6.1 Changelog

Version 4.7.4

New & Improved:

  • Notification on encrypted attachments only

Fixed issues:

  • Response was slow on the user interface

  • Data retention did not clean up properly

  • HTTPS could not be specified for Vault

Version 4.7.3

New & Improved:

  • Expiration date / time in rescan notifications

  • Added sender address to file name on Vault

  • All files are created in the installation directory

Fixed issues:

  • Empty email bodies caused Deep CDR errors

  • Could not change Settings > Global Settings

Version 4.7.1

New & Improved:

  • SMTP server component of Email Security now listens on IPv6 when it is available

  • Email Security now has an option to send alert emails when emails get bypassed

  • Emails get bypassed when there is no license to ensure email business continuity

  • The default disclaimer for messages with encrypted contents have been updated

Fixed issues:

  • Product schema is invalid error when adding ICAP Server to Central Management

  • Rescan pages of password protected attachments sometimes took very long to load

  • Certain emails got refused by the SMTP component without an apparent reason

Version 4.7.0

New & Improved:

  • New, simplified navigation structure

  • Improved dashboard look and feel

  • Display statistics on the dashboard

  • Support partial archive sanitization

Fixed issues:

  • "Illegal characters in path" errors

Version 4.6.2

New & Improved:

  • Upload attachments to recipients' Vault folders

  • Upload failed-to-sanitize attachments to Vault

  • Send alert emails when Vault is unresponsive

  • Option to enable scanning email headers

  • Support for new AMP HTML body MIME type

  • Enhanced log correlation with logs from Core

  • Vault configuration moved to server profiles

Fixed issues:

  • Wrong time format in email headers

  • Sanitized twice when integrated with Vault

Version 4.6.1

New & Improved:

  • Support for Data Loss Prevention results

  • Support for password protected documents

  • Provide details about sanitization failures

  • Notify sender on blocked outbound emails

  • Cleanup functionality for Failed Emails

  • Scan start entry in processing histories

Fixed issues:

  • Syslog syntax error in case of CEF logs

  • Wrong code reported for refused emails

  • Contact sharing invitations were corrupted

  • Allowed items appeared in quarantine reports

Version 4.6.0

New & Improved:

  • Multiple deployment modes for evaluation scenarios

  • Email alerts for improved monitoring capabilities

  • Improved Dashboard

  • Disclaimer styles to increase end-user awareness

Fixed issues:

  • Fixed syslog issue (TCP protocol)

  • Improved HTML sanitization support for international character sets

  • Improved password protected archive support

Version 4.5.3

Fixed issues:

  • SMTP server protocol now fully supports TLS 1.2

  • MetaDefender Core communication protocol now fully supports TLS 1.2

  • SMTP server 4.x & 5.x messages now describes reason for rejection

Version 4.5.2

Fixed issues:

  • URL encoding of long subjects which included 3 or 4 bytes UTF-8 characters could fail

  • Fixed a memory leak

Version 4.5.1

Fixed issues:

  • MetaDefender Email Security did not add 'Received' header for emails

  • Improved interprocess communication to prevent random reading failures

  • Inbound SMTP port is now monitored

Version 4.5.0

New & improved features:

  • Integration possibility with MetaDefender Vault

  • Option to not list sanitized emails in quarantine reports

  • Option to use local timezone in remote syslog

  • Improved readability of the Action tab in Security Rules

Fixed issues:

  • A batch was opened and closed without file to scan

  • Domain based filtering was not working without regex

  • Typo and renaming

Version 4.4.1

Fixed issues:

  • Rescan link was missing from encrypted archive disclaimers when there was an infected attachment next to the encrypted archive

  • Zero byte emails resulted in warnings and failed emails, they are now refused

Version 4.4.0

Important features:

Enhancement and new features:

  • Sanitization information is now available in email details

  • Position of disclaimers can be selected in security rules

  • Introduced disclaimer variables

  • Server's local timezone can be used instead of UTC in notification emails and disclaimers

  • Improved quarantine report look when there were no new entries in the quarantine since the last report

  • Replaced Completed status with Sent and Blocked

  • Improved the amount of information logged

  • Welcome wizard now allows creating user with the name "admin"

Fixed issues:

  • Header only emails could not be parsed without closing CRLF

  • Charset is parsed from HTML content if headers don't contain information about the used charset

  • There could be orphan emailrelay instances after an unexpected product crash

  • Failed emails were displayed in the Email history too. They are now displayed only in the Failed Emails page

  • Could not start the product when exchange_exclude_probe_emails registry key was present

  • Attachments were always regarded as inline when Content-ID was present

  • Security rules could disappear after service restart if a server profile was deleted which was used in an already deleted security rule

Version 4.3.3

Fixed issues:

  • User guide was missing

  • Emails with "Deleted" status were not removed during automatic cleanup

  • Crash could occur during login

Version 4.3.2

Fixed issues:

  • Emails could have a large delay due to slow queries within a larger database

  • Fixed a typo in Security Rules → Advanced ( Override Default Behavior had an extra "Test" string at the end)

  • Fixed crash possibility which could occur if C# terminated unexpectedly while processing an email

Version 4.3.1

Enhancement and new features:

  • Block notification emails now show results per attachment

Fixed issues:

  • Emails with unexpected message id format could fail

  • Certificate based client authentication was always checked when an SMTP profile had an address with smtps scheme

  • Block notification emails could missing sanitization failure information

  • Fixed crash possibility

Version 4.3.0

Important features:

  • Introduced welcome wizard

  • Added an option to Security rules → Actions for sending a unique re-scan link for every recipient when receiving password protected archives

  • Added an option to Security rules → Advanced for sanitization behavior override: it is now possible to send the original file if the sanitization failed, or to send the sanitized file if the original file was blocked

  • Message ids are now searchable and displayed in email details and in the block notifications

Enhancement and new features:

  • Added support for Layer 7 load balanced Core

  • Inbound TLS support now uses Window's Secure Channel: SSL/TLS versions, chipers etc. can be configured via system configuration

  • Replaced our SMTP receiver component

  • Introduced a throttling mechanism

  • Updated the block notification email: it now contains the message id, and the original Sender which may differ from the value of the "From" header. Also clarified links for MetaDefender Cloud.

Fixed issues:

  • Fixed a search issue which caused the display of irrelevant emails and displaying "Invalid email job status" error upon viewing their details

  • Inline images without a Content-Disposition header could be displayed as an attachment after sanitization

  • The information "error during sanitization" was always false in the logs

Version 4.2.1

Important features:

Enhancement and new features:

Fixed issues:

  • Fixed a query which displayed emails in Dashboard → Failed emails incorrectly

  • Emails with a subject longer than 65519 characters were failing

  • Parsing emails were failing if "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" security setting was enabled on the system

  • Removed "OVERRIDE SMTP RESULTS" from Security rules → Advanced when running in Exchange mode

  • User agent specific to Email Security was sent in a wrong header which caused scans to fail when the used Core rule was limited to a specific user agent

  • Re-scanning emails from Quarantine did not work when the used Core rule had a restricted access

  • Fixed memory leaks

  • Fixed an issue with HTML sanitization. HTML files are now sent to Core using charset defined in HTML source

Version 4.2.0

Important features:

  • Support for encrypted archive handling in attachment

    • Public server can be configured for reprocessing the file and generate notification and reports

    • Rescan functionality is provided via the public server if configured

  • New Refused email history page under Dashboard

  • Dashboard → Quarantine, added pinning options to retain records without be cleaned up via data retention

  • Dashboard → Email History, added details for processing history per Email

Enhancement and new features:

  • Sanitized file names are now formatted via Rules defined inside MetaDefender Core which connected with Email Security

  • SMTP errors now can be overridden via settings inside Policy → Security Rules

  • Revamped notification email look and feel with more detailed results information

  • Inventory → Server profile name can now be entered as long as 256 characters

  • General UI improvements

  • Dashboard → Email history, now added Force retry option for immediate action

  • Dashboard → Quarantine, now added bulk operations for batch processing records

  • Inventory → Server profiles, reorder functionality is added to switch orders of the servers

  • Dashboard → Failed Emails, now added bulk operations for retry

  • Dashboard → Quarantine, quarantined emails can now be downloaded

  • Policy → Security Rules, added configuration for scan timeout

  • Inventory → Server Profiles, API keys can be set for URI addresses

  • Added more information level to syslog

Fixed issues:

  • MetaDefender Central Management connectivity issue

  • Missing X-headers

  • Parsing scan result now works with every scan visibility level

  • Closing emailrelay_ssl.exe on service stop

  • Inventory entry details couldn't be read with read-only permission

  • Updated database cleanup mechanism

  • Keeping inline image positions after sanitization

  • Incorrect quarantine statistics could be displayed on the Dashboard

  • Raw email view was missing from quarantine details

  • Emailrelay.exe is now not started when using MetaDefender Email Security in Exchange mode

Version 4.1.3

New features:

  • Re-interpreted, fresh look and feel

  • New message ID for forked emails

  • Central Management connectivity

Fixed issues:

  • Sanitization skipped for nested emails

  • Sanitized attachment isn't in quarantine

Version 4.1.2

Fixed issues:

  • Adding RTF disclaimer can fail randomly

  • Same hash can cause sanitization failure

  • Email can be quarantined when scan fails

  • Limited (short) length of attachment names

  • Dashboard always shows 24 hours data

  • Hardcoded suffix for sanitized attachments

  • Case-sensitive email address counting

Version 4.1.1

Fixed issues:

  • Option to skip scanning the email body

Version 4.1.0

New features:

  • Improved email processing performance

  • Microsoft Exchange Server plugin mode

  • Sender Policy Framework (SPF) lookups

  • Core load balancing and high availability

  • Handling emails that failed permanently

  • Bypass scanning if Cores are unreachable

  • Option to entirely block malicious emails

  • Support quarantining on external server

  • View headers and contents in quarantine

  • Specific email filenames in Core history

  • Customization of HELO/EHLO headers

  • TLS version negotiation on inbound SMTP

Fixed issues:

  • Emails without a subject line are processed with a delay

Version 4.0.0

Features:

  • Standalone product offering

  • Web based user interface for management, configuration and monitoring

  • Role based user management with multiple admin users and Active Directory integration

  • Multiple email security policies with filters and advanced scan configuration

  • Different policy filter settings based on sender node or recipient address