6.1 Changelog
Version 4.7.9
New & Improved
-
Optional alert when blocked sanitized email is delivered to recipient(s)
-
Override option to bypass email modification failure
Fixed issues
-
Failed to download sanitized content from MetaDefender Core
-
Email(s) can be stuck in reprocessing/resending when service is terminated unexpectedly
-
Entry 'Email received' added twice to processing history when email is quarantined
Version 4.7.8
New & Improved
-
Alert when queue size grown large
-
Improved processing performance
Fixed issues
-
Windows-1255 encoding problems
-
Upgrade didn't preserve settings
-
Missing processing history entries
-
Encrypted files could fail to sanitize
Version 4.7.7
New & Improved
-
New details in processing history
-
Rescan page Japanese translation
-
Configurable processing properties
Fixed issues
-
Growing queue under heavy load
Version 4.7.6
Fixed issues:
-
Improved performance during high load
-
SMTP send error when using connection pool
-
Email history date filtering not working
-
Failure to modify Settings > Email Alerts after upgrade
-
Duplicate email disclaimers when sending emails from iPhone/Apple Mail
-
Sanitization status will display Success despite one or more failures
-
Settings > Global Settings / Resend settings was renamed to Retry settings
-
Quarantine Report could include 0 new emails
Version 4.7.5
New & Improved:
-
Export Audit > Email History into CSV
-
SMTP (outbound) connection pooling
-
Increased list length for Email history
Fixed issues:
-
Unknown characters after Deep CDR
-
Forbidden emails were quarantined
-
Files or empty directories left over
-
Emails marked Failed skipped retry
Version 4.7.4
New & Improved:
-
Notification on encrypted attachments only
Fixed issues:
-
Response was slow on the user interface
-
Data retention did not clean up properly
-
HTTPS could not be specified for Vault
Version 4.7.3
New & Improved:
-
Expiration date / time in rescan notifications
-
Added sender address to file name on Vault
-
All files are created in the installation directory
Fixed issues:
-
Empty email bodies caused Deep CDR errors
-
Could not change Settings > Global Settings
Version 4.7.1
New & Improved:
-
SMTP server component of Email Security now listens on IPv6 when it is available
-
Email Security now has an option to send alert emails when emails get bypassed
-
Emails get bypassed when there is no license to ensure email business continuity
-
The default disclaimer for messages with encrypted contents have been updated
Fixed issues:
-
Product schema is invalid error when adding ICAP Server to Central Management
-
Rescan pages of password protected attachments sometimes took very long to load
-
Certain emails got refused by the SMTP component without an apparent reason
Version 4.7.0
New & Improved:
-
New, simplified navigation structure
-
Improved dashboard look and feel
-
Display statistics on the dashboard
-
Support partial archive sanitization
Fixed issues:
-
"Illegal characters in path" errors
Version 4.6.2
New & Improved:
-
Upload attachments to recipients' Vault folders
-
Upload failed-to-sanitize attachments to Vault
-
Send alert emails when Vault is unresponsive
-
Option to enable scanning email headers
-
Support for new AMP HTML body MIME type
-
Enhanced log correlation with logs from Core
-
Vault configuration moved to server profiles
Fixed issues:
-
Wrong time format in email headers
-
Sanitized twice when integrated with Vault
Version 4.6.1
New & Improved:
-
Support for Data Loss Prevention results
-
Support for password protected documents
-
Provide details about sanitization failures
-
Notify sender on blocked outbound emails
-
Cleanup functionality for Failed Emails
-
Scan start entry in processing histories
Fixed issues:
-
Syslog syntax error in case of CEF logs
-
Wrong code reported for refused emails
-
Contact sharing invitations were corrupted
-
Allowed items appeared in quarantine reports
Version 4.6.0
New & Improved:
-
Multiple deployment modes for evaluation scenarios
-
Email alerts for improved monitoring capabilities
-
Improved Dashboard
-
Disclaimer styles to increase end-user awareness
Fixed issues:
-
Fixed syslog issue (TCP protocol)
-
Improved HTML sanitization support for international character sets
-
Improved password protected archive support
Version 4.5.3
Fixed issues:
-
SMTP server protocol now fully supports TLS 1.2
-
MetaDefender Core communication protocol now fully supports TLS 1.2
-
SMTP server 4.x & 5.x messages now describes reason for rejection
Version 4.5.2
Fixed issues:
-
URL encoding of long subjects which included 3 or 4 bytes UTF-8 characters could fail
-
Fixed a memory leak
Version 4.5.1
Fixed issues:
-
MetaDefender Email Security did not add 'Received' header for emails
-
Improved interprocess communication to prevent random reading failures
-
Inbound SMTP port is now monitored
Version 4.5.0
New & improved features:
-
Integration possibility with MetaDefender Vault
-
Option to not list sanitized emails in quarantine reports
-
Option to use local timezone in remote syslog
-
Improved readability of the Action tab in Security Rules
Fixed issues:
-
A batch was opened and closed without file to scan
-
Domain based filtering was not working without regex
-
Typo and renaming
Version 4.4.1
Fixed issues:
-
Rescan link was missing from encrypted archive disclaimers when there was an infected attachment next to the encrypted archive
-
Zero byte emails resulted in warnings and failed emails, they are now refused
Version 4.4.0
Important features:
-
Security rules can be filtered based on sender domain or address
-
Recipients of notification emails can be customized in security rules
-
Added a new disclaimer for encrypted archives which contains the rescan link
-
Added additional pages to wizard for easier setup of the product
-
Added a more advanced filtering to the history pages next to the basic search
Enhancement and new features:
-
Sanitization information is now available in email details
-
Position of disclaimers can be selected in security rules
-
Introduced disclaimer variables
-
Server's local timezone can be used instead of UTC in notification emails and disclaimers
-
Improved quarantine report look when there were no new entries in the quarantine since the last report
-
Replaced Completed status with Sent and Blocked
-
Improved the amount of information logged
-
Welcome wizard now allows creating user with the name "admin"
Fixed issues:
-
Header only emails could not be parsed without closing CRLF
-
Charset is parsed from HTML content if headers don't contain information about the used charset
-
There could be orphan emailrelay instances after an unexpected product crash
-
Failed emails were displayed in the Email history too. They are now displayed only in the Failed Emails page
-
Could not start the product when exchange_exclude_probe_emails registry key was present
-
Attachments were always regarded as inline when Content-ID was present
-
Security rules could disappear after service restart if a server profile was deleted which was used in an already deleted security rule
Version 4.3.3
Fixed issues:
-
User guide was missing
-
Emails with "Deleted" status were not removed during automatic cleanup
-
Crash could occur during login
Version 4.3.2
Fixed issues:
-
Emails could have a large delay due to slow queries within a larger database
-
Fixed a typo in Security Rules → Advanced ( Override Default Behavior had an extra "Test" string at the end)
-
Fixed crash possibility which could occur if C# terminated unexpectedly while processing an email
Version 4.3.1
Enhancement and new features:
-
Block notification emails now show results per attachment
Fixed issues:
-
Emails with unexpected message id format could fail
-
Certificate based client authentication was always checked when an SMTP profile had an address with smtps scheme
-
Block notification emails could missing sanitization failure information
-
Fixed crash possibility
Version 4.3.0
Important features:
-
Introduced welcome wizard
-
Added an option to Security rules → Actions for sending a unique re-scan link for every recipient when receiving password protected archives
-
Added an option to Security rules → Advanced for sanitization behavior override: it is now possible to send the original file if the sanitization failed, or to send the sanitized file if the original file was blocked
-
Message ids are now searchable and displayed in email details and in the block notifications
Enhancement and new features:
-
Added support for Layer 7 load balanced Core
-
Inbound TLS support now uses Window's Secure Channel: SSL/TLS versions, chipers etc. can be configured via system configuration
-
Replaced our SMTP receiver component
-
Introduced a throttling mechanism
-
Updated the block notification email: it now contains the message id, and the original Sender which may differ from the value of the "From" header. Also clarified links for MetaDefender Cloud.
Fixed issues:
-
Fixed a search issue which caused the display of irrelevant emails and displaying "Invalid email job status" error upon viewing their details
-
Inline images without a Content-Disposition header could be displayed as an attachment after sanitization
-
The information "error during sanitization" was always false in the logs
Version 4.2.1
Important features:
-
Added a download option for failed emails
Enhancement and new features:
-
Added a link pointing to the Web Management Console in Quarantine Reports when a Public Server Address is available
-
Enhanced logging of actions in Failed emails. This includes logging of deletion, downloading, forwarding, releasing and retrying of emails
-
Enhanced SMTP error logging to now contain the SMTP response code and error message.
-
Added logging of scan verdicts for every attachment in the Email details
-
Added size of the email to email details
-
Made several clarifications in the UI
Fixed issues:
-
Fixed a query which displayed emails in Dashboard → Failed emails incorrectly
-
Emails with a subject longer than 65519 characters were failing
-
Parsing emails were failing if "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" security setting was enabled on the system
-
Removed "OVERRIDE SMTP RESULTS" from Security rules → Advanced when running in Exchange mode
-
User agent specific to Email Security was sent in a wrong header which caused scans to fail when the used Core rule was limited to a specific user agent
-
Re-scanning emails from Quarantine did not work when the used Core rule had a restricted access
-
Fixed memory leaks
-
Fixed an issue with HTML sanitization. HTML files are now sent to Core using charset defined in HTML source
Version 4.2.0
Important features:
-
Support for encrypted archive handling in attachment
-
Public server can be configured for reprocessing the file and generate notification and reports
-
Rescan functionality is provided via the public server if configured
-
-
New Refused email history page under Dashboard
-
Dashboard → Quarantine, added pinning options to retain records without be cleaned up via data retention
-
Dashboard → Email History, added details for processing history per Email
Enhancement and new features:
-
Sanitized file names are now formatted via Rules defined inside MetaDefender Core which connected with Email Security
-
SMTP errors now can be overridden via settings inside Policy → Security Rules
-
Revamped notification email look and feel with more detailed results information
-
Inventory → Server profile name can now be entered as long as 256 characters
-
General UI improvements
-
Dashboard → Email history, now added Force retry option for immediate action
-
Dashboard → Quarantine, now added bulk operations for batch processing records
-
Inventory → Server profiles, reorder functionality is added to switch orders of the servers
-
Dashboard → Failed Emails, now added bulk operations for retry
-
Dashboard → Quarantine, quarantined emails can now be downloaded
-
Policy → Security Rules, added configuration for scan timeout
-
Inventory → Server Profiles, API keys can be set for URI addresses
-
Added more information level to syslog
Fixed issues:
-
MetaDefender Central Management connectivity issue
-
Missing X-headers
-
Parsing scan result now works with every scan visibility level
-
Closing emailrelay_ssl.exe on service stop
-
Inventory entry details couldn't be read with read-only permission
-
Updated database cleanup mechanism
-
Keeping inline image positions after sanitization
-
Incorrect quarantine statistics could be displayed on the Dashboard
-
Raw email view was missing from quarantine details
-
Emailrelay.exe is now not started when using MetaDefender Email Security in Exchange mode
Version 4.1.3
New features:
-
Re-interpreted, fresh look and feel
-
New message ID for forked emails
-
Central Management connectivity
Fixed issues:
-
Sanitization skipped for nested emails
-
Sanitized attachment isn't in quarantine
Version 4.1.2
Fixed issues:
-
Adding RTF disclaimer can fail randomly
-
Same hash can cause sanitization failure
-
Email can be quarantined when scan fails
-
Limited (short) length of attachment names
-
Dashboard always shows 24 hours data
-
Hardcoded suffix for sanitized attachments
-
Case-sensitive email address counting
Version 4.1.1
Fixed issues:
-
Option to skip scanning the email body
Version 4.1.0
New features:
-
Improved email processing performance
-
Microsoft Exchange Server plugin mode
-
Sender Policy Framework (SPF) lookups
-
Core load balancing and high availability
-
Handling emails that failed permanently
-
Bypass scanning if Cores are unreachable
-
Option to entirely block malicious emails
-
Support quarantining on external server
-
View headers and contents in quarantine
-
Specific email filenames in Core history
-
Customization of HELO/EHLO headers
-
TLS version negotiation on inbound SMTP
Fixed issues:
-
Emails without a subject line are processed with a delay
Version 4.0.0
Features:
-
Standalone product offering
-
Web based user interface for management, configuration and monitoring
-
Role based user management with multiple admin users and Active Directory integration
-
Multiple email security policies with filters and advanced scan configuration
-
Different policy filter settings based on sender node or recipient address