From ad93c40fe70f7de49ffb8601a589e9ffa117d512 Mon Sep 17 00:00:00 2001
From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
Date: Sat, 31 Mar 2018 00:06:47 +0200
Subject: Avast: improve compliance with avast-protocol(5)

Treat scanner errors as malware. Defer on scanner tmpfail
only.
---
 doc/doc-txt/ChangeLog | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'doc/doc-txt')

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 221c808bb..837b38083 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -190,6 +190,12 @@ JH/35 Cutthrough: for a final-dot response timeout (and nonunderstood responses)
 PP/02 DANE: add dane_require_tls_ciphers SMTP Transport option; if unset,
       tls_require_ciphers is used as before.
 
+HS/03 Malware Avast: Better match the Avast multiline protocol.
+      Only tmpfails from the scanner are written to the paniclog, as
+      they may require admin intervention (permission denied, license
+      issues). Other scanner errors (like decompression bombs) do not
+      cause a paniclog entry.
+
 
 Exim version 4.90
 -----------------
-- 
cgit v1.2.3