Release Notes: Addition of the LAYER tag to HTML defanging (primarily of interest to people running Webmail programs), modifications to the Office Macro scanner, and fixes for ignoring some code used in default-template infector macros, and genration of some false positives. The sanitizer recurses into multipart attachments in addition to RFC822 attachments; the only hole left now is defanging BASE64-encoded HTML attachments. If a file attachment does not have a filename specified, a default filename will be provided.
Release Notes: The major hole (sanitizing RFC822 attachments) was closed; attached RFC822 messages are now sanitized.
Release Notes: Changes in this version are the addition of OCX to the list of executable extensions, the addition of the ability to defang image tags to block "web bugs", and the sanitizing of null MIME boundary strings which are a nasty DoS of Microsoft Exchange servers.
Release Notes: .DLL and Microsoft Access extensions were added to the considered-executable list. The macro and long-header tests were modified to reduce false positives.
Release Notes: Debugging code left in version 1.116 caused entire MIME attachments in messages to be logged.
Release Notes: A fix for a problem where it was possible for the sanitizer to overlook every other attachment in a series of document attachments, and preventing the mail program from figuring out the attachment type from the MIME type or from Eudora-embedded codes.
Release Notes: Minor bugfixes.
Release Notes: Length-limiting of certain standard RFC822 headers to address the latest Outlook Buffer Overflow bug, and more.
Release Notes: Some new executable extensions, and a fix for a bug that prevented macro scanning (no longer vulnerable to extremely long To: headers).
Release Notes: Added optional notification message to sender on a trapped message. Improved quarantining and configurability of attachment poisoning. Various minor bugfixes.