SecurityGateway for Exchange/SMTP v2.0 Release Notes

Developed with over 10 years of proven email security expertise, SecurityGateway provides affordable email security. It protects against spam, viruses, phishing, spoofing, and other forms of malware that present an ongoing threat to the legitimate email communications of your business.

SecurityGateway 2.0.6 - May 17, 2011

CHANGES AND ADDITIONAL NEW FEATURES

• [5114] Updated PCRE regular expression library to version 8.12
• [7248] Updated Firebird database engine to version 2.1.4

FIXES

• [7243] fix to SGAV_ClamAVPlugin.dll is not installed for new installations. This prevents ClamAV from loading, and prevents messages from being accepted unless AV is disabled.
• [7271] fix to disclaimer feature may corrupt message body content

SecurityGateway 2.0.5 - April 26, 2011

CHANGES AND ADDITIONAL NEW FEATURES

• Updated ClamAV engine to version 0.97
• Updated SGSpamD to SpamAssassin version 3.3.1
• Updated Chilkat libraries to version 9.1.2
• [4635] Added link on disclaimer page to set the order in which disclaimers are applied

FIXES

• [4663] fix to if more than five crash memory dumps are captured, the newest crash dump file is overwriten
• [4866] fix to Remote POP Account SSL error "Not enough memory is available to complete this request (-2146893056)"
• [5898] fix to removing the HTTP and HTTPS port values prevents access to web interface
• [6113] fix to ClamAV plugin may get stuck on recv() call and does not time out
• [6175] fix to SecurityGateway.exe process terminates after changing port value
• [6421] fix to password request feature may provide the password of another account, this requires that the mailbox name exists as an alias in another domain
• [6517] fix to mail collection from a Remote POP Account is not considering user aliases for a different domain when determining if the message is addressed to a local account
• [6774] fix to in specific instances, attachments may be erroneously removed from the message during processing
• [6866] fix to lines in message body over 5000 characters in length are truncated
• [7046] fix to when routing outbound mail through SecurityGateway, messages from "noreply" addresses are rejected. Messages from "noreply" will now be accepted if sent by a domain mail server.

SecurityGateway 2.0.4 - August 17, 2010

FIXES

• [5736] fix to SPF resolver does not resolve returned CNAME records when performing A record test
• [5493] fix to when a custom date range is specified for a report, only 24 hours of data is returned
• [4885] fix to SMTP AUTH LOGIN is allowed over non SSL connection when "Allow Plain Text Passwords" option is disabled
• [4801] fix to files in attachments directory may not be removed after database maintenance removes the related message from the database
• [1515] fix to verify user feature does not delete users that were converted to aliases of another mailbox (Active Directory or Minger)

SecurityGateway 2.0.3 - May 25, 2010

SPECIAL CONSIDERATIONS

• The installation process now performs a one-time collection of basic customer information.

CHANGES AND ADDITIONAL NEW FEATURES

• [4339] Added user option to disable Flash graphs on the "Dashboard" and "My Account" pages

FIXES

• [4216] fix to if AD user account name/mailbox contains non-ASCII, user cannot log into web interface
• [4527] fix to URIBL is not excluded when the "Do not perform anti-spam tests..." option is enabled for the recipient
• [4778] fix to disabled users count towards license limit
• [4930] fix to SGSpamD.exe needs to be restarted after SA-Update.exe updates the rule-set
• [4943] fix to unable to release message from the administrative quarantine, if the SMTP sender value is NULL
• [5290] fix to lower preference user verification sources are not queried when highest preference source returns a negative result

SecurityGateway 2.0.2 - November 17, 2009

FIXES

• [4427] fix to domain administrator scheduled statistics report contains statistics for all domains
• [4467] fix to incorrect disclaimer may be applied when there are multiple RCPTs in the SMTP session
• [4511] fix to report drill down results for a specific email address may return messages for multiple addresses. The SQL query is returning all records that "contain" the address, it needs to return all records that "match" the address.
• [4527] fix to URIBL is not excluded when the "Do not perform anti-spam tests..." option is enabled for the recipient
• [4531] fix to message log "Subject Starts With" search condition returns no results if the subject starts with a capital letter
• [4574] fix to custom_quarantine_report.xsl template file is not used
• [4623] fix to sorting message list by subject is case sensitive
• [4632] fix to SPF "ptr" mechanism is not correctly processed. In order to pass a valid PTR hostname must exactly match the domain. The SPF spec states that the hostname only needs to end with the domain.
• [4661] fix to scheduled database backup may not run as scheduled
• [4683] fix to messages collected via POP3 may be mistakenly routed to "bad" queue
• [4703] Installer: The external administrator email address field does not scroll to allow additional characters

SecurityGateway 2.0.1 - August 25, 2009

CHANGES AND ADDITIONAL NEW FEATURES

• [4436] To reduce the size of the database, the admin may choose to not log certain types of messages to the database. These items will not appear in the message log and will not be included in report statistics. However, all messages will be logged to the appropriate log file (e.g. Inbound.log).

FIXES

• [4355] fix to dashboard for domain administrators, the "Total Bandwidth Used by Email", "Good vs. Junk Messages", and "Junk Email Breakdown" graphs show global statistics
• [4451] fix to greater than and less than characters in session transcript need to be escaped for NDR messages

SecurityGateway 2.0.0 - August 4, 2009

MAJOR NEW FEATURES

• [179] Scheduled Statistics Report:

  On a nightly or weekly basis, a statistics report can be sent to all global administrators, all domain administrators, or a manually defined list of email addresses. This report allows the filtering effectiveness and health of the server to be quickly ascertained. For domain administrators, the report will only contain statistics for the domain(s) which the administrator has administrative rights.

• [201] Disclaimers (Headers / Footers):

  Added the ability to add simple headers and footers to messages. One use of this is to add a "--- Message scanned by SecurityGateway for Exchange/SMTP ---" footer to all messages. This feature will be expanded in future versions.

• [1757] Extract text from attachments:

  Content filter rules and custom Sieve scripts can perform actions based upon the content of an attachment. The Sieve body test "text" tag automatically extracts text from several popular attachment formats.

  The iFilter interface is used to extract plain text from Microsoft Office and PDF documents. In order to search PDF documents, Adobe Acrobat Reader must be installed on the SecurityGateway server. Office 2007 documents require the 2007 Office System Converter: Microsoft Filter Pack to be installed.

• [3892] Dashboard for domain administrators. Only statistics for the domain(s) managed are displayed.
  
  
• [4082] Collect mail from a POP3 mailbox:

  This feature allows mail for a domain to be collected from a POP3 mailbox. It is modeled after MDaemon's DomainPOP functionality. For each POP3 mailbox you configure, mail will be collected and parsed among valid recipients at the domain you specify.

• [4060] Domain aliases:

  Aliases may be defined for a domain. All of the domain's users are assumed to be valid for each domain alias. This is useful if a domain has registered multiple domain names, e.g. altn.com, altn.us, altn.biz, etc.

• [4072] Define multiple search strings for a single content filter condition:

  The content filter is a graphical interface for building Sieve scripts. Multiple search strings may now be defined for a single condition. The user may specify if the condition must match any or all or the defined strings. This is useful for searching a message header or body against a list of keywords.

• [4254] Added the following statistics (charts) to the "My Account" page for local users. Only statistics for the user's account are displayed.
  • Good vs. Junk Messages
  • Junk Email Breakdown
  • Inbound vs. Outbound Messages
  • Top Spam Sources
• [4063] Improved heuristic rule update process:

  The heuristic rule update process now has the ability to pull updates from updates.spamassassin.org in addition to updates from Alt-N. The SGSpamD Configuration UI has a new checkbox which controls this capability. This will make sure your SpamAssassin rule-sets are always kept current. This functionality is enabled by default.

CHANGES AND ADDITIONAL NEW FEATURES

• [1237] Added option to redeliver message(s) from the message log. This option requires that the content of the message has not been deleted from the database.
• [1711] Added a per user language option. System generated messages sent to the user will be translated to this language. A default value may be applied on a server and individual domain basis.
• [3204] Added the ability for SGDBTool.exe to create a global administrator. This is useful in cases where the global administrator account created during installation is not accessible.
• [3205] Added the ability for SGDBTool.exe to promote a user to a global administrator.
• [4062] Updated SpamAssassin (SGSpamD) to version 3.2.5.
• [4066] Updated ClamAV engine to version 0.95.1.
• [4128] Updated CommTouch Outbreak Protection engine to version 5.08.0002.
• [4131] Changed default log rotation for new installations to "Create a new set of log files each day".
• [4140] Add to message score content filter action
• [4167] A transient delivery failure notification is sent to the sender, if a message cannot be delivered after one hour.
• [4193] Verify users for a single domain. The "Verify Users" toolbar button on the User Verification Source list honors the domain chosen from the drop down list.
• [4194] Created additional indexes for "lists" table. This will improve the performance of white/black list lookups.
• [4221] Greylisting is now supported for Sieve scripts that run during the DATA event. While it is preferred to greylist at RCPT, before the message is transferred, conditional greylisting in response to the DATA command can be a useful tool. This may be an attractive alternative to quarantining mid scoring messages. With the flexibility of SIEVE, large messages can be excluded.
• [4241] NDRs are no longer sent to "noreply" addresses.
• [4256] Scale of "Total Bandwidth Used by Email" report is now automatically formatted. For example 140000KB is now displayed as 140MB.
• [4257] Added "Total" summary line for numerical reports
• [4323] Changed defaults for "Relay Control | SMTP MAIL address must exist..." to exclude domain mail servers and authenticated sessions by default. This only applies to new installations.
• [4326] Changed installer to make installing registered or trial version more clear. An email address and country are now required for trial installations.
• [4337] A different path/drive may be specified for the database file. This must be a path on the same computer, UNC paths are not supported. To configure the path, create a string value "DBPath" under the HKEY_LOCAL_MACHINE\SOFTWARE\Alt-N Technologies\SecurityGateway registry key. The path does not need to contain the name of the database file, i.e. E:\SG_Database

FIXES

• [1732] fix to if SecurityGateway is installed to a different location, unable to load web interface after restoring configuration
• [3936] fix to when using Italian installation file, registration key is lost when upgrading
• [3937] fix to when using Italian installation file, uninstall shortcut created in same folder as installation file
• [3971] fix to new version available email may not be sent to global administrators
• [4029] fix to extra line breaks after saving Sieve script in MSIE
• [4044] fix to log entries truncated at 1024 characters
• [4046] fix to in specific circumstances duplicate domains may be created
• [4091] fix to refreshing log file returns view to first page
• [4092] fix to list view sort order is reset after going back, and then to next page
• [4130] fix to file may be orphaned in temp directory if socket times out when attempting to deliver a message
• [4132] fix to log archive .zip file may be created which contains zero files
• [4134] fix to OutbreakProtection is not enabled when expired ProtectionPlus is updated
• [4147] fix to if a user's nightly quarantine report is generated after 1:00AM, the user will not receive a quarantine report the next night
• [4171] fix to when viewing a message with an attachment, from the message log, the size of the attachment is not displayed
• [4172] fix to when viewing the source of a message from the message log, tab characters are not displayed correctly
• [4184] fix to multi-line message headers are not properly unfolded when viewing message from the message log
• [4185] fix to a user can white/black list their address
• [4218] fix to malformed DNS response may cause service to terminate
• [4219] fix to domain administrator cannot perform any action when viewing messages queued for delivery (access denied)
• [4222] fix to message submitted via SMTP to the spam Bayesian learning address routes to non-spam folder
• [4223] fix to message headers may be corrupted for messages submitted via SMTP to the Bayesian learning address
• [4243] fix to no error is logged to the session log if a message addressed to a Bayesian learning address is rejected because the session is not authenticated or from a domain mail server
• [4328] fix to dynamic SMTP Authentication does not pass full email address to user verification source
• [4330] fix to when using German installation file, uninstall shortcut link points to wrong location