MailWatch 1.5 patch-rollup community edition

I suggested a "MailWatch 1.5 patch-rollup community edition" (you get the idea) that would establish a fresh and updated baseline for MailWatch V1 with the Wiki located at and the project page at (as opposed to the upcoming MailWatch V2).

In the next couple of days/weeks (to be realistic) I will be chopping away at that list and make small (but not too small ;) incremental releases that will be available for download from the same page, based on the CVS available at

A couple of improvements that have been made to MailWatch since 1.0.4 that the list thinks should be included (and should perhaps be checked against and completed with the reported bugs on the MailWatch page):

1/ Realtime lookups for
+ whitelist
+ blacklist
+ spam settings (in development)
+ perhaps later: filename/filetype behaviour (as opposed to current text files)
Source: Dennis Willson

2/ Optional (improved) quarantive reports with configurable interval (daily, 48h, weekly, ...)
Source: Anthony Cartmell

3/ Optional (improved and updated) graphs
Source: JPGraph or Open Flash Chart

4/ Update to PHP5 compatibility
Mail::mime from PEAR
Include an updated xmlrpc v2.2, or remove the included version completely and create an external dependency?

5/ milter to reject blacklisted entries. something in C would be nice.
Dennis is also working on a Milter that does Greylisting, Sender Address Verification and is a honey pot/black list that is controlled by mailwatch and its configuration/black/whitelists.
Idea: Alex Broens, Dennis Willson

6/ Add patch for 3 octet matching in blacklist/whitelist so you can block/allow subnets easily.
Idea: Scott Silva,
Added additional IP search in

7/ Introduce a simpler release mechanism so users don't have to log in to MailWatch. Possibly using custom links with random key arguments?
Perhaps in combination with the improved quarantine release
Idea: Anthony Cartmell

8/ Improve MailWatch password backend for intergration with LDAP,
PostfixAdmin, or use at least crypt on password field

9/ Remove extra garbage with latest SA in the "Spam Report" section of
the details page, also depending on SA language setting
ES: array('almacenado', 'puntaje=','requerido','autolearn=')
EN: array('cached', 'score=','required','autolearn=')

10/ Fix for # of Postfix processes when using saslauthd in Postfix
if ($mta=="postfix") {
$junk = exec("ps h -C $process | grep -v grep | grep -v php",$output);
} else {
$junk = exec("ps ax | grep $mta | grep -v grep | grep -v php",$output);

11/ Add greylisting times from milter, SQLgrey or postgrey

12/ Patch to fix "commit ineffective with AutoCommit enabled"

13/ add Mailwatch DB Archive
update /usr/local/bin/db_clean.php to read like this:
$interval = "timestamp < DATE_SUB(CURDATE(), INTERVAL 60 DAY)";
dbquery("INSERT LOW_PRIORITY INTO archive SELECT * FROM mailscanner.maillog WHERE $interval;");
dbquery("DELETE LOW_PRIORITY FROM maillog WHERE $interval;");
dbquery("OPTIMIZE TABLE maillog");

14/ View messages referenced by a rule

15/ Add PostgreSQL as SQL backend
Richard Frovarp and Steve Freegard seems to have worked in the past on using psql for MailWatch v1, perhaps this is a valuable addition to move away from MySQL, especially with the Oracle/Sun deal

16/ Fix the "MailWatch for MailScanner "doc" File Inclusion Vulnerability"

17/ Add Local SQLite Cache

18/ Improve the multi-site single DB setup documentation

19/ Fix problem with Message IDs containing dots (Postfix only?)

20/ Add SELinux support

21/ Include Mailwatch2RBL

22/ Improved Postfix support for mail queue

23/ Case Sensitive Message ID
On a busy/high volume system you can end up with multiple maillog message IDs that match the same case insensitive query.
Update the detail.php on line 70 and add "BINARY":
# vi /var/www/html/MailScanner/detail.php
id = BINARY '$_GET[id]'

24/ Fix the GeoIP Update LOAD line
# vi geoip_update.php (add the "LOCAL")

25/ Wildcards in Whitelist/Blacklist
Add the following to the bottom of the above the "return 0" line:
return 1 if $BlackWhite->{$to}{'*@'.$fromdomain};
return 1 if $BlackWhite->{$to}{'*@*.'.$fromdomain};
return 1 if $BlackWhite->{$todomain}{'*@'.$fromdomain};
return 1 if $BlackWhite->{$todomain}{'*@*.'.$fromdomain};
return 1 if $BlackWhite->{'default'}{'*@'.$fromdomain};
return 1 if $BlackWhite->{'default'}{'*@*.'.$fromdomain};

26/ Spam settings per user or domain
Patch by Barry Bourdage

27/ Cleaner logout, based on improved logout() and loggedout.php that can be found in the thread "Mailwatch 1.0.4 - Logout issue". Only using session_detroy() is not enough to unset the variables, so what about something like

// to do a logout, all session-variables will be deleted,
// a variable 'logout' is added:
$_SESSION = array('logout' => true);

28/ Need to change authenticate() to authenticate('A') in msconfig.php and msrule.php to prevent non-Admins from viewing mailscanner config and files in /etc/MailScanner