We are pleased to announce the release of Warden Anti-spam and Virus Protection 3.0 under General Availability. This is a major release and all users are encouraged to upgrade. This release has passed Plesk certification and is now available in the Plesk extension directory.

SpamAssassin 4 Support
We've added release candidate builds (RC3) of SpamAssassin 4.0 for RHEL/AlmaLinux/CloudLinux/RockyLinux 8 to the danami-warden-testing repository. Experienced admins wanting to test out the pre-release of SpamAssassin 4.0 can install using the instructions here.

Whats new in SpamAssassin 4.0?

  • IDN (Internationalized domain name) support.
  • An improved header address parser that also handles multiple addresses, nested comments, and other oddities.
  • A new DecodeShortURLs plugin that decodes shortened URLs in messages.
  • A new DMARC policy plugin to check if an email respects its domain DMARC policy.
  • A new ExtractText plugin that uses external tools to extract text from message parts.
  • The DKIM plugin now supports ARC signature verification.
  • The ASN plugin now supports the MaxMind ASN GeoDB for local ASN lookups.
  • Pyzor and Razor2 can now fork separate processes and read the results in later (similar to async DNS lookups) which increases throughput.

Mail Server Settings
We've added a new postfix settings page under Settings -> Mail Server Settings. This area allows admins to set stronger SMTPD restrictions so that spam is rejected at the SMPTD level before it gets processed by Amavis. It is recommended that admins go to Settings -> Mail Server Settings then press the "default" button on that page to apply the new recommended SMTPD restrictions. See here for more information.

Mail Server Access
We've added a new Postfix access map management interface under Settings -> Mail Server Access. This area allows admins to whitelist or blacklist at the SMTPD level by client IP address, CIDR, HELO/EHLO hostname, envelope sender (MAIL FROM), and envelope recipient (RCPT TO). Admins also have the ability to temporarily whitelist servers that are backlisted on any DNSBLs.

Mail Server Access

We've added a new Postfix access map search dashboard widget. Searching for an IP address will match within CIDRs so you can easily see what IP addresses are being blocked or whitelisted in Postfix. Existing users can add the new widget by pressing the add widget button on the dashboard then selecting the "Mail Server Access" widget.

Mail Server Access Widget

We've added a new "Client Access" tab to the IP address lookup tool so that admins can easily whitelist or blacklist at the SMTPD level by IP address or CIDR just by clicking on an IP address.

Client Access Menu

DecodeShortURLs Plugin
We've added support for the new DecodeShortURLs plugin in SpamAssassin 4.0. This plugin will decode shortened URLs in messages then add the URLs to a list of URIs which can then be scored and accessed by other plug-ins.

decodeshorturls

ASN Plugin with MaxMind Support
We've added support for new MaxMind SpamAssassin 4.0 ASN plugin options. This allows ASN lookups to use the local MaxMind ASN databases instead of querying third party ASN lookup services.

ASN Plugin

Changelog
[+] Added support for SpamAssassin 4.0.
[+] Added pre-release builds of SpamAssassin 4.0 for RHEL/AlmaLinux/CloudLinux/RockyLinux 8 to the danami-warden-testing repository. Experienced admins wanting to test out SpamAssassin 4.0 can follow the instructions located here. SpamAssassin 4.0 will be added to the main danami-warden repo after it's official release.
[+] Added a new Postfix settings page under Settings -> Mail Server Settings. This area allows admins to set stronger SMTPD restrictions so that spam is rejected before it gets processed by Amavis. It is recommended that admins go to Settings -> Mail Server Settings then press the "default" button on that page to apply the new recommended SMTPD restrictions. See here for more information.
[+] Added a new Postfix access map management interface under Settings -> Mail Server Access. This area allows admins to whitelist or blacklist at the SMTPD level by client IP address, CIDR, HELO/EHLO hostname, envelope sender, and envelope recipient.  
[+] Added a new Postfix access map search dashboard widget. Existing users can add the new widget by pressing the add widget button on the dashboard then selecting the `Mail Server Access` widget.
[+] Added a new client access tab to the IP address lookup tool so that admins can whitelist or blacklist by IP address or CIDR.
[+] Added SpamAssassin 4.0 dependencies to the installer RHEL/AlmaLinux/CloudLinux/RockyLinux (perl-Net-LibIDN2 perl-Email-Address-XS), Debian/Ubuntu (libnet-libidn-perl libemail-address-xs-perl).
[+] Added GeoIP2 dependencies to the installer RHEL/AlmaLinux/CloudLinux/RockyLinux (perl-GeoIP2 perl-MaxMind-DB-Reader-XS), Debian/Ubuntu (libgeoip2-perl libmaxmind-db-reader-xs-perl). These will use fast XS to link against the libmaxminddb library. This is much faster than the Pure Perl implementation.
[+] Added support for the new DecodeShortURLs plugin in SpamAssassin 4.0. This plugin will decode shortened URLs in messages then add the URLs to a list of URIs which can then be scored and accessed by other plug-ins.
[+] Added support for the SpamAssassin 4.0 ASN plugin options asn_use_geodb, asn_prefer_geodb, asn_use_dns. This allows ASN lookups to use the local MaxMind ASN databases instead of querying third party ASN lookup services.
[+] Added a `My domain` option under Settings -> Content Filter Settings -> Filter Settings. This is used by Amavis in various places like in the X-Virus-Scanned header.
[+] Added support for the SpamAssassin 4.0 Pyzor and Razor2 plugin options pyzor_fork, pyzor_count_min, pyzor_whitelist_min, pyzor_whitelist_factor, razor_fork. This allows Pyzor and Razor2 to fork separate processes and read the results in later (similar to async DNS lookups) which increases throughput.
[=] On Debian/Ubuntu the installer will import the Danami signing key to /etc/apt/trusted.gpg.d/danami.gpg instead of the global keyring /etc/apt/trusted.gpg now that the apt-key command has been deprecated.
[=] Updated the Amavis $sql_select_policy so that it will match email aliases at the mailbox level instead of relying on the domain level policy. Thanks Michael!
[=] Updated the default Anti-virus option ConcurrentDatabaseReload. If a server has less than 8 GB memory it will now default to no to disable concurrent database reloads (which require twice the amount of free memory). We recommend that servers with less than 8 GB of memory uncheck the option ConcurrentDatabaseReload under Settings -> Anti-virus Settings
[=] Updated the log buttons so that the reject log is located after the message log now that the reject log has more importance due to the new Postfix restrictions.
[=] Removed support for Debian 9 as it reached end of life on June 30, 2022.
[-] Fixed a bug where the antivirus signature reload command was not working on Debian/Ubuntu if the clamdscan package was not installed.
[-] PHP 8.1 compatibility fixes.
[-] Translation fixes.

To Upgrade
The upgrade is available to all active license holders.

1. Login to your Plesk panel and click on Extensions -> Updates -> Select the Warden Anti-spam and Virus Protection extension then press the update button. You can view the upgrade process using the command: tail -f /var/log/plesk/panel.log

Full changelog
https://docs.danami.com/warden/basics/changelog

Product Information
https://www.danami.com/products/plesk-extensions/warden-antispam-and-virus-protection



Friday, September 23, 2022

« Back