Changelog for ESET Gateway Security

• Change: new Mailshell AS Engine version 6.3.5 for all packages.
• Fix: problem with antispam update on Sun Solaris 10
• Fix: problem with mirror functionality on Sun Solaris 10
• Fix: problem with not appending antispam result header to scanned messages on Sun Solaris 10

• Added: support for Novell GroupWise
• Added: support for FreeBSD 8
• Added: cache for optimization of on-access scanner
• Added: scheduler with multiple actions
• Added: on demand check profiles
• Improved: WWWi, additional functions
• Improved: more user friendly configuration of scanning parameters
• Change: adjustment of installation & uninstallation of esets_gwia via esets_setup
• Change: renaming the parameter esets_user to restricted_user
• Change: support for appending the antispam result in the header of scanned messages
• Fix: problem with adding the new license via WWWi
• Fix: problem with incorrect info in manual pages concerning scan events
• Fix: problem with not displaying the alert message in case of large infected files
• Fix: problem with not enabling the scheduled task for updating the antispam modules
• Fix: problem with not removing the log folder and its content
• Fix: problem with not sending messages with enabled antispam
• Fix: other minor bug-fixes

• Fix: problem – not working filtering over HTTPS protocol (ESET Gateway Security)

• Change: New Mailshell AS Engine Version 6.1.5. for all packages except SUN Solaris & FreeBSD 5
• Change: Implementation of parameter "ident_scanning_service" in sets_icap.r
• Change: Added timeout for client connection esets_smtp, esets_imap, esets_pop3
• Change: added support for autorization of FTP server from the http client
• Added: esets_lic - new feature - removing expired licenses with parameter: --remove-expired
• Added: new documentation for Mail/File/Gateway security
• Fix: problem - esets_setup unable to find zmailer.conf
• Fix: problem - esets_setup does not work for exim
• Fix: problem - esets_setup does not work for qmail
• Fix: problem - esets_daemon does not start automatically on Solaris
• Fix: problem - Setup can`t find exim configuration file on Solaris
• Fix: problem - esets_setup does not work with postfix on Solaris
• Fix: problem - "Cannot scan: Invalid request" error message, file with / without extension
• Fix: problem - Esets daemon still present after uninstall on Solaris
• Fix: problem - Esets_daemon doesn't recognize quarantine_dir variable and quits
• Fix: problem - Double slash in URL after the domain returns error 404

• Added uni-licence support – business package readiness
• Fixed memory leaks
• Fixed tempfile handling after disk fulfillment
• Fixed PCUs inclusion in mirror
• Fixed problems with not opening in-product help entries
• Fixed problems with ESET Remote Administrator connection & cooperation problems

* versions 3.0.19 were skipped due to continuous testing and bugfixing

• esets_daemon: fixed problem of samples sent using RA server
• esets_daemon: fixed ownership settings for mirror directory
• esets_daemon: obsolete parameters parser
• esets_dac (EFS): support for Dazuko FS
• esets_smtp (EMS): support for Solaris Zones
• esets_smtp (EMS): BDAT command handling
• esets_http (EGS): support of URL based detection
• esets_http (EGS): fixed HTTPS communication with Internet Explorer
• esets_http (EGS): fixed communication with HTTP 1.0 servers
• fixed installation on OS Solaris
• fixed anti-spam on OS Solaris

* versions 3.0.16 & 3.0.17 were skipped due to continuous testing and bugfixing

• fixed some RTP archives unpacking
• fixed notification scripts for FreeBSD
• updated manual pages
• esets_dac(EFS): fixed deadlock on FreeBSD

• fixed RA client password login to RA server
• fixed license loading in Turkish locale
• fixed memory leak in ThreatSense.NET
• esets_wwwi: enhanced statistics
• esets_smfi (EMS): using also server's Received header for spam recognition
• esets_http (EGS): URL whitelist

• esets_http (EGS): fixed premature interrupt of connections

• http server for modules local mirror
• changed default of av_clean_mode from rigorous to standard
• esets_daemon: changed settings for ThreatSense.NET
• esets_imap (EMS): corrected performance with Mozilla Thunderbird
• esets_http (EGS): fixed threat log in virus notification e-mail
• esets_http, esets_icap (EGS): optimized URL blocking cache

• support for FreeBSD 7
• added system dependencies into 64-bit rpm packages
• fixed listing of network interfaces with unknown addresses
• esets_daemon: fixed license issue for EAV BE
• esets_daemon: continuing even after failed first-time anti-spam modules update
• esets_daemon: fixed startup with only expired licenses
• esets_cgp (EMS): CommunigatePro filter
• esets_scan (EFS): supported ADS scanning
• esets_scan (EFS): activity indicator for pipe/file output
• esets_icap, esets_http (EGS): fixed URL blocking cache
• esets_ssfi (EGS): added man page
• esets_wwwi: quarantine support
• esets_wwwi: updated php to 5.2.8
• esets_quar: fixed samples sending and listing, new option: --list-fmt
• esets_quar: supported separate quarantine for all users
• esets_inst: enhanced compatibility with qmail

• revisited products documentation
• esets_daemon: fixed memory leak

• fixed definition of groups of modules for mirror
• esets_daemon: corrected algorithm for loading of the new modules
• esets_update: corrected first time update
• esets_scan (EFS): fixed definition of multiple excludes
• esets_scan (EFS): no first time update required

• esets_daemon: no Internet access required for initialization
• esets_daemon, esets_update: fixed invalid username/password issue for update

• esets_daemon: fixed Remote Administration client reload on Solaris
• esets_daemon: fixed unfinished scanlogs sending by Remote
  Administration client on Solaris
• esets_daemon: secured communication socket removal
• esets_daemon, esets_update: corrected groupadd and useradd
• esets_daemon: suppressed long timeouts when terminating
• esets_daemon: fixed samples submission system reload
• esets_wwwi: fixed esets_daemon reload on Solaris
• esets_update: added verbose actualization process output
• esets_scan (EFS): fixed file scanning on read-only filesystems

• checking of user specified TMPDIR environment variable
• support for MAILBOX format scanning
• esets_daemon: fixed ESETS_RECIPIENT environment variable
• esets_inst: added full paths of Postfix binary files
• esets_update: fixed parsing of update.ver info file
• esets_wwwi: fixed relocation error on Solaris
• esets_wwwi: corrected excessive back slashes
• esets_wwwi: added package version check
• esets_http (EGS): support for multipart content type scanning
• esets_dac (EFS): fixed handling of big files (> 2GB)

• corrected esets user switching
• enhanced compatibility of Remote Administration client with Solaris
• fixed higher memory consumption of daemon agents
• esets_update: corrected defaults setting
• esets_scan (EFS): enhanced filename character encoding of scanned objects
• esets_icap (EGS): ICAP server for scanning HTTP messages
• esets_wwwi: added login/logout control

• esets_daemon: added control of syntax errors in main configuration file
• esets_daemon: added anti-virus scanning limits for maximum object size and for maximum object size in self-extracting archives
• esets_wwwi: enhanced compatibility with Solaris/li>
• esets_smtp (EMS): correction of TLS support in MTA Postfix
• esets_scan (EFS): fixed automatic scan of local disks (command line option '--auto')
• esets_scan (EFS): correction of multiple directories exclusion
• esets_scan (EFS): fixed Remote Administration client logging

• Fixed antispam scanning for unprivileged daemon
• Fixed antispam loading on 64-bit Debian
• Fixed package extraction on Solaris
• Fixed non-english messages
• Updated PHP to version 5.2.6

• technology ThreatSense v3.0
• configuration, logging and handle object policy rewritten
• added Remote Administration client
• additional supported OS: NetBSD 4, Solaris 10
• support for 64-bit Linux OS: native binaries (except esets_daemon)
• esets_http (EGS) - support for non-transparent ftp scanning
• esets_ftp (EGS) - added huge object handling
• esets_zmfi (EMS) - ZMailer's content-filter
• libesets_pac (EFS) - available for all platforms

• 64bit systems support
• Added possibilty to run ESET components under user accounts instead of superuser account
• Added support of FTP communication scanning in manual HTTP proxy mode

• esets_daemon: added information USERSPEC into daemon log and daemon notification script
• esets_daemon: correction of infiltrations information passed to agents
• esets_cli (EMS): correction of action evaluation when multiple files scanned
• esets_ssfi.so (EGS): support for SafeSquid of version 4.2 and higher
• esets_http (EGS): support of CONNECT method for user defined ports

• esets_smfi (EMS): implementation of predefined response of server using SetReply.
• esets_http (EGS): correction of deleted objects handling

•  esets_http (EGS): correction of not scanned objects handling

• esets_ftp (EGS): correction of random stuck of passive connection when STOR command used

• new product ESET Gateway Security (EGS)
• existing products NOD32LMS and NOD32LFS were renamed to ESET Mail Security (EMS)
• and ESET File Security (EFS)
• antispam engine (EMS)
• esets_daemon: periodic update of antivirus and antispam databases
• esets_update: update utility
• esets_imap, esets_pop3 (EMS): IMAP and POP3 filters
• esets_http, esets_ftp, esets_ssfi.so (EGS): HTTP, FTP filters
• and SafeSquid plugin
• esets_wwwi: web administration interface
• esets_lic: license utility
• esets_setup, esets_inst: user-friendly system integrator
  

•  Compatibility with 64-bit Debian OS

•  New licensing scheme

• Support for 64bit Linux systems (binaries are executed in 32bit mode)

• nod32d: Fixed bug in daemon communication in case the license has expired
• Fixed installation instructions for Exim

•  nod32d: Fixed bug with opening files in quarantine

• nod32d: Fixed bug in memory allocation/deallocation with connections established through a proxy server

•  nod32update: Fixed starting of nod32umc and nod32upd.

• nod32update: Fixed issue with download timeout.
• nod32d: Improved signal handling regarding download functionality.
• nod32set: Automatic section creation, if not exists.

• nod32d, nod32update: More accurate waiting on update completion, fixed bug in memory freeing.
• nod32update: Fixed issue in finding directory with binary executables.
• nod32smtp (LMS): Mail's header pollution bugfix.

• nod32d - Added support for scanning of unwanted applications.
• nod32d - Added functionality to update and reload anti-virus modules.
• Added possibility to define scanner parameters individually according to the client/server identification.
• Added possibility to define update parameters via main configuration file.
• More evaluated product installation mechanism. The installation package does not contain NOD32 modules any more. These are downloaded during the product first initialization stage, if necessary. The package installation process is more user friendly now.
• nod32d - Enhancement of the license expiration warning functionality.
  The mechanism does not block the scanned objects processing after license expiration, only deactivates the anti-virus scanning functionality and starts sending the expiration report notification about scanner deactivation to system administrator.
• Command line interface testing functionality of NOD32 agent modules is fully replaced by the testing functionality using agent identification parameter 'aid'.
• Added information about virus database version into the e-mail header X-NOD32Result.
• Fixed bug in quarantine initialization.
• nod32umc - correct implementation of modules download timeout
• Fixed bug in Samples Submission System cache.
• nod32smtp - Fixed bug in requests vs responses synchronization.
• Major changes in documentation.
  

•  nod32smfi - Fixed bug in selective configuration setting of scanner using
    client/server specification from nod32smfi agent module.
• nod32smfi - Fixed bug in nod32smfi process manager.

• nod32d - Better parsing of e-mail headers incorrectly separated from e-mail body.
• nod32d - Fixed bug in thread manager.

•  Higher efficiency of resident agent modules based on implementation of 1 vs N (threads vs client/server connections) model.
• Better system coordination based on maintenance of all resident agent modules services by using main system daemon 'nod32d'
   (Start of resident agent modules is controlled by parameters 'agent_enabled' of the main NOD32 configuration file.)
• Unified logging system of all the modules.
• Implementation of nod32set module to provide comfortable modifications of NOD32 configuration file.
• Update of the product documentation (changed structure, new information).
• End of the produkt developement for FreeBSD OS version 4.X. (technical support stays for NOD32BMS 2.51.x). The reason is insufficient support of libc.so.4 library used in FreeBSD OS version 4.x.

•  support for e-mail headers of Zmailer

• nod32smfi - fixed bug in headers handling
• fixed bug in state of scan (clean vs. not scanned)
• correct handling of restart statement within initialization scripts of deb packages