-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hallo,
MDaemon 9.6.0 release pagi ini ftp://ftp.dutaint.com/altn-mdaemon/md960_en.exe http://ftp.dutaint.com/altn-mdaemon/md960_en.exe - ----------------------------------------------------------------------------- MDaemon Server v9.X Release Notes - ----------------------------------------------------------------------------- - ---------------------------- MDaemon 9.60 - June 12, 2007 - ---------------------------- - ---------------------- SPECIAL CONSIDERATIONS - ---------------------- * MDaemon 9.60 is capable of taking advantage of the new Outbreak Protection features shipping with the next version of SecurityPlus. These features include improved image spam detection and support for the Internet Watch Foundation's efforts to expose and classify child pornography and other sites promoting or involved in illegal activities. SecurityPlus is a separately licensed product: http://www.altn.com/SecurityPlus/. * [5128] MDaemon's DNS-BL system is once again able to skip the oldest X "Received" headers when processing SMTP and POP collected messages. There are new controls for configuring this in the DNS-BL options UI. Note: Your existing configuration for the SMTP and POP "Skip the X most recent "Received" headers" option has been reset to a default of 0 and 1 respectively. This will be fine in most cases. If you have special needs you might need to adjust these settings. * [498] DomainPOP and MultiPOP mail collection has changed. The old option which retained a certain number of messages on servers was removed. In it's place, new options to delete messages stored on servers after XX days have been added to the DomainPOP and MultiPOP UI. This has required several changes to the API and MD_UserInfo structure which may require your custom applications and plug-ins to be recompiled. * [5513] relays.ordb.org will be removed from the DNS-BL host list. This RBL is history. Also, any entry for sbl-xbl.spamhaus.org will be changed to the new zen.spamhaus.org. * You might need to generate and deploy new DKIM keys. This would only be necessary if in the past you manually generated keys of 512 bits or less (it is not possible to do this via the UI). So, if your outbound message signing is failing with error 4 you will need to generate and deploy new DKIM keys. The default for bit size is 1024. - ------------------ MAJOR NEW FEATURES - ------------------ * [4388] ACCOUNT GROUPING * Added grouping support for accounts. Groups can be defined via a new option off the Accounts menu. Within the account editor you can make the account a member of one of more groups by entering group names into a new edit control on the Mailbox tab. Two new content filter conditions have been added which allow you to con- figure rule actions based on group membership. Also, ACLs for public folders can be specified for groups in addition to email addresses. * [6182] SUBADDRESSING * Added support for subaddressing. Subaddressing is a system for including a folder name in an email address. Replies or emails sent to that email address will pull the folder from the address and move the message into folders automatically without the need to setup filtering rules. The syntax is: "[EMAIL PROTECTED]". So, for example, the email address "[EMAIL PROTECTED]" would route messages directly into [EMAIL PROTECTED]'s "ietf" IMAP folder (assuming that folder exists). Nested folders can be specified using period characters. For example, "[EMAIL PROTECTED]" would route messages directly into [EMAIL PROTECTED]'s "industry\ietf" IMAP mail folder (again, assuming that folder exists). Underscores are used for spaces in folder names. For example, "[EMAIL PROTECTED]" would route messages directly into [EMAIL PROTECTED]'s "my friends\frank" IMAP mail folder. How you might configure your mail client to use various subaddresses depends on the mail client. Alternatively, the content filter could do a header search/replace based on the message destination or some other criteria. The folder must exist prior to being used with subaddressing. Otherwise, the address will be treated as unknown. This is necessary to prevent abuse. You can not subaddress an alias. You must use the actual address. However, you can create an alias which refers to an entire subaddressed form. A new switch has been added to the Filters tab within the account editor which will allow you to enable/disable subaddressing on a per account basis. As a result of the need to delimit using the + character this feature will be unavailable to accounts which include + in their email address local-part (mailbox). This feature can be shut down globally irrespective of individual account configuration via a new switch on the Misc Options|Misc UI. By default, each account has this feature disabled individually. * DKIM IS NOW AN INDUSTRY STANDARD! * http://mipassoc.org/pipermail/ietf-dkim/2007q1/007026.html http://www.emediawire.com/releases/2007/3/emw508676.htm http://www.altn.com/Company/PressRoom/PressRoomViewer/Default.aspx?ID=/PressReleases/20070301-DKIMStandardization After much hard work, DKIM has been approved by the IETF as an Internet standard! MDaemon's DKIM implementation has therefore been updated to the final IETF version. However, MDaemon will maintain back-compatibility with our pre-IETF version as well for at least the next 6 months to a year. DKIM checks will now take place before DomainKeys checks. In addition, when DKIM checks produce a "pass" result, no DomainKeys check is made at all. By default, MDaemon will now sign according to the final IETF stand- ard requirements (v=1, SHA256, and bh=, etc). MDaemon will continue to honor the older pre-IETF DKIM standard signatures for the near term. Congratulations to all of us and you should smile knowing that you've en- joyed a nearly two year head start in this important email security area and have helped to perfect it. * [5645] MESSAGE CERTIFICATION (MDaemon PRO only) * Alt-N Technologies, through its participation in the Domain Assurance Council (DAC) is working to create an extension to Internet mail called "Vouch By Reference" (or "VBR" for short). VBR provides a mechanism through which certification providers may vouch for the email messages sent by others. VBR is based on the idea of adding an additional header to the outgoing mail and providing a very simple way to check whether cer- tification providers vouch for a particular sender. VBR does not require the certification provider to sign (or even know about) any mail that is sent. MDaemon includes the world's first commercial implementation of VBR and handles all the details for you. All you have to do is configure your MDaemon with one or more certification providers you trust to vouch for incoming mail and one or more certification providers which are willing to vouch for your outgoing mail. Ultimately, it is our goal to have all the major reputation service pro- viders create certification servers for your use. They will certify only those who meet their criteria for "good email practices". Until that day arrives, Alt-N Technologies will step into the role and provide certifica- tion services for the MDaemon community. To submit a request for Alt-N Technologies to certify your domain's messages visit: http://www.altn.com/email-certification/signup/ To configure your MDaemon to use Alt-N Technologies as a certification provider use the MDaemon GUI thus: hit Alt+X, switch to the Certification tab, select "Enable certification of incoming messages", enter "vbr.emailcertification.org" into the "Host name(s) of certification serv- ices that I trust" edit control. Note: MDaemon 9.6 will set this up auto- matically when run for the first time. Next, if you have signed up for Alt-N's certification service, click the "Configure a domain for message certification" button and enter the required information there. Be sure to use "vbr.emailcertification.org" in the "Host name(s) of services willing to certify messages..." edit control. A "Certification" tab was added to MDaemon's "Security" log window. Also, logging of certification processing can be toggled via new settings within MDaemon's logging options. Certification of incoming messages is only possible when an authenticated identity can be obtained from the incoming message. This is possible using DomainKeys, DKIM, SPF, and/or Sender ID/PRA. Therefore, one or more of these authentication features must be enabled. Similarly, certifica- tion of your messages by others requires the authentication of your ident- ity so we recommend enabling DomainKeys and DKIM signing of your outbound mail and/or sending your outbound traffic over an SPF or Sender ID approved path. For more information on VBR and message certification visit: http://www.domain-assurance.org. For more information on DKIM visit: http://www.dkim.org. IETF submission of VBR: http://www1.ietf.org/mail-archive/web/i-d-announce/current/msg14053.html VBR technical inner-workings: http://files.altn.com/MDaemon/drafts/draft-hoffman-dac-vbr-00.txt * [5833] BACKSCATTER PROTECTION (MDaemon PRO only) * MDaemon now includes an implementation of the BATV protocol to fight against the problem of email backscatter. Backscatter occurs when spam or viruses send mail using a forged address as the return path. This can lead to thousands of bogus delivery status notifications, vacation and out-of-office messages, autoresponders, etc., ending up in the inbox. You can enable Backscatter Protection from the Security menu to greatly aid in solving this problem. Backscatter protection uses HMAC SHA-1 digests with a private key and mit- igates against replay attacks by imposing a 7 day life-time for all return path values. BATV technical inner-workings: http://files.altn.com/MDaemon/drafts/draft-levine-batv-03.txt * [5889] MINGER (MDaemon PRO only) * Alt-N Technologies has created a new email address verification protocol called Minger. The original Minger was loosely based on the Finger proto- col [RFC 1288] and thus the name. However, it has evolved and doesn't look much like Finger anymore; but the name stuck. Minger includes the following improvements over Finger: (a) requires authentication so it's se- cure (b) uses UDP rather then TCP. Minger allows others to query your server for user information. It is primarily intended to provide a simple and efficient mechanism for verifying whether an account exists or not. MDaemon's Minger server can be enabled/disabled via the UI in the usual way. A Minger user name and password may be configured from Ctrl+M on the Minger tab to use the server. A Minger client has been embedded in the "Gateways" feature-set. The old "LDAP Verify" tab has been renamed "Verification" and the existing controls have been reworked slightly to allow configuration for Minger. Finally, a new top level UI tab and log file for the Minger server was added. Minger technical inner-workings: http://files.altn.com/MDaemon/drafts/draft-hathcock-minger-02.txt * PERFORMANCE ENHANCEMENTS * The entire product and development process was re-tooled, setup, compiled and built using Visual Studio 2005 and Team Foundation Server (previously, Visual Studio 6 and SourceSafe were used). Three specific performance enhancements were made with respect to queuing and message delivery efficiency: [5549] Added a connection failure cache system which can be configured via a new option on the Setup | Primary Domain | Sessions tab. If an SMTP session results in a connection error or connection failure the IP is cached in memory for XX minutes. Once cached, further connection attempts to that IP are not attempted until the cache expires. The cache is main- tained in memory and is reset on a restart and at midnight. [5582] When large numbers of messages are waiting to be delivered a prob- lem occurs when MDaemon continually rebuilds its internal message delivery memory structure. This problem leads to very slow message processing be- cause the CPU is split between actually doing the delivery and continually rebuilding this memory structure. To address this problem, when MDaemon's internal memory structure already has 1000 or more messages queued up it will not dynamically rebuild this structure. This preserves the benefi- cial nature of dynamic queuing for the vast majority of MDaemon users who rarely have 1000 or more messages awaiting simultaneous delivery and at the same time better serve the performance needs of those who do. You can raise or lower this 1000 message limit by manually editing the following MDaemon.ini key: [Sessions] MaxQueuedCount=1000 [5546] There's a new option which can be used with the default schedule. When using the immediate delivery option you can now specify that only mail which is XX minutes or newer should be delivered by that option. This will increase mail processing efficiency since an incoming message will no longer trigger the delivery of everything. Of course, the entire queue will spool when the toolbar button is pressed or when any other queue run trigger fires. This new option only applies to queue runs which are triggered by the "Send mail immediately after getting queued" feature. By default, 1 minute has been set as the limiting factor. You can change that if you like using the schedule GUI. You can set it to ZERO to dis- able this behavior completely (which will cause MDaemon to behave as in previous versions - send all queued mail every time (inefficient)). [1077] Added a "Maximum simultaneous connections to any single IP" option which can be configured via a new option on the Setup|Primary Domain| Sessions tab. This setting limits the number of simultaneous connections to any IP address during delivery of queued outbound mail. It is useful to prevent making too many connections all at once to various IPs. During delivery, if a message would require a connection to an IP that would ex- ceed this connection limit, then the connection is skipped and the next MX host (or smart host) is used. If no additional hosts are available the message is queued for the next delivery cycle. By default, this option is completely disabled which preserves existing behavior. Also, by default, connections to trusted IPs are exempt from this feature. However, if you'd like to enforce it for trusted IPs you can set the following switch in the MDaemon.ini file: [Sessions] TrustedIPsUseConnectionLimit=Yes (default No) Also, by default, connections to IPs reserved for intranet use are exempt from this feature. These are 127.0.0., 192.168., 10., and 172.16.0.0/12. However, if you'd like to enforce it for reserved IPs you can set the following switch in the MDaemon.ini file: [Sessions] ReservedIPsUseConnectionLimit=Yes (default No) * IMPROVED GATEWAY SUPPORT (MDaemon PRO only) * [6118] Valid email addresses for gateways can be configured by just enter- ing them into a text file now. A new button was added to the gateway Verification tab which will let you add addresses to GatewayUsers.dat. Any gateway message sent to a email address found within this file will be considered valid. You can also setup gateway verification to use a new "File" option which requires that the address be present within the text file in order to be considered valid. When using other verification meth- ods, the text file is just an extra source for address data but not a definitive source. [6127] Gateway LDAP verification settings have been changed to better sup- port Exchange/Active Directory in the following ways: (a) The default search filter strings created for new gateways will use an objectclass of "user" rather than "MDaemonContact". (b) The default search filter strings will now include (proxyAddresses=SMTP:$EMAIL$) [6129] The format of the LDAP cache file has changed in order to fix a bug preventing multiple base DNs at the same host from working. As a result, all existing cached values are invalid. You can either delete the entire file and let MDaemon rebuild it or do nothing and allow the invalid entries to expire automatically over time. [6126] Added LDAP/Minger cache enable/disable to the Gateway Options UI. [6128] Added button to the Gateway Verification UI to edit the LDAP cache. - ----------------------------------- CHANGES AND ADDITIONAL NEW FEATURES - ----------------------------------- o [4262] Added an option to the DKIM signing properties which allows a single checkbox which configured all local domains (the primary domain and all secondary domains) for signing. You will no longer have to specify each domain individually within the DKSign.dat file. This option is enabled by default. o [5497] WorldClient has better character set support for composed messages. Previously, WorldClient would use the utf-8 character set for message that contained any characters not in iso-8859-1. Now the preferred character sets can be configured by the administrator with the "ComposeCharsets" INI value in WorldClient's Domains.ini or User.ini files. The default character set for the Japanese version is iso-2022-jp, Chinese is gb2312, and Russian is koi8-r. o [5254] MDaemon will now send emails to all users who are approaching their quota limitation informing them of the number of messages and size of their mailbox as well as percentages used and remaining. These emails are sent at midnight. If an existing warning is found in the users mailbox it is replaced with an updated message. You can configure a percentage value in the Misc Options|Misc tab which controls when these emails are sent. That UI has been redesigned slightly to make room for this new control. The number of allowable files or the amount of disk remaining must drop below this value in order for an account to receive a warning. Also, unrelated but tagged onto 5254 was a slight redesign of the default account options UI. The quota options have been isolated to a separate tab and the button(s) to restore installation defaults have been removed for now pending a sync-up with WebAdmin. o [5953] When sending messages to a smart host MDaemon already has the op- tion to authenticate using a configured user name and password. However, this is a single set of authentication credentials that is used for each message sent. Some ISPs are requiring a different set of credentials based on the sender of the message (the SMTP MAIL value). Therefore, it is now possible to configure independent smart host user name and pass- word values for each account. When authenticating to a smart host during outbound message processing these credentials will be used, if provided. When not provided, the existing single set of credentials that MDaemon has always supported will serve as a default. A new edit control was added to the Account Editor which will allow you to configure a smart host password. By default, the smart host user name will always match the account's email address. If, for some reason, this is not desired, a separate smart host user name can be manually configured by editing the HIWATER.MRK file found in the account's root mail folder and adding the following key: [AUTH] ISPAUTHUserName=-<user name> (example: [EMAIL PROTECTED]) Preface <user name> with a dash character "-" so that MDaemon will recog- nize the value as unencrypted and will encrypt it for security. Additionally, the following MDaemon.ini settings are available for use: [AUTH] ISPAUTHByAccount=No (default Yes) This option enables or disables the entire thing we're talking about here. When disabled, behavior is as MDaemon has always done - all messages are sent to the smart host after authenticating via a single user name and password. When enabled, particular authentication credentials will be used for messages sent from a local account to the smart host only when those credentials are either explicitly provided -or- when the options be- low force the use of defaults. A checkbox for this was added to the Setup |Primary Domain|Delivery UI as "Allow per-account authentication". ISPAUTHUseEmails=No (default Yes) This option causes MDaemon to always use the account's email address as the smart host user name unless HIWATER.MRK overrides (see above). When this option is set to No (disabled) and nothing is configured in the HIWATER.MRK for use then nothing special happens. ISPAUTHUsePasswords=Yes (default No) This option causes MDaemon to always use the account's POP/IMAP password as the smart host password unless HIWATER.MRK overrides. When this option is set to No (disabled) and no smart host password is configured for use then nothing special happens. SECURITY NOTE: Enabling the ISPAUTHUsePasswords option will effectively communicate all your account's local mail passwords to the smart host over time. This is not a good idea since it provides sensitive information (enough to compromise mail security) to somebody else. Use only if re- quired to do so by a smart host you absolutely trust. This system is shipped disabled because no account will have a smart host password value available for use. o [6251] When installing in silent mode (using the /s option) the installer will no longer show a "you need to reboot" dialog box. Instead, if a reboot is needed, the installer will create \App\RebootNeeded.sem. It's up to you to do the needed rebooting in these cases. o [6225] Added an new UI tool to pick users, lists, catalogs, or mailing lists where appropriate and retired the older tool. This new UI element ties in at various places (such as a button to the right of UI elements that allow user selection). It will support multiple selection when appropriate. o If you are adding DNS-BL hits to the IP screen you'll need to set the following MDaemon.ini switch to continue to make that happen: [SpamBlocker] AddToIPScreen2=Yes (default No) This is not recommended as it amounts to a permanent caching of DNS-BL results. It is provided for backward compatibility only. o [3678] Added account option to cause automatic processing of meeting requests, changes, and cancellations. When MDaemon encounters a message for a local user that contains a meeting request it will update the users calendar automatically if this option is enabled. This option is disabled for all users by default. o [5834] Removed option to force a reverse-path when none is provided in an outbound message. This was preventing the proper sending of mail with a NULL reverse path. If this is a problem use the content filter to insert an X-Return-Path header. The MDaemon.ini setting [Special] ForceFrom= is no longer used. o [6089] Alt-N supports only the SpamHaus RBL. Therefore, default installs of MDaemon will be configured with only this RBL. Alt-N does not recom- mend other RBL services however you are free to use whatever services you wish. o RAW message processing will no longer append "Message contains [X] file attachments" to message bodies. If you want that, you can enable this MDaemon.ini setting: [Special] ShowRAWAttachmentCountString=Yes. o [5875] Added two new IMAP filter rule options: Redirect Message - re- directs incoming messages EXACTLY as they arrived - no changes to the headers or body are made. The only thing changed is the SMTP envelope re- cipient. Forward Message - forwards the incoming message to a new recip- ient by introducing a new message into the mail stream (with the Subject header and body content taken from the original message). o [5678] Added SyncML password to the account editor. You only need to specify a SyncML password if your account is setup for Dynamic Authentica- tion. However, you can specify a SyncML password at any time. If speci- fied, that is the password that you must use when your account interacts with MDaemon's SyncML server. o [6002] The Alt-N web site now includes pages to provide more details on how to configure SyncML clients for various platforms. The SyncML server UI page has changed to include links to these new pages. o [5955] The account editor UI has seen additional descriptive text changes including: 1) SyncML password edit box added to Mailbox tab 2) Smart Host password edit box added to Mailbox tab 3) Better wording to describe various options on Options tab 4) "Aliases" button moved to Options tab to make room for 1) and 2) 6) "IMAP Filter Rules" is now just "Filters" to be consistent with WorldClient/WA o Some changes to better support Vista: [5640] Popups will not occur from MDaemon running as a service in session zero under Vista. This was causing nag screens. [5638] Mutex and shared memory problems fixed which were causing a break down of inter-process communication and leading to several odd issues (like double WorldClient.exe and MDSpamD instances, re-initing sockets). Help file converted to Microsoft HTML Help (MDaemon.chm) for Vista compat- ibility. "What's This? Help" is still only supported in 2000/XP. o [5886] Updated AntiSpam system to include SpamAssassin 3.18. o [5832] Added option to spam filter to toggle sending a spam trap public folder summary email to the postmaster each day. o [5852] The option "Send to next MX host when an SMTP error occurs" has been removed from Setup|Primary Domain|DNS. MDaemon will always send to the next MX host as appropriate. o [5854] An option was added to Setup|Primary Domain|DNS which will bounce a message upon the first 5xx error returned from any MX host. When uncheck- ed, messages will not be immediately bounced as long as at least one MX returns a 4xx error. o [5653] The RBL caching system was removed. It's redundant since DNS al- ready does caching and was needlessly CPU/disk intensive. o [5580] A new switch was added to Misc Options|Servers. You can now indiv- idually enable message and SMTP parameter RFC compliance checking. o [5581] Authenticated sessions are always exempt from SMTP parameter and message RFC compliance checks. o [5525] Slight restructuring to the DNS-BL UI to make it more efficient. o [5467] Changed several references from "AntiVirus" to "AntiVirus/SecurityPlus" o [6014] A warning message will appear when enabling message relaying. o [5539] The option "Enable disk checking for waiting message counts" was renamed to "Update GUI with queued message counts" and moved from the Misc Options|Misc to the Misc Options|GUI tab. o [5336] By default, automatic attachment extraction will no longer extract text/plain attachment types. You can change this with a new switch on the Misc Options|Misc tab. o [5540] The option to relay for trusted IPs has been disabled by default. You can change this with a switch on the Security|Relay...|Relay Settings tab. o [5949] The following INI file keys are no longer used: [RAS] EncryptName and EncryptPassword (MDaemon.ini) [AUTH] EncryptDequeueLogon and EncryptDequeueSharedSecret (MDaemon.ini) [DomainPOP] EncryptName and EncryptPassword (DomainPOP.ini) The proper way to have MDaemon encrypt these values is to make the first character a dash "-" char. Also, the following keys were renamed for MDaemon 9.60: [AUTH] ISPAuthLogon -> [AUTH] ISPAuthUserName [AUTH] ISPAuthSharedSecret -> [AUTH] ISPAuthPassword [AUTH] DequeueSharedSecret -> [AUTH] DequeuePassword o [5542] By default, MDaemon will strip out X-MDOP-RefID headers from in- coming messages. These are headers generated by Outbreak Protection. If you'd like to retain these headers you can set the following switch in MDaemon.ini: [Special] StripOPRefIDHeaders=No (default Yes) o [4241] Added additional reminder times for WorldClient events. o [5612] * and ? chars will now be accepted in RCPT values. However, if you have accounts that use * and ? chars within the mailbox value be aware that aliases will not work properly for such accounts. You should not setup accounts with * and ? chars in mailbox values. o [5361] Details related to the meeting are now included in the subject of iCalendar invitations. This works around an issue where Exchange uses the RFC message subject and not the iCalendar summary field for the meetings description. o [5839] Added menu and toolbar button for editing SyncML server options. o [5465] User can specify default browser when Comagent launches WorldClient. Edit the Comagent.ini file: [ComAgent] DefaultBrowser=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.exe -url "%1" o [6062] Route slips will honor the "Abort delivery on 5XX after RCPT" op- tion. Previously they used an MDaemon.ini setting called IgnoreRcptErrors. This has been deprecated. o [6004] Auto-responders will never be triggered by a spam messages regard- less of whether they are explicitly listed on the auto-responder exception UI or not. o [6005] MDaemon's internal resource string ids were changed in order to assist localization efforts and prevent errant string translations from causing software crashes and bugs. As a result, the "custom SMTP" and "custom POP" string systems for which support ceased a long time ago has now been completely deprecated. o [6013] Secondary domains can now be configured with a unique FQDN value. This value will be used with incoming SMTP connections. IP binding is not required in order for this to work. However, if you have two or more domains using the same unbound IP then the FQDN used will be the one associated with the domain that is first in alphabetical order. If each domain is bound to its own IP then the proper FQDN will be used in all cases. Also, this value will be used with outgoing SMTP sessions in the HELO/EHLO. When no FQDN value is specified, MDaemon will use the primary domain's FQDN value as a default. o [6016] The option to use the FQDN host name in SMTP when required and the option to use the same in "Received" headers were both removed from Setup| Primary Domain. The former options were eliminated completely from the software and the FQDN will always be used when required by RFC. The latter option still exists in the Misc. Options however it's default has been changed to TRUE. o [6025] Outbound socket IP binding has been changed. MDaemon will always bind outbound sockets if the domain has binding in place on inbound sockets and if the option to enable outbound IP binding is enabled. The IP used in this case is the one associated with the handling of inbound mail. If no IP can be determined then MDaemon can use a specific IP which you can configure by editing the following in MDaemon.ini: [Domain] OutboundSocketIP=<IP> All of this functionality requires that outbound socket binding be enabled via a new UI switch added to Misc Options|System. The following setting is no longer used: [Domain] BindToBoundDomains=<whatever> o [6045] DK/DKIM processing will properly handle keys with CR, LF, and SP embedded within them. Some examples of keys that have been errantly white- space folded were encountered in the wild. o [6049] Uninstall will automatically invoke a deactivation of the software. o [2725] System log will note the queue status on startup (frozen/active). o [6113] Removed "Check for update now" option from all installers. Check- ing for updates from within the installer is no longer technically poss- ible for us. Update checks can only be safely performed using the MDaemon UI. o [6205] Changed list digests slightly. First, the format of the digest mail was simplified and is always sent with basic HTML codes inserted. The option to create HTML digests has been removed. The button to edit the digest format was also removed from the UI. MDaemon will always rebuild DIGEST.MBF every time it starts. So, DIGEST.MBF, like RFC822. MBF is now a reserved file and shouldn't be changed by end users. If you want to create a custom DIGEST.MBF file for use with certain lists you should copy DIGEST.MBF to another file name of your choice, make the changes you need using notepad, and then configure the list to use your new MBF file. o [6212] RFC822.mbf and DIGEST.mbf are important system files that can cause MDaemon to operate strangely if they are modified. These files are no longer eligible for modification. MDaemon will rebuild these files to system defaults at each startup. o [6193] MDaemon's service startup procedure has been internally changed. It is in a separate thread now which should keep the Windows SCM updated properly. Also, MDaemon will report its status as SERVICE_RUNNING when connections are ready to be serviced rather than when the main window is initialized as in previous versions. o [4146] Added an option to the Logging Mode UI which allows you to config- ure a log file path. The resulted in a slight reorganization of the con- trols on that UI tab. o [6142] MDaemon no longer sends auto-generated messages using "BadMsgQ@" as the Reply-to. MDaemon will use "Noreply@". Therefore, if you have an account using that mailbox it will no longer be able to receive mail. o [6143] Auto-generated emails sent from MDaemon which should not receive replies will be sent with a reply-to and reverse-path of "noreply@". Messages received for "noreply@" will be refused by the SMTP server. o [6120] It is no longer possible to use the envelope sender value to verify list membership. Doing so is an improper use of the envelope value result- ing in the breakage of systems like BATV. List related checks will be performed on the value of the FROM header after the message body is re- ceived. o [6123] ComAgent warning will popup on public folder synch when user lacks permission to modify the public address book. o [6214] Tarpit.dat was renamed DynamicScreen.dat. o [6131] The feature which automatically updates local address books with the email addresses of folks to whom mail is sent was broken. So was the DomainPOP "real name matching" feature. Both were using the return-path address rather than the address taken from the message's From: header. This has been fixed. o [6132] The feature which checks local address books to determine whether a message should be exempt from the spam filter was broken in two ways. First, a single address book match for a RCPT white listed the message for all RCPTs. For this reason, messages to multiple RCPTs will be handled by the MTA rather than the SMTP server. Second, the return-path address was the one being matched to the address books. This should be the ad- dress of the sender of the message as taken from first the Sender: header and failing that, the From: header. o [6135] Some changes were made regarding the logging of tarpit and dynamic screening activity. First, these items are no longer tracked into the OS event log. This was just bloating the even log greatly. Second, a new "Screening" sub-tab has been added to the Security tab. Tarpit and dy- namic screening events will track into this tab and log file rather than the System tab and log. o [6145] The "Machine name" parm has been removed. MDaemon already has an FQDN value which is supposed to uniquely identify the machine. MDaemon will now use the FQDN value everywhere that it previously used the Machine name value. o [6146] Auto-generated messages are sent with a FROM field which indicates the FQDN of the server who sent the message. Something like this: From: "MDaemon at c3po.altn.com" <[EMAIL PROTECTED]>. o If CLEARQUOTACOUNTS.SEM contains * on a line by itself the entire file will be deleted thereby invalidating all cached quota counts. - ----- FIXES - ----- o [6079] fix to session transcripts no always included in NDR when should be o [6090] fix to CRLF in Comments and UserDefined fields breaking CSV export o [550] fix to list digest messages not handling HTML mail properly o [2874] fix to RAW & CF generated messages not working with list digests o [6021] fix to list digest processing leaving orphaned temp files o [6023] fix to list digest processing handling only multipart/alternative o [5526] fix to truncated ACL help button text o [5462] fix to missing strings for translation o [5532] fix to DNS-BL not refusing connections when it should o [5534] fix to orphaned RTE files in Bayesian learning folders o [5448] fix to restricted account default setting only working in English o [4777] fix to unsubscribe emails not available for localization o [5541] fix to bad email addresses sometimes written to OC user data file o [5252] fix to OC user data file not updated when domain names change o [5543] fix to RTE files orphaned by IMAP server o [5545] fix to RTE files orphaned by POP server o [4866] fix to SMTP not sending to backup server on error during session o [5136] fix to SMTP not sending to backup server on error after EHLO o [5508] fix to ComAgent right-click lockup problem under some conditions o [5509] fix to ComAgent crashes when Outlook synchronization occurs when server connection had been lost o [5573] fix to apply button not working on some spam filter UI tabs o [5559] fix to more "MDaemon Antivirus" in UI when should be "SecurityPlus" o [6133] fix to BATV pvrs encoded return-paths not playing nice with greylisting o [5583] workaround for HiPath ProCenter bug which caused it to strip email attachments from unread messages o [5418] fix to MD not being able to delete a domain's public folders when removing the domain o [5599] fix to ComAgent not using translated folder name for new email notification o [5844] fix to DomainPOP "Default" button (removed it) o [5604] fix to Apply button not working in Queues UI o [5680] fix to Comagent Outlook sync not synching job title field o [5681] fix to Comagent Outlook sync not synching title in full name field o [5707] fix to Comagent Outlook sync not synching suffix in full name field o [5847] fix to handle leak when using the gateway's LDAP "test" button o [5855] fix to plugin menu options appearing in menubar in simple mode o [5792] fix to attachments not being removed when using the 'extract attachment to folder' action in content filter o [5872] fix to cf and virus .dat files being overwritten by the installers o [5868] fix to content filter rules not able to be modified on some systems o [5876] fix to improper use of Resent-From in auto-forwarded mails o [5879] fix to stack corruption in SafeFormatResourceString function o [5621] fix to unable to set ham/spam sample count below 200 in UI o [5651] fix to spam filter's DNS-BL score not enabling/disabling correctly o [5652] fix to account filters UI not enable/disable match text correctly o [5467] fix to UI references to "AntiVirus" -> "SecurityPlus/AntiVirus" o [5663] fix to summary stats report file formatted improperly o [5882] fix to summary stats report leaving orphaned files in temp folder o [5784] fix to DPOP/MPOP not working with UIDLs that start with # properly o [5795] fix to some public folder UI text not in resources for translating o [5619] fix to import process breaking down when missing a last name field o [5622] fix to smart host being used immediately after first MX connect failure rather than trying all MX hosts first o [5665] fix to schedules added/changed by config session not taking effect o [5945] fix to 502 rather than 252 response when VRFY/EXPN disabled o [5871] fix to SyncML: server should log if directory does not exist o [5505] fix to SyncML: the fact that the Outlook Connector deletes and re- creates an item when editing causes the SyncML server to do the same o [6006] fix to Host Screen not working with PTR result at times o [5993] fix to tarpit.dat not purging matches to notarpit.dat on startup o [6011] fix to 250 EHLO/HELO response not including FQDN value o [6036] fix to Comagent strings, "Could not connect to the server! Please verify that the server information is correct.", not translated o [6063] fix to QUIT sometimes being sent at the wrong time during SMTP o [6064] fix to "Bounce message on first 5XX from an MX host" not working in all cases o [6081] fix ComAgent's un-translated strings o [6102] fix to WorldClient does not recognize invitations from GoToMeeting.com o [6105] fix to errant text on Help menu regarding Top 10 support questions o [6106] fix to errant text on Help menu regarding Top KB articles o [6107] fix to redundant Help options (there's just one HELP option now) o [5609] fix to the contact picker not selecting the right contact folder after refreshing data when the contact folder is refreshed in some foreign languages o [5904] fix to activation resets when installed on Vista o [5899] fix to $LOCALDOMAIN$ aliases showing in WC o [6140] fix to ComAgent auto-update not working o [5655] fix to New Folder dialog from IMAP Rules editor not decoding or encoding folder names o [6147] fix to IMAP rules possibly using value from the wrong header o [6156] fix to crash at shutdown if Spam Filter dialog is open o [6157] fix to incorrect title for some tabbed dialogs o [6161] fix to DKIM signatures not using the i= domain properly o [6174] fix to SPF "PTR" tests not working properly in some cases o [6166] fix to accepting MAIL parms with | char (MDaemon reserves this char) o [6115] fix to server freeze states not honored by config session on new install o [6177] fix to ISO-2022-KR messages are corrupted in WorldClient o [6183] fix to IMAP parse error with search arguments containing parentheses o [5963] fix to QuotaCounts.dat not being updated after pruning o [6213] fix to digest special editions being folded into digest proper o [4530] fix to SyncML: database path containing non-ASCII characters not found o [5885] fix to SyncML: recurring events not synchronized with TBird extension o [6051] fix to WC and some IMAP clients not properly decoding a message that has trailing whitespace in the Content-Transfer-Encoding header value. o [6297] fix to SMTP based scan scoring for VBR and OP results o [5495] fix to a message composed in WorldClient with an improperly formatted email address may not be sent to all recipients o [6232] fix AccountPrune not accepting foreign and accented characters for folder name parameter(/p) o [6243] fix to MDaemon's "Log full WC/HTTP/IM activity" setting having no effect on WorldClient's HTTP log o [6250] fix to auth'ed sessions accepting, and then bouncing, messages sent to unknown local users (should not accept message in the first place) o [6237] fix to auto-generated messages being sent even when triggering message specified a NULL reverse path o [6141] fix to installer backup not taking place before file conversion o [6257] fix to Korean message not displaying in WC LookOut theme o [6278] fix to DomainAdmin.ini file key may contain unnecessary commas o [6279] fix to switch inserting X-Lookup-Warning header not working o [6199] fix to DKIM options tab not using Apply button correctly o [6305] fix to cfengine.exe crash when using search and replace rule action - ----------------------------------------------------------------------------- - -- syafril - ------- Syafril Hermansyah -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFGb0YeJDdq0WWNVhYRAh02AJ9oJyyuZM6CY9xfGSDb3/YL9USibACdH9Kd IkxpHOTX//ZH5SDv//1qkek= =trJK -----END PGP SIGNATURE----- -- --[MDaemon-L]------------------------------------------------ Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Mohon tidak posting dengan format HTML, pastikan selalu menggunakan Format Plain-text Arsip : <http://mdaemon-l.dutaint.com> Henti Langgan : <mailto:[EMAIL PROTECTED]> Berlangganan : <mailto:[EMAIL PROTECTED]> Versi Terakhir : MD 9.5.6, MDSP 3.0.4, MDOC 2.1.5
