" "Mail"

+.TH "MailScanner.conf" "5" "4.53.7" "Julian Field" "Mail"

 .SH "NAME"

 .LP 

 MailScanner.conf \- Main configuration for MailScanner

@@ -24,6 +24,10 @@

 .br 

 .br 

+The following optional multipliers are supported: You can write "50M" instead of "50000000". The multipliers supported are "k", "m" and "g" to denote 1 thousand, 1 million and 1 billion (10^9) in upper or lower case. You must *not* put any spaces between the number and the multiplier character.

+.br 

+

+.br 

 Many of the options can also be the filename of a ruleset, which can be used to control features depending on the addresses of the message, and/or the IP address where the message came from. You will find some examples of rulesets and an explanation of them in the "rules" directories within the MailScanner installation and in the section "RULESETS" later in this manpage.

 .LP 

@@ -364,6 +368,22 @@

 Should we use a TNEF decoder (external or Perl module)? This should be "yes" unless the scanner you are using (Sophos, McAfee) has the facility built\-in. However, if you set it to "no", then the filenames within the TNEF attachment will not be checked against the filename rules.

 .TP 

+\fBUse TNEF Contents\fR

+Default: replace

+.br 

+When the TNEF (winmail.dat) attachments are expanded, should the attachments contained in there be added to the list of attachments in the message? If you set this to "add" or "replace" then recipients of messages sent in "Outlook Rich Text Format" (TNEF) will be able to read the attachments if they are not using Microsoft Outlook.

+.br 

+.RS 7

+.IP  \(bu 4

+no: Leave winmail.dat TNEF attachments alone.

+.IP  \(bu 4

+add: Add the contents of winmail.dat as extra attachments, but also still include the winmail.dat file itself. This will result in TNEF messages being doubled in size.

+.IP  \(bu 4

+replace: Replace the winmail.dat TNEF attachment with the files it            contains, and delete the original winmail.dat file itself. This means the message stays the same size, but is usable by non\-Outlook recipients.

+.RE

+

+

+.TP 

 \fBDeliver Unparsable TNEF\fR

 Default: no

 .br 

@@ -405,6 +425,22 @@

 .br 

 The maximum length of time the "file" command is allowed to run for one batch of messages (in seconds).

+.TP 

+\fBGunzip Command\fR

+Default: /usr/bin/gunzip

+.br 

+

+.br 

+Where the "gunzip" command is installed. This is used for expanding .gz files. To disable gzipped file checking, set this value to blank and the timeout to 0.

+

+.TP 

+\fBGunzip Timeout\fR

+Default: 50

+.br 

+

+.br 

+The maximum length of time the "gunzip" command is allowed to run to expand 1 attachment file (in seconds).

+

 .TP 

 \fBUnrar Command\fR

@@ -423,6 +459,12 @@

 The maximum length of time the "unrar" command is allowed to run for 1 RAR archive (in seconds)

 .TP 

+\fBFind UU\-Encoded Files\fR

+Default: no

+.br 

+A few viruses store their infected data in UU\-encoded files, to try to catch out virus scanners. This rarely succeeds at all. Setting this option to yes means that you can apply filename and filetype checks to the contents of UU\-encoded files. This may occasionally be  useful, in which case you should set to yes. This can also be the filename of a ruleset.

+

+.TP 

 \fBBlock Encrypted Messages\fR

 Default: no

 .br 

@@ -521,7 +563,7 @@

 .SH "Virus scanning and vulnerability testing"

 .TP 

 \fBVirus Scanning\fR

-Default: yes

+Default: auto

 .br 

 .br 

@@ -529,7 +571,7 @@

 .br 

 NOTE: Switching this to no completely disables all virus\-scanning functionality. If you just want to switch of actual virus scanning, then set "Virus Scanners = none" instead.

 .br 

-If you want to be able to switch scanning on/off for different users or different domains, set this to the filename of a ruleset.

+If you want to be able to switch scanning on/off for different users or different domains, set this to the filename of a ruleset. If you set this to auto then it searches for and uses every available installed virus scanner.

 .TP 

 \fBVirus Scanners\fR

@@ -686,6 +728,23 @@

 .br 

 While detecting "Phishing" attacks, do you also want to point out links to numeric IP addresses. Genuine links to totally numeric IP addresses are very rare, so this option is set to "yes" by default. If a numeric IP address is found in a link, the same phishing warning message is used as in the Find Phishing Fraud option above. This value cannot be the name of a ruleset, only a simple yes or no.

+.TP 

+\fBUse Stricter Phishing Net\fR

+Default: yes

+.br 

+

+.br 

+If this is set to yes, then most of the URL in a link must match the destination address it claims to take you to. This is the default as it is a much stronger test and is very hard to maliciously avoid. If this is set to no, then just the company name and country (and any names between the two, dependent on the specific country) must match. This is not as strict as it will not protect you against internal malicious sites based within the company being abused. For example, it would not find www.nasty.company\-name.co.uk pretending to be www.nice.company\-name.co.uk. But it will still detect most phishing attacks of the type www.nasty.co.jp versus www.nice.co.jp. Depending on the country code it knows how many levels of domain need to be checked. This can also be the filename of a ruleset.

+

+

+.TP 

+\fBHighlight Phishing Fraud\fR

+Default: yes

+.br 

+

+.br 

+If a phishing fraud is detected, do you want to highlight the tag with a message stating that the link may be to a fraudulent web site. This can also be the filename of a ruleeset.

+

 .TP 

 \fBPhishing Safe Sites File\fR

@@ -695,6 +754,15 @@

 .br 

 There are some companies, such as banks, that insist on sending out email messages with links in them that are caught by the "Find Phishing Fraud" test described above. This is the name of a file which contains a list of link destinations which should be ignored in the test. This may, for example, contain the known websites of some banks. See the file itself for more information. This can only be the name of the file containing the list, it *cannot* be the filename of a ruleset.

+.TP 

+\fBCountry Sub\-Domains List\fR

+Default: %etc\-dir%/country.domains.conf

+.br 

+

+.br 

+.TP 

+This file lists all the countries that use 2nd\-level and 3rd\-level domain names to classify distinct types of website within their country. This cannot be the name of a ruleset, it is just a simple setting.

+

 .TP 

 \fBAllow IFrame Tags\fR

@@ -773,6 +841,22 @@

 .RE

 .TP 

+\fBIgnored Web Bug Filenames\fR

+Default: 

+.br 

+

+.br 

+This is a list of filenames (or parts of filenames) that may appear in the filename of a web bug URL. They are only checked in the filename, not any directories or hostnames in the URL of the possible web bug. If it appears, then the web bug is assumed to be a harmless "spacer" for page layout purposes and not a real web bug at all. It should be a space\- and/or comma\-separated list of filename parts. Note: Use this with care, as spammers may use this to circumvent the web bug trap. It is disabled by default because of this problem. This can also be the filename of a ruleset.

+

+.TP 

+\fBWeb Bug Replacement\fR

+Default: http://www.sng.ecs.soton.ac.uk/mailscanner/images/1x1spacer.gif

+.br 

+

+.br 

+When a web bug is found, what image do you want to replace it with? By replacing it with a real image, the page layout still works properly, so the formatting and layout of the message is correct. The following is a harmless untracked 1x1 pixel transparent image. If this is not specified, the the old value of "MailScannerWebBug" is used, which of course is not an image and may well upset layout of the email. This can also be the filename of a ruleset.

+

+.TP 

 \fBAllow Object Codebase Tags\fR

 Default: no

 .br 

@@ -1682,7 +1766,7 @@

 .SH "SpamAssassin"

 .TP 

 \fBUse SpamAssassin\fR

-Default: no

+Default: yes

 .br 

 .br 

@@ -2076,6 +2160,15 @@

 .RE

 .TP 

+\fBSpamAssassin Local State Dir\fR

+Default:

+.br 

+

+.br 

+The rules created by the "sa\-update" tool are searched for here. This directory contains the spamassassin/3.001001/updates_spamassassin_org directory structure beneath it. Only un\-comment this setting once you have proved that the sa\-update cron job has run successfully and has created a directory structure under the spamassassin directory within this one and has put some *.cf files in there. Otherwise it will ignore all your current rules!

+

+

+.TP 

 \fBSpamAssassin Default Rules Dir\fR

 Default:

 .br 

@@ -2113,6 +2206,22 @@

 .RE

 .TP 

+\fBSpamAssassin Cache Timings\fR

+Default: 1800,300,10800,172800,600

+.br 

+Do not change this unless you absolutely have to, these numbers have been carefully calculated. They affect the length of time that different types of message are stored in the SpamAssassin cache which can be configured earlier in this file (look for "Cache"). The numbers are all set in seconds. They are:

+.br 

+1. Non\-Spam cache lifetime                           = 30 minutes

+.br 

+2. Spam (low scoring) cache lifetime                 = 5 minutes

+.br 

+3. High\-Scoring spam cache lifetime                  = 3 hours

+.br 

+4. Viruses cache lifetime                            = 2 days

+.br 

+5. How often to check the cache for expired messages = 10 minutes

+

+.TP 

 \fBDebug\fR

 Default: no

 .br 

@@ -2167,6 +2276,15 @@

 .br 

 The value of the option is actually never used, but it is evaluated at the end of processing a batch of messages. It is designed to be used in conjunction with a Custom Function. The Custom Function should then be written to have a "side effect" of doing something useful such as logging lots of information about the batch of messages to a file or an SQL database. 

+

+

+.TP 

+\fBAlways Looked Up Last After Batch\fR

+Default: no

+.br 

+

+.br 

+This option is intended for people who want to log per\-batch information. This is evaluated after the "Always Looked Up Last" configuration option for each message in the batch. This is looked up once for the entire batch. Its value is completely ignored, it is purely there to have side effects. If you want to use it, read CustomConfig.pm. 

 .TP 

 \fBDeliver in Background\fR

--- ../MailScanner-install-4.53.7.orig/docs/man/MailScanner.conf.5.html	Wed May  3 21:16:27 2006

+++ docs/man/MailScanner.conf.5.html	Wed May  3 21:33:08 2006

@@ -1,5 +1,5 @@

 <!-- Creator     : groff version 1.19 -->

-<!-- CreationDate: Wed Jan  4 14:36:14 2006 -->

+<!-- CreationDate: Wed May  3 21:32:34 2006 -->

 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"

 "http://www.w3.org/TR/html4/loose.dtd">

 <html>

@@ -113,6 +113,13 @@

 <!-- INDENTATION -->

 <p>option = value</p>

 <!-- INDENTATION -->

+<p>The following optional multipliers are supported: You can

+write "50M" instead of "50000000". The

+multipliers supported are "k", "m" and

+"g" to denote 1 thousand, 1 million and 1 billion

+(10^9) in upper or lower case. You must *not* put any spaces

+between the number and the multiplier character.</p>

+<!-- INDENTATION -->

 <p>Many of the options can also be the filename of a

 ruleset, which can be used to control features depending on

 the addresses of the message, and/or the IP address where

@@ -1064,6 +1071,73 @@

 <tr valign="top" align="left">

 <td width="11%"></td>

 <td width="89%">

+<p><b>Use TNEF Contents</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default: replace<br>

+When the TNEF (winmail.dat) attachments are expanded, should

+the attachments contained in there be added to the list of

+attachments in the message? If you set this to

+"add" or "replace" then recipients of

+messages sent in "Outlook Rich Text Format" (TNEF)

+will be able to read the attachments if they are not using

+Microsoft Outlook.</p>

+</td>

+</table>

+<!-- TABS -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="4" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="1%">

+

+<p>&bull;</p>

+</td>

+<td width="5%"></td>

+<td width="72%">

+

+<p>no: Leave winmail.dat TNEF attachments alone.</p>

+</td>

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="1%">

+

+<p>&bull;</p>

+</td>

+<td width="5%"></td>

+<td width="72%">

+

+<p>add: Add the contents of winmail.dat as extra

+attachments, but also still include the winmail.dat file

+itself. This will result in TNEF messages being doubled in

+size.</p>

+</td>

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="1%">

+

+<p>&bull;</p>

+</td>

+<td width="5%"></td>

+<td width="72%">

+

+<p>replace: Replace the winmail.dat TNEF attachment with

+the files it contains, and delete the original winmail.dat

+file itself. This means the message stays the same size, but

+is usable by non&minus;Outlook recipients.</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

 <p><b>Deliver Unparsable TNEF</b></p></td>

 </table>

 <!-- INDENTATION -->

@@ -1072,8 +1146,14 @@

 <tr valign="top" align="left">

 <td width="22%"></td>

 <td width="78%">

-<p>Default: no</p>

+<p>Default: no</p></td>

+</table>

 <!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="28%"></td>

+<td width="72%">

 <p>Rich Text format attachments produced by some versions of

 Microsoft Outlook cannot be completely decoded at present.

 Setting this option to yes allows compatibility with the

@@ -1177,6 +1257,48 @@

 <tr valign="top" align="left">

 <td width="11%"></td>

 <td width="89%">

+<p><b>Gunzip Command</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default: /usr/bin/gunzip</p>

+<!-- INDENTATION -->

+<p>Where the &quot;gunzip&quot; command is installed. This

+is used for expanding .gz files. To disable gzipped file

+checking, set this value to blank and the timeout to 0.</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

+<p><b>Gunzip Timeout</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default: 50</p>

+<!-- INDENTATION -->

+<p>The maximum length of time the &quot;gunzip&quot; command

+is allowed to run to expand 1 attachment file (in

+seconds).</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

 <p><b>Unrar Command</b></p></td>

 </table>

 <!-- INDENTATION -->

@@ -1225,6 +1347,30 @@

 <tr valign="top" align="left">

 <td width="11%"></td>

 <td width="89%">

+<p><b>Find UU&minus;Encoded Files</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default: no<br>

+A few viruses store their infected data in UU−encoded

+files, to try to catch out virus scanners. This rarely

+succeeds at all. Setting this option to yes means that you

+can apply filename and filetype checks to the contents of

+UU−encoded files. This may occasionally be useful, in

+which case you should set to yes. This can also be the

+filename of a ruleset.</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

 <p><b>Block Encrypted Messages</b></p></td>

 </table>

 <!-- INDENTATION -->

@@ -1508,7 +1654,7 @@

 <tr valign="top" align="left">

 <td width="22%"></td>

 <td width="78%">

-<p>Default: yes</p>

+<p>Default: auto</p>

 <!-- INDENTATION -->

 <p>Do you want to scan email for viruses? A few people

 don’t have virus scanner licence and so want to

@@ -1519,7 +1665,9 @@

 Scanners = none&quot; instead.<br>

 If you want to be able to switch scanning on/off for

 different users or different domains, set this to the

-filename of a ruleset.</p>

+filename of a ruleset. If you set this to auto then it

+searches for and uses every available installed virus

+scanner.</p>

 </td>

 </table>

 <!-- INDENTATION -->

@@ -1999,6 +2147,61 @@

 <tr valign="top" align="left">

 <td width="11%"></td>

 <td width="89%">

+<p><b>Use Stricter Phishing Net</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default: yes</p>

+<!-- INDENTATION -->

+<p>If this is set to yes, then most of the URL in a link

+must match the destination address it claims to take you to.

+This is the default as it is a much stronger test and is

+very hard to maliciously avoid. If this is set to no, then

+just the company name and country (and any names between the

+two, dependent on the specific country) must match. This is

+not as strict as it will not protect you against internal

+malicious sites based within the company being abused. For

+example, it would not find

+www.nasty.company−name.co.uk pretending to be

+www.nice.company−name.co.uk. But it will still detect

+most phishing attacks of the type www.nasty.co.jp versus

+www.nice.co.jp. Depending on the country code it knows how

+many levels of domain need to be checked. This can also be

+the filename of a ruleset.</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

+<p><b>Highlight Phishing Fraud</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default: yes</p>

+<!-- INDENTATION -->

+<p>If a phishing fraud is detected, do you want to highlight

+the tag with a message stating that the link may be to a

+fraudulent web site. This can also be the filename of a

+ruleeset.</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

 <p><b>Phishing Safe Sites File</b></p></td>

 </table>

 <!-- INDENTATION -->

@@ -2026,6 +2229,35 @@

 <tr valign="top" align="left">

 <td width="11%"></td>

 <td width="89%">

+<p><b>Country Sub&minus;Domains List</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default: %etc&minus;dir%/country.domains.conf</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

+<p>This file lists all the countries that use

+2nd−level and 3rd−level domain names to classify

+distinct types of website within their country. This cannot

+be the name of a ruleset, it is just a simple

+setting.</p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

 <p><b>Allow IFrame Tags</b></p></td>

 </table>

 <!-- INDENTATION -->

@@ -2317,7 +2549,7 @@

 <tr valign="top" align="left">

 <td width="11%"></td>

 <td width="89%">

-<p><b>Allow Object Codebase Tags</b></p></td>

+<p><b>Ignored Web Bug Filenames</b></p></td>

 </table>

 <!-- INDENTATION -->

 <table width="100%" border=0 rules="none" frame="void"

@@ -2325,7 +2557,7 @@

 <tr valign="top" align="left">

 <td width="22%"></td>

 <td width="78%">

-<p>Default: no</p></td>

+<p>Default:</p></td>

 </table>

 <!-- INDENTATION -->

 <table width="100%" border=0 rules="none" frame="void"

@@ -2333,12 +2565,70 @@

 <tr valign="top" align="left">

 <td width="28%"></td>

 <td width="72%">

+<p>This is a list of filenames (or parts of filenames) that

+may appear in the filename of a web bug URL. They are only

+checked in the filename, not any directories or hostnames in

+the URL of the possible web bug. If it appears, then the web

+bug is assumed to be a harmless "spacer" for page

+layout purposes and not a real web bug at all. It should be

+a space− and/or comma−separated list of filename

+parts. Note: Use this with care, as spammers may use this to

+circumvent the web bug trap. It is disabled by default

+because of this problem. This can also be the filename of a

+ruleset.</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

+<p><b>Web Bug Replacement</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default:

+http://www.sng.ecs.soton.ac.uk/mailscanner/images/1x1spacer.gif</p>

+<!-- INDENTATION -->

+<p>When a web bug is found, what image do you want to

+replace it with? By replacing it with a real image, the page

+layout still works properly, so the formatting and layout of

+the message is correct. The following is a harmless

+untracked 1x1 pixel transparent image. If this is not

+specified, the the old value of

+"MailScannerWebBug" is used, which of course is

+not an image and may well upset layout of the email. This

+can also be the filename of a ruleset.</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

+<p><b>Allow Object Codebase Tags</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default: no</p>

+<!-- INDENTATION -->

 <p>Do you want to allow &lt;Object Codebase=...&gt; tags in

 email messages? This is a bad idea as it leaves you

 unprotected against various Microsoft−specific

 security vulnerabilities. But if your users demand it, you

 can do it. This can also be the filename of a ruleset.

-Possible values:</p></td>

+Possible values:</p>

+</td>

 </table>

 <!-- TABS -->

 <table width="100%" border=0 rules="none" frame="void"

@@ -4826,7 +5116,7 @@

 <tr valign="top" align="left">

 <td width="22%"></td>

 <td width="78%">

-<p>Default: no</p>

+<p>Default: yes</p>

 <!-- INDENTATION -->

 <p>Do you want to detect spam using the very good

 SpamAssassin package? You must have installed SpamAssassin

@@ -6117,7 +6407,7 @@

 <tr valign="top" align="left">

 <td width="11%"></td>

 <td width="89%">

-<p><b>SpamAssassin Default Rules Dir</b></p></td>

+<p><b>SpamAssassin Local State Dir</b></p></td>

 </table>

 <!-- INDENTATION -->

 <table width="100%" border=0 rules="none" frame="void"

@@ -6133,10 +6423,38 @@

 <tr valign="top" align="left">

 <td width="28%"></td>

 <td width="72%">

+<p>The rules created by the &quot;sa&minus;update&quot; tool

+are searched for here. This directory contains the

+spamassassin/3.001001/updates_spamassassin_org directory

+structure beneath it. Only un−comment this setting

+once you have proved that the sa−update cron job has

+run successfully and has created a directory structure under

+the spamassassin directory within this one and has put some

+*.cf files in there. Otherwise it will ignore all your

+current rules!</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

+<p><b>SpamAssassin Default Rules Dir</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default:</p>

+<!-- INDENTATION -->

 <p>This tells MailScanner where to look for the default

 rules. If this is set it adds to the list of places that are

 searched. MailScanner will always look at the following

-places (even if this option is not set):</p></td>

+places (even if this option is not set):</p>

+</td>

 </table>

 <!-- TABS -->

 <table width="100%" border=0 rules="none" frame="void"

@@ -6223,8 +6541,8 @@

 <table width="100%" border=0 rules="none" frame="void"

        cols="5" cellspacing="0" cellpadding="0">

 <tr valign="top" align="left">

-<td width="11%"></td>

-<td width="20%">

+<td width="22%"></td>

+<td width="9%">

 <p>%d</p>

 </td>

@@ -6236,8 +6554,8 @@

 <td width="54%">

 </td>

 <tr valign="top" align="left">

-<td width="11%"></td>

-<td width="20%">

+<td width="22%"></td>

+<td width="9%">

 <p>%5.2f</p>

 </td>

@@ -6249,8 +6567,8 @@

 <td width="54%">

 </td>

 <tr valign="top" align="left">

-<td width="11%"></td>

-<td width="20%">

+<td width="22%"></td>

+<td width="9%">

 <p>%05.1f</p>

 </td>

@@ -6261,24 +6579,59 @@

 </td>

 <td width="54%">

 </td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

 <tr valign="top" align="left">

 <td width="11%"></td>

-<td width="20%">

-

-<p><b>Debug</b></p>

-</td>

-<td width="1%"></td>

-<td width="14%"></td>

-<td width="54%">

-</td>

+<td width="89%">

+<p><b>SpamAssassin Cache Timings</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default: 1800,300,10800,172800,600</p></td>

 </table>

 <!-- INDENTATION -->

 <table width="100%" border=0 rules="none" frame="void"

        cols="2" cellspacing="0" cellpadding="0">

 <tr valign="top" align="left">

+<td width="32%"></td>

+<td width="68%">

+<p>Do not change this unless you absolutely have to, these

+numbers have been carefully calculated. They affect the

+length of time that different types of message are stored in

+the SpamAssassin cache which can be configured earlier in

+this file (look for "Cache"). The numbers are all

+set in seconds. They are:<br>

+1. Non&minus;Spam cache lifetime = 30 minutes<br>

+2. Spam (low scoring) cache lifetime = 5 minutes<br>

+3. High&minus;Scoring spam cache lifetime = 3 hours<br>

+4. Viruses cache lifetime = 2 days<br>

+5. How often to check the cache for expired messages = 10

+minutes</p>

+</td>

+</table>

+<!-- TABS -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="5" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

 <td width="11%"></td>

-<td width="89%">

-<p>Default: no</p></td>

+<td width="7%">

+

+<p><b>Debug</b></p>

+</td>

+<td width="4%"></td>

+<td width="16%">

+

+<p>Default: no</p>

+</td>

+<td width="62%">

+</td>

 </table>

 <!-- INDENTATION -->

 <table width="100%" border=0 rules="none" frame="void"

@@ -6424,6 +6777,31 @@

 a "side effect" of doing something useful such as

 logging lots of information about the batch of messages to a

 file or an SQL database.</p>

+</td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="11%"></td>

+<td width="89%">

+<p><b>Always Looked Up Last After Batch</b></p></td>

+</table>

+<!-- INDENTATION -->

+<table width="100%" border=0 rules="none" frame="void"

+       cols="2" cellspacing="0" cellpadding="0">

+<tr valign="top" align="left">

+<td width="22%"></td>

+<td width="78%">

+<p>Default: no</p>

+<!-- INDENTATION -->

+<p>This option is intended for people who want to log

+per−batch information. This is evaluated after the

+"Always Looked Up Last" configuration option for

+each message in the batch. This is looked up once for the

+entire batch. Its value is completely ignored, it is purely

+there to have side effects. If you want to use it, read

+CustomConfig.pm.</p>

 </td>

 </table>

 <!-- INDENTATION -->