6.2.8 Version 4.6.2

4.6.2 MetaDefender Email Security release

Release Date: May 07, 2019

MetaDefender Email Security 4.6.2 is a maintenance release focused on fixing issues and providing improvements for MetaDefender Vault integration.

New & improved

Upload attachments to recipients' Vault folders

Enabling the Policy > Security rules / add/modify / VAULT/ UPLOAD TO USER'S OWN VAULT ACCOUNT option, Email Security will upload the attachments (depending on the other, Vault related settings) to the recipients own Vault account.

The Vault account is identified by the recipient email address.

If no account exist with the recipient email address on the Vault, then the file will be uploaded to the account that is assigned to the API key specified in the MetaDefender Vault type server profile set for the matching rule.

images/download/attachments/2978598/image2019-4-26_11-55-17.png

Upload failed-to-sanitize attachments to Vault

Enabling the Policy > Security rules / add/modify / VAULT / UPLOAD ATTACHMENTS THAT FAILED SANITIZATION option, Email Security can now be configured to upload the original copy of attachments that failed sanitization (when sanitization is enabled in the appropriate rule on the paired Core).

If both

  1. UPLOAD ORIGINAL OF SANITIZED ATTACHMENTS and

  2. UPLOAD ATTACHMENTS THAT FAILED SANITIZATION

are enabled –and the sanitization fails– then the original file will be uploaded only once.

images/download/attachments/2978598/image2019-4-26_10-54-42.png

Send alert emails when Vault is unresponsive

Enabling the Settings > Email Alerts / Alert types / METADEFENDER VAULT NOT RESPONDING option, Email Security can now be configured to send email alerts when a Vault server configured in the MetaDefender Vault type server profiles is not reachable.

images/download/attachments/2978598/image2019-4-26_10-52-0.png

Option to enable scanning email headers

Enabling the Policy > Security rules / add/modify / SCAN / SCAN EMAIL HEADERS option, Email Security can now be configured to scan information placed into email headers (e.g. sender, subject, etc.).

This function can help –for example– to prevent leaking sensitive information in email subjects. For further details see the Scan settings section in 4.2 Security rules.

images/download/attachments/2978598/image2019-4-26_14-45-47.png

Support for new AMP HTML body MIME type

Email Security now supports emails with AMP HTML body.

Enhanced log correlation with logs from Core

Email Security now writes data_id values (that it receives from Core) into its logs so that Email Security and Core logs can be correlated more easily.

The data_id values are highlighted in the Email Security log entry below that was written for a simple text email that consists of a header and a body section: images/download/attachments/2978598/image2019-4-26_15-23-22.png

Changed

Vault configuration moved to server profiles

MetaDefender Vault instances can now only be configured as server profiles under Inventory > Server profiles.

Remember, that:

  • Vault REST is configured by default on port 8000,

  • Vault REST is available under the URI path /vault_rest.

images/download/attachments/2978598/image2019-4-26_10-33-18.png

Prior to Email Security 4.6.2, the Vault server must have been specified directly under Policy > Security Rules / add/modify / VAULT / UPLOAD ATTACHMENTS TO. From version 4.6.2 this setting will point to the appropriate MetaDefender Vault type server profile.

images/download/attachments/2978598/image2019-4-26_10-50-8.png

Fixed

Wrong time format in email headers

Email Security inserted date and time headers with a wrong value and format. Time was two hours behind (compared to the time of other relevant events) and the text representation of the day of week and month values were displayed as question marks.

Sanitized twice when integrated with Vault

A file may have been sanitized twice when Email Security was integrated with MetaDefender Vault

Previous releases

Feature

Maintenance

4.6.0

4.6.1

 

 

4.5.0

4.5.1

4.5.2

4.5.3

4.4.0

4.4.1