Copyright (c) 2003-2007, James Lick
All rights reserved.

See LICENSE file for information on your legal rights to use this software.

Version 1.2.4

- ClamAV 0.90 disabled the previously required --mbox option to clamscan,
rendering older versions of clamassassin inoperable unless using clamdscan.
This version has changed to the current documented options for both
clamscan and clamdscan.  In addition, this version now requires ClamAV
0.90 or higher to run.  Automatic support for older ClamAV versions has
been removed to streamline the code, though options remain to manually
support older versions.  Thanks to Paul Taylor, Michael Ossmann, and
Basjan Kleyn for reporting the problem.

Version 1.2.3

- Added error checking when temporary message file is made.  Previously
problems here would go undetected and cause empty or truncated messages
being passed through, or silently disappearing if the filesystem were
full or the file writing failed for some other reason.  Thanks to Asheesh
Laroia for reporting the problem.

- Santiago Vila and Nick Price suggested that the configure.ac file be
added to the distribution tar file so that distribution maintainers
can more easily customize their install.

- Santiago Vila requested that clean and distclean targets be added to
the Makefile.

Version 1.2.2

- Changed clamscanner options string to be set by the configure script.
As part of this change, changed --disable-summary flag to --no-summary 
when clamscan is used because --disable-summary is being deprecated and
may be removed.  Also --mbox is not used when using clamdscan as that
option is not needed. clamdscan still uses --disable-summary as despite
the documentation, --no-summary doesn't work with clamdscan yet.

- ClamAV version 0.80 no longer reports which program is being used
(clamscan, clamdscan, etc.) when displaying the version string.  Added
code to have clamassassin add this back in.  This defaults to on with
ClamAV 0.80 and higher, devel, and unrecognized versions.  The default
is off for versions earlier than 0.80.  As a side effect, echo was added
as a prerequisite.

- Added configure options --enable-name-adding and --disable-name-adding
to override the default of whether the scanner name is added to the
version header.

- ClamAV version 0.80 reports the signature versions as part of the
version string, so having clamassassin add it as well is redundant.
Made it the default to not add it for 0.80 and higher, devel, and
unrecognized versions.  The default is off for versions earlier than
0.80.

- Added configure options --enable-signature-version and
--disable-signature-version to override the defaults of whether the
signature versions should be reported.  These changes were suggested
quite a while ago by Dimitrios Michelinakis but gained new urgency
when ClamAV 0.80 made it a requirement.

- ClamAV version 0.80 uses a different version string format.  Fixed
configure to correctly parse the new version (and still parse the old).

- Converted some repetitive tasks to shell functions to make things more
modular and easy to change: error checking, exit cleanup, and creation of
temp files.

- Removed tr as a dependancy.  Was replaced with a clever bit of sed that
melts my brain when I try to think about it.

Version 1.2.1

- Fixed bug that caused configure to fail when ClamAV 0.70 or older is
installed.

- Added ClamAV version checking in configure to check for compatibility.
clamdscan will be disabled on incompatible versions.

- Added --disable-version-check to skip compatibility checks.

- Updated README to fully document compatibility.

Version 1.2.0

- Converted to using gnu autoconf to make the "configure" script.  Now all
external pathnames are autodetected.  The functionality of the old configure
script was rewritten from scratch with similiar functionality as before.

- In prior versions, the program name "ClamAssassin" was used in the
X-Virus-Checker-Version header.  For consistency with all other usage of
the program name, this has been changed to all lower case.

- --enable-subject-rewrite[=message] flag added to ./configure script to
turn on Subject: header rewriting.  A generic message will be used if one
is not provided.

- configure script now chooses alternate /tmp path via the TMP environment
variable.

- Now includes a simple Makefile so that people used to just doing
"./configure ; make ; make install" will be happy.

- It was reported by Mark Miksis that he was still experiencing the bug
supposedly fixed in version 1.1.0 where the X-Virus-Report: header is set
to 'OK'.  The processing for the report header was completely rewritten in
the process of fixing this bug finally.

- In the above X-Virus-Report: header processing, usage of head and grep
were eliminated from the script and tr was added as a requirement.

- The X-Virus-Report: will now show if the message contains multiple
infections.  Unfortunately due to limitations in the current version of
ClamAV, multiple infections are reported when using clamscan, but not
clamdscan.

- The signature versions are now included in the X-Virus-Checker-Version.
This code is based on code by Robert Allerstorfer with some additional
optimizations.  This checks the actual signature files themselves, so there
is a small possibility that clamd might not have the same versions loaded.

Version 1.1.1

- With the 1.1.0 release, a problem cropped up with the paths to the common
unix utilities.  They were hardcoded to be in /bin which is true of many but
not all systems.  In particular, many Linux systems place the head utility in
/usr/bin instead of /bin.  There were also some reports of other path problems,
but head seems to be the most common problem.  Path to head changed to
/usr/bin/head.  This was reported by too many people to thanks individually.

Version 1.1.0

- Changed file handling so that clamdscan could be used. (See README for
requirements.)  Too many people suggested this to acknowledge all of them.
Thanks to all of them.  Be sure to see the README to make sure your system
is properly configured to use clamdscan.

- Added -f flag to invocations of formail.  This tells formail not to reformat
certain headers and not to create a 'From ' line at the beginning.  If this
is not done, some mail systems such as cyrus would lose mail or be unable to
display messages because of formatting problems.  Thanks to Scott A. McIntyre
for the suggestion.

- Added X-Virus-Checker-Version header to include version information of
the clamassassin script and which scanner and the version of ClamAV used.

- Added option to rewrite the Subject: header with *****VIRUS***** at the
front to warn users who manually sort mail, or use mail sorters that can't
use arbitrary headers.  This is similiar to SpamAssassin with the
rewrite_subject setting on.  Thanks to Tom Mollerus for the suggestion and
sample code.

- Added simple ./configure script to automatically set paths to formail,
mktemp, and clamscan or clamdscan.  Thanks to Andrej Kacian for the
suggestion.

- Previously the script had no error handling in the case that formail did
not run properly.  This most commonly would be due to misconfiguring the
path for formail, so the automatic configuration in this version should help
there.  Nevertheless, formail could fail to run for other reasons and without
any error checking this could lead to the message being lost.  Not a good
thing.  clamassassin will now check if formail failed and if so it will exit
with whatever code formail exited with.  This will cause the message to be
requeued or bounced, depending on the configuration of your MTA.  Thanks to
Jordan Russell for notifying me to the potential of the problem.

- While fixing the error handling for formail errors, it was discovered that
temp files may not be removed in some cases if the script exits with an error.
This oversight was corrected.

- During testing it was found that some viruses include more than one
attachment in the message, which would cause some mishandling by
clamassassin.  While messages would properly be identified as infected, the
X-Virus-Report line may only say 'OK', and non-compliant headers inserted
after it.  It has been recoded to show the first first infection detected.
If there are multiple infections in different attachments, only the first
will be shown.  Please let me know if there's a strong need to have all
infections reported, or if just one is sufficient.