• a completely rewritten Remote Admin, with a very web 2.0 feel;
• newer and faster antispam technology;
• content filtering with HTML disarm support;
• completely new patching system with support for notifications;
• support for filtering e-mails with password protected attachments;
• made the base configuration file fully XML compliant;
• dump the base configuration XML into a Unix-like .conf file and load it back;
• native 64bit support;
• open source sdk for adding other filtering engines to our mail server product;
• improved localization support;
• the usual set of fixes/improvements spread all over the code.

Enjoy!

The new build can be downloaded from here. The first user guide draft can also be downloaded from here.

Changelog:

• added first Radmin (web based console) version;
• user guide: first version ready (please note that is incomplete – there are still things to be added);
• added new product templates;
• windows update is not working properly when the frontend is enabled (it will be fixed in the next version);
• solved a memory leak bug;
• changed proxy-setup.sh in order to make it more user friendly;
• changed the proxy bind port from 10080 to 9092;
• removed the kernel warning “task [..] blocked for more than 120 seconds”;
• fixed some other minor bugs.

Many thanks go to those who registered on our beta site and reported problems.

• real time scanning of Internet traffic;
• URL filtering;
• content-type and method filtering;
• header filtering;
• group security policies;
• user notifications;
• reports and statistics.

It can work standalone or in conjunction with an HTTP proxy such as Squid. This beta version is available here, for Linux x86.

The campaign will be finished at the mid of August and the prizes will be:

• 1st place : one 16GB iPod Touch;
• 2nd place : one year license of a Windows/Linux/FreeBSD business solution, for 35 users;
• 3rd place  : one of ten copies of BitDefender Desktop solutions (1 year license for Total Security, Internet Security or Antivirus – at choice).

The purpose of this beta campaign is to validate that BitDefender for HTTP Proxy functions properly and to gather potential new features from testers.

ubuntu 8.04 i386 (md5: da05728ddf69756f43ad53f69429e7a3)

ubuntu 8.10 amd64 (md5: 71b343695e50b803f07333c43e48fa4a)

ubuntu 9.04 i386 (md5: 579c3da801907fe38ec86bdc853023c5)

ubuntu 9.04 amd64 (md5: 5f8e38f8843aa6aa66ee3572051231bd)

ubuntu 9.10 i386 (md5: 6a35b1a145c8a7897ca8c2e4a2e92f26)

openSUSE 11.1 i586 (md5: b0315a22cda8e44cde38cb9fd04ba01b) (konqueror)

fedora 11 i586 (md5: ea679321cbef1d6f9de13982620bb4e4)

If none of the packages above is good for you, drop us an email with your distribution, version and architecture (x86 or amd64) and we’ll see if we can build one for you too.

UPDATE: I have inserted the KDE4 Konqueror extension here (openSUSE) to avoid creating a new article just for it.

We also added a new feature that improves the functionality of the Rescue CD. You will notice, in the boot menu list, a new entry: Start Knoppix in console mode. This will run the image in text mode and, after booting, the mounted partitions will be scanned. In order to do this, we built a simple dialog script, which is a bdscan wrapper. This script will update the virus signatures, scan your mounted partitions (ntfs, vfat, ext3 etc.) and finally display the scan log. The default action on infected items is disinfect, so if your hard disk contains infected items, the bdscan-dialog will disinfect those files automatically. Also, if for some reason the X window system is not starting, it is recommended that you choose this new boot option.

The iso download location is http://download.bitdefender.com/rescue_cd/

More information about the BitDefender Rescue CD can be found here.

Almost a week ago, one of our customers reported that he is unable to filter the spam messages using the product’s RBL filter. Shortly after the report, our testing team determined that there was an issue with the milter integration (which the client used) in that, the scanned mail did not contain any Received headers, which are required by the antispam engines in order to do a RBL analysis. This behavior has been observed using Sendmail, but other MTA-s, that also offer a milter interface, might behave the same.

Our approach to this problem, is fairly simple: try to obtain the sender’s IP from the milter’s xxfi_connect() callback, and pass it directly to the antispam engines (to the rbl-on-ip filter). If any of the configured RBL servers has the IP blacklisted, then the antispam analysis ends (with maximum spam score) and the product takes the proper action. Otherwise, the mail is subjected to a full antispam analysis. However, obtaining the IP is not as simple as it might seem. The callback mentioned above has the following declaration:

extern sfsistat xxfi_connect __P((SMFICTX *ctx,
                                  char *hostname,
                                  _SOCK_ADDR *addr));

The hostname parameter, contains either the sender’s host name, either an IP enclosed in square brackets (eg: “[217.10.139.50]“). The addr parameter, points to the connection data (struct sockaddr, which, depending on the sa_family field can be casted to sockaddr_in * or sockaddr_in6 * – see man 7 ip).

Our first attempt involved the use of addr because it seemed the fastest. However, none of the tested MTA-s provide this information, as such addr is always NULL. The only option we were left with was to backtrack the MTA and obtain the connection IP from hostname (that is, if the IP was not already given to us in square brackets, in which case we simply extract the address from the string). This seemed to work pretty good and we decided to make the fix official and release a bdmilterd patch.

Note that some MTA-s (other than Sendmail) do not provide any of the parameters (hostname and addr are both NULL). Luckily, the ones we tested have their own RBL filters.

Before we end, we want to remind you how patches are installed:

# bdsafe patch list
# bdsafe patch install <patch-number>

Have a great day!

The fixed bugs are:

• [bdgui] the drop zone is now visible on all virtual desktops;
• [bdgui] log a proper message for files which are not accessible;
• [bdgui] when triggering a scan via the drop zone or via the contextual menu from one of the supported file managers with the main window hidden (minimized to the tray) pressing the ‘Done’ button on the last page of the wizard will cause the window to remain hidden;
• [bdgui] the big icons will return to their unfocused color when a modal window pops up;
• [bdgui] the password for the proxy is now hidden (both in the interface and in the configuration file);
• [bdgui] dropping a device file (a file from under /dev) onto the drop zone will no longer trigger a crash;
• [bdgui] try to detect when the proxy is not available and bypass it;
• [bdgui] fixed a bug which caused the gui to be unable to connect to an already running instance of itself;
• [bdgui] drag-and-drop scanning will no longer work when the license is expired;

The new features are:

• [bdgui] use the same configuration file as bdscan (ie. bdscan.conf);
• [bdgui, bdscan] moved the per-user configuration file in ~/.config/BitDefender-scanner/bdscan.conf;
• [bdgui] moved the per-user specific data in ~/.local/share/BitDefender-scanner;
• [bdgui] completely redesigned the settings window;
• [bdgui] the tooltip for the drop zone changes according to the mode of operation;
• [bdgui] the context menu for the drop zone has been simplified;
• [bdscan] added ‘–encode=<password>’ command;
• [bdgui, bdscan] split UpdateHttpProxy into ProxyEnabled, ProxyBypass, ProxyHost, ProxyUser and ProxyPassword in bdscan.conf;
• [bdscan] drop the privileges to ‘bitdefender’ when updating (this is because –update needs root privileges);
• [kits] merged BitDefender-Scanner* with BitDefender-Desktop-Scanner* into BitDefender-Antivirus-Scanner*;
• [kits] install everything as bitdefender instead of root (this is because ultool has the suid bit set);

Enjoy it and Merry Christmas!