5.19-p3
Released 2026-07-01
-
BugAddressed regression in DNS resolver (from 5.18) -
PkgUpdated 3rd party packages
5.19-p2
Released 2026-05-24
-
PkgUpdated 3rd party packages
5.19-p1
Released 2026-05-18
-
PkgUpdated 3rd party packages
5.19
Released 2026-05-06
-
ImpIncreased log size to 10 GiB -
BugStricter DMARC record checking (when having duplicate records) -
PkgUpdated FreeBSD (15.0) and packages to latest quarterly
5.18-p2
Released 2025-12-08
-
BugRemove warning from OpenSSL (not affecting behaviour) -
BugFixed issue with Let's Encrypt
5.18-p1
Released 2025-09-01
-
BugDMARC records are now matched case-insensitive -
DepUpdated Sophos AV engine (3.95.1)
5.18
Released 2025-08-28
-
NewA new and modern SPF implementation (replacing libspf2) -
PkgUpdated FreeBSD (14.3) and packages to latest quarterly -
DepOpenSSL 1.1.1 was replaced by OpenSSL 3.x (could affect custom plugins)
5.17-p4
Released 2025-05-19
-
ImpAllow more SpamAssassin instances to be started -
BugFix issue with HSL memory_update (only trigged with invalid code) -
BugLetsEncrypt could not be enabled for new installations -
BugRates could not be cleared by filter in WebUI
5.17-p3
Released 2025-03-19
-
ImpImproved diagnostics for DNS resolving issues
5.17-p2
Released 2025-02-13
-
BugResolved a stability issue
5.17-p1
Released 2025-02-13
-
PkgUpdated packages
5.17
Released 2025-02-06
-
NewAdded support for syslog over TLS (trusted and untrusted) -
NewAdded is_rsa|ed25519_privatekey HSL functions -
ImpAllow more than 32 SAN in certificates -
BugFix issue with script validation (file includes) during startup -
BugFix issue with live-stage of newly added transports -
BugFix issue with S/MIME -
PkgUpdated FreeBSD (13.4) and packages to latest quarterly
5.16
Released 2024-08-27
-
NewSupport for AWS SIGv4 in http() and http_bulk() -
ImpImproved API request logging in API hook -
BugFix issue with certain timezones hook
5.15-p3
Released 2024-07-02
-
SecFix issue addressing CVE-2024-6387 (OpenSSH)
The general recommendation is to not provide internet access to any admin interface (SSH, HTTPS).
5.15-p2
Released 2024-07-01
-
BugFix issue with linting in script editor
5.15-p1
Released 2024-04-22
-
BugFix issue in script editor with validation of delivery settings -
BugFix issue with Let's Encrypt
5.15
Released 2024-04-09
-
NewAdded support for Let’s Encrypt (ACME) -
NewRedesign of web administration interface -
NewAdded support for queue groupings (MX and domain rollups) -
ImpAdded support rotating mail history logs based on days (in addition to count) -
ImpAdded support for public validated CAs when clustering (in addition to fingerprints) -
BugIssue when searching for message ID in message queue -
PkgUpdated FreeBSD (13.2-RELEASE-p11) and packages to latest quarterly -
PkgUpdated Eleven eXpurgate anti-spam engine to 4.48.3
5.14-p1
Released 2024-02-27
-
PkgUpdated Sophos anti-spam engine (savi)
5.14
Released 2024-01-25
-
NewEnable configuration of barelf behaviour (default is to auto detect legacy clients) -
NewAdded null coalescing assignment operator -
NewAdded mimeword_encode() and _decode HSL functions -
NewAdded support for Map.merge() in HSL -
BugFix Views button not working with Quarantine -
BugEscaped characters in filename in MIME class should always be double hex digits -
BugFix validation issue of policy, delivery and suspend configs -
PkgUpdated FreeBSD (13.2-RELEASE-p4) and packages to latest quarterly
5.13-p1
Released 2023-10-02
-
SecUpdated libspf2 to fix CVE-2023-42118
5.13
Released 2023-08-15
-
ImpUpdated version of eleven eXpurgate anti-spam daemon (4.47.0) -
ImpAdded selector field to DMARC reporting -
ImpIncreased SA custom rules limit -
ImpImproved query builder for metadata fields in queue listing -
ImpBased on FreeBSD 13.2, and latest quarterly packages -
BugFix issue with SpamHaus DQS -
BugFix issue with memory_store HSL function -
DepRemoved deprecated ClamAV (ScanCLAM() is now a no-op)
5.12-p1
Released 2023-05-03
-
BugIn HSL fix an issue with Map/Sets iterators and foreach
5.12
Released 2023-04-12
-
ImpMTA improvements- Faster policy evaluations and subdomain matching
- Added a new grouping field to the queue structure to be used for combined recipientdomain/remotemx groupings
-
Added
LOGINparameter support to theXCLIENTcommand -
Added support for network matching in
PROXY,XCLIENTand TLS client cert settings - Added connection pooling reuse setting based on remotemx
-
Various improvements to DNS resolving
- Added a global DNS domain cache
- Restructured DNS cache to resolve all addresses, with deduplication
-
Added global settings for
resolver.mx.exclude.ipandresolver.mx.exclude.mx
- Priority messages now also have priority in resolver and script execution queues
-
Allow overriding serverhost (
servers[].hostname) in connect hooks'sAccept()function - Added ability to read plugin configurations from file paths
-
Improvements to
halonctl-
Added
--no-pipeliningoptions to queue trace command - More precise time (usec) resolution in queue trace command
- Queue update command now supports changing only localpart or domain of senders/recipients
-
Added
-
halontopnow resizes layout to terminal size -
Added a new C-API (
HalonMTA_deliver_trace) to do custom trace outputs in delivery plugins - Added a new C-API for queue pickup plugins
-
ImpScript language improvements-
Added support for multiline CSV data in
csv_encode()andcsv_decode() -
Added option to allow non-convertible objects to be converted
to none in
json_encode()
-
Added support for multiline CSV data in
-
ImpImprovements to integrated (VM) package- Based on FreeBSD 13.2, and latest quarterly packages
- Pre-packed with http-bulk plugin
-
DepImportant changes- Deprecated ClamAV in integrated (VM) package
-
Deprecated
ScanDMARC()in componentized package (installhalon-extras-dmarc) -
Deprecated builtin
LDAPclass in componentized package (installhalon-extras-ldap) -
Removed
MailMessage.deliver(deprecated since 5.2, useMailMessage.queue()instead) -
Removed
/dev/nullas special transport destination -
Removed
GetMailQueueMetric()(deprecated since 5.3)
-
BugVarious bug fixes-
Missing dynamic policy id in
$argumentsin post-delivery on rate only policy conditions - Fixed timeout issue with PIPELINING
-
queue_policy_delete()function was missing in AUTH hook -
Fix issue with
unsetinforeachloops -
Fix issue with
scripting.rootpathending with/ - In HSL do not allow index dereference of string with key types other than numbers
- In HSL do not allow slice operator dereference with key types other than numbers
-
jobidset in pre-deliveryTry()function was not updated in post-delivery hook - Fixed rare crash with queue trace command on busy systems
-
Missing dynamic policy id in
5.11-p3
Released 2023-02-17
-
BugImproved error handling with HTTP submissions API -
BugFix error message withhalonconfig --dist-checkand missing schemas -
BugFixes to integrated (VM) package- Upgraded ClamAV to 1.0.1 to address CVE-2023-20032 and CVE-2023-20052
- Fix web adminsitration bug when adding domains
- Relaxed DangerousExtensions classification in eXpurgate (caused false positives)
-
Allow changing DangerousExtensions with
antispam_expurgate_dangerous_extensionssetting
-
BugFix rare issue connection retry -
DepPlease note that ClamAV is deprecated and will be removed in 5.12
5.11-p2
Released 2023-02-09
-
BugFixes to integrated (VM) package- Lower default timeout of ScanRPD() scanning
- Fixed error handling for ScanRPD() in case of network errors
5.11-p1
Released 2023-02-06
-
BugFix a rare issue with configuration reload on Ubuntu
5.11
Released 2023-02-03
-
ImpMTA improvements-
Added a
halonctl queue tracecommand to trace outbound SMTP connections - Outbound PIPELINING support
- Ability to change TLSv1.3 cipher suites on server and clients
- Queue performance optimisations
-
Added
setDateLater()function to set Date header on delivery -
Added connection
idand numbers oftransactionsto post-delivery attempt connection array -
Added support for networks in the
Try()argumentip_exclude -
Allow changing jobid with
Queue()functions in pre- and post-delivery - Added remotemx information to outbound connection list
-
Added support for
--size,--subject,--metadata-andfilter conditions tohalonctl -
Added the ability to clear the internal DNS cache using domain
wildcards in
halonctl
-
Added a
-
ImpScript language improvements-
Map/Setiterator are now thread safe with imports (modifications are not) -
Added support for
data types
when
importing YAML files -
Added support for private key
import(RSA and ED25519 keys) -
Added
rsa_privatekey()anded25519_privatekey()function to load keys as PrivateKey resources -
Added
array_combine()function -
Added
exclude_headerstosignDKIM()functions -
Added support for PrivateKey resources to
signDKIM()functions -
Added support for
tags
when
parsinging YAML files -
Added
MIMEPart.getByID()functions to retrive a MIMEPart by ID -
Added support for Regex types to
MIMEPart.findByType()andMIMEPart.findByFileName()functions -
csv_encode()will not added quotes to string with spaces
-
-
ImpImprovements to integrated (VM) package- Improved DNS reliability when using the builtin DNS cache
- In the WebUI allow building queue search filters with multiple different metadata combinations
-
BugFix issue with slow graceful shutdown ofsmtpd -
BugFix issue with thehalonctl queue groupbycommand if jobid was set withTry() -
BugFix issue with including files using symlinks within the rootpath in HSL -
BugFix issue with global functions and module imports in HSL -
DepImportant changes- Migrating away from Cyren (ctasd and ctipd)
-
The deprecated
DirectDeliver()function now acts as a queuing deliver -
Removed deprecated
GetTLS(),Allow(),Block()andDeliverWithDKIM()functions - On Linux, trying to reload with Halon script compilation errors will continue using the previous configuration
5.10-p1
Released 2022-12-06
-
Bughalonctl resolver command didn't ignore SIGPIPE -
Bughalontop didn't show patch version properly -
BugOn some Linux distros environment.rlimit.nice could not be set to a negative value -
BugImproved error handling on JSON payloads in smtpd HTTP API -
BugOn configuration load filename was missing in error message -
BugFixed a stability issue -
BugUpdated FreeBSD ping utility (CVE-2022-23093)
5.10
Released 2022-10-11
-
NewWeb administration additions- Delivery insights view
- Outbound connection list and ability to close connections
- Visual refresh
-
ImpPackage and repository improvements- Builds for Ubuntu 22.04 LTS
- Packages for extras projects written in Halon script
-
ImpMTA improvements- Ability to change IP address family (v4/v6) preference
- Support for implicit TLS for outbound connections
-
New outbound TLS mode
dane_fallback_require_verifyfor DANE/MTA-STS coexistence - Added peer certificate error and TLSA to post-delivery's attempt information
-
Store last attempt's
localip,remoteipandremotemxin the defer queue
-
ImpScript language improvements-
Added
domain_publicsuffix()function -
Added
url_parse()function -
Added
insert_functionoption tocache [] -
Added new
matchexpression -
Socket.recvmay now use multiple flags as an array -
Added support for
body_lengthinsignDKIM() -
Ability to set properties and the stop flag in for dynamic
queue_policy()
-
Added
-
ImpProtobuf API improvements-
QueueGroupBybylocalipas well -
QueueGroupBysupport policy grouping (MX rollup, etc) -
More
ServerConnectionsListinformation; transactions, local IP and ports
-
-
ImpCommand line tool improvements-
halonctl groupbyoverhaul, adding lots of new functionality -
halonctl queue updatenow have a dry-run flag to test queries -
halonctl process-statsmay now output Prometheus compatible formats
-
-
ImpImprovements to integrated (VM) package- Added support for Sophos Live Protection
- Added HTTP submission API support
- Updated Cyren packages to ctasd 5.5.1 and ctipd 4.5.1
- Updated to FreeBSD 12.3-RELEASE-p7 with quarterly packages
-
ScanDMARCfunction how have an option to disable SHA1 signatures (rfc8301) - Allow reverse lookups for private address space in unbound DNS resolver
-
BugFix issue with dynamic policies in the 35/8 subnet -
DepImportant changes-
The Ubuntu packages no longer depends on
halon-extras-rateandhalon-extras-dlp(need to be explicitly installed) -
The per-recipient end-of-DATA function
DirectDeliveris deprecated, useMailMessage.send()instead -
The post-delivery function
GetTLS()is deprecated, use thetlsobject in$argumentsinstead
-
The Ubuntu packages no longer depends on
5.9-p3
Released 2022-12-05
-
BugFixed a stability issue
5.9-p2
Released 2022-08-16
-
BugCould not override Spamhaus DQS scores in integrated (VM) package -
BugGetTLS()in post-delivery could fail on non-delivered messages -
BugIssue withQueue()in post-delivery with no retry delay -
BugFixed an error message inhalonconfig
5.9-p1
Released 2022-05-31
-
BugFix issue with IPC (Unix domain socket) permisson on Linux
5.9
Released 2022-05-30
-
NewAdded priority for queued messages -
NewAdded max age of messages in queue (retry.during) as an alternative toretry.count -
ImpMTA improvements- Added support for thread priority for various thread pools and event loops
-
Made
ip_exclude_temporaryalso work withmx_excludein SMTP clients -
Added
dane_fallback_requireas TLS mode in SMTP clients - Added support for more AUTH mechanisms in SMTP clients (eg. XOAUTH2)
- Randomize the order of equal-preference MX host addresses
- Added possibility to configure custom script thread pools per hook
- Delivery settings may now change max retries/during and retry intervals
-
Added
queues.maxmessagesto limit number of messages to hold in memory -
Added
data.fixheaders(false) anddata.mimepart.fixheaders(false) to inject\r\nbefore bad headers -
Added
queue.loader.activecounter to hold total messages currently loaded - Postmaster address may be configured separately as localpart and domain (inherit from reporting-mta)
- Added possibility to disable MIME multipart parsing for performance
-
Added
maxpartsto configure max MIME parts -
Added ability to change
transportidinTry() -
Added
$arguments["expired"]to post-delivery hook to indicate bounces due to age or max retry count -
Added reason to
Delete()in the pre-delivery hook -
Added support for DSN options to
Bounce()in the pre-delivery hook
-
ImpScript language improvements- Added array dereference with spread operator inside of arrays
-
Allow upcast of TLSSocket to Socket with
TLSocket.toSocket() -
Added
setFileName()andsetDisposition()functions toMIME() -
Detect MIME parsing errors with
MailMessage.getErrors() -
Added support to create
MailMessagesfromFileobjects usingMailMessage::File() -
Added reason for policy result and detailed error/errno to
spf_query()output
-
ImpNative (C ABI) plugin improvements-
Added support to get object properties with
HalonMTA_hsl_object_property_get() -
Create MailMessage and File classes from strings with
HalonMTA_hsl_value_set() -
Detect MailMessage type with
HalonMTA_hsl_value_type()
-
Added support to get object properties with
-
ImpHTTP submission API improvements-
Added
/healthendpoints to be used with load balancers -
Added
$arguments["headers"]to end-of-DATA script - Added concurrency limit setting per server
- Certificates are soft reloadable in configuration
-
Added
-
ImpProtobuf API improvements- Include HTTP connection in ServerConnectionsList replies
- Support for close reason of HTTP connections with ServerConnectionsClose
-
Added option to reset
transactionid,tsandretrycountupon message import -
Bounce action may set
statusanddiagnosticcodeon queue updates - Added regular expression support in StringMatch in API for message conditions
- Added unique count feature to groupby
-
Added maximum values to process stats and present them nicely
in
halontop
-
ImpImprovements to integrated (VM) package- Added support for EU-only Cyren datacenter for RPD and globalview
- Added support to configure reserved IPs for SMTP servers in web administration
- Include updated spamassassin-dqs with support for DBL with hostnames
- Allow access to Sophos AV unix socket using Socket() class in HSL
- Enable scanning of Msi files with Sophos AV
- PHP IMAP module now available in custom-www
- PHP DNS resolving is now available in custom-www
- Updated to FreeBSD 12.3-RELEASE-p5 with quarterly packages
-
ImpAll halonctl commands accepting time now allows for X[dhms] syntax -
ImpAdded dist-check command to halonconfig to check generated configuration -
ImpAdded option to stop-on-match in smtpd-policy.yaml when matching rules -
ImpAdd configurable rate sync delay to improve UDP synchronization reliability -
BugFix validation bug in JSON schema with HTTP submission API -
BugFix validation bug in post-delivery hook with$arguments["dsn"]["status", "diagnost... -
BugAllow long lines in message body when receiving messages with CHUNKING -
BugFix rate issue with dynamic policies which could cause MTA restarts -
BugHTTP submission API header name “X-API-Key” was not case insensitive -
BugStatistics queue.policy.rate.suspends not decreased on manual message deletes -
BugFix bug in C API when invoking function pointers in class member functions -
BugDNS zone flush with unbound in VM package did not clear all record types -
BugDo not rescan messages with ScanCLAM() and ScanRPD() if failed -
BugProperly detect temperror in ScanDMARC() -
BugFix escaping of email addresses by escaping additional characters -
BugAdded detection newer versions of .docx and .xlsx files in ScanDLP() -
DepDeprecated use of MIME("0") in EOD, use $arguments["mail"] or GetMailMessage() instead -
DepImportant changes- Removed "eodrcpt" from Linux builds
- Removed ability to control "rated" and "dlpd" from "halonctl" (use ratectl or dlpctl instead)
- Removed deprecated functions from per-message end-of-DATA script: Queue(), GetMailMessage(), GetTLS(), GetAddressList(), DKIMSign(), DKIMSDID(), DKIMVerify()
5.8-p4
Released 2022-03-16
-
SecUpdated OpenSSL to fix CVE-2022-0778
5.8-p3
Released 2022-02-10
-
BugIssue when using Cyren anti-spam (ctipd and ctasd) with a HTTP proxy fixed -
BugAuto-detection of DKIM keys inadditional_signaturesfixed -
BugReduce risk ofratedUDP packet loss for initial synchronisation -
BugIssue withScanDLP()and custom rules fixed -
BugUpdated libcurl to 7.81
5.8-p2
Released on 2022-01-25
-
BugDKIM validation issue under certain circumstances
5.8-p1
Released on 2022-01-10
-
BugPrivdrop after creating control socket inrated -
BugFixratedstartup rate hit sync -
BugFix minor issue parsing bad headers
5.8
Released 2021-12-13
-
NewTemplates for Docker and Kubernetes-
The
dlpdcontent filtering connection now uses a HTTP based API -
The
ratedrate control connection supports DNS with dynamic re-resolve
-
The
-
NewAPT/deb and RPM repositories- Components are now in separate packages (MTA, rate control, content inspection, etc.)
-
Added separate
dlpctlanratectltools for the respective new packages
-
NewMTA features- HTTP submission API for pre-formatted RFC822 messages
-
halontopprogram showing realtime process metrics -
Faster DKIM dual-signing with
additional_signaturestosignDKIM() - Ability to use multiple spool paths
-
Added support
reservedconnection slots -
Export message using with
QueueExportRequestAPI
-
NewNative (C ABI) plugin features-
Added
Halon_command_execute()function, supportingargvstyle of arguments -
Added
Halon_early_init()function, supporting early initialization -
Added
HalonMTA_hsl_value_to_json()andHalonMTA_hsl_value_from_json()functions -
Added
HalonMTA_hsl_value_array_lengthfunction - Autoloading plugins without configuration
- Support for objects
- Support for exceptions
- Support for static functions
- Support for running Halon script functions in C
- Support for working with lists function in C
-
Support for more types in C API such as
X509,Fileobjects
-
Added
-
ImpScript language improvements-
Added
zlib_compress()and uncompress functions -
Added
MIME.toFile()function -
Added
MIME.setDate()function -
Added
X509.extensions()function -
Added
X509.verify()function -
Added
X509::String()function -
Added
queue_policy_deletefunction -
Added
importsupport for multiple X509 certificates (.crt) -
Added
importsupport for rfc822 message files (.eml) -
Added
glob importsupport -
Added support for
srvrecords indns_query()function
-
Added
-
ImpMTA improvements- Improved DSN generation by supporting to include full original messages and DSN field customization
-
Include DSN arguments in post-delivery
$arguments["dsn"]array -
Include queue policy insights in post-delivery
$arguments["policy"]array -
Added support for customization of the Received header (
tlsandfor) - Order queue list by retrycount
- Support message retry with a jitter (distribution) in queue actions
- Added support for queue message grouping of remoteip and remotemx
- Added lists, grouping of conditions, and custom properties to active queue policy and delivery settings
-
Allow configuration of multiple
pickupthreads - Added delivery counters to process stats
-
Added support for
.halonignorefiles when packaging configuration usinghalonconfig
-
ImpImprovements to integrated (VM) package-
Added support Cyren anti-malware in
ScanRPD()(requires an extra license) - Added option to include HSL plugins in script editor "run" on VM package
- Updated FreeBSD packages (including Sophos och Cyren)
- Added support to configure ciphers for the HTTPS web administration
-
Added support Cyren anti-malware in
-
BugFix bug with localip in smtpd-delivery.yaml -
DepImportant changes-
Removed the deprecated
GetMailFile()function -
It's no longer valid to send message to plain IP addresses
user@ip - Disabled PhishingScanURLs in ClamAV
-
Removed
signature_excludesupport from ScanCLAM() - Standard ciphers names are now used in logs (instead of OpenSSL convention)
- Graceful shutdown for inbound connections
-
Renamed process threads (visible in
top)
-
Removed the deprecated
5.7-p4
Released on 2021-11-09
-
BugMIME formatting issue with append/prependPart() on non-MIME messages -
BugIssue with DKIM signature in bounces -
BugMIME()not storing decoded headers when queuing
5.7-p3
Released on 2021-09-19
-
BugDirect deliver in EOD rcpt hook
5.7-p2
Released on 2021-08-24
-
BugFile type detection in DLP engine
5.7-p1
Released on 2021-08-06
-
BugMake linter recognise$connection["tls"]["sni"] -
BugStartup bulk synchronisation inrated -
BugPROXY protocol heartbeat connections
5.7
Released 2021-07-21
-
NewIntroducing exception handling with accompanyingtry,catchandthrowcontrol structures -
NewVisual Studio Code plugin support for debugging script in thesmtpdMTA process -
NewInbound connection list in web administration andServerConnectionsListRequestAPI -
NewAbility to close inbound connections withServerConnectionsCloseRequestAPI -
NewAddedarray_unique()andarray_shuffle()functions -
NewAddedpcre_compile()function to pre-compile regular expressions from user input -
NewAdded#/myregexpattern/syntax for creating pre-compiled regular expressions -
NewAddedX509::String()method for creating an X.509 resource from PEM or DER -
NewAddedMIME.send()method for inline delivery directly from MIME object -
ImpNew HQF2 queue file format which combines .eml and .hqf -
ImpAdded--unpackoption tohalonconfigto reverse packing -
ImpThehalonconfigcommand now validates plugin configuration schemas -
ImpAddedadditional_headersoption to pre-deliveryTry()function for passing data -
ImpAddedmodified_originalDSN option to post-deliveryBounce()for altering original headers -
ImpAdded connectionidandremoteuidto SMTP server$connectionarray -
ImpAddedremove_if_zeroargument tomemory_dec()for automatic cleanup -
ImpAddedjsonandregexformatters toimportandcsv_decode() -
ImpAbility toimporttext file lines asSetobject items for fast lookups -
ImpAllowforeachon$thisin classes to iterate all instance properties -
ImpAddeddepthoption todomain_includes()function -
ImpAbility to useresponse_headerswithextended_resultinhttp() -
ImpSupport for loadingFilefrom standard input when running inhsh -
DepThe=~and!~operators now throws on invalid regular expressions -
DepMessages with emptyremotemxorjobidare not matched against queue policies with those -
DepModules loaded withimportcan no longer access global user-defined functions -
DepRemovedmail()optionrawbodyand URI fallback forldap_bind()(deprecated since 4.8)
5.6-p4
Released on 2021-07-19
-
BugNo longer passes function pointers from in$context(only data is supported) -
BugFixed long loading times ofhsl-lintandhalonconfigwith large YAML files -
BugResolved issue withqueue_suspend()andqueue_policy()argument order -
BugConnection pooling didn't work with outbound PROXY protocol -
BugIn post-delivery attempt array, localip was not set correctly with outbound PROXY protocol -
BugIssue withcache []size if is set to2**32 -
BugThe transport retry intervals didn't override the transport group's intervals
5.6-p3
Released on 2021-06-29
-
BugIssue with thecache []when exception was thrown from cached function -
BugContext switching with plugins wasn't supported in the PROXY script -
BugThe$contextvariable wasn't updated after the EOD script hook -
BugOnly one DKIM signature was supported on theMIME()object -
BugUnable to rename a used disconnect script in the web administration -
BugImported function could not resolve nested function in some special cases -
BugImported object between multiple hooks could not resolve imported functions in some special cases
5.6-p2
Released on 2021-05-28
-
ImpUpdated to FreeBSD 12.2-RELEASE-p7 (VM) -
BugUpdated to ClamAV 0.103.2 (VM) -
BugAdd library path for plugin libraries (VM) -
BugFixed issue with updated variables and logging in per-recipient end-of-DATA script -
BugFixed auto generation of transaction ID on APIQueueImport -
BugFixed encoding issue inxtext_encode()
5.6-p1
Released on 2021-04-08
-
ImpUpdated to FreeBSD 12.2-RELEASE-p5 (VM) with OpenSSL fixes -
ImpUpdated to SpamAssassin 3.4.5 -
BugFixes a race condition in the queue script -
BugRestricts NTP timesync access
5.6
Released on 2021-03-22, see the release notes for notable changes
-
NewAdded native plugin support by loading C ABI compatible libraries -
NewAdded CSV schema validation support inimportso that imported files gets validated -
ImpAbility to start the server without any listeners in order to drain queue -
ImpAllow server control socket to listen on IP in addition to socket file -
ImpAbility to group queue distribution view by sending domain -
ImpAdded variables for disconnect reason to disconnect script hook -
Imphttp()function now supports explicithttp_versionandpost_size -
ImpAbility to modify (rather than just add and delete) queue suspend and policy items -
ImpAdded total count in API response for queuelistandgroupbyCLI/API commands -
ImpPossibility to disable the Received header (instead of having to delete it from script) -
ImpAdded In-Reply-To to DSN messages (to support threaded bounces) -
ImpAdded decode option to MIMEPart.getHeader functions -
ImpAdded binary option to all hashing functions (eg. sha2 function) -
ImpImproved concurrent cache miss behaviour in the HSLcache -
ImpAdded possibility to disable hook logs -
ImpDefault()function now allows configuration of bounce settings -
ImpTry()function IP include and excludes (similar tomx_includeandmx_exclude) -
ImpImprovements to integrated (VM) package -
BugResolved an issue with the queue updates -
BugResolved an issue with the import statements and reloads -
BugFix bug with paging of Halon script rates -
BugFix a memory leak in the backend authentication script (with modules) -
BugMissing error counters on connect and disconnect -
BugHalon script Socket classes' close() method could cause unexpected disconnect behaviours -
BugFix support for BDAT and the proxy script hook -
BugFix an issue with SNMP and the firewall script -
BugFix an issue when sorting email history by "Received" date in the REST API for the integrated (VM) package -
Depqueue_suspend()andqueue_policy()has changed its return value -
DepText log formats has been slightly changed -
DepFile.toFFIValue()function now returns C-compatible FILE pointer. -
DepRemove functions a per the deprecation note -
DepQueue suspend and policy API calls return UUIDs instead ofuint64 -
DepMinimum supported API version is (5.6)
5.5
Released on 2020-11-16, see the release notes for notable changes
-
NewDSN extension support -
NewOutbound PROXY protocol support -
NewFunction generators andyield -
NewMap()andSet()data container classes -
NewAbility to disablesourceip_random, useful during for example IP warmup -
NewAddedhalonctl hsl memory listand correspondingHSLMemoryListRequestAPI -
NewAddedbase32_encodeand decode functions -
NewAddedurl_encodeand decode functions -
NewTest command for the asynchronous DNS resolverhalonctl resolver query -
NewQueue suspend filters withhalonctl queue suspend listandSuspendRequestAPI -
NewSettings for max messages, recipients and hops -
NewAddedunix_socket_pathoption tohttp()function -
NewAddedsenderoption andscantimeresult toScanSA()function -
NewAddedspool.corruptsetting for controlling handling of bad queue files -
NewHigh-resolution process runtime counterprocess.elapsed -
NewActive queue performance countersqueue.pickup.X -
NewScript error countersservers.X.scripts.Y.errors -
ImpFraction of second insleep() -
ImpImproved performance for large active queue policy rate buckets and exclude lists -
ImpAbility to specify an ID for dynamic active queue suspensions and policy conditions -
ImpAbility to filterhalonctl hsl rate listbased on conditions -
ImpMore relaxed rules for naming of ID and file path in YAML schemas -
ImpImprovedsmtpdprocess shutdown -
ImpImproved SMTP command diagnostics ("in reply to") in bounces -
ImpAdded Original-Envelope-ID and Original-Recipient headers to bounces -
ImpConsider all 2xx-codes successful in SMTP client -
ImpFile descriptor exhaustion error logging and handling improved -
ImpImprovements to integrated (VM) package- Custom HTTP API endpoint hosting on the web admin page
-
Ability to stop and start
smtpdfrom the services section -
Firewall rules (
ipfw) may now be added to/cfg/rc.halonstartup script - Ability to add custom local DNS records (A/AAAA/MX/TXT and PTR) to built-in DNS resolver
- Ability to sort and search by finished (rather than received) time in message history
- Updated to FreeBSD 12.2-RELEASE with quarterly packages
5.4-p3
Released on 2020-11-09
-
BugSupport binary POST data in backgroundhttp()calls -
BugFixed MIME'sverifyDKIM()after doing message modification -
BugFixed error flag issue with consecutive calls toScanKAV()(on same message) -
BugPrevent announcing extensions from HELO/EHLO script hook onHELO -
BugFixedhalonctlmissing fieldssenderhelo,saslusernameandduration -
BugFixed issue with queue list duration sort order
5.4-p2
Released on 2020-10-01
-
ImpDetect certain hardware to support iDRAC keyboard delay (VM) -
ImpUpdated to FreeBSD 12.1-RELEASE-p10 (VM) -
BugFixed issue with PROXY protocol and implicit TLS -
BugFixed proxy script and lint issue withhalonconfig -
BugFixed counting issue with thescripts.proxy.running/finishedprocess stats -
BugFixed issue where chunking wasn't disabled as per default configuration (VM) -
BugRestored theidandtsfields inScanDMARC()output -
BugEnable queuing of messages fromhsh -
BugFixed sorting and paging on web administration rate and suspend pages
5.4-p1
Released on 2020-08-14
-
ImpUUID version selector (time/v1 or random/v4) -
ImpIntegrated package is updated to FreeBSD 12.1-RELEASE-p8 -
BugFix default enhanced status code in bounces for certain errors -
BugAdded validation of certain CLI arguments to improve error reporting -
BugFix web administration regression when adding servers and transports
5.4
Released on 2020-07-22, see the release notes for notable changes
-
NewCHUNKING/BDAT and the SIZE service extension -
NewDisconnect script hook -
Newyaml_decode()function and import loader (similar to JSON) -
NewAbility to export an File classes as a C++ std::istream -
NewAbility to export an X.509 resources as a OpenSSL pointer -
NewFFI callback function -
NewDSN options toBounce()andQueue()that allows overriding content, headers, delay, etc -
NewPre-defined variable of the DSN that is to be generated -
NewDefault()function in post-delivery to terminate script based on delivery result and settings -
NewSettings for minimum amount of free inodes and bytes for receiving email -
NewSetting for fsync before 250 on DATA -
NewSettings for number of max hops (loop protection) -
NewTimeout settings for Sophos and ClamAV, with new defaults of 30 seconds -
NewPre-defined variable for username when accepting email on local Unix socket -
Newhttp()callback function for POST data -
NewMailMessagequeue()function -
NewMailMessageget/setPreamble()andget/setEpilogue()functions -
NewMailMessagemodifyContent()function advanced, direct modification of email data -
NewStaticFile::read()function that returns all data from a file path -
NewLDAP classgetoption()function -
NewNumeric separator -
NewZero-fill right shift bitwise operator -
ImpAbility to changeimportloader type -
ImpIncludes SIZE= in MAIL FROM if server announces SIZE service extension -
ImpSMTP client always send EHLO first (and then try HELO) -
ImpDo not include detail in local-part in license count (user+detail@domain) -
ImpMIMEqueue()options for delay and hold -
ImpAbility to override recipient domain for MX lookup in pre-delivery and all other places -
ImpAccess to the queued email data in pre/post-delivery as aFileresource -
Impdns_query()option for extended results including TTL and type-specific fields -
ImpAdded reply code option to allAccept()functions -
ImpAuto-Submittedheader to bounces (rfc3834) -
ImpActive queue policy, suspend and delivery configurations in web admin code editor -
ImpSaving custom views on queue pages -
ImpCustom metadata groupings and columns on queue pages -
ImpNumber compare for metadata filters on queue pages -
ImpPartial and case sensitive matching of local parts on queue pages -
ImpReal-time rates for counters on process statistics page -
ImpAdded process stat counter for finished script hooks -
ImpAdded multiple recipientdomain and remotemx option to if statements in delivery configuration -
ImpNetwork matching in queue conditions for sender-, local- and *remoteip& -
ImpThe API output is always normalised as UTF-8 -
ImpThe API supports comparing queue metadata as numbers -
ImpTheMIMEPart.setBody()andMailMessage.toString()limitation of 1 MiB is now removed -
ImpExtended error reporting from Sophos AV -
ImpAdded -R tohshto override scripting.rootpath -
ImpAdded --ffi tohshto override scripting.ffi -
ImpAdded --binary flag tohsh -
ImpAdded support for FFI inhsl-lint -
ImpIntegrated package is based on FreeBSD 12.1-RELEASE-p7 with quarterly packages -
ImpUpdate to Sophos 3.2.07.379.0 -
ImpProtobuf schemas are now part of the Linux package -
ImpRemovedhttprdfrom the Linux package -
ImpAdded queue load command tohalonctlto import messages -
BugResolved issue with SMTPUTF8 and connection pooling -
BugWait for support processes likeratedanddlpd -
BugLog thread creation errors in updateQueue -
BugMake thedomain_includes()function non-case-sensitive -
BugFixed an issue with multiple network interfaces using DHCP -
BugFixed an issue with storage disk resizing -
BugFixed an issue with history search filter matching and less- and greater-than -
BugDepend onuuiddruntime on Linux -
DepTheQueue()function (overrides the built-in logic) may now exceed the transport's max retry count -
DepTheSetDSN()function has been deprecated in favour of the "dsn" option to Bounce() and Queue() -
DepTheinet_includes()function now return none on errors -
DepTheLDAPResult.next()andFile.readline()now return false on end-of-data instead of none -
DepTheMIMEPart.setBody()limitation of 1 MiB is now removed -
DepThe dns_query() function's ttl result property has been removed in favour of the extended_result option -
DepAll messages in the active queue now have at least one localip (instead of showing an empty address)
5.3-p5
Released on 2020-06-10
-
BugFixed a stability issue with the connection pool
5.3-p4
Released on 2020-05-26
-
BugFixed issue with server connection concurrency limit -
BugFixed tags (comments) for some types of manual active queue suspends -
BugFixed issue with the proxy script hook -
BugFixed web administration bug when adding active queue policy without concurrency value -
BugFixed minor issue with integrated package's shell console interface -
BugFixed locking issue with integrated package IDE's built-in run script window -
BugIncreased the integrated package's max threads per process limit
5.3-p3
Released on 2020-05-04
-
ImpRemoved unsupported ClamAV safebrowsing -
BugFixed SpamAssassin SPF issue -
BugFixed web administration issue on Safari -
BugFixed IP address configuration regression in video console interface
5.3-p2
Released on 2020-03-10
-
ImpSupport more charsets by inclusion of latest GNU iconv -
ImpChanged log level of ldap_auth() function failures -
BugFixed issue with active queue policy with certain groupings -
BugFixed issue with decoding of RFC2231 parameters values -
BugFixed regression with decoding of certain charsets -
BugFixed regression with Mellanox (mlx5en) network adapters
5.3-p1
Released on 2020-02-24
-
ImpAdded SMTP state information to delivery error logs -
ImpAddedportoption to dns_query() function -
BugFixed issue with duplicate messages API call -
BugFixed "neq" condition (not equal) with "size" and "retry_count" fields -
BugFixed issue with message size variable and per-recipient end-of-DATA script -
BugWeb administration fixes- Re-add quarantine view selector on queued messages page
- Re-add confirm dialog on all queue message actions
- Fixed display of file name of attachment in preview
- Fixed preview buttons of messages with invalid MIME formatting
- Fixed issue with FN/FP reporting links
-
BugUpdated system packages- ClamAV 0.102.2
5.3
Released on 2020-02-11
-
NewQueue features and API- Connection pooling (reuse)
- Fine-grained queue query API (for list, update and distribution)
- Improved queue quota functionality
- Added delivery settings for active queue fields
- Added active queue suspend and policy functions to more script hooks
- Added message size including modifications to pre- and post-delivery script
- New on-disk queue format
-
NewCommand-line inteface tool halonctl -
NewSMTP server scripting features -
ImpScript language improvements- New Iconv() class for internationalization conversion
- Added array_every function to test all element against callback
- Re-implemented barrier using shared memory functions
- Added Base64 encoding option to the MIME set/addHeader functions
-
ImpWeb administration queue improvements- Merged open connections with message queue for better overview
- Powerful filter dialogue using the new queue conditions
- Column selector and inline messages preview in message viewer
-
ImpCertificate can be in reloadable configuration even if private key is in startup -
ImpAdded graceful draining to the background http() process httprd -
ImpAdded idle timeout to virtual servers -
ImpUpdated system packages -
BugPatched Net-SNMP to fix memory leak -
DepImportant changes- Removed SOAP API
- Removed several REST API queue commands in favour for new queue API
- Removed GetMailQueueMetrics() in favour for new queue_quota() function
- Merged smtpd and queued processes which affects logging
5.2-p7
Released on 2020-05-26
-
BugFixed issue with server connection concurrency limit -
BugFixed tags (comments) for some types of manual active queue suspends -
BugFixed issue with the proxy script hook -
BugFixed minor issue with integrated package's shell console interface -
BugFixed locking issue with integrated package IDE's built-in run script window -
BugIncreased the integrated package's max threads per process limit
5.2-p6
Released on 2020-05-04
-
ImpChanged log level of ldap_auth() function failures -
ImpRemoved unsupported ClamAV safebrowsing -
BugFixed SpamAssassin SPF issue -
BugFixed web administration issue on Safari -
BugFixed IP address configuration regression in video console interface
5.2-p5
Released on 2020-02-03
-
BugFixed regression regarding interface order
5.2-p4
Released on 2020-01-29
-
ImpOption to use operating system's network interface order instead of by MAC/hardware address -
ImpAdded software update version selector to web administration (patch/major) -
ImpSupport DANE for non-MX destinations -
BugFixed protocol violation with LMTP and STARTTLS -
BugFixed issue with smtp_lookup_rcpt() function -
BugFixed memory leak in TLSA DNS resolving
5.2-p3
Released on 2019-12-27
-
BugFixed issue with long-running script hooks which could cause internal congestions -
BugFixed stability issue with newly implemented TLS 1.3
5.2-p2
Released on 2019-12-06
-
ImpSupport overlapping active queue policy groupings by order of appreance -
ImpAddedenvironment.syslog.maskoption to startup configurations -
BugFixed regression which could cause DSNs to be sent too early -
BugPrevent adding multiple queue policy counters on same field in web administration
5.2-p1
Released on 2019-10-10
-
ImpAddedtimeoutoption to SMTP client delivery options -
BugFixed issue with listen address when IPv6 is disabled -
BugFixed issue when adding policy to suspend entire active queue
5.2
Released on 2019-09-25
-
NewQueue subsystem features- Asynchronous SMTP and DNS connection processing
-
Concurrency and rate
control in active queue
- Custom counters with regex/wildcard matching for rollup
- Job ID field for scriptable/custom match parameters
- Dynamic control via script and API
- Queuing to multiple source IP/HELO pairs with round-robin and exclusion via suspend
- Transport group hierarchy with setting inheritance
-
Simplified pre- and post-delivery scripts with new
Try(),Queue()and$messagesymbols -
Added
mx_include/exclude options to deliver functions to control MX resolution - Enabled forward-confirmed reverse DNS lookups (used in Received header) by default
-
NewScript language features- Added FFI class for calling routines in external libraries
- Added shared memory functions and API for counting and caching
- Added csv_encode() function useful for CSV logging
-
Added
redirectsoption to http()
-
ImpWeb administration improvements- New queue distribution page which can group by age and next retry
- New process statistics page that shows internal counters
-
ImpUpdated system packages- FreeBSD 12.0-RELEASE-p10
- FreeBSD 12 quarterly packages
-
DepImportant changes- Removed the options for MX delivery (zone= and query=)
- Removed the transport profile priority and pause setting in favour for virtual queues, hold and suspend
5.1-p3
Released on 2019-06-17
-
BugFallback to HELO if EHLO fail and we do not require TLS -
BugReintroduce accept reason in delivery log -
BugFixes Cyren issue with a cache purging command -
BugWeb administration regressions- Fix clearing individual cache items
- Fix multi-select on queue items
- Fix issue with showing clustered graphs
5.1-p2
Released on 2019-05-15
-
BugNew $connection variable were populated incorrectly in regards to local/remote information.
5.1-p1
Released on 2019-05-08
-
BugResolve DANE-TA issue by switching from LDNS to OpenSSL's DANE implementation
5.1
Released on 2019-04-25
-
NewSMTP server scripting features -
ImpSMTP server improvements- Support for PROXY protocol v2
- Added wildcard matching in domain relay table
-
Added many options and flags to script functions
-
Added
reasonandreply_codesto Accept() -
Added
decodeto mail message getBody() -
Added
typeto MIME appendPart/prependPart() - Added various settings for DMARC and Cyren RPD
-
Added
- Compatibility mode for previous predefined variables and setter functions
-
ImpScript language improvements- Added pkcs7_sign() function for S/MIME
- Added xtext_decode() and encode functions useful for parsing SMTP parameters
- Added X.509 class returned by many functions
- Added header_addresslist_extract() and header_dkim_decode() functions
- Reworked spf_query() and dns_query() with improved return types
-
Added
encodeoption to MIME addHeader() -
Added to
tls_client_certto http() -
Added
localtimezone flag to strftime() and strptime() -
Added
getpeerx509()to LDAP class -
Added
readonlyvariables to classes -
Support for remainder
…$restin destructing assignments - Allow access to private properties in anonymous functions returned from classes (with closure)
-
ImpUpdated system packages- FreeBSD 12.0-RELEASE-p3
- FreeBSD 12 quarterly packages
-
BugFixed issue with TLS certificates being read multiple times -
BugFixed issue with paused transports creating unnecessary logs -
DepImportant changes- The SMTP server reject/defer functions doesn’t prepend pre-defined messages
- Underscores are now allowed in variable names
- Removed "null" as literal null transport destination
- Removed size limit from mail message getBody()
5.0-p2
Released on 2019-03-04
-
BugFix issues in web administration with new REST API -
BugFix issue with license user count expiration -
BugUse true/false rather than 1/0 for all boolean types- rate() return type
- smtp_lookup_rcpt() flag for TLS started
-
BugFix issues with firewall script- Include files in folders could not be used in firewall script
- The built-in FTP server’s passive mode didn't work with a firewall script
-
BugFix memory leak in new LDAP class -
BugSuppress harmless warning in quarantine retention cleanup
5.0-p1
Released on 2019-02-20
-
BugProperly detect the Amazon EC2 hypervisor -
BugInline delivery wasn't logging sender information on errors -
BugNumerically named include files could not be checked for errors -
BugFixed a rare crash that could occur during DKIM signing -
BugFix regressions in web administration with new REST API
5.0
Released on 2019-01-24
-
NewRESTful API with OpenAPI specification -
NewSMTP server scripting features- Added per-message end-of-DATA script
-
Added
snapshot()andrestore()to the end-of-DATAMIME()class -
New
$transactionvariable with sender and recipients that's gradually populated -
New
senderlocalpartandrecipientlocalpartvariables in original format -
New options in connect script's
Accept()function-
reasonto set banner response -
senderptrto set sender hostname printed in "Received" header
-
-
New options in RCPT TO
Accept()function-
recipientfor overriding the default$recipientcontext variable -
transportidfor overriding the default$transportidcontext variable
-
-
New option
from_namein pre/post-deliverySetDSN()
-
ImpSMTP server improvements- TLS 1.3 support
- Wildcard matching in SNI
- Sender information can be overridden per queued recipient
-
Added configuration options
- Implicit TLS per virtual server listener
- Verbose logging per virtual server
- Bare LF is converted to CRLF
- Disable client-initiated TLS renegotiation
-
ImpScript language improvements- Added spread operator to array type
-
Added wildcard function and variable
importinto a namespace -
Added compile-time text, JSON and CSV
importinto a variable -
Added
csv_decode()function that parses a string according to a schema -
Added
inet_reverse()function that creates a reverse DNS for PTR or DNSxL lookups -
Added
array_find()function -
New
LDAP()class -
Reworked standard library functions
-
length()function that supports multiple data types -
array_join(),array_includes()andarray_range() -
str_find(),str_rfind(),str_lower(),str_upper(),str_slice()andstr_strip() -
random_number(),domain_includes(),inet_includes()
-
-
Added
getPath()andreadline()methods toFile()class -
New
allow_commentsoption injson_decode() -
New
typeoption indns() -
New
proxyoption inhttp()to override the system default
-
ImpWeb administration improvements-
Script editor improvement
- Custom input controllers for CSV files using schemas
- CSV import using custom delimiter
- Syntax highlighting for JSON files
- Scratchpad for quickly writing and running code
-
History and queue search support
>=and<=operators - Moved catch-all domain settings to virtual server configuration
- Moved SSH, HTTPS and FTP TLS keys to host server configuration
-
Script editor improvement
-
ImpSystem distribution improvements- Ability to configure HTTP proxy, used by all HTTP clients throughout the system
- Ability to clear individual entries from built-in DNS cache
- DHCP support for DNS resolvers
-
Configuration now accepts
/in IDs, used for folders in the script editor
-
ImpUpdated system packages -
BugFix issue withlaggnetwork interfaces on boot -
DepImportant changes-
The
is_number()function to no longer return true on boolean variables -
Removed
$tlsprotocol,$tlscipherand$tlskeysizevariables from RCPT script -
Removed calling a function as a string from
cache -
Removed
Deliver()from post-delivery script -
The
Quarantine()function's option parameter must be an array -
Removed
system_default_transport -
Renamed processes
dlpdandqueued
-
The
4.8-r1
Released on 2018-11-01
-
ImpAdded acrypt()function -
ImpUpdated to Sophos 3.2.07.374.0
4.8-p1
Released on 2018-10-03
-
BugFix issue whereldap_bind()return error (-1) rather than failure (0) on a failed bind -
BugPatch libspf2 to completely deprecate the SPF record type in favor of TXT -
DepShow deprecation warning for transports without explicit bounce destination, and domain cluster overrides
4.8
Released on 2018-09-20
-
NewSMTP server scripting features-
Added
SetHELO(),$saslauthedand$saslusernameto HELO script -
Added "changes" option to
GetMailFile()to include message modifications -
Support for meta-data queries in
GetMailQueueMetric() -
Preserve 7bit ASCII when the modifying messages with
MIME.setBodyif possible
-
Added
-
ImpScript language improvements- Added native boolean type
-
Added
string repeat
and
array repeat
repeat operator
* -
Added
string format
operator
% -
Added
strict comparison
operator
=== -
Added steps argument
::to slice operator -
Added
idna_encode()andidna_decode() -
Added
aes_encrypt()andaes_decrypt() -
Added
random_bytes()
-
ImpAPI improvements-
Added API call
mailQueueDownloadto download a message (original or with modifications) -
hslCacheClear,hslRateClearandstatClearreturns affected rows -
mailQueueRetryBulksupports "retryts" (timestamp) and "retrydelay" (offset) -
configImportsupport "revision" option for atomic imports
-
Added API call
-
ImpUpdated system packages- FreeBSD 11.2-RELEASE-p3
- FreeBSD 11 quarterly packages
-
BugDebug points were removed when clearing debug results -
BugThe video console interface could not run programs (like ping) -
DepImportant changes-
Replaced
radius_authen(), new implementation usingSocket() -
Removed
tacplus_authen()andtacplus_author()(TACACS+) -
Removed
system_disk_cacheconfiguration key (ATA disk cache)
-
Replaced
4.7-p1
Released on 2018-08-07
-
BugUpdated kernel to FreeBSD 11.2-RELEASE-p1 (SA-18:08)
4.7
Released on 2018-07-09
-
NewSMTP server scripting features- Live debugging with breakpoints via live staging
-
HELOphase script -
Support
arc(Authenticated Received Chain) inDKIMSign() -
Added
ed25519-sha256(EdDSA) toDKIMSign() -
ed25519_sign()anded25519_verify()functions -
rsa_sign()andrsa_verify()functions -
Added
timeoutanddns_functionoptions toDKIMSDID() -
Added
oversign_headersoption toDKIMSign() -
getHeaders()function in theMIMEclass -
Added
fieldoption toMIME.getHeader()returning entire line -
Added
encodeoption toMIME.addHeader()andsetHeader()
-
NewSMTP server features- Support for multiple IPs and netmasks in live staging
- Require HELO option
- Support for PKCS#8 private keys
-
ImpScript language improvements-
Reworked
DKIMVerify()function -
Added array slice assignments and
unsetslices -
Only return one result per domain in
DKIMSDID()
-
Reworked
-
ImpSMTP server improvements-
Change default TLS ciphers to
HIGH:MEDIUM - Updated Cyren outbound configuration
-
Change default TLS ciphers to
-
ImpWeb administration improvements- Option to automatically restart live staging on changes
- Color picker for area and pie charts
- Stacked percentage mode for area charts
- HTTP redirect option, useful for HTTP-to-HTTPS
- Enabled HSTS and denies frame embedding (X-Frame-Options)
- Many other small improvements
-
ImpUpdated system packages- FreeBSD 11.2-RELEASE-p0
- FreeBSD 11 quarterly packages
- Unbound 1.7.0 which fixes one DNSSEC-related issue
- Sophos 3.2.07.372.0
-
BugFixratedbehaviour with IPv6, reloading and display on non-synchronised items -
BugFix issue with DATA script scan functions caching and extended results -
BugFix bug with negative indexes and append -
BugDeleting statistic values on graph page for all hosts didn't work -
DepImportant changes-
Switched to regular peer name checks in
SetTLS - DNS functions no longer support hostnames as resolver server option
-
Renamed
rate()optionlocaltosync -
Removed
DKIMADSP() - Removed historic variables from connect script
-
Switched to regular peer name checks in
4.6-p1
Released on 2018-05-03
-
BugFixed regression in SMTP server affecting implicit TLS on port 465 -
BugFixed issue with FreeBSD 11.1-RELEASE-p8 (SA-18:03) affecting some CPUs -
BugFixedTLSSocket.getpeercert()MD5 fingerprint option
4.6
Released on 2018-04-28
-
NewSupport for Cyren outbound anti-spam -
NewSupport for SNI insmtp_lookup_*(),SetTLS()and SMTP server -
NewScript language features -
ImpSMTP server scripting improvement-
Added
extended_resulttoScanRPD(), ScanKAV, ScanCLAM, ScanDLP and ScanSA - Default DKIM canonicalization changed to relaxed
-
Added
GetMetaData()to DATA context
-
Added
-
ImpScript language improvement -
ImpSMTP server improvements- Asynchronous connection processing
- Added millisecond precision to log files and remote syslog
- Allow hyphen characters in metadata fields
-
ImpScript editor improvements- Completion items for built-in variables
- Parameters, return type and description for completion items
- Hover provider for built-in functions and variables
- Added link provider for files
- Code folding, tabs and minimap
-
ImpWeb administration improvements- Halon script syntax highlight in plain-text configuration format
- Added checkbox to disable a SMTP listener on the SMTP listeners page
-
ImpSupport forenanetwork driver -
ImpChanged to DHCP in default configuration -
ImpUpdated system packages -
BugFixed issue withhttp()background requests connection errors -
BugThe connect script was executed despite connections per IP limit -
BugThe connect script replies didn't work with implicit TLS -
BugSMTP banner was sent despite connections per IP limit -
BugFixed issue with client certificates -
BugClearing chart data could cause it to be removed on another node -
BugFixed issue with firewall script and passive FTP -
DepImportant changes-
Deprecated the
ScanRPDAV()function
-
Deprecated the
4.5-p2
Released on 2018-01-29
-
BugUpdated ClamAV to 0.99.3 (due to various CVE's) -
BugRegression in code editor where file comments could not be added
4.5-p1
Released on 2018-01-22
-
RegRegression with AUTH LOGIN could cause$saslpasswordto be incorrectly populated
4.5
Released on 2018-01-22
-
NewScript language features-
Added
MIME.signDKIM()function -
Added
TLSSocket.getpeercert()function -
Added
dnsns()function -
Added
inet_pton()andinet_ntop()functions -
Added
tls_client_certtoTLSSocket() -
Added functionality to
smtp_lookup_rcpt()-
Added
tls_client_certandtls_capture_peer_certarguments for client certificates -
Added an
xclientargument -
Added
on_rcpttoand TLS information to theextended_resultarray
-
Added
-
Added
tls_verify_peertoldap_search()andldap_bind() -
Added
extended_resulttospf() -
Support multiple escapes in
ldap_search()
-
Added
-
NewAddedGetTLSto AUTH, MAIL FROM, RCPT TO and DATA with STARTTLS info,tlsrptandpeer_cert -
NewAUTH script features -
NewPre-delivery script features-
Added
SetXCLIENT()function -
Added
dkimandfromtoSetDSN() -
Added
tls_client_certtoSetTLS() -
Added
tls_capture_peer_certtoSetTLS()
-
Added
-
NewPost-delivery script features -
ImpSMTP server improvements- Added support for client certificate requests in server HELO (per IP)
- Added support for custom SASL methods
- Set server preference for TLS ciphers
- Explicitly handle NULL MX (rfc7505)
- Removed line length limiting (8K SMTP, 256K (headerline), 512K header total)
-
ImpWeb administration improvements- Redesigned script mappings page
- Improved script errors in editor (with line decorations)
- Search in code editor directly from top search
- Faster loading in code editor
- Redesigned forms with more client side input validation
- Improved keyboard navigation
- And a lot of overall improvements
-
ImpAPI changes-
Added support for more fields in SOAP
mailQueueUpdateBulkand also duplicate -
Added support for
programargument in SOAPhslCacheClear
-
Added support for more fields in SOAP
-
ImpImproved Sophos antivirus detection by using CXmail -
ImpDLP engine now supports regular expression modifiers -
ImpImproved performance of libdkim++ -
ImpAllow "." delimiter in all ID fields -
BugReceived header "with ...SMTP..." always adds E on AUTH and STARTTLS -
BugImproved DSN parsing inGetDSN()with multiline headers -
BugBug with behaviour onQuarantine()reject => false followed by Quarantine reject => true -
BugFix bug with DKIM delivery block in Web UI -
DepImportant changes-
Aliased
error_codetoextended_resultinsmtp_lookup_rcpt() -
Aliased all
ssl_options totls_inhttp() -
Removed
object []syntax (in favour of class syntax) - Default action is now to block on script errors in firewall script
-
Made
$connectionand$transactionread-only insmtpd's context -
$tlsprotocol, $tlscipher, $tlskeysize in
RCPT TO
context in favor of
GetTLS() -
If using the
RULEsyntax to ScanDLP() with regular expresssions, you may need to add modifiers to keep compatibility (eg.//ifor filenames).
-
Aliased
4.4-p2
Released on 2017-12-04
-
BugFixed regression with $errormsg in Post-delivery -
BugFixed regression with Deliver() in Post-delivery -
BugFixed bug when importing some specific named keys -
BugFixed bug when typing in script blocks using the simple flow editor
4.4-p1
Released on 2017-10-30
-
BugFixes regression in file() function
4.4
Released on 2017-10-26
-
ImpScript language features-
Added
nonlocaltoSocket.bind()andnonlocal_sourcetosmtp_lookup_rcpt() -
Added
tls_default_catoldap_search() -
Added new formats
eEvVtopack() -
Added new formats
eEvVaxtounpack() -
Added offset argument to
unpack() -
Added flags to
Socket.recv() -
Added support for
private staticclass variables and functions -
Fixed
smtp_lookup_rcpt()to properly return return-1on 400 errors -
Fixed
file()to support lines longer than 65k characters. -
MIMEclass andmail()uses quoted-printable by default -
MIME.send()andmail()now fail on empty recipients - Warnings when compiling code with unsupported operators on literals
- Lot's of memory optimisations in script engine
-
Added
-
ImpConnect flow changes-
SetSenderIP()was added, which can be used to change$senderip
-
-
ImpDATA flow changes-
MIME.setBody()to keep quoted-printable and base64
-
-
ImpPre-delivery script script-
Added
SetSenderParams()andSetRecipientParams()to carry extra MAIL/RCPT parameters -
Added
Bounce()to bounce messages -
Added
SetDSN()to change DSN settings -
SetSouceIP()now accepts an address in each address family -
Added
reset_retryandtransportidoption toReschedule() -
Added
$contextvariable which is passed on the post-delivery script
-
Added
-
ImpPost-delivery script changes -
ImpScript editor improvements- Added support for save using Ctrl/Cmd+s in CSV editor
- Warning if there are unsaved changes when starting live staging
-
ImpWeb administration improvements- Refreshed interface, for example search field and login session expiration in menu bar
- Fixed support for renamed HTTP certificates when starting clustering
- Show diff between hosts’ configuration when clustering
- Ability to cancel pending disk grow/format
- SHA-256 is used in new certificate generation
- Message preview retains header letter case
-
ImpUpdated system packages- FreeBSD 11.1-RELEASE-p2
- New quarterly packages
-
ImpAbility to choose multiple addresses per SMTP listener -
ImpAdded a per-transport default bounce transport setting -
ImpAdded source metadata (_original_[message|queue|action]_id) to bounces -
ImpReworked SMTP errors -
ImpLDAP profiles are migrated to use standard URIs, which allows for failover -
ImpFirewall script now uses per-application filtering instead ofipfwdivert sockets -
BugThe "Line too long” error is now sent after END-OF-MESSAGE -
BugFixed a missing SSL timeout in the SMTP client -
BugFixed a syslog issue by properly using a blocking socket -
BugFixed regression withsystem-storage-graphs andiostatscommand for some storage disks -
BugDSNs Arrival-Date wasn't properly set to the original message arrival date -
DepImportant changes-
Deprecated
Deliverfunction in post-delivery script -
Renamed
GenerateDSN()toBounce()in post-delivery script -
Replaced
DeliverWithDKIM()withDKIMSign()in simple flow compilations
-
Deprecated
4.3-p1
Released on 2017-09-06
-
BugTLS certificate regression caused by change in OpenLDAP 2.4.45 (ITS#8529)
4.3
Released on 2017-08-08
-
NewScript language features-
Added
privatekeyword to classes -
Added
TLSSocket()class -
Added
sha2()andhmac_sha2()functions -
Added
pack()andunpack()functions -
Added
$sourceipvariable to post-delivery script
-
Added
-
ImpAdded status and NDR code options toReject(),Defer(),Deliver(), etc. -
ImpWeb administration improvements- Redesigned toolbar on many pages
- Spinning icon when running a script in code editor
-
ImpUpdated system packages -
ImpDetect Amazon Web Services' EC2 -
ImpOverall improvements and code modernization -
BugFailed to properly differentiate SASL failures insmtp_lookup_auth() -
DepTheobjectcast operator
4.2
Released on 2017-06-22
-
NewScript language features-
Classes added with
classkeyword -
Added
is_object()function -
Added static function
Socket::AF()to Socket class -
Added
tls_verify_nameoption toSetTLS()andsmtp_lookup_* -
Added
max_file_sizeoption tohttp() -
ScanDLP()function accepts rules as argument
-
Classes added with
-
NewDLP engine now support file hashes of SHA2-256 and SHA2-512 -
ImpScript editor improvements- Sorting folders before files
- Fixed header alignment of empty CSV files
-
ImpWeb administration improvements- Show popover on ellipsis in email tracking
- Fixed return to scroll position in on all pages
- Simple flow editor styles are now flat
- Simple flow editor comment is no longer a required field
- Bulk update queued and quarantined messages
-
ImpUpdated system packages- CYREN ctasd 5.1.1.1 and ctipd 4.1.1.1
- Sophos 3.2.7.368.1
- HTML Purifier 4.9.3
-
ImpAquire serial number and license without Internet vialicenseImportAPI call -
Impsmtpd now has a less aggressive default timeout -
Bug$x["x"]did not throw error (non-existing variable) -
BugCorrected default HELO message insmtp_lookup_*function -
BugDLP engine reported a recursion error (instead of generic errors) on bad archives -
BugCYREN ctasd did not restart after license expiration
4.1
Released on 2017-05-10
-
NewLive staging in pre/post-delivery (queue) -
NewPurge cached items from API (and web admin) -
NewScript language features-
Modules with
importkeyword -
Added
get/setBody()to DATA script's MIME class -
Added
tls_default_caandtls_verify_hostoptions toSetTLS()andsmtp_lookup_* -
Added the
nonekeyword -
Added
strptime()andord()functions - Reworked code validation to support more advanced coding patterns
-
Loosen up syntax with
()and-> - Nested named functions are now function scoped
-
Supports referencing files without
file:prefix - Added explicit warning about Unicode whitespace
- More dead-code eliminations
-
Modules with
-
ImpScript editor improvements- Return to cursor position on commit
-
Supports folders via a dot
.ID hierarchy convention and renaming IDs - Auto-complete context-specific function names
- Many improvements to CSV editor (shows position, fixed headers, etc)
- Search options for regular expressions and case sensitiveness
- Running code in sandbox uses local checkout, and has a host selector
- New save indicator, "save all" button and keyboard shortcut
-
ImpWeb administration improvements- Generate X.509, DKIM and DANE on PKI page
- Support changing ID of listner, flows and scripts, etc
- Cluster delete on statistic legends
- Re-added quick access to RPD and SA results in tracking
- Quick access to revision page diffs by URL hash
- Delete domain and domain aliases on SMTP server delete
- Defer color now shown as purple
- Fixed regressions with IE/Edge, DLP page, revision page timezone, stats, duplicate domains, etc
-
ImpUpdated system packages -
ImpMake searchlog use time hint for RSET message id -
BugClosure over function scope caused memory leak -
DepRemoveddovecot_auth()andident_lookup(), new implementations usingSocket() -
DepDoesn't explicitly set$errorin RCPT TO script any more
4.0-p1
Released on 2017-03-16
-
BugWeb administration fixes- Updated htmlpurifier to 4.9.2
- NTP field on Date and time page didn't work with multiple servers
- Some disks weren't selectable on the Disks page
- Script errors in Simple flow editor page caused template engine error
- Clearing critical log always cleared the local log
- Added poll delay on Dashboard page's CPU to show usage more accurately
-
History and queue page
- Don't show queue information for quarantine
- Re-added info field in listing
- Re-added active queue/quarantine selector
- Comment field on SMTP servers appeared in two places
- Minor redesign of the Configuration revisions page to mark special revisions
- Hide cluster synchronisation on Users page if there's only one host
- Added redirects for old web admin URLs for bookmarks
-
BugHSL functionstrftimewas incorrectly returning in local time -
Bugconsoleui couldn't add new IP's if all were removed
4.0
Released on 2017-03-06
-
NewLive staging; running a parallell SMTP config version for some connections, based on conditions -
NewRedesigned web admin with checkout/commit and diff with expressive configuration syntax -
NewSMTPUTF8 support -
NewSMTP server scripting features-
Pre-defined connection
$contextvariable, shared between all SMTP scripts - MAIL FROM script
-
SetSender/Recipient()in MAIL FROM and RCPT TO scripts -
Added
SetSenderIP/SetSenderHELO()to DATA scripts -
Accept(),Reject()andDefer()in connect script -
Disconnect flag to all
Reject/DeferandDeliverfunctions - The SMTP scripts exposes all available variables (as they become available)
-
GetMailFile()in DATA, pre- and postdelivery scripts.
-
Pre-defined connection
-
NewScripting features -
ImpConfiguration format-
Allow config keys to contain a-z, eg.
include "file:api" - New file key types to differentiate plain text from scripts
- New SMTP listener settings for TLS, HAproxy and concurrency
- Allow mounting of storage disk/partition by UFS label
-
Allow config keys to contain a-z, eg.
-
ImpSOAP API-
configKeysImportatomic commit with "expected head"idfield -
configKeysCheckto verify non-running configuration -
mailQueueInTransitinformation about mailqueued's delivery attempts
-
-
ImpUpdated system packages -
ImpAnti-spam/virus database information command -
ImpBeing a major release, it features a large numbers of fixes and improvements -
DepChanged LSI RAID driver frommfitomrsas, will affect users mountingmfiXby device name -
DepScript include from /cfg partition -
DepFirewall script's Block() ignore response -
DepDATA script's WrapMessage() -
DepRemoved rate limits from acl_flow (moved to SMTP listener) -
DepSome config keys, such as system_user, service_ssh_*, ntp and syslog are no longer synched between hosts -
DepRenamed some config keys, such as acl_flow and mail_flow -
DepWhen upgrading an existing host, a swap disk needs to be added (2-8 GiB) or RAM increased to at least 3 GiB (preferable before the update) since swap files no longer works in FreeBSD 11.0
3.5-r5p6
Released on 2017-01-10
-
ImpAdded support for interfaces as gateway (route) -
BugFix issue with smtpd and certain load balancers
3.5-r5p5
Released on 2016-12-07
-
BugFix issue with dnsCacheFlush -
BugSASL always failed in smtpd after an unsupported method was issued -
BugShutdown SSL connections more gracefully in smtpd -
BugBug with HSL code check and barriers -
Bugsnmpd could produce error message on the console
3.5-r5p4
Released on 2016-11-09
-
ImpUpdated system packages -
BugHELO/EHLO hostname was not set for invalid domain names -
BugRecipient limit was decreased compared to previous releases -
BugLicense users export could fail
3.5-r5p3
Released on 2016-09-27
-
BugUpdated to FreeBSD 10.3-RELEASE-p9 that fixes an OpenSSL regression
3.5-r5p2
Released on 2016-09-23
-
SecUpdated to FreeBSD 10.3-RELEASE-p8 that fixes OpenSSL CVE-2016-6304 and others -
ImpSetting for and changes insmtpd's log verbosity
3.5-r5p1
Released on 2016-09-08
-
ImpEnabled TCP_NODELAY on SMTP client socket -
ImpMore user friendly errors in mailQueueRetry, mailQueueDelete and mailQueueBounce API -
ImpUpdated to htmlpurifier 4.8.0 -
BugProperly reload scripts with deleted include files when re-added -
BugFixed regressions with XCLIENT, implicit TLS and IP flow statistics
3.5-r5
Released on 2016-09-05
-
Newident_lookup() function to lookup users over the ident protocol -
New$senderportin IP, RCPT TO and DATA context -
ImpPostfix is not longer the default MTA
3.5-r4
Released on 2016-08-29
-
ImpImprovements in the script editor- Added support for matching closing brackets
- Variable highlighting in strings
-
ImpUpdated system packages- CYREN ctipd 4.0.35.5
- FreeBSD 10.3-RELEASE-p7
-
ImpImprove detection of password protected ZIP files -
BugFixes in REST API and SOAP proxy- hslRate() regression with affected rate pie charts
- mailQueue() regression with affected email tracking metadata display
-
BugFix delivery to numeric MX with DANE
3.5-r3
Released on 2016-08-03
-
NewAdded an interface for editing CSV files to the script editor -
NewAdded a revision-based diff utility to the script editor -
ImpSwitched to Monaco (MS VC code) and enabled autocompletion -
ImpAdded paging to the SOAP functionconfigRevisionLog -
ImpAdded retry functionality to background http() requests -
ImpAddedextended_resultoption to the http() function -
ImpHSL now supports keyed assignments when destructing arrays -
ImpUpdated system packages to the latest quarterly; such as- FreeBSD 10.3-RELEASE-p6
- PHP 7.0.9
- ClamAV 0.99.2
- PostgreSQL 9.3.13
- nginx 1.10.1
-
BugFailed http() requests always returnsNoneon errors -
BugAlways send an authentication header on "401" errors (fixes issue with some SOAP clients) -
BugWeb admin interface fixes- Increase timeout to prevent "504" timeout errors
- File viewer couldn't show files larger than 2 GiB
- Fixed a rare crash which chould occur with certain setups
-
DepConfig keymail_transport's parameter sasluser/pass renamed to saslusername/password -
DepConfig keymail_server's parameter sasl_tls renamed to sasltls -
DepRemoved the GuessAttachmentType() function
3.5-r2
Released on 2016-05-26
-
ImpSwitch to nginx and php-fpm (from Apache 2.4 and mod_php) -
BugFixed issue with reloading some configurations -
BugFixed regression in the new SOAP proxy which was introduced in 3.5-r1- getTime() had the wrong default UTC mode
- It didn't handle 401 (Unauthorized) errors correctly
- Cluster sync (clusterd) didn't work with pipes in configuration values
- Cluster overrides couldn't be added
3.5-r1
Released on 2016-05-20
-
NewAdded SOAP function mailQueueUpdateBulk to set various fields (quarantine,transport, etc.) -
NewAdded MIME.getHeaderNames() to the DATA MIME object -
ImpAdded an option array to MIME.get/set/delHeader() to address a specific header by index -
ImpReplaced gSOAP with a REST/JSON API and a PHP SOAP proxy for compatibility -
BugFix problem when clearing empty rate entries
3.5
Released on 2016-04-18
-
NewNew HSL scripting editor -
NewAdded MIME.send() to builtin MIME object -
NewAdded MIME.getBody() to builtin MIME object -
NewAdded MIME.toString() to builtin MIME object -
NewAdded??(null coalescing operator) to HSL -
NewAddedinclude_onceto HSL -
NewAddedobjectandthisto HSL -
NewAdded destructuring assignment to HSL -
NewAdded support for HAProxy's proxy protocol -
ImpBased on FreeBSD 10.3 -
ImpDisabled SSLv3 for inbound SMTP connections -
ImpAdded support forsourceipas anetaddr:Xinsmtp_lookup_rcpt()andsmtp_lookup_auth() -
ImpUpdated components -
ImpDeliver()andQuarantine()now supports an option array -
BugFix problem with partial updated Sophos databases -
BugFix problem with where the flow wasn't reloaded if a include file was changed -
BugFix problem withmail()wheretransportidwasn't used -
BugFix problem with IE11 and placeholders in flows -
DepUndocumentedCopyMail()andDirectDeliver()in favour ofDeliver()arguments -
DepDeprecated GuessAttachmentType() -
DepRemoved template support from themail()function -
DepRemoved the trigger URL configuration key from the quarantine -
DepRemoved the Blacklist() function -
DepRemoved the ScanBWList() function -
DepRemoved the ScanSPF() function -
DepRemoved the deliver_type and deliver_args arguments from DeliverWithDKIM() -
DepRemoved support for switch with variable assignment -
DepRemoved support for function without argument list -
DepHSL returns None (instead of an empty string) when dereferencing a non-existing elements in arrays
3.4-r4p2
Released on 2016-03-02
-
SecAddresses the DROWN vulnerability (CVE-2016-0800)
3.4-r4p1
Released on 2016-02-20
-
BugFix regression in CYREN's ctipd 4.0.32 (included in 3.4-r4) by rolling back to 4.0.31
3.4-r4
Released on 2016-02-16
-
NewDATA context MIME class for working with an email's body -
NewStandard library MIME class for creating MIME parts -
Newclosures in addition to lambda functions -
Newdnscname() function to resolve CNAME records (RR) -
Newis_function() function to check if data is a function -
Newarray_sort() function to sort arrays -
NewHSL cache statistics in SOAP and web admin -
ImpThe ScanDLP() function can return where matches were found withpartidoption -
ImpAdded RCPT TO context$tlsprotocol,$tlscipherand$tlskeysizevariables -
ImpClear HSL rate()s based on a query (namespace and/or entry) over SOAP or web admin -
ImpUpdated components- CYREN IP reputation (ctipd) and RPD (ctasd) engines
- FreeBSD 10 quarterly packages
- FreeBSD 10.2-RELEASE-p9 fixing CVE-2015-3197 (SSLv2 disabled by default)
-
DepRemoved thesystem_default_quarantineconfiguration key -
DepRemoved theGetMailTransport()function -
DepRemoved the DeliverAsSpam() function -
DepDeprecated the WrapMessage() function -
DepRenamed the domain typeany(catch-all) to the literal*in the configuration (converted) -
DepMany default settings were moved to the user configuration (making them removable)
3.4-r3
Released on 2015-12-07
-
NewAdded anonymous functions and named function pointers -
NewAdded array_filter(), array_map() and array_reduce() functions -
ImpThe in_file(), in_array() and pcre_replace() may take a function callback as argument -
NewAdded csv_explode() function -
New$serveripin AUTH, RCPT TO and DATA context -
ImpOptionstls_protocolsandtls_ciphersadded to SetTLS() and smtp_lookup_* -
ImpReconnect without TLS if STARTTLS fails for optional TLS connections -
ImpSSLv3 disabled by default on outbound SMTP connections -
ImpRenamed DKIM function to DKIMSign(), which may return signature as a string -
NewAdded csv_explode() function -
ImpDeny() in SOAP API may give a reason as faultstring -
ImpImprove logging in mailqueued (with queueid) -
ImpSettingsyslog_use_fqdnwhich sends the FQDN in syslog messages -
ImpOverall elegance, design and usability improved -
SecUpdated FreeBSD to 10.2-RELEASE-p8 which fixes CVE-2015-3194 to 3196 -
BugImproved DNS reloading in HSL; affected the spf() and ldap_*, tacplus_* and radius_* functions
3.4-r2
Released on 2015-11-04
-
NewDANE support -
ImpAdded settings page for CYREN -
ImpAddedextended_resultoption to thedns*()functions -
ImpAddedpretty_printoption tojson_encode() -
ImpAdded$receivedtimeto pre- and post-delivery contexts -
ImpSOAPmailQueue*Bulk()functions returns number of affected messages -
ImpThe default configuration now contains only one HTTPS web admin interface -
ImpMany small changes improving performance, stability, elegance, design and usability -
BugRegression inScanRPD()withctasdfor "valid-bulk"
3.4-r1
Released on 2015-10-19
-
NewSophos anti-virus (savdid) engine -
NewSpam classification report buttons on email tracking page -
ImpAddedexplode()limit argument -
ImpKey size option when creating private keys on PKI page -
ImpMany small changes improving performance, stability, elegance, design and usability -
BugUpdated CYRENctasdsettings to better cope with connection errors -
BugUpdated Net-SNMP to fix memory leak insnmpd
3.4
Released on 2015-09-23
-
NewBased on FreeBSD 10.2 -
NewSetTLS function to the pre-delivery context -
Newpie chart functionq()to graph queue/quarantine searches -
NewAbility to disable services (such as. SNMP, FTP and SSH) -
NewRCPT flow block for DNSBL and IP reputation -
ImpZoomable graphs -
ImpSave graph layouts per user -
ImpPie chart supports custom refresh intervals -
ImpUpdated components -
ImpScripting page may easily run scripts from the (virtual text) file store -
ImpOptionally turn ontotalhitsin SOAP API -
ImpSwitch between HTML and plain view in message preview -
ImpThe AUTH rate limit flow block defer rather than reject when exceeded -
ImpReplacedrpcmplexdwith an async web admin implementation -
ImpOverall performance, stability, elegance, design and usability improved -
DepUpdated OpenSSL requires DH key size of more than 512 -
DepGraphs now include "dots" in their names (previously replaced with a dash) -
DepSOAP API changes- mailQueue's totalHits renamed to totalhits (lowercase)
- Replaced loginFullname() and loginRemoteHost() with login() return object
- Removed loginCheckPermission()
-
DepEnd user interface considerations-
If you're using
display-stats(graphs) you need to update the end user - Toggle preview on HTML/text message part is now supported
-
If you're using
3.3-r6
Released on 2015-06-04
-
NewAdded an "update" function to the cache that can pick expired (but valid) items -
NewAdded abackgroundflag to the http function for async, non-response calls -
NewAdded a hash function, useful together withhttp()'s background mode -
ImpAdded a syslog port settings -
ImpSupport implicit SSL (wrapper mode) by specifying "465" as the first listener port -
ImpRaised the free disk requirement to 1 GiB in order to receive new messages -
BugFix regression when enabling the DLP processmaildlpdand viewing license users -
BugFixed augmented assignment (+=) behavior with function calls when dereferencing arrays -
BugFirst run didn't add the second domain to the relay table -
EnduserIf you use end-user logging, you may want to employ the new http background feature
3.3-r5
Released on 2015-05-11
-
NewValidate HSL scripts when saving a text file (in file store) -
NewAdded aDefer()function to the AUTH flow -
ImpAutomatically detect and support all network interfaces supported by FreeBSD -
BugThe backend could crash when using LDAP in the API (auth) script -
BugRegression in web admin causing some requests to fail due conservative settings -
BugAdding new cluster nodes could fail if remote systems were unsorted (by id) -
DepSOAP functionconfigValidateArgumentreplaced withhslCheckScript
3.3-r4
Released on 2015-04-27
-
Impreturnstatement in HSL without a value -
BugESCkey in console may not work as expected if pressed twice rapidly -
BugTemp disk may become full
3.3-r3
Released on 2015-04-22
-
ImpUpdated a lot of FreeBSD packages to quarterly -
ImpSupport for Intel(R) 10Gb (ix) network adapters -
BugSOAP request could be delayed with up to 1 second on idle systems -
BugAdding too large text files in the File store now returns an error -
Depswitch statement in HSL with explicit variable storage
3.3-r2
Released on 2015-04-16
-
Newdovecot_lookup_auth() to authenticate using Dovecot's authentication protocol -
NewDone() makes it easier to do advanced routing -
Newpcre_quote() makes it possible to use regex on user input -
NewPreview on PKI page -
NewReview & save in plain-text editor -
Imphttp() function may skip SSL/TLS verification with ssl_verify_peer = false -
ImpPerformance improvements in HSL's file handling -
ImpUpdated third-party libraries -
ImpEasier to use CSV editor in web admin -
ImpAdd support for keep-alive and gzip/deflate encoding in SOAP API -
ImpSupport for QLogic NetXtreme II (bcm) network adapters -
ImpFixed bug in "release duplicate" regarding delta files -
ImpFixed bug with creating a cluster over HTTPS -
DepScanSPF() in favor of spf() -
DepScanSARules() in favor of ScanSA(["rules"=>true]) -
DepQuarantine profile's trigger URL
3.3-r1
Released on 2015-03-02
-
NewVHD image runs on Microsoft Azure -
NewDHCP addressing, default on Azure and GCE -
ImpSupport hardware-assisted software RAID for many vendors such as Intel -
ImpSupport for VirtIO (vtbd) and Xen (xbd) disks -
ImpSupport for Intel 10Gb (igb) network adapters -
ImpCtrl+A/E in web terminal -
BugFixed regressions in web admin
3.3
Released on 2015-02-16
-
NewUpdated to FreeBSD 10.1 -
NewAdded transparent proxy features-
The
system_nonlocal_sourcesetting enablesSetSourceIP()to spoof source IPs - XCLIENT support for external proxies
-
The
-
NewAdded new features to the scripting language (HSL)-
SetMetaData()andGetMetaData()to pass data between DATA and queue scripts -
syslog()function -
unset()statement -
SetRecipient()in pre-delivery script -
$senderheloin pre-delivery script -
$transfertimein post-delivery script -
$saslusernamein queue (pre- and post-delivery) script - Raw strings, like ''raw string''
-
Allow
globalview()anddnsbl()to be executed fromhsh
-
-
NewExtended search filters (HQL) syntax-
metadata.field=corresponding toSetMetaData() -
size=(message body) -
helo=(HELO/EHLO hostname)
-
-
ImpWeb admin interface- Refreshed with many improvements (in layout and functionality)
- The icons and images are vectorized (to support retina/HiDPI displays)
- Button to reset (RRD) graphs
- Custom score popup for Internet Explorer (which allows spam scores and refid to be copied)
-
ImpAdded "msgsize" and "msghelo" to SOAP API -
ImpSMTP balancing uses uniform distribution of traffic -
ImpSupport for QLogic 10Gb (bxe) network adapters -
ImpSearching text logs is a lot faster -
Impmail_queue_threadsmay now be raised -
ImpUpdated 3rd-party components such as CYREN (8.0.110) and Kaspersky (3.8.0.4) -
DepBuilt-inbatv_*()is removed, use the HSL implementation -
DepRenamed "gmt0" to "utc" in SOAP API -
Dep$recipientdomainsand$recipientsin DATA context are now read-only -
Dephttp()return empty results on non 2** responses -
DepGetAddressList()returns empty list on parse errors instead of throwing an exception -
DepWeb admin's flow block "Add header" appends a new header instead of usingSetHeader() -
DepGetID()is now removed, was deprecated in 3.0 -
Dep$directprocessingis now removed, was deprecated in 3.2
3.2-r10p1
Released on 2014-12-23
-
BugStability fixes inmailscand -
BugFixes regression that caused some admin andclusterdrequests to fail
3.2-r10
Released on 2014-11-17
-
ImpSetSender() in pre-delivery (queue) script -
ImpLSI MegaRAID tool (mfiutil) available -
ImphslCacheClear() SOAP API may clear a specific namespace/function -
ImpAdded SOAP API mailQueueRetryBulk() function -
ImpAdded 'duplicate' option to SOAP's queue function for cloning messages(s) from an archive -
ImpSetting mail_log_size to zero will disable logging (even realtime) -
ImpDisable SSLv2 and SSLv3 on administration UI (and SOAP) -
ImpAdd custom headers to HSL mail() created messages -
Imppcre_replace() HSL function -
ImpVariable substitution with ${name} -
Bug'Next retry' could be presented with the wrong timezone (didn't affect delivery) -
BugMemory usage could show erroneous on 64 bit platforms -
DepSOAP API mailQueueRetryAll() removed (reimplemented with mailQueueRetryBulk) -
DepSOAP API devList() removed
3.2-r9
Released on 2014-10-01
-
NewAdded LMTP support, useful for more efficient Dovecot delivery -
Impretry=x in search filter, useful to show delayedmessages -
ImpAdded "\r\n\t" syntax in HSL strings -
ImpAdded HSL http() max-time timeout, also renamed connect_timeout -
ImpAdded the SMTP ping command -
ImpDecouple antivird and clamd for more efficient RAM utilisation -
ImpNew installations are 64-bit, with VMware "guest OS" set to "freebsd-64" -
ImpReview before save on virtual text files and DLP pages -
ImpNew certificates are generated with SHA256 -
ImpFaster clearing of rate limits (may interrupt garbage collection) -
ImpFaster connect() timeout in smtp_lookup_rcpt() -
ImpLower connect() timeout to 30s (like Postfix) -
BugProblem when searching rates in web user interface -
DepUndefined values in HSL was branched as true (not false)
3.2-r8
Released on 2014-09-11
-
SecUpdated to FreeBSD 10.0-RELEASE-p8 which addresses new OpenSSL bugs -
NewMultiple "shadow" port support for mail listener, for better pool utilisation -
NewAddedSetHELO()function and$sourceipto pre-delivery script -
ImpGlobal HSL variables are committed when calling a second function -
ImpNew chart for swap operations, as complement to swap usage chart -
ImpUpdated Kaspersky anti-virus engine to 8.3 -
ImpSome search queries are maintained when browsing cluster nodes -
ImpMany 64-bit fixes in preparation for upcoming 64-bit release -
ImpDisplay Kaspersky virus base version in log on startup -
BugRate limit page support any valid UTF8 as namespace and entry -
ImpOverall improvements throughout the system -
BugFixes NTP client regression -
BugFixes VMware guest info regression -
BugLink aggregation fixes; omitted from cluster, and brings up all ports -
BugFixed cluster system update page's node link -
BugFixed cluster configuration override page with multiple fields per key -
DepForbids ambiguous HSL concatenation of numbers
3.2-r7
Released on 2014-08-20
-
NewImplemented a pre-delivery (queue) script for dynamic transport behaviour -
NewAdded the log() function which can be used for things such as GeoIP lookup -
NewAdded the timelocal() function to get time in local time -
NewLink aggregation support -
ImpSupport using system disk as storage on bare-metal installs, or if the virtual disk is grown -
ImpThe post-delivery (transport) script is unified for all transport, on the flow page -
ImpThe GetHeaders() function can be used to fetch all headers as a multidimensional array -
ImpAllow multiple include of same file in HSL -
ImpThe post-delivery (transport) script executed for successful deliveries, useful for external logging -
ImpAdded$actionidvariable to DATA, queue and transport flows, for tracking of recipients, etc between flows -
ImpLoopback addresses configuration, useful for DSR load balancing -
ImpChange VLAN and link aggr. settings from console -
ImpUpdated FreeBSD packages to latest quarterly -
ImpAuto-configuration on Google Compute Engine -
ImpMany minor improvements -
BugChanged SpamAssassin queue algorithm to decrease wait time -
BugIssue when searching logs larger than 2 GiB fixed -
BugIssue where Kaspersky wrote files to /tmp fixed -
DepDisabled Bayesian by default
3.2-r6p1
Released on 2014-06-18
-
BugResolved uncommon stability issue
3.2-r6
Released on 2014-06-10
-
SecFix OpenSSL CVE-2014-0195, 2014-0221, 2014-0224 and 2014-3470 -
NewDiscardMailDataChanges() function, allowing different data changes for different CopyMail()s -
NewSupport for variadic function syntax in HSL -
NewAdded spread operator (argument unpacking) to HSL -
ImpAdded executable file (by file name, even in ZIP and other archives) blocking to antivirus block -
ImpPerformance improvements in ScanDLP for efficient file extension scanning -
ImpEncode headers as quoted-printable instead of Base64 for readability -
ImpView ScanRPDAV (VOD) results in web admin's message tracking -
ImpImproved virtual text file editor, with HSL code support (great for includes) -
ImpRemoved deprecated browser-specific CSS3 options (Mozilla, Opera) -
ImpEnable auto-scroll on keypress in web terminal -
ImpMany minor improvements
3.2-r5
Released on 2014-05-23
-
NewAdded SetDelayedDeliver() function to HSL for extra queueing time before delivery -
NewAdded builtin and global control structures to HSL functions -
NewAdded json_encode() function to HSL -
ImpAdded max depth option HSL's ScanDLP(), useful for file extension matching in archives, eg. -
ImpAdded named match groups to HSL's PCRE functions -
ImpAdding filtering on retry and sender field to HSL's GetMailQueueMetric function -
ImpUpdated SpamAssassin to 3.4.0 -
ImpWeb terminal (command page) support pasting with Ctrl+V -
ImpAlways prefer IPv6 when clustering with hostnames -
ImpSupport RFC 2231 header parsing -
ImpVarious web admin enhancements, such as links from quarantine page to tracking -
ImpOverall performance and reliability improved -
BugResolved issue where adding and removing headers with zero offset conflicted
3.2-r4
Released on 2014-04-28
-
DepDeprecated updateNetwork SOAP API function -
DepDeprecated HSL's null coalescing operator -
NewAdded default function arguments in HSL -
ImpHSL's header functions decode and refold by default -
ImpAddedmsgqueueidto mailHistory API andhistoryidsearch filter -
ImpOverall performance and stability improved -
BugHSL'sper_messagecache now works in functions -
BugPressing back button in Firefox no longer reset forms
3.2-r3
Released on 2014-04-08
-
SecPatched OpenSSL "heartbleed" vulnerability (CVE-2014-0160) -
DepDeprecated BATV functions in favor of HSL implementation -
NewIntroduced array slicing to HSL -
ImpHSL's DeliverWithDKIM() function can load private key from variable, such as http() request -
ImpNew HSL variable $tlsstarted in AUTH and RCPT flow -
ImpNew HSL variables $messageid and $queueid in transport flow -
ImpMessage queue IDs (exposed as $queueid or via SOAP API) upgraded to 64-bit integer -
ImpImproved http()'s POST data serialisation and added "response_headers" option -
ImpAdded a gethostname() function to HSL -
ImpMany performance optimisations in HSL -
BugFixed Firefox quirk with forms resetting when going back on page -
BugHSL's dnstxt() concatenate multiple strings with space -
BugClustered line charts now merge new legends from secondary results -
BugDisplay error message if unable to clear cluster's HSL cache
3.2-r2
Released on 2014-03-10
-
NewExtended the HSL scripting language- GetMailQueueMetric() to implement usage quotas in queues
- json_decode(), is_string() and is_number() for making API calls, etc
- http() function now supports custom request method and headers
- %= and **= operators
- Switch statements validates that a switch is directly followed by a case or default label
-
ImpUpdated SOAP API- configKeys() now takes "key" (filter) argument which is also exported in $soapargs[]
- configKeySet() allows partial updates (not all parameters needs to be specified)
- hslRate() and hslRateClear() exports "ns" and "entry" to $soapargs[]
- hslRate() and statList() now implements pagination and backend-side search/filtering
- mailQueue() and mailHistory() includes msgsasl for username and msgts0 for GMT timestamp
- mailQueue() and mailHistory() supports filtering on sasl=
-
ImpSASL username can be viewed on tracking page -
ImpDSN messages now include original header "Undeliverable: This was the original header" -
ImpSupport for Broadcom's bge NICs -
BugWeb admin interface fixes- Netcat (nc) command with custom port was not correctly documented
- Active HTTPS sessions may not be degraded to HTTP
- The authentication script test sandbox could produce the wrong output
- Some quarantine retention policies were kept for too long, affected users need to reselect their intended policy
3.2-p1
Released on 2014-02-12
-
BugXen PVHVM network driver "xn" was not detected properly -
BugThe command API could return empty results under extremely rare circumstances -
BugThe web admin's hardware page didn't list "ada" devices
3.2
Released on 2014-02-10
-
NewHyper-V para-virtualization; gigabit network, VLANs, SCSI disks, etc -
NewVirtio (KVM) para-virtualization; improved network and disk performance -
NewVMware VMXNET3 support -
NewXen PVHVM support -
NewLine graphs showing disk IOPS and latency -
NewShow message modifications when browsing queued or quarantined messages -
NewThe DATA flow registers$recipientsand$recipentdomains -
NewNew HSL functionabs() -
NewAddedtcpdumpto API and web administration -
ImpBased on FreeBSD 10 and compiled with clang -
ImpLDNS and Unbound as replacement for BIND (as resolver and DNS cache) -
ImpAutomatically grow storage disk when resized in hypervisor -
ImpOverall throughput increased by careful profiling -
ImpLarge number of HSL scripting language optimisations, such as- R-value optimisations
-
Made
str_replace()significantly faster - Optimised augmented assignments
- Pre-compiled regular expressions
-
ImpMore concise and helpful logging throughout the system -
ImpIncreased swap partition size to 2 GB -
ImpUpdated all 3rd-party components -
ImpShow warnings if no storage disk is found or configured -
ImpRebrand Commtouch as CYREN -
ImpEnable some SpamAssassin DNSBLs by default -
ImpCache DKIM signature for all recipients -
ImpOverall improvements -
BugDKIM DNS generator lacked_domainkeypart -
BugUnder certain circumstances, the command API could fail -
BugReload flows when file store objects are changed -
BugFixed issue with pre-boot command line shutdown -
DepDeprecated the second argument to HSL'sround()function -
DepDeprecated the DATA flow's$resultand$directprocessingpredefined variables -
DepNew (S)ATA storage disks are identified as "ada" instead of "ad" -
DepAt least one DNS server is necessary; unbound is not configured to traverse from the DNS root
3.1-r4p1
Released on 2014-01-16
-
BugPrevent NTP reflection attacks
3.1-r4
Released on 2013-12-20
-
ImpRefactoring for performance improvements -
ImpWarn about 32-bit hosts as preparation for 64-bit releases -
ImpEstimates the number of mail tracking search results -
ImpChanged various settings from byte to megabyte -
ImpOverall web administration improvements -
BugUnable to add cluster nodes with literal IPv6 -
BugRegression on graph page's rate counter
3.1-p3
Released on 2013-11-21
-
NewClusteredratedprocess for improved rate limiting -
NewGetAddressList() function in DATA flow -
Newis_subdomain() HSL function -
ImpSupport sub-domains i black/whitelists (.example.com) -
ImpSearch for transports on tracking page -
ImpWeb admin terminals now work in background tabs -
ImpIPv6 cluster support -
ImpAlways give a authentication failure reason inmailpolicyd -
BugCatch exception in video console for systems without serial number -
BugDo not create sessions for unauthorized web admin clients
3.1-p2
Released on 2013-10-29
-
ImpImproved mail queue/quarantine delivery performance -
ImpSignificantly improved mail tracking performance -
ImpSupport for more than two NTP servers -
ImpReturns to current page, when fixing TLS fingerprints -
ImpWarns about Cisco SMTP fixup which is known to cause issues -
ImpShows inode usage on storage/hardware page -
ImpOther minor improvements -
BugDetect scrolling more accurately when viewing logs -
BugWindows users couldn't type @ in the terminal
3.1-p1
Released on 2013-10-10
-
ImpImproved Bayesian performance using SDBM database -
ImpCluster overview page shows new software versions -
BugRegression causing issues for users with ATA write cache enabled
3.1
Released on 2013-10-09
-
NewBased on FreeBSD 9.2 -
NewSupport for KVM VirtIO networking -
NewCreate pie graph from rate() information with r() -
NewBuy licenses directly from within product -
ImpImproved rate control page (with thresholds) -
ImpDLP engine inspects more archive formats -
ImpDownload messages as ZIP instead of tar -
ImpRestructured menu layout -
ImpScript editor behaviour in Firefox and Internet Explorer -
ImpOverall performance improvements
3.0-p9
Released on 2013-09-23
-
ImpBetter user experience for Hyper-V deployments -
ImpPages loads faster thanks to GZIP compression -
ImpOverall performance improvements -
BugRebooting was required to effectuate some license changes
3.0-p8
Released on 2013-09-09
-
NewDMARC flow block and ScanDMARC function -
ImpConvert white/blacklist input to lower case -
ImpOptimized history/mail API (database API) -
ImpOptimized message logs extractions (from 4 minutes to ~0 seconds) -
ImpImproved charset detection (ICU) -
ImpImproved escape sequence in VMware terminal (detach keyboard) -
ImpSearch for scores and RPD ID in tracking -
ImpImproved SPF caching -
ImpUpdated Ace editor and Kaspersky anti-virus engine -
BugIE9 had problems with search on tracking page -
BugSearchlog didn't always find message logs (if incomplete log) -
Bug7-zip couldn't open downloaded tar (message) archives -
BugPaging with a quarantine folder selected
3.0-p7
Released on 2013-08-12
-
ImpSMTP client prefers "strongest" SASL method announced by server -
BugMemory leak in the console UI
3.0-p6
Released on 2013-08-09
-
BugInitial vApp configuration imported multiple times -
BugXML warning on non-VMware system's interface page
3.0-p5
Released on 2013-08-07
-
NewNetwork setup guide in OVF (VMware vCenter) -
ImpCreate cluster with optional TLS -
ImpTest end-user API with from scripting page -
ImpAdded an extra certificate (pki:2) for SMTP -
Imphttp() support HTTPS -
BugClustering with SSL certificate chains
3.0-p4
Released on 2013-07-24
-
NewBlack/whitelist module for end-user interface -
ImpFull-text search in subject lines -
ImpClear search query on tracking page -
ImpReturn to referring page when editing profiles, etc -
ImpExport users per domain on license page -
ImpPrefer outbound CRAM-MD5 authentication method if supported -
BugBATV interoperability improvements
3.0-p3
Released on 2013-07-05
-
ImpSearch filters are now case-insensitive for from/to/ip -
ImpBlacklist module in RCPT TO flow -
ImpDragging/selecting an interval in a graph opens tracking -
ImpVarious improvements to the DLP engine -
ImpFilter commandRun and fileRead arguments in authentication script -
ImpCompare IP addresses with in_network() in white/blacklists blocks -
ImpDiscard mailqueue's pre-fetched work queue when deleting messages
3.0-p2
Released on 2013-06-25
-
NewComplete overhaul of the product -
ImpThe SOAP API is completely changed -
ImpSNMP MIB is completely changed -
DepQuarantine is deprecated; moved from the system to a GitHub project
2.4.0.3
Released on 2013-02-21
-
ImpMicrosoft Hyper-V legacy network driver support -
BugSome freshclam still couldn't download daily updates
2.4.0.2
Released on 2013-02-18
-
BugScanSA() could miscalculate the estimated queue wait time -
BugWorkaround for freshclam failing to update since ClamAV didn't create a daily diff
2.4.0.1
Released on 2012-10-15
-
ImpOverall improvements -
BugResolved bug in recipient flow's blacklist module's script generation -
BugResolved statistics bug that could create spikes during database failures -
BugResolved database issues generating warnings under rare circumstances -
BugCluster overview's reporting could fail to load
2.4
Released on 2012-10-09
-
NewBased on FreeBSD 9 -
NewScanSA() got fair queueing, time estimation, size limit, etc -
NewBoot-time management via bootsysmgr -
NewTTL argument to IP Policy's Allow() and Block() -
ImpImproved performance -
ImpImproved watchdog with better logging -
ImpSave RAM by only starting maildlpd if ScanDLP() is used -
ImpIn case of storage disk problems, boot without storage -
ImpAllow messages to be viewed instead of downloaded in quarantine -
ImpGetDSN() and GetDSNHeader() to support text/rfc822-headers -
ImpDNS shuffling based on MessageID (always the same per message) -
ImpReboot/shutdown is significantly faster -
BugMissing {FOOTER} replacement in WrapMessage -
DepThe following SOAP API's has been removed:- System_Reboot_Hard
- System_Shutdown_Hard
- System_Online_Status
- Management_SetStorageRecover
- Management_StorageRecoverStatus
- Management_SetStorageMigrate
- Mail_Domain_Report
- Config_Diff
- System_GetKey("system_config_revision")
- System_Command_Run_XXX (replaced with by System_Command_Run)
- Management_GetArguments' filter parameter
2.3.6.3
Released on 2012-09-07
-
BugRegression inbackend's SOAP server
2.3.6.2
Released on 2012-09-04
-
NewDeliver to an MX of a hostname using lookup-mx:hostname -
ImpConfiguration diff is coloured in red and green -
ImpSPF module is moved to content flow in default configuration -
ImpSOAP API's WSDL file moved to /remote/?wsdl -
ImpSOAP API deprecated key system_config_revision, use GetHistoryEntries -
ImpSOAP API deprecated Config_Diff -
ImpSOAP API's gSOAP updated -
ImpDisallow saving a configuration with no changes -
ImpWeb administration checkbox labels made clickable -
Impbackend's watchdog report error codes -
BugSPF couldn't verify IPv6 senders -
BugThe configuration partition wasn't checked properly -
BugMonotonic time was not used for all timers -
BugVisual bugs in web administration resolved
2.3.6.1
Released on 2012-07-18
-
BugFixes various spam assassin errors -
BugFixes clustering page when clustering is not configured
2.3.6
Released on 2012-07-04
-
NewIntroduces pattern analysis rules from Halon -
NewIntroduces valid bulk (RPD score 40) for non-spam -
ImpRate limits now summarized in cluster -
ImpDisplay of rate limits and licensed users loads faster -
ImpTable elements' full content shown on mouse over -
ImpImproved cluster navigation behavior -
ImpUpdated 3rd-party libraries -
ImpFaster spam-assassin updates -
ImpFaster rendering of log files -
BugIP policy charts was not available on overview page -
BugSpam assassin error (introduces in previous release) -
BugFixed MIME-decoding in quarantine
2.3.5
Released on 2012-06-08
-
NewFrench translations -
ImpPattern analysis' (SA's) score values are reported in Tracking/History -
ImpHSL'sScanSARules()can return score values -
ImpHSL'sQuarantine()has new reject and final action options -
BugIssue with HSL'sQuarantine()$recipient resolved
2.3.4.1
Released on 2012-05-08
-
NewAddedtcpdumpto CLI's Network > Diagnostic Tools (console/SSH) -
ImpCommtouch reference IDs in web administration -
ImpHSL'sScanRPD()can return reference ID -
ImpAdded server= and transport= to the Tracking's search filters -
ImpHSLpcre_matchimproved, empty capture groups, etc. -
BugWeb administration spelling
2.3.4
Released on 2012-03-22
-
NewMail tracking supports boolean search filters -
NewMail tracking integrates history and queue -
NewHSL pcre_match functions -
NewHSL Mail Content GetHeaders function -
ImpCluster mail tracking displays scores, and more -
ImpJump between message tracking and logging seamlessly -
ImpJump between pages/tabs before loading completes -
BugIssue with DSNs/NDRs displaying in Microsoft OWA resolved -
BugIssue with UDP when ARP tables changes resolved -
BugWeb administration diagnostics issue resolved
2.3.3
Released on 2012-02-23
-
ImpMulti-line reject/defer messages -
ImpUpdated 3d-party modules (ctipd, ctengine, postfix, clamav, openldap) -
ImpAdded user defined callback to cache[], using "ttl_function" argument -
ImpInclude SMTP transaction state in SMTP errors -
ImpSupport for CA in LDAPs -
BugWeb admin could visually overflow if too many remote systems -
BugResolved rare bug with anti-virus engine -
BugFix TLS warning on startup -
BugVerify last fingerprint in SSL chain (consistently) -
BugScripting console could not connect to SMTP servers over TLS -
BugResolved issue with HSL construct barrier {} -
BugSMTP lookup recipient could cache entires for too long
2.3.2
Released on 2011-12-21
-
ImpQuarantining informs sender; rejects (550) instead of accepts (220) -
ImpThe SMTP recipient lookup forwards errors from the mail server -
ImpRemoved the incoming mail queue -
ImpShow Script looks much better with colors and formatting -
ImpThe getting started has an option to trust server (use as smart host) -
ImpClustering operations are faster thanks to newrpcmplexd -
ImpOption to export list of users per domain -
ImpThe reporting's pie charts reflects selected period (day/month) -
ImpThe console supports page up/down -
ImpThe log viewer (searchlog) is faster -
ImpKorean language updated -
ImpSupport for Internet Explorer 10 -
BugIssue with quarantine's history and domain administrators resolved -
BugAnonymous LDAP authentication issue resolved -
BugIssue with HSL's in_network() resolved
2.3.1
Released on 2011-10-04
-
NewView and reset rate control (Diagnostics > Rate Control) -
ImpImproved support for KVM virtualization platforms -
ImpDisabled auto-scroll in logs on mouse scroll -
ImpImproved graphs (bandwidth graphs and layout) -
ImpHSL's GuessAttachmentType() is faster -
BugResolved issues when upgrading 2.3-series on first boot
2.3.0.4
Released on 2011-09-22
-
ImpQuarantine automatically sanitizes input -
ImpPattern analysis' update is run every 6th hour -
BugPattern analysis' update error reporting issue resolved
2.3.0.3
Released on 2011-09-14
-
BugSerial console issue on SPG-150 resolved
2.3.0.2
Released on 2011-09-02
-
BugLDAP synchronization issue resolved -
BugPattern analysis' bayesian filter issue resolved
2.3.0.1
Released on 2011-08-17
-
BugUpdated list of time zones (some didn't exist) -
BugGuessing of character set issue resolved -
BugPattern analysis (ScanSA) custom rules issue resolved
2.3
Released on 2011-08-02
-
NewBased on FreeBSD 8.2 -
NewContent Inspection (DLP), ScanDLP() function -
NewFile store with CSV editor, deprecates FTP, in_file() function updated -
NewSupport for VMware vmxnet adapters -
NewView history in Quarantine interface -
NewShow header modifications in Quarantine interface -
ImpQuarantine interface is now fully clustered (user creation) -
ImpUpdated Commtouch RPD and GlobalView engines -
ImpUpdated Kaspersky anti-virus engine -
ImpOption to reset SpamAssassin bayesian database -
ImpThe mail() function has a plain-text option -
ImpFullscreen editors has "import from file" functionality -
ImpVMware/serial console auto-logout after 10 minutes -
ImpMail Gateway > Domain section tables show more information -
ImpMany small improvements in functionality and stability -
BugStorage fallback to memory issue resolved -
BugIssues with static routes resolved
2.2.6.3
Released on 2011-05-11
-
ImpWeb Administration improvements (translations, statistics) -
ImpHSL functions floor() and ceil() added -
BugFixed incorrect return type from round() -
BugKaspersky anti-virus regression issue solved
2.2.6.2
Released on 2011-05-05
-
ImpUpdated 3rd-party components (Commtouch, Kaspersky, etc.) -
ImpOverall reliability and performance improved
2.2.6.1
Released on 2011-04-06
-
BugMitigating HSL data type issue
2.2.6
Released on 2011-03-31
-
NewIPv6 support in IP Policy Flows (added $family variable) -
NewAutomatic configuration truncation option (System > Configuration) -
Impdnsbl() function now queries for IPv6 according to RFC5782 -
ImpImproved the Web Administration with some new functionality -
ImpInternet Explorer 9 support in Web Administration -
ImpImproved phishing protection -
ImpImproved SMTP IPv6 handling (prioritized) -
ImpDSN messages now includes only message/rfc822-headers -
ImpDKIMWithDeliver() now returns 500-error on un-signable messages -
ImpUpdated 3rd-party components (libc, postfix, htmlpurifier etc.) -
ImpOverall performance improved -
BugFolders created on FTP did not appear until after a reboot -
BugIP Policy Flow's $serverport variable was not a number (string) -
Bugdnsptr() now supports compressed IPv6 addresses -
BugKaspersky's logfile not available on first run -
BugWeb Administration over IPv6 was partly broken -
Bugsmtp_lookup_*() should not use transport fallbacks -
BugQuarantine() function did not honour SetMailTransport()
2.2.5.2
Released on 2011-02-10
-
NewPrioritized queues (per mail transports) -
NewIO statistics tool in Web Admin (iostat) -
ImpUpdated 3rd-party components (clamav) -
ImpOverall reliability and performance improved -
BugBATV format bug -
BugDeliver to A/AAAA records did not load balance properly
2.2.5.1
Released on 2011-01-24
-
NewVMware Zimbra integration in quarantine -
NewCustom authentication with System Authentication Script -
NewRADIUS (rad_authen) function for System Authentication -
NewTACACS+ (tacplus_authen and tacplus_author) functions -
NewContext-aware help (links to the doc. wiki) in Web Admin. -
ImpUpdated 3rd-party components (ctipd, syslog, clamav, php) -
ImpInclude kernel debugging in logs -
ImpQuarantine > Users, double-click users to 'sign as' as them -
ImpActivity > Logging has time interval option for faster searching -
ImpSome HSL functions are cached per default (per-message) -
ImpAdmins can change quarantine users' passwords -
ImpForce web browsers to update cache on H/OS upgrades -
ImpHSL arrays may be initiated with [ ] instead of array() -
ImpLDAP debugging command hides passwords -
ImpSort user's joined accounts in quarantine -
ImpSupport for [IPv6 address]:port in network tools -
ImpNew strnatcmp JavaScript library for better natural ordering -
BugGlobalView, etc. stability improved with glibc patch -
BugFixed host name length (was limited to 32) -
BugFixed SMTP DNS lookup implementation misbehaviour -
BugHeartbeat probe for Spam Assassin to resolve locks -
BugFixed missing SSL chain for certificates -
BugFixed multiple pages bug in Activity section of Web Admin. -
DepConfiguration key config_user renamed to to system_user -
DepSigned in account used to browse cluster in web admin -
DepAdmin accounts must use @local for quarantine sign-in
2.2.4
Released on 2010-11-25
-
ImpPerformance optimizations on message delivery -
ImpDouble-click on messages to display text log -
ImpVersion history information button on update section -
ImpOption to enable ATA write-cache -
ImpNon-blocking Kaspersky anti-virus database update -
ImpGetting Started allows example.org and another domain -
ImpDisplay newly added quarantine branding -
ImpGlobalView is logged as ctipd instead of [ctipd] -
ImpUnified authentication scheme -
ImpUpdated 3rd-party components -
ImpDatabase errors are logged -
BugMemory usage was erroneously calculated -
BugValue rounding in reporting charts -
BugForbid domains ending with a dot -
BugFlow selection race condition for first message resolved -
BugMemory leak in mailscand resolved -
BugSpelling corrected in web administration -
BugOverall reliability and performance improved
2.2.3
Released on 2010-10-25
-
NewStorage disk migration section -
NewUnique self-signed certificate during install -
NewNew DirectDeliver() function to deliver inline -
NewRPC log for SOAP API calls -
NewPuny-codes for domains and in calculator -
ImpMuch improved logging with session tracking -
ImpGraphical fixes for iPhone/iPad -
ImpCluster administration performance improved -
ImpUpdated 3rd-party components -
ImpUser count for license in mailscand -
ImpOption to skip Getting Started -
ImpRussian language in quarantine -
ImpOverall graphical improvements -
ImpImprovements in flow presentation -
ImpForbid non-ascii e-mail addresses -
ImpHSL function get_defined_functions() -
ImpTLS settings in smtp_lookup_rcpt/auth -
ImpUpdated statistics to BIGINT -
BugClamAV could be started twice -
BugLDAP search cached non-existent users for 24 hours -
BugSNMP could fail to get ippolicyd statistics -
BugInventory keys denied for read-only users -
Bugippolicyd could report statistics inaccurately -
BugDNS failures (NXDOMAIN and NODATA) results in immediate bounce -
BugOverall performance and stability improved -
DepIt's recommended to empty your browser cache before signing on to your updated system -
DepThe log format is heavily changed; be aware if you rely on machine parsed logging
2.2.2.2
Released on 2010-09-02
-
ImpDNSSEC trusts newly signed root -
ImpCPU indicator in clustering overview -
ImpSimplified configuration management view -
ImpRemote systems alphanumerically sorted -
ImpFinal actions terminate user defined functions -
Imp3rd-party modules updated -
ImpRussian translations updated -
BugHSL isset() function now works on arrays -
BugIPv6 support in Syslog -
BugDetect primary domain from Active Directory -
BugReporting tab timed out in large clusters -
BugOverall performance and stability improved
2.2.2.1
Released on 2010-07-29
-
NewNovell GroupWise support in quarantine -
Imp3rd-party components updated -
BugDo not synchronize "fallback" configurations in cluster
2.2.2
Released on 2010-07-07
-
NewBackscatter protection with BATV -
NewComments (C++ style, //) in address lists in web administration -
NewMinger protocol recipient lookup function minger_lookup() in HSL -
NewSetRecipient() function in HSL's Content Flow -
NewHSL control structure "barrier" to do advanced synchronous scripting -
NewHSL isset() function, to check if a variable is defined or not -
NewSet listen addresses for SSH, FTP and SNMP services -
NewPrompted configuration download in web administration -
NewShow configuration changes between revisions -
ImpChanged default IP to 169.254.1.1 (not to conflict with customer networks) -
BugDo not allow recipient with trailing "." in the domain name
2.2.1.1
Released on 2010-06-17
-
BugA script validation error in Web Administration fixed -
BugSyslog could fail at boot on rare occasions
2.2.1
Released on 2010-06-14
-
ImpShow PKI information (X.509, private and public key) -
ImpRequire passwords to be typed twice -
ImpBetter TLS information in SMTP logs -
ImpDNSSEC and DNS cache made private in cluster -
ImpRPDAV icon changed to be distinguished from RPD -
ImpShow full AV, AS, LDAP and boot logs -
ImpSort cluster nodes by name on Cluster > Overview -
ImpSupport TLS/SSL for LDAP servers (Quarantine and HSL) -
ImpSMTP listener/transport support "internal-hostname" as hostname -
ImpMore restrictive read-only users (no ping, etc) -
ImpCommands (ping, etc) in console are continuously updated -
ImpMore private keys (Send to Server, etc) -
Imp3rd-party components updated (ClamAV, etc) -
BugRPDAV could not set "delete" action -
BugView message button in outgoing queue fixed -
BugNo script errors for action on empty message queues -
BugGraph X-axis could be a few seconds off in cluster -
BugFailed to save flows when custom functions were used -
BugSession timeout when saving services (SMTP, HTTP, etc)
2.2.0.1
Released on 2010-05-19
-
Bugsyslog needs to be restarted in order for hostname to be applied -
BugIf STARTTLS was announced but failed, optional TLS aborted -
BugLDAP queries failed in HSL
2.2
Released on 2010-05-17
-
NewDNSSEC support and an internal DNS cache -
NewDKIM signing and validation in Content flow -
NewReworked statistics with JavaScript graphs and a new layout -
NewShow Script button on flows, displaying generated HSL code -
NewAbility to write reject/defer messages in flow blocks -
NewHSL variables $service (IP) and $messageid (Content) added -
NewHSL functions file() and file_get_contents() added -
NewDefer(), SetMailTransport() and AddHeader() in Content flow -
NewTrusted (whitelist) block in Recipient flow -
NewWeb Administration organization with flows in one section -
NewUnit identification used as internal hostname -
NewButton for jumping to flows and profiles -
NewWarning messages before discarding unsaved changes -
NewBookmarks to sections and tabs in Web Administration -
ImpRenamed processes to mailscand and mailqueued -
ImpMajor performance improvement in mailscand -
ImpOverall performance from chunked statistic updates -
ImpFree-text search in Activity > Logging -
ImpQuarantine mail listing show scores and logging -
ImpClustering menu and timeouts improved -
ImpE-mail file maintenance (lostfiles) added -
ImpOutbreak (RPDAV) anti-virus accuracy improved -
ImpWeb Administration performance and caching improved -
ImpUpdated 3rd-party components -
ImpHop count in mailscand implemented -
ImpOverall performance and stability improved -
BugSpamAssassin update bug resolved -
BugSNMP label swapping bug resolved -
BugDisabling of certain domains bug resolved -
BugZero-bitmask error in in_network() function resolved -
BugIPv6 scope in network functions is now discarded -
BugGMT timezone confusion on System > Time clarified -
DelDomain statistics reports removed -
DelDeprecated recipient databases migrated into flows -
DelIncoming listener (smtpd) doesn't listen to localhost -
DelRemoved Deliver() as error fallback action -
DelInvalid PKI certificates no longer validates in config -
DelDeprecated $spamscore and LDAPLookup() removed -
DelDiagnostics > Troubleshooter tab removed
2.1.5
Released on 2010-03-01
-
NewClustering of multiple SPG/VSP units -
NewGraphical Console (replacing the CLI) -
Newmail() function in HSL -
NewGuessAttachmentType() in HSL -
Imp3rd-party components updated -
ImpQuarantine reset password, does not send a new password, instead allows it to be changed -
ImpOverall improvements in functionality and reliability -
ImpHSL cache [] is not LRU per default (least recently used) -
BugDomains were not disabled properly (nor alias domains) -
BugIP Policy response were not always received -
BugGetAttachmentName() were not decoded properly -
BugSelf-genrated messages had the wrong Content-Disposition -
BugUnable to bind in queueprocessor (when custom source-ip was used) -
BugDomain reports could take very long time to complete -
BugStatistics could be collected for recipient instead of sender -
BugDisk, CPU and Memory usage where 24 hours off in bar-indicator
2.1.4.4
Released on 2010-01-14
-
BugIssue with domains without MX records resolved -
BugInternet Explorer 8 can now view message logs -
BugExporting users can now handle invalid UTF-8 chars
2.1.4.3
Released on 2010-01-07
-
ImpAutomatically format and use available disk (Xen and Hardware) -
BugXen could not leave firmware OS -
BugWrap-around long log lines in Web Administration -
BugRate-control would cause random reboots -
BugGlobalView did not always start at boot -
BugNewly downloaded SpamAssassin rules were not applied until reboot
2.1.4.2
Released on 2009-12-22
-
NewConsole in Web Administration (Diagnostics > Local Console) -
NewShow licensed users in Web Administration and SOAP -
NewAccess Quarantine from Web Administration -
Imp3rd-party components updated -
Impin_network() now supports IPv4 and IPv6 -
Impdns() is now IPv6 ready, use dns4() or dns6() to choose -
ImpImproved compatibility with "tag subject" and non UTF-8 -
ImpColors in log search -
ImpFixed MX-shuffle (rare round-robin delivery problem) -
ImpDelivery will only try the first three A/AAAA records -
ImpSelecting text in Web Administration logs -
ImpMany other improvements -
BugNext retry wasn't presented in the local timezone -
BugRare bug while reverting between configurations -
BugCould not save whitelist in Internet Explorer 8 -
BugReload services when SSL certificate is updated -
BugRetention policy in Web Administration was restricted to 32-letter -
BugAdding one's own domains as domain alias confused quarantine -
BugSpelling corrections -
BugOverall stability fixes
2.1.4.1
Released on 2009-11-06
-
BugBetter handling of questionable SMTP responses. -
ImpRussian and German in VSP's Getting Started. -
ImpSpam Assassin size limited raised to 500KiB. -
ImpCharset detection for Korean and other Asian languages. -
BugScripting error for Anti-Virus block in Content Flow. -
BugWeb Administration bug in Gettings Started for IE6/7. -
ImpFlow blocks in IP Policy log their results. -
BugJapanese may now be default language in Quarantine. -
ImpStatistic's performance is improvements. -
ImpHSL does not resolve $var to the value of $var. -
ImpHSL function eval() implemented. -
ImpOverall improvements in functionality and reliability.
2.1.4
Released on 2009-10-21
-
WarningStorage disk must be at least 2GB for all units and configurations -
ImpAutomatic initialization of new Storage disks for VSP/SPG -
ImpFirmware updates by self hosted Web Updates -
ImpGetting Started -guide in Console and Web Administration -
ImpIPv6 support in Web Administration -
ImpKeep current search in History/Queues while browsing and performing actions -
ImpIP-address whitelist in Content-Flow -
ImpQuarantine action "Empty" only empties the selected folder -
ImpJapanese language support in Quarantine -
BugIf no MX is found, try to use the A/AAAA record -
BugSNMP and NTP problems with reconfiguration -
Imp3rd party components updated -
ImpOverall improvements in functionality and reliability
2.1.3.1
Released on 2009-08-09
-
ImpOverall improvements in functionality and reliability
2.1.3.2
Released on 2009-08-09
-
ImpOverall improvements in functionality and reliability
2.1.3
Released on 2009-07-10
-
ImpThroughput vastly improved, read the guidelines -
ImpOption to disable internal statistics and history -
NewNew HSL functions -
ImpOverall improvements in functionality and reliability
2.1.2
Released on 2009-06-25
-
NewSNMP monitoring; custom MIB with statistics and information -
BugFixed Kaspersky engine error -
ImpTruncate configuration from CLI to save memory -
BugCache timeout set at execution instead of completion -
ImpIP Policy may also block UDP packets ($protocol) -
ImpRemoved start-up related warnings -
Bughttp() function can handle more than 10 parameters -
ImpExceptions in Recipient Flow are reported as Defer() -
ImpGlobal quarantine admin users may blacklist globally -
ImpBlacklist handles domains and wildcard (%@domain) -
ImpNotify senders that they are blacklisted -
ImpRe-arranged tabs into new system menu in Web Admin. -
BugRedirection bug when accessing a HTTPS interface using HTTP -
BugConfiguration upgrade for remote systems could cause timeouts -
ImpBetter transport-lookup for messages generated internally -
ImpMail function GetRoute() in HSL improved -
ImpArray function array_reverse() in HSL -
ImpRate control function rate() in HSL -
ImpRate control module in Recipient and Authentication Flows -
ImpDefault message rate for authenticated users is 100 msg/h -
ImpHSL may cache results per message/session -
ImpOverall improvements in functionality and reliability
2.1.1
Released on 2009-06-03
-
NewAdvanced options on Mail Content Flow with custom rules -
ImpLarger history (100.000 msgs.) for small disks (4 GB) -
ImpAnti-virus and Pattern Analysis (SA) results in history -
ImpQuarantine allows users to download messages -
ImpQuarantine web interface scales content to browser size -
ImpQuarantine accepts LDAP sign-in using alias as username -
ImpQuarantine has Korean translation -
ImpQuarantine displays outgoing queue -
ImpQuarantine displays folder's message count on mouse over -
ImpSPF module has trusted forwarders white-list field -
ImpOption to reject messages with virus -
ImpRecipient Flows reports the reason for rejection to sender -
ImpOverall performance and reliability improved -
BugQuarantine now shows attachments correctly -
BugDelivery forced default transport during certain circumstances -
BugQuarantine now honors the LDAP version setting -
BugIt is now possible to mix recipient flows with "disabled"
2.1
Released on 2009-05-18
-
ImpNew Quarantine with LDAP support and Clustering -
ImpAdministrator can access the Quarantine using their credentials -
ImpQuarantine has administrator-only folders (invisible to users) -
ImpReporting > Real Time Log displays Anti-Virus, LDAP, etc. -
ImpThe console's startup screen displays IP address -
ImpFTP access requires full permissions or the "f"-flag -
ImpAdministrators cannot change their own permissions -
NewAdded "null" transport (discards messages) -
ImpVMware ESXi users need to resize the disk during install -
ImpAdded "Per Domain" for the SMTP Recipient Flow lookup module -
BugTrace configuration revisions changes by administrator user -
ImpRecipient Flows are per-domain instead of per-incoming. -
ImpImproved queue/history management responsiveness -
ImpPerformance optimizations -
Imp3:rd Party Components Updated -
ImpCLI command "version" displays appliance information -
ImpOverall performance and reliability improved
2.0.9
Released on 2009-03-24
-
NewImport Configuration from Clipboard -
BugInstaller on Windows 2000 -
BugInstaller field validation -
ImpWarning on VMware Configuration Import -
ImpRepair License in Web Admin. -
BugHistory Page in Internet Explorer fixed -
ImpChanges in terminology (Process Flow = Content Flow, etc) -
BugLong lines message bug fixed -
NewImplemented cache [] function(); -
BugIP Policy cache is now cleared properly -
ImpWeb Admin. Script fields is monospace and support [tab] -
NewAdded !~ (negated regular expression) matching -
ImpUpdates 3d-party libraries -
NewCaches the Incoming's smtp_rcpt_lookup -
ImpClear cache button (Mail Gateway -> Settings) -
BugNon-UTF-8 bug (Mail Gateway -> Activity) -
ImpIP Policy performance improved -
BugHTTP re-configured during address change -
ImpRemoved reverse DNS lookups -
BugMemory storage capacity resolved -
BugAuthentication and Recipient Flow re-configuration -
BugNTP producing false error messages -
ImpAutodetect language in Web Admin. -
ImpMail Content Flow didn't virus-check spam messages -
ImpOverall improvements and stability
2.0.8
Released on 2009-02-27
-
ImpFirmware Update with step-by-step guide -
ImpVSP Installation with quick-start guide -
Imp"Paging" in Mail Gateway Activity tabs -
Newdnstxt(), dnsmx() and implode() functions in HSL -
Bug500-errors handled correctly -
NewSupport for alternative DNS in lookup-mx -
BugHandle UTF-8 in Tag Subject i Mail Flow -
NewMore languages added -
ImpGraph directions changed (left to right) -
ImpMore SMTP debugging -
NewDirect Processing gives reject function -
NewReject() function in Mail Flow -
ImpSet concurrent connections per Incoming (server) -
ImpFunction declaration and "include" support in HSL -
ImpFull UTF-8 support -
ImpOverall improvements and stability
2.0.7.1
Released on 2009-01-16
-
ImpSMTP/LDAP SMTP authentication support -
BugDisk Operation Stability -
ImpStorage Management (backup and restore) -
ImpAdd multiple domains from Web Admin -
ImpAuthentication and Recipient Flows -
ImpMany new functions added to HSL (see Wiki) -
ImpSecure Disk Wipe from Recovery Console -
ImpSend test mail to administrator from Web Admin -
ImpReset Statistics in Web Admin -
BugDNS/MX resolving -
ImpAuthentication in Outgoing Transports -
ImpPreview mail in Quarantine -
BugQuarantine handles quoted-printable -
BugQuarantine reports handles quoted-printable -
ImpWarn users when Quarantine getting full -
ImpScript testing tool -
ImpSearching logs indicates when showing realtime -
ImpCustom icons for script blocks in Web Admin -
ImpImproved anti-virus detection -
ImpSOAP interface improvements -
ImpBetter Default Flows -
BugResolved back-to-default-config bug
2.0.6.2
Released on 2008-11-25
-
BugQuarantine templates
2.0.6.1
Released on 2008-11-20
-
BugQuarantine templates
2.0.6
Released on 2008-11-12
-
ImpSend Domain Reports from Web Admin -
BugDomain Statistics reported correctly (lowercase) -
BugOverall Web Admin reliability -
ImpLDAP debugging -
ImpMail throughput performance vastly improved -
ImpSPF Query Tool in Web Admin -
Impin_network() now supports IP-ranges in HSL -
ImpBlock() may send reason for blocking in HSL -
Impdnsptr() to lookup PTR (ipv4 and ipv6) in HSL -
Imp5 s timeout for dns() request by default in HSL -
Impin_file() function (eg. black/white-lists) in HSL -
ImpFirst comment in a Flow Script shown as title -
ImpCustomize generated e-mail -
ImpMultiple LDAP servers on incoming listerners -
ImpDefault contact changed to "Postmaster" -
ImpMultidimensional arrays in HSL -
BugOverall reliability and functionality -
ImpQuarantine translated to Swedish and customizable -
ImpBetter default mail gateway Process Flow
2.0.5
Released on 2008-08-21
-
ImpImproved quarantine with reports -
ImpStatistics in Web Administration -
ImpDomain reports with additional statistics -
ImpLogging is separated and improved -
ImpMessage tracking (Activity) -
ImpWeb Administration re-organization -
BugStorage recovery from power failures -
ImpCertificate tunable "Optional but Verify" -
ImpError messages are displayed as dialogues -
ImpGenerate SSL certificates (Diagnostics section) -
ImpName (tag) configuration revisions -
ImpSOAP configuration API (using WSDL file) -
ImpNFS replaces SMB for network storage -
ImpGraceful shutdown and restart -
ImpBoot procedure with progress and log -
ImpMultidimensional arrays in HSL -
ImpHeaders are UTF-8 decoded in HSL -
ImpGetDSN(), GetRoute(), DeliverAsSpam() in HSL
2.0.4.1
Released on 2008-06-09
-
BugWeb Administration error on factory reset units -
ImpAdded German and Japanese language support -
ImpHSL Scripting in Outgoing Queue -
ImpDomain name variable in HSL -
ImpWrapMessageAddHeader function added in HSL -
ImpRevert to default config upon fatal errors -
ImpDisable Incoming Listeners upon storage failure -
ImpRegular Expression modifiers in HSL -
ImpInitial Access Control Flow statistics -
ImpIncoming Queue shows entire message -
Imphttp() and explode() functions added to HSL -
ImpPattern Analysis (spam assassin) module added -
ImpLDAP testing on Diagnostics section -
BugMax Message Size can be increased -
BugOverall reliability and functionality
2.0.3
Released on 2008-05-15
-
ImpAdded Italian, Spanish and Korean language support -
ImpOverall reliability improved
2.0.2
Released on 2008-05-12
-
BugSPF calculated $spamscore incorrectly -
ImpReboot to Update Firmware from Web Admin. -
BugRemoved extra newline in messages -
BugDatabase conversions could fail -
ImpAbility to disable ACL flow for services -
BugNTP synchronization problem solved -
ImpModel-specific performance optimizations -
BugRecovery from power failure -
BugWindows (SMB) share no longer fails -
ImpAdded date/time functionality to HSL -
ImpOverall reliability improved
2.0.1
Released on 2008-04-28
-
BugProblems in the parser of the mail scanner are fixed -
BugAjax problems in the mail processing flow are fixed -
ImpNew functions in HSL (Halon Scripting Language) -
ImpUTF-8 support in HSL -
BugInternet Explorer and Opera support -
ImpOverall reliability improved
Comments
0 comments
Article is closed for comments.