Description of the changes for the 2000a "level set" release
Version 1.8d of LISTSERV(R)
------------------------------------------------------------
Copyright 2000 L-Soft international, Inc.
5 May 2000
THE 2000a LEVEL SET
-------------------
The 2000a level set includes all known fixes and patches up to March 3,
2000, and the following between-release enhancements:
- The security fix mentioned in the 05/05 advisory posted to LSTSRV-L,
LSTSRV-M, etc.
- Support for a new keyword, "Attachments=", allowing attachments to be
filtered from mailing lists.
- Support for multi-line substitutions in mail-merge jobs (previously
available from L-Soft support through a special patch).
- Miscellaneous performance improvements and new performance-related
features for LISTSERV HPO.
*****************************
* Fix for security exposure *
*****************************
The security exposure mentioned in the advisory posted to LSTSRV-L,
LSTSRV-M, and other L-Soft support lists on 5 May 2000 has been fixed in
LISTSERV and LISTSERV Lite. L-Soft recommends that all affected users
apply the 2000a level set immediately.
******************************************
* New "Attachments=" list header keyword *
******************************************
LISTSERV 1.8d kits dated after 2 May 2000 include a list-owner-
configurable message attachment filter. This feature allows you to
control the posting of various types of MIME attachments (images, audio,
etc.) to your lists.
The basic syntax is:
Attachments= Yes | No[,Filter] | <allowed_content_types>[,Filter]
The options are:
Attachments= Yes : All types of attachments are allowed to be posted to
the list (the default). Note however that other configuration options
may still disallow the posting of certain attachments, and that
"Attachments= Yes" does not override them. For instance, if you have
"Language= NoHTML", setting "Attachments= Yes" does not override the
Language= setting. Or if you have "Sizelim=" set to a value that
precludes a file of x number of lines from being posted to the list,
setting "Attachments= Yes" will not override the Sizelim= setting if the
message with its attachment exceeds the number of lines specified by
Sizelim=.
Attachments= No : All types of attachments are disallowed, other than
plain text (always allowed) and HTML text (which is controlled
exculsively by the "Language= NoHTML" keyword setting). With
"Attachments= No", LISTSERV rejects messages containing attachments and
bounces them back to the poster.
Attachments= No,Filter : Same as "Attachments= No", except that LISTSERV
simply removes the unwanted material from the message and processes it
instead of rejecting it out of hand. The removal of material is a silent
operation, ie, the poster is not notified that the attachment was
discarded.
It is also possible to allow certain MIME types to be passed through to
the list while rejecting or filtering all others. For instance,
Attachments= image,application/*msword
allows only the specified attachment types and rejects everything else.
If you don't want to reject messages that contain other types of
attachments, but just want to remove all other types of attachments, you
add the ",Filter" parameter at the end of the line--ie,
Attachments= image,application/*msword,Filter
This means, "Allow all image and application/*msword attachments, and
strip all other attachments". Again, note that plain text ("Content-
Type: text/plain") is always allowed and does not need to be included in
the list of allowed attachment types. Likewise, HTML text is controlled
exclusively by the "Language= NoHTML" keyword setting. Other text
subtypes are, however, controlled by "Attachments=", so they need to be
listed if you intend to allow them.
Note carefully that simply coding something like "Attachments= image"
will not necessarily allow all image files through. This is highly
dependent on the client being used by the poster. For instance, if your
client attaches all binary files as "Content-Type= application/octet-
stream", regardless of whether a given binary is (for instance) an
executable image, a Word file, or a compressed archive, and you send a
JPEG to a list with "Attachments= image" set in the header, it will be
rejected since the image does not have a "Content-Type: image" tag.
Specifically this appears to be the case with Eudora 3.x but may not be
limited to that particular client.
Note also that attachments sent by default installations of Microsoft
Outlook cannot be blocked by LISTSERV as they do not follow MIME
standards (at least not up to and including Outlook 97; this writer has
not installed Outlook 2000). By default Outlook sends attachments as
imbedded uuencoded files and does not use MIME Content-Type: headers
unless you change this in the Outlook user profile.
The rejection message sent by LISTSERV when ",Filter" is not specified is
found in the BAD_ATTACHMENT mail template form (see chapter 9 for
information on LISTSERV's mail templates). Note that the BAD_ATTACHMENT
template form is a linear template and as such does not allow text
formatting commands to be used.
The reason HTML text is not subject to "Attachments=" filtering is to
allow you to reject (bounce) messages with attachments, while silently
suppressing HTML text in multi-part messages which also contain a
plain-text alternative. Some mail programs send both HTML and plain-
text versions of messages, and, even if you do not want HTML text on your
list, there is little point in keeping out people who use it (who are
often new to the Internet and aren't aware that their mail programs are
sending HTML text) when you can simply remove the HTML part. At the same
time, you may want to reject postings containing images out of hand,
rather than removing the images and continuing. The same applies to
Exchange attachments, which are filtered by default (see "Language=
Exchange").
Practical Guidelines for defence against ILOVEYOU and derivative virii
----------------------------------------------------------------------
With the release of the new Attachments= list header keyword, it is now
possible to reject VBS virii such as the recent ILOVEYOU and its
"copycat" derivatives by simply setting
Attachments= No
in the list header. As documented above, this setting blocks all MIME
attachments and will definitely block VBS virii <as long as they are sent
as MIME attachments>. ILOVEYOU was sent as an application/octet- stream
attachment, so if your list depends on allowing (for instance) images to
be passed through it, you would probably want to code the Attachments=
keyword setting as
Attachments= image
with the caveat noted above for mail clients that send everything as an
application/octet-stream, of course. If you need to pass different MIME
types then you simply need to code the keyword setting accordingly.
It is unlikely that you would want to simply filter a VBS virus since the
"body" of the message is typically unimportant and generated by the virus
in any case. It is more useful to bounce the message back to the
originator if only as a warning that he may have contracted the virus.
***********************************************************
* Support for multi-line substitutions in mail-merge jobs *
***********************************************************
(This functionality was previously available from L-Soft support through
a special patch.)
Originally, data for substitutions into MM variables could not contain
CRLF as part of the data contents. Upon request from several customers
this was altered so that arbitrarily long data extracted from a DBMS is
now allowed to contain CRLF within the data.
Please note however that LISTSERV's internal data buffer for holding such
data remains at 4096 bytes. Thus data elements exceeding this size will
continue to be truncated. The internal data buffer size is not user
configurable as it is determined at compile time. Note also that this
enhancement does not apply to 'External data' mail-merge (*XDFN
statements) which may not contain CRLF.
L-Soft continues to recommend that large variable data inserts are best
implemented as conditional blocks.
************************************
* Enhancements for the HPO version *
************************************
The following configuration variables have been added, targeted primarily
at sites running LISTSERV Classic HPO with extremely large lists.
- ADD_ALWAYS_HERE=1: all ADD commands are treated as ADDHERE. This
configuration variable should be used only if the site has no peered
lists.
- ADD_NO_WILDCARD_LOOKUP=1: when executing an ADD with a wildcard for
the name, LISTSERV will not attempt to look up the person's name in the
SIGNUP files. This configuration variable should be used only on
servers where subscriptions are automated via a script and list owners
are never going to manually use the wildcard option.
The operations in question have been sped up for HPO licenses even
without setting these options. ADD becomes ADDHERE if the list is not
peered (bypassing a lot of code), a function call in service area lookup
which was very slow on non-VM systems was replaced with something faster,
and even under Classic LISTSERV will no longer record 'No Name Available'
entries in the SIGNUP files. This in turn avoids growing huge SIGNUP
files that contain no useful information. Note that administrators
should not worry if, after updating LISTSERV, many SIGNUP entries are
deleted when the server is restarted the first time. There is code to
remove existing 'No Name Available' entries for efficiency.
Additionally, the default for the site configuration variable
FIOC_MAXFILE (used for cache tuning) has been changed from 8192 to 1024.
As a result, LISTSERV will not attempt to cache lists larger than 10k
subscribers. This will not negatively affect perfformance on smaller
sites but it will make a big difference for sites running extremely large
lists.
********************************
* APPLYING THE 2000a LEVEL SET *
********************************
Level sets are standard installation kits that replace the previous
installation kits on L-Soft's FTP and web servers. They can be used to
install a new copy of LISTSERV or upgrade an existing installation. A
level set is similar to a Windows NT CD-ROM with the latest service pack
pre-applied.
To download the 2000a level set, simply go to L-Soft's web site (or to
FTP.LSOFT.COM) and download an evaluation copy of LISTSERV or LISTSERV
Lite, then follow the installation instructions for your operating
system. The kits can be found at:
http://www.lsoft.com/download/default.asp?item=listserveval
http://www.lsoft.com/products/default.asp?item=listserv_lite#download
LICENSE KEY FOR THE 2000a LEVEL SET
-----------------------------------
The level set is a no-cost upgrade to customers licensed for version 1.8d
and will work with your existing 1.8d license key.
The level set will NOT work with a 1.8c, 1.8b or older license key.
SPECIAL NOTES
-------------
1. Make sure to update ALL LISTSERV executables, including WA, lsv_amin,
lcmd, etc. Unix sites need to be sure to download both common.tar.Z
and the `uname`.tar.Z for their operating system.
2. The 2000a level set for VM/ESA will be made available at a later
date. VM/ESA sites are not affected by the security vulnerability and
do not need to apply 2000a to secure their systems, so its delivery
was not rushed. The VM/ESA version uses a different software update
mechanism, which requires additional development work to release a
level set.
3. The 2000a level set is only available for operating systems currently
supported by L-Soft. When browsing FTP.LSOFT.COM, you may find
installation kits for other operating systems, such as Ultrix or SunOS
4.x, but these kits will be based on older versions and/or code
bases. L-Soft no longer has development systems for unsupported
operating systems and is not in a position to compile the 2000a level
set for these systems.
|