|
Alt-N 于美国时间2007年6月12日发布MDaemon Server 9.60 英文正式版.
----------------------------
MDaemon 9.60 - June 12, 2007
----------------------------
----------------------
SPECIAL CONSIDERATIONS
----------------------
* MDaemon 9.60 is capable of taking advantage of the new Outbreak Protection
features shipping with the next version of SecurityPlus. These features
include improved image spam detection and support for the Internet Watch
Foundation's efforts to expose and classify child pornography and other
sites promoting or involved in illegal activities. SecurityPlus is a
separately licensed product: http://www.altn.com/SecurityPlus/.
* [5128] MDaemon's DNS-BL system is once again able to skip the oldest
X "Received" headers when processing SMTP and POP collected messages.
There are new controls for configuring this in the DNS-BL options UI.
Note: Your existing configuration for the SMTP and POP "Skip the X most
recent "Received" headers" option has been reset to a default of 0 and 1
respectively. This will be fine in most cases. If you have special
needs you might need to adjust these settings.
* [498] DomainPOP and MultiPOP mail collection has changed. The old
option which retained a certain number of messages on servers was removed.
In it's place, new options to delete messages stored on servers after XX
days have been added to the DomainPOP and MultiPOP UI. This has required
several changes to the API and MD_UserInfo structure which may require
your custom applications and plug-ins to be recompiled.
* [5513] relays.ordb.org will be removed from the DNS-BL host list. This
RBL is history. Also, any entry for sbl-xbl.spamhaus.org will be changed
to the new zen.spamhaus.org.
* You might need to generate and deploy new DKIM keys. This would only be
necessary if in the past you manually generated keys of 512 bits or less
(it is not possible to do this via the UI). So, if your outbound message
signing is failing with error 4 you will need to generate and deploy new
DKIM keys. The default for bit size is 1024.
------------------
MAJOR NEW FEATURES
------------------
* [4388] ACCOUNT GROUPING *
Added grouping support for accounts. Groups can be defined via a new
option off the Accounts menu. Within the account editor you can make the
account a member of one of more groups by entering group names into a new
edit control on the Mailbox tab.
Two new content filter conditions have been added which allow you to con-
figure rule actions based on group membership. Also, ACLs for public
folders can be specified for groups in addition to email addresses.
* [6182] SUBADDRESSING *
Added support for subaddressing. Subaddressing is a system for including
a folder name in an email address. Replies or emails sent to that email
address will pull the folder from the address and move the message into
folders automatically without the need to setup filtering rules.
The syntax is: "mailbox+folder@domain". So, for example, the email
address "arvel+ietf@altn.com" would route messages directly into
arvel@altn.com's "ietf" IMAP folder (assuming that folder exists).
Nested folders can be specified using period characters. For example,
"arvel+industry.ietf@altn.com" would route messages directly into
arvel@altn.com's "industry\ietf" IMAP mail folder (again, assuming that
folder exists). Underscores are used for spaces in folder names. For
example, "arvel+my_friends.frank@altn.com" would route messages
directly into arvel@altn.com's "my friends\frank" IMAP mail folder.
How you might configure your mail client to use various subaddresses
depends on the mail client. Alternatively, the content filter could do
a header search/replace based on the message destination or some other
criteria.
The folder must exist prior to being used with subaddressing. Otherwise,
the address will be treated as unknown. This is necessary to prevent
abuse.
You can not subaddress an alias. You must use the actual address.
However, you can create an alias which refers to an entire subaddressed
form.
A new switch has been added to the Filters tab within the account editor
which will allow you to enable/disable subaddressing on a per account
basis. As a result of the need to delimit using the + character this
feature will be unavailable to accounts which include + in their email
address local-part (mailbox).
This feature can be shut down globally irrespective of individual account
configuration via a new switch on the Misc Options|Misc UI. By default,
each account has this feature disabled individually.
* DKIM IS NOW AN INDUSTRY STANDARD! *
http://mipassoc.org/pipermail/ietf-dkim/2007q1/007026.html
http://www.emediawire.com/releases/2007/3/emw508676.htm
http://www.altn.com/Company/PressRoom/PressRoomViewer/Default.aspx?ID=/PressReleases/20070301-DKIMStandardization
After much hard work, DKIM has been approved by the IETF as an Internet
standard! MDaemon's DKIM implementation has therefore been updated to the
final IETF version. However, MDaemon will maintain back-compatibility
with our pre-IETF version as well for at least the next 6 months to a year.
DKIM checks will now take place before DomainKeys checks. In addition,
when DKIM checks produce a "pass" result, no DomainKeys check is made at
all. By default, MDaemon will now sign according to the final IETF stand-
ard requirements (v=1, SHA256, and bh=, etc). MDaemon will continue to
honor the older pre-IETF DKIM standard signatures for the near term.
Congratulations to all of us and you should smile knowing that you've en-
joyed a nearly two year head start in this important email security area
and have helped to perfect it.
* [5645] MESSAGE CERTIFICATION (MDaemon PRO only) *
Alt-N Technologies, through its participation in the Domain Assurance
Council (DAC) is working to create an extension to Internet mail called
"Vouch By Reference" (or "VBR" for short). VBR provides a mechanism
through which certification providers may vouch for the email messages
sent by others. VBR is based on the idea of adding an additional header
to the outgoing mail and providing a very simple way to check whether cer-
tification providers vouch for a particular sender. VBR does not require
the certification provider to sign (or even know about) any mail that is
sent.
MDaemon includes the world's first commercial implementation of VBR and
handles all the details for you. All you have to do is configure your
MDaemon with one or more certification providers you trust to vouch for
incoming mail and one or more certification providers which are willing to
vouch for your outgoing mail.
Ultimately, it is our goal to have all the major reputation service pro-
viders create certification servers for your use. They will certify only
those who meet their criteria for "good email practices". Until that day
arrives, Alt-N Technologies will step into the role and provide certifica-
tion services for the MDaemon community. To submit a request for Alt-N
Technologies to certify your domain's messages visit:
http://www.altn.com/email-certification/signup/
To configure your MDaemon to use Alt-N Technologies as a certification
provider use the MDaemon GUI thus: hit Alt+X, switch to the Certification
tab, select "Enable certification of incoming messages", enter
"vbr.emailcertification.org" into the "Host name(s) of certification serv-
ices that I trust" edit control. Note: MDaemon 9.6 will set this up auto-
matically when run for the first time. Next, if you have signed up for
Alt-N's certification service, click the "Configure a domain for message
certification" button and enter the required information there. Be sure
to use "vbr.emailcertification.org" in the "Host name(s) of services
willing to certify messages..." edit control.
A "Certification" tab was added to MDaemon's "Security" log window. Also,
logging of certification processing can be toggled via new settings within
MDaemon's logging options.
Certification of incoming messages is only possible when an authenticated
identity can be obtained from the incoming message. This is possible
using DomainKeys, DKIM, SPF, and/or Sender ID/PRA. Therefore, one or more
of these authentication features must be enabled. Similarly, certifica-
tion of your messages by others requires the authentication of your ident-
ity so we recommend enabling DomainKeys and DKIM signing of your outbound
mail and/or sending your outbound traffic over an SPF or Sender ID approved
path.
For more information on VBR and message certification visit:
http://www.domain-assurance.org.
For more information on DKIM visit: http://www.dkim.org.
IETF submission of VBR:
http://www1.ietf.org/mail-archive/web/i-d-announce/current/msg14053.html
VBR technical inner-workings:
http://files.altn.com/MDaemon/drafts/draft-hoffman-dac-vbr-00.txt
* [5833] BACKSCATTER PROTECTION (MDaemon PRO only) *
MDaemon now includes an implementation of the BATV protocol to fight
against the problem of email backscatter.
Backscatter occurs when spam or viruses send mail using a forged address
as the return path. This can lead to thousands of bogus delivery status
notifications, vacation and out-of-office messages, autoresponders, etc.,
ending up in the inbox. You can enable Backscatter Protection from the
Security menu to greatly aid in solving this problem.
Backscatter protection uses HMAC SHA-1 digests with a private key and mit-
igates against replay attacks by imposing a 7 day life-time for all return
path values.
BATV technical inner-workings:
http://files.altn.com/MDaemon/drafts/draft-levine-batv-03.txt
* [5889] MINGER (MDaemon PRO only) *
Alt-N Technologies has created a new email address verification protocol
called Minger. The original Minger was loosely based on the Finger proto-
col [RFC 1288] and thus the name. However, it has evolved and doesn't
look much like Finger anymore; but the name stuck. Minger includes the
following improvements over Finger: (a) requires authentication so it's se-
cure (b) uses UDP rather then TCP. Minger allows others to query your
server for user information. It is primarily intended to provide a simple
and efficient mechanism for verifying whether an account exists or not.
MDaemon's Minger server can be enabled/disabled via the UI in the usual
way. A Minger user name and password may be configured from Ctrl+M on
the Minger tab to use the server. A Minger client has been embedded in
the "Gateways" feature-set. The old "LDAP Verify" tab has been renamed
"Verification" and the existing controls have been reworked slightly to
allow configuration for Minger. Finally, a new top level UI tab and log
file for the Minger server was added.
Minger technical inner-workings:
http://files.altn.com/MDaemon/drafts/draft-hathcock-minger-02.txt
* PERFORMANCE ENHANCEMENTS *
The entire product and development process was re-tooled, setup, compiled
and built using Visual Studio 2005 and Team Foundation Server (previously,
Visual Studio 6 and SourceSafe were used).
Three specific performance enhancements were made with respect to queuing
and message delivery efficiency:
[5549] Added a connection failure cache system which can be configured
via a new option on the Setup | Primary Domain | Sessions tab. If an SMTP
session results in a connection error or connection failure the IP is
cached in memory for XX minutes. Once cached, further connection attempts
to that IP are not attempted until the cache expires. The cache is main-
tained in memory and is reset on a restart and at midnight.
[5582] When large numbers of messages are waiting to be delivered a prob-
lem occurs when MDaemon continually rebuilds its internal message delivery
memory structure. This problem leads to very slow message processing be-
cause the CPU is split between actually doing the delivery and continually
rebuilding this memory structure. To address this problem, when MDaemon's
internal memory structure already has 1000 or more messages queued up it
will not dynamically rebuild this structure. This preserves the benefi-
cial nature of dynamic queuing for the vast majority of MDaemon users who
rarely have 1000 or more messages awaiting simultaneous delivery and at
the same time better serve the performance needs of those who do. You can
raise or lower this 1000 message limit by manually editing the following
MDaemon.ini key:
[Sessions]
MaxQueuedCount=1000
[5546] There's a new option which can be used with the default schedule.
When using the immediate delivery option you can now specify that only
mail which is XX minutes or newer should be delivered by that option.
This will increase mail processing efficiency since an incoming message
will no longer trigger the delivery of everything. Of course, the entire
queue will spool when the toolbar button is pressed or when any other
queue run trigger fires. This new option only applies to queue runs which
are triggered by the "Send mail immediately after getting queued" feature.
By default, 1 minute has been set as the limiting factor. You can change
that if you like using the schedule GUI. You can set it to ZERO to dis-
able this behavior completely (which will cause MDaemon to behave as in
previous versions - send all queued mail every time (inefficient)).
[1077] Added a "Maximum simultaneous connections to any single IP" option
which can be configured via a new option on the Setup|Primary Domain|
Sessions tab. This setting limits the number of simultaneous connections
to any IP address during delivery of queued outbound mail. It is useful
to prevent making too many connections all at once to various IPs. During
delivery, if a message would require a connection to an IP that would ex-
ceed this connection limit, then the connection is skipped and the next MX
host (or smart host) is used. If no additional hosts are available the
message is queued for the next delivery cycle.
By default, this option is completely disabled which preserves existing
behavior. Also, by default, connections to trusted IPs are exempt from
this feature. However, if you'd like to enforce it for trusted IPs you
can set the following switch in the MDaemon.ini file:
[Sessions]
TrustedIPsUseConnectionLimit=Yes (default No)
Also, by default, connections to IPs reserved for intranet use are exempt
from this feature. These are 127.0.0., 192.168., 10., and 172.16.0.0/12.
However, if you'd like to enforce it for reserved IPs you can set the
following switch in the MDaemon.ini file:
[Sessions]
ReservedIPsUseConnectionLimit=Yes (default No)
* IMPROVED GATEWAY SUPPORT (MDaemon PRO only) *
[6118] Valid email addresses for gateways can be configured by just enter-
ing them into a text file now. A new button was added to the gateway
Verification tab which will let you add addresses to GatewayUsers.dat. Any
gateway message sent to a email address found within this file will be
considered valid. You can also setup gateway verification to use a new
"File" option which requires that the address be present within the text
file in order to be considered valid. When using other verification meth-
ods, the text file is just an extra source for address data but not a
definitive source.
[6127] Gateway LDAP verification settings have been changed to better sup-
port Exchange/Active Directory in the following ways:
(a) The default search filter strings created for new gateways will use an
objectclass of "user" rather than "MDaemonContact".
(b) The default search filter strings will now include
(proxyAddresses=SMTP:$EMAIL$)
[6129] The format of the LDAP cache file has changed in order to fix a bug
preventing multiple base DNs at the same host from working. As a result,
all existing cached values are invalid. You can either delete the entire
file and let MDaemon rebuild it or do nothing and allow the invalid entries
to expire automatically over time.
[6126] Added LDAP/Minger cache enable/disable to the Gateway Options UI.
[6128] Added button to the Gateway Verification UI to edit the LDAP cache.
-----------------------------------
CHANGES AND ADDITIONAL NEW FEATURES
-----------------------------------
o [4262] Added an option to the DKIM signing properties which allows a single
checkbox which configured all local domains (the primary domain and all
secondary domains) for signing. You will no longer have to specify each
domain individually within the DKSign.dat file. This option is enabled
by default.
o [5497] WorldClient has better character set support for composed messages.
Previously, WorldClient would use the utf-8 character set for message that
contained any characters not in iso-8859-1. Now the preferred character
sets can be configured by the administrator with the "ComposeCharsets"
INI value in WorldClient's Domains.ini or User.ini files. The default
character set for the Japanese version is iso-2022-jp, Chinese is gb2312,
and Russian is koi8-r.
o [5254] MDaemon will now send emails to all users who are approaching their
quota limitation informing them of the number of messages and size of
their mailbox as well as percentages used and remaining. These emails are
sent at midnight. If an existing warning is found in the users mailbox
it is replaced with an updated message. You can configure a percentage
value in the Misc Options|Misc tab which controls when these emails are
sent. That UI has been redesigned slightly to make room for this new
control. The number of allowable files or the amount of disk remaining
must drop below this value in order for an account to receive a warning.
Also, unrelated but tagged onto 5254 was a slight redesign of the default
account options UI. The quota options have been isolated to a separate
tab and the button(s) to restore installation defaults have been removed
for now pending a sync-up with WebAdmin.
o [5953] When sending messages to a smart host MDaemon already has the op-
tion to authenticate using a configured user name and password. However,
this is a single set of authentication credentials that is used for each
message sent. Some ISPs are requiring a different set of credentials
based on the sender of the message (the SMTP MAIL value). Therefore, it
is now possible to configure independent smart host user name and pass-
word values for each account. When authenticating to a smart host during
outbound message processing these credentials will be used, if provided.
When not provided, the existing single set of credentials that MDaemon has
always supported will serve as a default.
A new edit control was added to the Account Editor which will allow you to
configure a smart host password. By default, the smart host user name
will always match the account's email address. If, for some reason, this
is not desired, a separate smart host user name can be manually configured
by editing the HIWATER.MRK file found in the account's root mail folder
and adding the following key:
[AUTH]
ISPAUTHUserName=-<user name> (example: ISPAUTHUserName=-arvel@altn.com)
Preface <user name> with a dash character "-" so that MDaemon will recog-
nize the value as unencrypted and will encrypt it for security.
Additionally, the following MDaemon.ini settings are available for use:
[AUTH]
ISPAUTHByAccount=No (default Yes)
This option enables or disables the entire thing we're talking about here.
When disabled, behavior is as MDaemon has always done - all messages are
sent to the smart host after authenticating via a single user name and
password. When enabled, particular authentication credentials will be
used for messages sent from a local account to the smart host only when
those credentials are either explicitly provided -or- when the options be-
low force the use of defaults. A checkbox for this was added to the Setup
|Primary Domain|Delivery UI as "Allow per-account authentication".
ISPAUTHUseEmails=No (default Yes)
This option causes MDaemon to always use the account's email address as
the smart host user name unless HIWATER.MRK overrides (see above). When
this option is set to No (disabled) and nothing is configured in the
HIWATER.MRK for use then nothing special happens.
ISPAUTHUsePasswords=Yes (default No)
This option causes MDaemon to always use the account's POP/IMAP password
as the smart host password unless HIWATER.MRK overrides. When this option
is set to No (disabled) and no smart host password is configured for use
then nothing special happens.
SECURITY NOTE: Enabling the ISPAUTHUsePasswords option will effectively
communicate all your account's local mail passwords to the smart host over
time. This is not a good idea since it provides sensitive information
(enough to compromise mail security) to somebody else. Use only if re-
quired to do so by a smart host you absolutely trust.
This system is shipped disabled because no account will have a smart host
password value available for use.
o [6251] When installing in silent mode (using the /s option) the installer
will no longer show a "you need to reboot" dialog box. Instead, if a
reboot is needed, the installer will create \App\RebootNeeded.sem. It's
up to you to do the needed rebooting in these cases.
o [6225] Added an new UI tool to pick users, lists, catalogs, or mailing
lists where appropriate and retired the older tool. This new UI element
ties in at various places (such as a button to the right of UI elements
that allow user selection). It will support multiple selection when
appropriate.
o If you are adding DNS-BL hits to the IP screen you'll need to set the
following MDaemon.ini switch to continue to make that happen:
[SpamBlocker]
AddToIPScreen2=Yes (default No)
This is not recommended as it amounts to a permanent caching of DNS-BL
results. It is provided for backward compatibility only.
o [3678] Added account option to cause automatic processing of meeting
requests, changes, and cancellations. When MDaemon encounters a message
for a local user that contains a meeting request it will update the users
calendar automatically if this option is enabled. This option is disabled
for all users by default.
o [5834] Removed option to force a reverse-path when none is provided in an
outbound message. This was preventing the proper sending of mail with a
NULL reverse path. If this is a problem use the content filter to insert
an X-Return-Path header. The MDaemon.ini setting [Special] ForceFrom= is
no longer used.
o [6089] Alt-N supports only the SpamHaus RBL. Therefore, default installs
of MDaemon will be configured with only this RBL. Alt-N does not recom-
mend other RBL services however you are free to use whatever services you
wish.
o RAW message processing will no longer append "Message contains [X] file
attachments" to message bodies. If you want that, you can enable this
MDaemon.ini setting: [Special] ShowRAWAttachmentCountString=Yes.
o [5875] Added two new IMAP filter rule options: Redirect Message - re-
directs incoming messages EXACTLY as they arrived - no changes to the
headers or body are made. The only thing changed is the SMTP envelope re-
cipient. Forward Message - forwards the incoming message to a new recip-
ient by introducing a new message into the mail stream (with the Subject
header and body content taken from the original message).
o [5678] Added SyncML password to the account editor. You only need to
specify a SyncML password if your account is setup for Dynamic Authentica-
tion. However, you can specify a SyncML password at any time. If speci-
fied, that is the password that you must use when your account interacts
with MDaemon's SyncML server.
o [6002] The Alt-N web site now includes pages to provide more details on
how to configure SyncML clients for various platforms. The SyncML server
UI page has changed to include links to these new pages.
o [5955] The account editor UI has seen additional descriptive text changes
including:
1) SyncML password edit box added to Mailbox tab
2) Smart Host password edit box added to Mailbox tab
3) Better wording to describe various options on Options tab
4) "Aliases" button moved to Options tab to make room for 1) and 2)
6) "IMAP Filter Rules" is now just "Filters" to be consistent with
WorldClient/WA
o Some changes to better support Vista:
[5640] Popups will not occur from MDaemon running as a service in session
zero under Vista. This was causing nag screens.
[5638] Mutex and shared memory problems fixed which were causing a break
down of inter-process communication and leading to several odd issues
(like double WorldClient.exe and MDSpamD instances, re-initing sockets).
Help file converted to Microsoft HTML Help (MDaemon.chm) for Vista compat-
ibility. "What's This? Help" is still only supported in 2000/XP.
o [5886] Updated AntiSpam system to include SpamAssassin 3.18.
o [5832] Added option to spam filter to toggle sending a spam trap public
folder summary email to the postmaster each day.
o [5852] The option "Send to next MX host when an SMTP error occurs" has
been removed from Setup|Primary Domain|DNS. MDaemon will always send to
the next MX host as appropriate.
o [5854] An option was added to Setup|Primary Domain|DNS which will bounce a
message upon the first 5xx error returned from any MX host. When uncheck-
ed, messages will not be immediately bounced as long as at least one MX
returns a 4xx error.
o [5653] The RBL caching system was removed. It's redundant since DNS al-
ready does caching and was needlessly CPU/disk intensive.
o [5580] A new switch was added to Misc Options|Servers. You can now indiv-
idually enable message and SMTP parameter RFC compliance checking.
o [5581] Authenticated sessions are always exempt from SMTP parameter and
message RFC compliance checks.
o [5525] Slight restructuring to the DNS-BL UI to make it more efficient.
o [5467] Changed several references from "AntiVirus" to "AntiVirus/SecurityPlus"
o [6014] A warning message will appear when enabling message relaying.
o [5539] The option "Enable disk checking for waiting message counts" was
renamed to "Update GUI with queued message counts" and moved from the
Misc Options|Misc to the Misc Options|GUI tab.
o [5336] By default, automatic attachment extraction will no longer extract
text/plain attachment types. You can change this with a new switch on the
Misc Options|Misc tab.
o [5540] The option to relay for trusted IPs has been disabled by default.
You can change this with a switch on the Security|Relay...|Relay Settings
tab.
o [5949] The following INI file keys are no longer used:
[RAS] EncryptName and EncryptPassword (MDaemon.ini)
[AUTH] EncryptDequeueLogon and EncryptDequeueSharedSecret (MDaemon.ini)
[DomainPOP] EncryptName and EncryptPassword (DomainPOP.ini)
The proper way to have MDaemon encrypt these values is to make the first
character a dash "-" char.
Also, the following keys were renamed for MDaemon 9.60:
[AUTH] ISPAuthLogon -> [AUTH] ISPAuthUserName
[AUTH] ISPAuthSharedSecret -> [AUTH] ISPAuthPassword
[AUTH] DequeueSharedSecret -> [AUTH] DequeuePassword
o [5542] By default, MDaemon will strip out X-MDOP-RefID headers from in-
coming messages. These are headers generated by Outbreak Protection. If
you'd like to retain these headers you can set the following switch in
MDaemon.ini:
[Special]
StripOPRefIDHeaders=No (default Yes)
o [4241] Added additional reminder times for WorldClient events.
o [5612] * and ? chars will now be accepted in RCPT values. However, if you
have accounts that use * and ? chars within the mailbox value be aware
that aliases will not work properly for such accounts. You should not
setup accounts with * and ? chars in mailbox values.
o [5361] Details related to the meeting are now included in the subject of
iCalendar invitations. This works around an issue where Exchange uses the
RFC message subject and not the iCalendar summary field for the meetings
description.
o [5839] Added menu and toolbar button for editing SyncML server options.
o [5465] User can specify default browser when Comagent launches WorldClient.
Edit the Comagent.ini file:
[ComAgent]
DefaultBrowser=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.exe -url "%1"
o [6062] Route slips will honor the "Abort delivery on 5XX after RCPT" op-
tion. Previously they used an MDaemon.ini setting called IgnoreRcptErrors.
This has been deprecated.
o [6004] Auto-responders will never be triggered by a spam messages regard-
less of whether they are explicitly listed on the auto-responder exception
UI or not.
o [6005] MDaemon's internal resource string ids were changed in order to
assist localization efforts and prevent errant string translations from
causing software crashes and bugs. As a result, the "custom SMTP" and
"custom POP" string systems for which support ceased a long time ago has
now been completely deprecated.
o [6013] Secondary domains can now be configured with a unique FQDN value.
This value will be used with incoming SMTP connections. IP binding is not
required in order for this to work. However, if you have two or more
domains using the same unbound IP then the FQDN used will be the one
associated with the domain that is first in alphabetical order. If each
domain is bound to its own IP then the proper FQDN will be used in all
cases. Also, this value will be used with outgoing SMTP sessions in the
HELO/EHLO.
When no FQDN value is specified, MDaemon will use the primary domain's
FQDN value as a default.
o [6016] The option to use the FQDN host name in SMTP when required and the
option to use the same in "Received" headers were both removed from Setup|
Primary Domain. The former options were eliminated completely from the
software and the FQDN will always be used when required by RFC. The
latter option still exists in the Misc. Options however it's default has
been changed to TRUE.
o [6025] Outbound socket IP binding has been changed. MDaemon will always
bind outbound sockets if the domain has binding in place on inbound sockets
and if the option to enable outbound IP binding is enabled. The IP used
in this case is the one associated with the handling of inbound mail. If
no IP can be determined then MDaemon can use a specific IP which you can
configure by editing the following in MDaemon.ini:
[Domain]
OutboundSocketIP=<IP>
All of this functionality requires that outbound socket binding be enabled
via a new UI switch added to Misc Options|System.
The following setting is no longer used:
[Domain]
BindToBoundDomains=<whatever>
o [6045] DK/DKIM processing will properly handle keys with CR, LF, and SP
embedded within them. Some examples of keys that have been errantly white-
space folded were encountered in the wild.
o [6049] Uninstall will automatically invoke a deactivation of the software.
o [2725] System log will note the queue status on startup (frozen/active).
o [6113] Removed "Check for update now" option from all installers. Check-
ing for updates from within the installer is no longer technically poss-
ible for us. Update checks can only be safely performed using the MDaemon
UI.
o [6205] Changed list digests slightly. First, the format of the digest
mail was simplified and is always sent with basic HTML codes inserted.
The option to create HTML digests has been removed. The button to edit
the digest format was also removed from the UI. MDaemon will always
rebuild DIGEST.MBF every time it starts. So, DIGEST.MBF, like RFC822.
MBF is now a reserved file and shouldn't be changed by end users. If
you want to create a custom DIGEST.MBF file for use with certain lists
you should copy DIGEST.MBF to another file name of your choice, make the
changes you need using notepad, and then configure the list to use your
new MBF file.
o [6212] RFC822.mbf and DIGEST.mbf are important system files that can
cause MDaemon to operate strangely if they are modified. These files
are no longer eligible for modification. MDaemon will rebuild these
files to system defaults at each startup.
o [6193] MDaemon's service startup procedure has been internally changed.
It is in a separate thread now which should keep the Windows SCM updated
properly. Also, MDaemon will report its status as SERVICE_RUNNING when
connections are ready to be serviced rather than when the main window
is initialized as in previous versions.
o [4146] Added an option to the Logging Mode UI which allows you to config-
ure a log file path. The resulted in a slight reorganization of the con-
trols on that UI tab.
o [6142] MDaemon no longer sends auto-generated messages using "BadMsgQ@"
as the Reply-to. MDaemon will use "Noreply@". Therefore, if you have
an account using that mailbox it will no longer be able to receive mail.
o [6143] Auto-generated emails sent from MDaemon which should not receive
replies will be sent with a reply-to and reverse-path of "noreply@".
Messages received for "noreply@" will be refused by the SMTP server.
o [6120] It is no longer possible to use the envelope sender value to verify
list membership. Doing so is an improper use of the envelope value result-
ing in the breakage of systems like BATV. List related checks will be
performed on the value of the FROM header after the message body is re-
ceived.
o [6123] ComAgent warning will popup on public folder synch when user lacks
permission to modify the public address book.
o [6214] Tarpit.dat was renamed DynamicScreen.dat.
o [6131] The feature which automatically updates local address books with
the email addresses of folks to whom mail is sent was broken. So was the
DomainPOP "real name matching" feature. Both were using the return-path
address rather than the address taken from the message's From: header.
This has been fixed.
o [6132] The feature which checks local address books to determine whether a
message should be exempt from the spam filter was broken in two ways.
First, a single address book match for a RCPT white listed the message for
all RCPTs. For this reason, messages to multiple RCPTs will be handled
by the MTA rather than the SMTP server. Second, the return-path address
was the one being matched to the address books. This should be the ad-
dress of the sender of the message as taken from first the Sender: header
and failing that, the From: header.
o [6135] Some changes were made regarding the logging of tarpit and dynamic
screening activity. First, these items are no longer tracked into the OS
event log. This was just bloating the even log greatly. Second, a new
"Screening" sub-tab has been added to the Security tab. Tarpit and dy-
namic screening events will track into this tab and log file rather than
the System tab and log.
o [6145] The "Machine name" parm has been removed. MDaemon already has an
FQDN value which is supposed to uniquely identify the machine. MDaemon
will now use the FQDN value everywhere that it previously used the Machine
name value.
o [6146] Auto-generated messages are sent with a FROM field which indicates
the FQDN of the server who sent the message. Something like this:
From: "MDaemon at c3po.altn.com" <MDaemon@altn.com>.
o If CLEARQUOTACOUNTS.SEM contains * on a line by itself the entire file
will be deleted thereby invalidating all cached quota counts.
-----
FIXES
-----
o [6079] fix to session transcripts no always included in NDR when should be
o [6090] fix to CRLF in Comments and UserDefined fields breaking CSV export
o [550] fix to list digest messages not handling HTML mail properly
o [2874] fix to RAW & CF generated messages not working with list digests
o [6021] fix to list digest processing leaving orphaned temp files
o [6023] fix to list digest processing handling only multipart/alternative
o [5526] fix to truncated ACL help button text
o [5462] fix to missing strings for translation
o [5532] fix to DNS-BL not refusing connections when it should
o [5534] fix to orphaned RTE files in Bayesian learning folders
o [5448] fix to restricted account default setting only working in English
o [4777] fix to unsubscribe emails not available for localization
o [5541] fix to bad email addresses sometimes written to OC user data file
o [5252] fix to OC user data file not updated when domain names change
o [5543] fix to RTE files orphaned by IMAP server
o [5545] fix to RTE files orphaned by POP server
o [4866] fix to SMTP not sending to backup server on error during session
o [5136] fix to SMTP not sending to backup server on error after EHLO
o [5508] fix to ComAgent right-click lockup problem under some conditions
o [5509] fix to ComAgent crashes when Outlook synchronization occurs when
server connection had been lost
o [5573] fix to apply button not working on some spam filter UI tabs
o [5559] fix to more "MDaemon Antivirus" in UI when should be "SecurityPlus"
o [6133] fix to BATV pvrs encoded return-paths not playing nice with greylisting
o [5583] workaround for HiPath ProCenter bug which caused it to strip
email attachments from unread messages
o [5418] fix to MD not being able to delete a domain's public folders when
removing the domain
o [5599] fix to ComAgent not using translated folder name for new email
notification
o [5844] fix to DomainPOP "Default" button (removed it)
o [5604] fix to Apply button not working in Queues UI
o [5680] fix to Comagent Outlook sync not synching job title field
o [5681] fix to Comagent Outlook sync not synching title in full name field
o [5707] fix to Comagent Outlook sync not synching suffix in full name field
o [5847] fix to handle leak when using the gateway's LDAP "test" button
o [5855] fix to plugin menu options appearing in menubar in simple mode
o [5792] fix to attachments not being removed when using the 'extract
attachment to folder' action in content filter
o [5872] fix to cf and virus .dat files being overwritten by the installers
o [5868] fix to content filter rules not able to be modified on some systems
o [5876] fix to improper use of Resent-From in auto-forwarded mails
o [5879] fix to stack corruption in SafeFormatResourceString function
o [5621] fix to unable to set ham/spam sample count below 200 in UI
o [5651] fix to spam filter's DNS-BL score not enabling/disabling correctly
o [5652] fix to account filters UI not enable/disable match text correctly
o [5467] fix to UI references to "AntiVirus" -> "SecurityPlus/AntiVirus"
o [5663] fix to summary stats report file formatted improperly
o [5882] fix to summary stats report leaving orphaned files in temp folder
o [5784] fix to DPOP/MPOP not working with UIDLs that start with # properly
o [5795] fix to some public folder UI text not in resources for translating
o [5619] fix to import process breaking down when missing a last name field
o [5622] fix to smart host being used immediately after first MX connect
failure rather than trying all MX hosts first
o [5665] fix to schedules added/changed by config session not taking effect
o [5945] fix to 502 rather than 252 response when VRFY/EXPN disabled
o [5871] fix to SyncML: server should log if directory does not exist
o [5505] fix to SyncML: the fact that the Outlook Connector deletes and re-
creates an item when editing causes the SyncML server to do the same
o [6006] fix to Host Screen not working with PTR result at times
o [5993] fix to tarpit.dat not purging matches to notarpit.dat on startup
o [6011] fix to 250 EHLO/HELO response not including FQDN value
o [6036] fix to Comagent strings, "Could not connect to the server! Please
verify that the server information is correct.", not translated
o [6063] fix to QUIT sometimes being sent at the wrong time during SMTP
o [6064] fix to "Bounce message on first 5XX from an MX host" not working in
all cases
o [6081] fix ComAgent's un-translated strings
o [6102] fix to WorldClient does not recognize invitations from GoToMeeting.com
o [6105] fix to errant text on Help menu regarding Top 10 support questions
o [6106] fix to errant text on Help menu regarding Top KB articles
o [6107] fix to redundant Help options (there's just one HELP option now)
o [5609] fix to the contact picker not selecting the right contact folder
after refreshing data when the contact folder is refreshed in some foreign
languages
o [5904] fix to activation resets when installed on Vista
o [5899] fix to $LOCALDOMAIN$ aliases showing in WC
o [6140] fix to ComAgent auto-update not working
o [5655] fix to New Folder dialog from IMAP Rules editor not decoding or
encoding folder names
o [6147] fix to IMAP rules possibly using value from the wrong header
o [6156] fix to crash at shutdown if Spam Filter dialog is open
o [6157] fix to incorrect title for some tabbed dialogs
o [6161] fix to DKIM signatures not using the i= domain properly
o [6174] fix to SPF "PTR" tests not working properly in some cases
o [6166] fix to accepting MAIL parms with | char (MDaemon reserves this char)
o [6115] fix to server freeze states not honored by config session on new install
o [6177] fix to ISO-2022-KR messages are corrupted in WorldClient
o [6183] fix to IMAP parse error with search arguments containing parentheses
o [5963] fix to QuotaCounts.dat not being updated after pruning
o [6213] fix to digest special editions being folded into digest proper
o [4530] fix to SyncML: database path containing non-ASCII characters not found
o [5885] fix to SyncML: recurring events not synchronized with TBird extension
o [6051] fix to WC and some IMAP clients not properly decoding a message
that has trailing whitespace in the Content-Transfer-Encoding header value.
o [6297] fix to SMTP based scan scoring for VBR and OP results
o [5495] fix to a message composed in WorldClient with an improperly
formatted email address may not be sent to all recipients
o [6232] fix AccountPrune not accepting foreign and accented characters for
folder name parameter(/p)
o [6243] fix to MDaemon's "Log full WC/HTTP/IM activity" setting having no
effect on WorldClient's HTTP log
o [6250] fix to auth'ed sessions accepting, and then bouncing, messages sent
to unknown local users (should not accept message in the first place)
o [6237] fix to auto-generated messages being sent even when triggering
message specified a NULL reverse path
o [6141] fix to installer backup not taking place before file conversion
o [6257] fix to Korean message not displaying in WC LookOut theme
o [6278] fix to DomainAdmin.ini file key may contain unnecessary commas
o [6279] fix to switch inserting X-Lookup-Warning header not working
o [6199] fix to DKIM options tab not using Apply button correctly
o [6305] fix to cfengine.exe crash when using search and replace rule action
|
