5.16
Released 2024-08-27
-
New
Support for AWS SIGv4 in http() and http_bulk() -
Imp
Improved API request logging in API hook -
Bug
Fix issue with certain timezones hook
5.15-p3
Released 2024-07-02
-
Sec
Fix issue addressing CVE-2024-6387 (OpenSSH)
The general recommendation is to not provide internet access to any admin interface (SSH, HTTPS).
5.15-p2
Released 2024-07-01
-
Bug
Fix issue with linting in script editor
5.15-p1
Released 2024-04-22
-
Bug
Fix issue in script editor with validation of delivery settings -
Bug
Fix issue with Let's Encrypt
5.15
Released 2024-04-09
-
New
Added support for Let’s Encrypt (ACME) -
New
Redesign of web administration interface New
Added support for queue groupings (MX and domain rollups)-
Imp
Added support rotating mail history logs based on days (in addition to count) -
Imp
Added support for public validated CAs when clustering (in addition to fingerprints) Bug
Issue when searching for message ID in message queue-
Pkg
Updated FreeBSD (13.2-RELEASE-p11) and packages to latest quarterly -
Pkg
Updated Eleven eXpurgate anti-spam engine to 4.48.3
5.14-p1
Released 2024-02-27
-
Pkg
Updated Sophos anti-spam engine (savi)
5.14
Released 2024-01-25
-
New
Enable configuration of barelf behaviour (default is to auto detect legacy clients) -
New
Added null coalescing assignment operator -
New
Added mimeword_encode() and _decode HSL functions -
New
Added support for Map.merge() in HSL -
Bug
Fix Views button not working with Quarantine -
Bug
Escaped characters in filename in MIME class should always be double hex digits -
Bug
Fix validation issue of policy, delivery and suspend configs -
Pkg
Updated FreeBSD (13.2-RELEASE-p4) and packages to latest quarterly
5.13-p1
Released 2023-10-02
-
Sec
Updated libspf2 to fix CVE-2023-42118
5.13
Released 2023-08-15
-
Imp
Updated version of eleven eXpurgate anti-spam daemon (4.47.0) -
Imp
Added selector field to DMARC reporting -
Imp
Increased SA custom rules limit -
Imp
Improved query builder for metadata fields in queue listing -
Imp
Based on FreeBSD 13.2, and latest quarterly packages -
Bug
Fix issue with SpamHaus DQS -
Bug
Fix issue with memory_store HSL function -
Dep
Removed deprecated ClamAV (ScanCLAM() is now a no-op)
5.12-p1
Released 2023-05-03
-
Bug
In HSL fix an issue with Map/Sets iterators and foreach
5.12
Released 2023-04-12
-
Imp
MTA improvements- Faster policy evaluations and subdomain matching
- Added a new grouping field to the queue structure to be used for combined recipientdomain/remotemx groupings
- Added
LOGIN
parameter support to theXCLIENT
command - Added support for network matching in
PROXY
,XCLIENT
and TLS client cert settings - Added connection pooling reuse setting based on remotemx
- Various improvements to DNS resolving
- Added a global DNS domain cache
- Restructured DNS cache to resolve all addresses, with deduplication
- Added global settings for
resolver.mx.exclude.ip
andresolver.mx.exclude.mx
- Priority messages now also have priority in resolver and script execution queues
- Allow overriding serverhost (
servers[].hostname
) in connect hooks'sAccept()
function - Added ability to read plugin configurations from file paths
- Improvements to
halonctl
- Added
--no-pipelining
options to queue trace command - More precise time (usec) resolution in queue trace command
- Queue update command now supports changing only localpart or domain of senders/recipients
- Added
-
halontop
now resizes layout to terminal size - Added a new C-API (
HalonMTA_deliver_trace
) to do custom trace outputs in delivery plugins - Added a new C-API for queue pickup plugins
-
Imp
Script language improvements- Added support for multiline CSV data in
csv_encode()
andcsv_decode()
- Added option to allow non-convertible objects to be converted to none in
json_encode()
- Added support for multiline CSV data in
-
Imp
Improvements to integrated (VM) package- Based on FreeBSD 13.2, and latest quarterly packages
- Pre-packed with http-bulk plugin
-
Dep
Important changes- Deprecated ClamAV in integrated (VM) package
- Deprecated
ScanDMARC()
in componentized package (installhalon-extras-dmarc
) - Deprecated builtin
LDAP
class in componentized package (installhalon-extras-ldap
) - Removed
MailMessage.deliver
(deprecated since 5.2, useMailMessage.queue()
instead) - Removed
/dev/null
as special transport destination - Removed
GetMailQueueMetric()
(deprecated since 5.3)
-
Bug
Various bug fixes- Missing dynamic policy id in
$arguments
in post-delivery on rate only policy conditions - Fixed timeout issue with PIPELINING
-
queue_policy_delete()
function was missing in AUTH hook - Fix issue with
unset
inforeach
loops - Fix issue with
scripting.rootpath
ending with/
- In HSL do not allow index dereference of string with key types other than numbers
- In HSL do not allow slice operator dereference with key types other than numbers
-
jobid
set in pre-deliveryTry()
function was not updated in post-delivery hook - Fixed rare crash with queue trace command on busy systems
- Missing dynamic policy id in
5.11-p3
Released 2023-02-17
-
Bug
Improved error handling with HTTP submissions API -
Bug
Fix error message withhalonconfig --dist-check
and missing schemas -
Bug
Fixes to integrated (VM) package- Upgraded ClamAV to 1.0.1 to address CVE-2023-20032 and CVE-2023-20052
- Fix web adminsitration bug when adding domains
- Relaxed DangerousExtensions classification in eXpurgate (caused false positives)
- Allow changing DangerousExtensions with
antispam_expurgate_dangerous_extensions
setting
-
Bug
Fix rare issue connection retry -
Dep
Please note that ClamAV is deprecated and will be removed in 5.12
5.11-p2
Released 2023-02-09
-
Bug
Fixes to integrated (VM) package- Lower default timeout of ScanRPD() scanning
- Fixed error handling for ScanRPD() in case of network errors
5.11-p1
Released 2023-02-06
-
Bug
Fix a rare issue with configuration reload on Ubuntu
5.11
Released 2023-02-03
-
Imp
MTA improvements- Added a
halonctl queue trace
command to trace outbound SMTP connections - Outbound PIPELINING support
- Ability to change TLSv1.3 cipher suites on server and clients
- Queue performance optimisations
- Added
setDateLater()
function to set Date header on delivery - Added connection
id
and numbers oftransactions
to post-delivery attempt connection array - Added support for networks in the
Try()
argumentip_exclude
- Allow changing jobid with
Queue()
functions in pre- and post-delivery - Added remotemx information to outbound connection list
- Added support for
--size
,--subject
,--metadata-and
filter conditions tohalonctl
- Added the ability to clear the internal DNS cache using domain wildcards in
halonctl
- Added a
-
Imp
Script language improvements-
Map
/Set
iterator are now thread safe with imports (modifications are not) - Added support for data types when
import
ing YAML files - Added support for private key
import
(RSA and ED25519 keys) - Added
rsa_privatekey()
anded25519_privatekey()
function to load keys as PrivateKey resources - Added
array_combine()
function - Added
exclude_headers
tosignDKIM()
functions - Added support for PrivateKey resources to
signDKIM()
functions - Added support for tags when
parsing
ing YAML files - Added
MIMEPart.getByID()
functions to retrive a MIMEPart by ID - Added support for Regex types to
MIMEPart.findByType()
andMIMEPart.findByFileName()
functions -
csv_encode()
will not added quotes to string with spaces
-
-
Imp
Improvements to integrated (VM) package- Improved DNS reliability when using the builtin DNS cache
- In the WebUI allow building queue search filters with multiple different metadata combinations
-
Bug
Fix issue with slow graceful shutdown ofsmtpd
-
Bug
Fix issue with thehalonctl queue groupby
command if jobid was set withTry()
-
Bug
Fix issue with including files using symlinks within the rootpath in HSL -
Bug
Fix issue with global functions and module imports in HSL -
Dep
Important changes- Migrating away from Cyren (ctasd and ctipd)
- The deprecated
DirectDeliver()
function now acts as a queuing deliver - Removed deprecated
GetTLS()
,Allow()
,Block()
andDeliverWithDKIM()
functions - On Linux, trying to reload with Halon script compilation errors will continue using the previous configuration
5.10-p1
Released 2022-12-06
-
Bug
halonctl resolver command didn't ignore SIGPIPE -
Bug
halontop didn't show patch version properly -
Bug
On some Linux distros environment.rlimit.nice could not be set to a negative value -
Bug
Improved error handling on JSON payloads in smtpd HTTP API -
Bug
On configuration load filename was missing in error message -
Bug
Fixed a stability issue -
Bug
Updated FreeBSD ping utility (CVE-2022-23093)
5.10
Released 2022-10-11
-
New
Web administration additions- Delivery insights view
- Outbound connection list and ability to close connections
- Visual refresh
-
Imp
Package and repository improvements- Builds for Ubuntu 22.04 LTS
- Packages for extras projects written in Halon script
-
Imp
MTA improvements- Ability to change IP address family (v4/v6) preference
- Support for implicit TLS for outbound connections
- New outbound TLS mode
dane_fallback_require_verify
for DANE/MTA-STS coexistence - Added peer certificate error and TLSA to post-delivery's attempt information
- Store last attempt's
localip
,remoteip
andremotemx
in the defer queue
-
Imp
Script language improvements- Added
domain_publicsuffix()
function - Added
url_parse()
function - Added
insert_function
option tocache []
- Added new
match
expression -
Socket.recv
may now use multiple flags as an array - Added support for
body_length
insignDKIM()
- Ability to set properties and the stop flag in for dynamic
queue_policy()
- Added
-
Imp
Protobuf API improvements-
QueueGroupBy
bylocalip
as well -
QueueGroupBy
support policy grouping (MX rollup, etc) - More
ServerConnectionsList
information; transactions, local IP and ports
-
-
Imp
Command line tool improvements-
halonctl groupby
overhaul, adding lots of new functionality -
halonctl queue update
now have a dry-run flag to test queries -
halonctl process-stats
may now output Prometheus compatible formats
-
-
Imp
Improvements to integrated (VM) package- Added support for Sophos Live Protection
- Added HTTP submission API support
- Updated Cyren packages to ctasd 5.5.1 and ctipd 4.5.1
- Updated to FreeBSD 12.3-RELEASE-p7 with quarterly packages
-
ScanDMARC
function how have an option to disable SHA1 signatures (rfc8301) - Allow reverse lookups for private address space in unbound DNS resolver
-
Bug
Fix issue with dynamic policies in the 35/8 subnet -
Dep
Important changes- The Ubuntu packages no longer depends on
halon-extras-rate
andhalon-extras-dlp
(need to be explicitly installed) - The per-recipient end-of-DATA function
DirectDeliver
is deprecated, useMailMessage.send()
instead - The post-delivery function
GetTLS()
is deprecated, use thetls
object in$arguments
instead
- The Ubuntu packages no longer depends on
5.9-p3
Released 2022-12-05
-
Bug
Fixed a stability issue
5.9-p2
Released 2022-08-16
-
Bug
Could not override Spamhaus DQS scores in integrated (VM) package -
Bug
GetTLS()
in post-delivery could fail on non-delivered messages -
Bug
Issue withQueue()
in post-delivery with no retry delay -
Bug
Fixed an error message inhalonconfig
5.9-p1
Released 2022-05-31
-
Bug
Fix issue with IPC (Unix domain socket) permisson on Linux
5.9
Released 2022-05-30
-
New
Added priority for queued messages -
New
Added max age of messages in queue (retry.during
) as an alternative toretry.count
-
Imp
MTA improvements- Added support for thread priority for various thread pools and event loops
- Made
ip_exclude_temporary
also work withmx_exclude
in SMTP clients - Added
dane_fallback_require
as TLS mode in SMTP clients - Added support for more AUTH mechanisms in SMTP clients (eg. XOAUTH2)
- Randomize the order of equal-preference MX host addresses
- Added possibility to configure custom script thread pools per hook
- Delivery settings may now change max retries/during and retry intervals
- Added
queues.maxmessages
to limit number of messages to hold in memory - Added
data.fixheaders
(false) anddata.mimepart.fixheaders
(false) to inject\r\n
before bad headers - Added
queue.loader.active
counter to hold total messages currently loaded - Postmaster address may be configured separately as localpart and domain (inherit from reporting-mta)
- Added possibility to disable MIME multipart parsing for performance
- Added
maxparts
to configure max MIME parts - Added ability to change
transportid
inTry()
- Added
$arguments["expired"]
to post-delivery hook to indicate bounces due to age or max retry count - Added reason to
Delete()
in the pre-delivery hook - Added support for DSN options to
Bounce()
in the pre-delivery hook
-
Imp
Script language improvements- Added array dereference with spread operator inside of arrays
- Allow upcast of TLSSocket to Socket with
TLSocket.toSocket()
- Added
setFileName()
andsetDisposition()
functions toMIME()
- Detect MIME parsing errors with
MailMessage.getErrors()
- Added support to create
MailMessages
fromFile
objects usingMailMessage::File()
- Added reason for policy result and detailed error/errno to
spf_query()
output
-
Imp
Native (C ABI) plugin improvements- Added support to get object properties with
HalonMTA_hsl_object_property_get()
- Create MailMessage and File classes from strings with
HalonMTA_hsl_value_set()
- Detect MailMessage type with
HalonMTA_hsl_value_type()
- Added support to get object properties with
-
Imp
HTTP submission API improvements- Added
/health
endpoints to be used with load balancers - Added
$arguments["headers"]
to end-of-DATA script - Added concurrency limit setting per server
- Certificates are soft reloadable in configuration
- Added
-
Imp
Protobuf API improvements- Include HTTP connection in ServerConnectionsList replies
- Support for close reason of HTTP connections with ServerConnectionsClose
- Added option to reset
transactionid
,ts
andretrycount
upon message import - Bounce action may set
status
anddiagnosticcode
on queue updates - Added regular expression support in StringMatch in API for message conditions
- Added unique count feature to groupby
- Added maximum values to process stats and present them nicely in
halontop
-
Imp
Improvements to integrated (VM) package- Added support for EU-only Cyren datacenter for RPD and globalview
- Added support to configure reserved IPs for SMTP servers in web administration
- Include updated spamassassin-dqs with support for DBL with hostnames
- Allow access to Sophos AV unix socket using Socket() class in HSL
- Enable scanning of Msi files with Sophos AV
- PHP IMAP module now available in custom-www
- PHP DNS resolving is now available in custom-www
- Updated to FreeBSD 12.3-RELEASE-p5 with quarterly packages
-
Imp
All halonctl commands accepting time now allows for X[dhms] syntax -
Imp
Added dist-check command to halonconfig to check generated configuration -
Imp
Added option to stop-on-match in smtpd-policy.yaml when matching rules -
Imp
Add configurable rate sync delay to improve UDP synchronization reliability -
Bug
Fix validation bug in JSON schema with HTTP submission API -
Bug
Fix validation bug in post-delivery hook with$arguments["dsn"]["status", "diagnost
... -
Bug
Allow long lines in message body when receiving messages with CHUNKING -
Bug
Fix rate issue with dynamic policies which could cause MTA restarts -
Bug
HTTP submission API header name “X-API-Key” was not case insensitive -
Bug
Statistics queue.policy.rate.suspends not decreased on manual message deletes -
Bug
Fix bug in C API when invoking function pointers in class member functions -
Bug
DNS zone flush with unbound in VM package did not clear all record types -
Bug
Do not rescan messages with ScanCLAM() and ScanRPD() if failed -
Bug
Properly detect temperror in ScanDMARC() -
Bug
Fix escaping of email addresses by escaping additional characters -
Bug
Added detection newer versions of .docx and .xlsx files in ScanDLP() -
Dep
Deprecated use of MIME("0") in EOD, use $arguments["mail"] or GetMailMessage() instead -
Dep
Important changes- Removed "eodrcpt" from Linux builds
- Removed ability to control "rated" and "dlpd" from "halonctl" (use ratectl or dlpctl instead)
- Removed deprecated functions from per-message end-of-DATA script: Queue(), GetMailMessage(), GetTLS(), GetAddressList(), DKIMSign(), DKIMSDID(), DKIMVerify()
5.8-p4
Released 2022-03-16
-
Sec
Updated OpenSSL to fix CVE-2022-0778
5.8-p3
Released 2022-02-10
-
Bug
Issue when using Cyren anti-spam (ctipd and ctasd) with a HTTP proxy fixed -
Bug
Auto-detection of DKIM keys inadditional_signatures
fixed -
Bug
Reduce risk ofrated
UDP packet loss for initial synchronisation -
Bug
Issue withScanDLP()
and custom rules fixed -
Bug
Updated libcurl to 7.81
5.8-p2
Released on 2022-01-25
-
Bug
DKIM validation issue under certain circumstances
5.8-p1
Released on 2022-01-10
-
Bug
Privdrop after creating control socket inrated
-
Bug
Fixrated
startup rate hit sync -
Bug
Fix minor issue parsing bad headers
5.8
Released 2021-12-13
-
New
Templates for Docker and Kubernetes- The
dlpd
content filtering connection now uses a HTTP based API - The
rated
rate control connection supports DNS with dynamic re-resolve
- The
-
New
APT/deb and RPM repositories- Components are now in separate packages (MTA, rate control, content inspection, etc.)
- Added separate
dlpctl
anratectl
tools for the respective new packages
-
New
MTA features- HTTP submission API for pre-formatted RFC822 messages
-
halontop
program showing realtime process metrics - Faster DKIM dual-signing with
additional_signatures
tosignDKIM()
- Ability to use multiple spool paths
- Added support
reserved
connection slots - Export message using with
QueueExportRequest
API
-
New
Native (C ABI) plugin features- Added
Halon_command_execute()
function, supportingargv
style of arguments - Added
Halon_early_init()
function, supporting early initialization - Added
HalonMTA_hsl_value_to_json()
andHalonMTA_hsl_value_from_json()
functions - Added
HalonMTA_hsl_value_array_length
function - Autoloading plugins without configuration
- Support for objects
- Support for exceptions
- Support for static functions
- Support for running Halon script functions in C
- Support for working with lists function in C
- Support for more types in C API such as
X509
,File
objects
- Added
-
Imp
Script language improvements- Added
zlib_compress()
and uncompress functions - Added
MIME.toFile()
function - Added
MIME.setDate()
function - Added
X509.extensions()
function - Added
X509.verify()
function - Added
X509::String()
function - Added
queue_policy_delete
function - Added
import
support for multiple X509 certificates (.crt) - Added
import
support for rfc822 message files (.eml) - Added
glob import
support - Added support for
srv
records indns_query()
function
- Added
-
Imp
MTA improvements- Improved DSN generation by supporting to include full original messages and DSN field customization
- Include DSN arguments in post-delivery
$arguments["dsn"]
array - Include queue policy insights in post-delivery
$arguments["policy"]
array - Added support for customization of the Received header (
tls
andfor
) - Order queue list by retrycount
- Support message retry with a jitter (distribution) in queue actions
- Added support for queue message grouping of remoteip and remotemx
- Added lists, grouping of conditions, and custom properties to active queue policy and delivery settings
- Allow configuration of multiple
pickup
threads - Added delivery counters to process stats
- Added support for
.halonignore
files when packaging configuration usinghalonconfig
-
Imp
Improvements to integrated (VM) package- Added support Cyren anti-malware in
ScanRPD()
(requires an extra license) - Added option to include HSL plugins in script editor "run" on VM package
- Updated FreeBSD packages (including Sophos och Cyren)
- Added support to configure ciphers for the HTTPS web administration
- Added support Cyren anti-malware in
-
Bug
Fix bug with localip in smtpd-delivery.yaml -
Dep
Important changes- Removed the deprecated
GetMailFile()
function - It's no longer valid to send message to plain IP addresses
user@ip
- Disabled PhishingScanURLs in ClamAV
- Removed
signature_exclude
support from ScanCLAM() - Standard ciphers names are now used in logs (instead of OpenSSL convention)
- Graceful shutdown for inbound connections
- Renamed process threads (visible in
top
)
- Removed the deprecated
5.7-p4
Released on 2021-11-09
-
Bug
MIME formatting issue with append/prependPart() on non-MIME messages -
Bug
Issue with DKIM signature in bounces -
Bug
MIME()
not storing decoded headers when queuing
5.7-p3
Released on 2021-09-19
-
Bug
Direct deliver in EOD rcpt hook
5.7-p2
Released on 2021-08-24
-
Bug
File type detection in DLP engine
5.7-p1
Released on 2021-08-06
-
Bug
Make linter recognise$connection["tls"]["sni"]
-
Bug
Startup bulk synchronisation inrated
-
Bug
PROXY protocol heartbeat connections
5.7
Released 2021-07-21
-
New
Introducing exception handling with accompanyingtry
,catch
andthrow
control structures -
New
Visual Studio Code plugin support for debugging script in thesmtpd
MTA process -
New
Inbound connection list in web administration andServerConnectionsListRequest
API -
New
Ability to close inbound connections withServerConnectionsCloseRequest
API -
New
Addedarray_unique()
andarray_shuffle()
functions -
New
Addedpcre_compile()
function to pre-compile regular expressions from user input -
New
Added#/myregexpattern/
syntax for creating pre-compiled regular expressions -
New
AddedX509::String()
method for creating an X.509 resource from PEM or DER -
New
AddedMIME.send()
method for inline delivery directly from MIME object -
Imp
New HQF2 queue file format which combines .eml and .hqf -
Imp
Added--unpack
option tohalonconfig
to reverse packing -
Imp
Thehalonconfig
command now validates plugin configuration schemas -
Imp
Addedadditional_headers
option to pre-deliveryTry()
function for passing data -
Imp
Addedmodified_original
DSN option to post-deliveryBounce()
for altering original headers -
Imp
Added connectionid
andremoteuid
to SMTP server$connection
array -
Imp
Addedremove_if_zero
argument tomemory_dec()
for automatic cleanup -
Imp
Addedjson
andregex
formatters toimport
andcsv_decode()
-
Imp
Ability toimport
text file lines asSet
object items for fast lookups -
Imp
Allowforeach
on$this
in classes to iterate all instance properties -
Imp
Addeddepth
option todomain_includes()
function -
Imp
Ability to useresponse_headers
withextended_result
inhttp()
-
Imp
Support for loadingFile
from standard input when running inhsh
-
Dep
The=~
and!~
operators now throws on invalid regular expressions -
Dep
Messages with emptyremotemx
orjobid
are not matched against queue policies with those -
Dep
Modules loaded withimport
can no longer access global user-defined functions -
Dep
Removedmail()
optionrawbody
and URI fallback forldap_bind()
(deprecated since 4.8)
5.6-p4
Released on 2021-07-19
-
Bug
No longer passes function pointers from in$context
(only data is supported) -
Bug
Fixed long loading times ofhsl-lint
andhalonconfig
with large YAML files -
Bug
Resolved issue withqueue_suspend()
andqueue_policy()
argument order -
Bug
Connection pooling didn't work with outbound PROXY protocol -
Bug
In post-delivery attempt array, localip was not set correctly with outbound PROXY protocol -
Bug
Issue withcache []
size if is set to2**32
-
Bug
The transport retry intervals didn't override the transport group's intervals
5.6-p3
Released on 2021-06-29
-
Bug
Issue with thecache []
when exception was thrown from cached function -
Bug
Context switching with plugins wasn't supported in the PROXY script -
Bug
The$context
variable wasn't updated after the EOD script hook -
Bug
Only one DKIM signature was supported on theMIME()
object -
Bug
Unable to rename a used disconnect script in the web administration -
Bug
Imported function could not resolve nested function in some special cases -
Bug
Imported object between multiple hooks could not resolve imported functions in some special cases
5.6-p2
Released on 2021-05-28
-
Imp
Updated to FreeBSD 12.2-RELEASE-p7 (VM) -
Bug
Updated to ClamAV 0.103.2 (VM) -
Bug
Add library path for plugin libraries (VM) -
Bug
Fixed issue with updated variables and logging in per-recipient end-of-DATA script -
Bug
Fixed auto generation of transaction ID on APIQueueImport
-
Bug
Fixed encoding issue inxtext_encode()
5.6-p1
Released on 2021-04-08
-
Imp
Updated to FreeBSD 12.2-RELEASE-p5 (VM) with OpenSSL fixes -
Imp
Updated to SpamAssassin 3.4.5 -
Bug
Fixes a race condition in the queue script -
Bug
Restricts NTP timesync access
5.6
Released on 2021-03-22, see the release notes for notable changes
-
New
Added native plugin support by loading C ABI compatible libraries -
New
Added CSV schema validation support inimport
so that imported files gets validated -
Imp
Ability to start the server without any listeners in order to drain queue -
Imp
Allow server control socket to listen on IP in addition to socket file -
Imp
Ability to group queue distribution view by sending domain -
Imp
Added variables for disconnect reason to disconnect script hook -
Imp
http()
function now supports explicithttp_version
andpost_size
-
Imp
Ability to modify (rather than just add and delete) queue suspend and policy items -
Imp
Added total count in API response for queuelist
andgroupby
CLI/API commands -
Imp
Possibility to disable the Received header (instead of having to delete it from script) -
Imp
Added In-Reply-To to DSN messages (to support threaded bounces) -
Imp
Added decode option to MIMEPart.getHeader functions -
Imp
Added binary option to all hashing functions (eg. sha2 function) -
Imp
Improved concurrent cache miss behaviour in the HSLcache
-
Imp
Added possibility to disable hook logs -
Imp
Default()
function now allows configuration of bounce settings -
Imp
Try()
function IP include and excludes (similar tomx_include
andmx_exclude
) -
Imp
Improvements to integrated (VM) package -
Bug
Resolved an issue with the queue updates -
Bug
Resolved an issue with the import statements and reloads -
Bug
Fix bug with paging of Halon script rates -
Bug
Fix a memory leak in the backend authentication script (with modules) -
Bug
Missing error counters on connect and disconnect -
Bug
Halon script Socket classes' close() method could cause unexpected disconnect behaviours -
Bug
Fix support for BDAT and the proxy script hook -
Bug
Fix an issue with SNMP and the firewall script -
Bug
Fix an issue when sorting email history by "Received" date in the REST API for the integrated (VM) package -
Dep
queue_suspend()
andqueue_policy()
has changed its return value -
Dep
Text log formats has been slightly changed -
Dep
File.toFFIValue()
function now returns C-compatible FILE pointer. -
Dep
Remove functions a per the deprecation note -
Dep
Queue suspend and policy API calls return UUIDs instead ofuint64
-
Dep
Minimum supported API version is (5.6)
5.5
Released on 2020-11-16, see the release notes for notable changes
-
New
DSN extension support -
New
Outbound PROXY protocol support -
New
Function generators andyield
-
New
Map()
andSet()
data container classes -
New
Ability to disablesourceip_random
, useful during for example IP warmup -
New
Addedhalonctl hsl memory list
and correspondingHSLMemoryListRequest
API -
New
Addedbase32_encode
and decode functions -
New
Addedurl_encode
and decode functions -
New
Test command for the asynchronous DNS resolverhalonctl resolver query
-
New
Queue suspend filters withhalonctl queue suspend list
andSuspendRequest
API -
New
Settings for max messages, recipients and hops -
New
Addedunix_socket_path
option tohttp()
function -
New
Addedsender
option andscantime
result toScanSA()
function -
New
Addedspool.corrupt
setting for controlling handling of bad queue files -
New
High-resolution process runtime counterprocess.elapsed
-
New
Active queue performance countersqueue.pickup.X
-
New
Script error countersservers.X.scripts.Y.errors
-
Imp
Fraction of second insleep()
-
Imp
Improved performance for large active queue policy rate buckets and exclude lists -
Imp
Ability to specify an ID for dynamic active queue suspensions and policy conditions -
Imp
Ability to filterhalonctl hsl rate list
based on conditions -
Imp
More relaxed rules for naming of ID and file path in YAML schemas -
Imp
Improvedsmtpd
process shutdown -
Imp
Improved SMTP command diagnostics ("in reply to") in bounces -
Imp
Added Original-Envelope-ID and Original-Recipient headers to bounces -
Imp
Consider all 2xx-codes successful in SMTP client -
Imp
File descriptor exhaustion error logging and handling improved -
Imp
Improvements to integrated (VM) package- Custom HTTP API endpoint hosting on the web admin page
- Ability to stop and start
smtpd
from the services section - Firewall rules (
ipfw
) may now be added to/cfg/rc.halon
startup script - Ability to add custom local DNS records (A/AAAA/MX/TXT and PTR) to built-in DNS resolver
- Ability to sort and search by finished (rather than received) time in message history
- Updated to FreeBSD 12.2-RELEASE with quarterly packages
5.4-p3
Released on 2020-11-09
-
Bug
Support binary POST data in backgroundhttp()
calls -
Bug
Fixed MIME'sverifyDKIM()
after doing message modification -
Bug
Fixed error flag issue with consecutive calls toScanKAV()
(on same message) -
Bug
Prevent announcing extensions from HELO/EHLO script hook onHELO
-
Bug
Fixedhalonctl
missing fieldssenderhelo
,saslusername
andduration
-
Bug
Fixed issue with queue list duration sort order
5.4-p2
Released on 2020-10-01
-
Imp
Detect certain hardware to support iDRAC keyboard delay (VM) -
Imp
Updated to FreeBSD 12.1-RELEASE-p10 (VM) -
Bug
Fixed issue with PROXY protocol and implicit TLS -
Bug
Fixed proxy script and lint issue withhalonconfig
-
Bug
Fixed counting issue with thescripts.proxy.running
/finished
process stats -
Bug
Fixed issue where chunking wasn't disabled as per default configuration (VM) -
Bug
Restored theid
andts
fields inScanDMARC()
output -
Bug
Enable queuing of messages fromhsh
-
Bug
Fixed sorting and paging on web administration rate and suspend pages
5.4-p1
Released on 2020-08-14
-
Imp
UUID version selector (time/v1 or random/v4) -
Imp
Integrated package is updated to FreeBSD 12.1-RELEASE-p8 -
Bug
Fix default enhanced status code in bounces for certain errors -
Bug
Added validation of certain CLI arguments to improve error reporting -
Bug
Fix web administration regression when adding servers and transports
5.4
Released on 2020-07-22, see the release notes for notable changes
-
New
CHUNKING/BDAT and the SIZE service extension -
New
Disconnect script hook -
New
yaml_decode()
function and import loader (similar to JSON) -
New
Ability to export an File classes as a C++ std::istream -
New
Ability to export an X.509 resources as a OpenSSL pointer -
New
FFI callback function -
New
DSN options toBounce()
andQueue()
that allows overriding content, headers, delay, etc -
New
Pre-defined variable of the DSN that is to be generated -
New
Default()
function in post-delivery to terminate script based on delivery result and settings -
New
Settings for minimum amount of free inodes and bytes for receiving email -
New
Setting for fsync before 250 on DATA -
New
Settings for number of max hops (loop protection) -
New
Timeout settings for Sophos and ClamAV, with new defaults of 30 seconds -
New
Pre-defined variable for username when accepting email on local Unix socket -
New
http()
callback function for POST data -
New
MailMessagequeue()
function -
New
MailMessageget/setPreamble()
andget/setEpilogue()
functions -
New
MailMessagemodifyContent()
function advanced, direct modification of email data -
New
StaticFile::read()
function that returns all data from a file path -
New
LDAP classgetoption()
function -
New
Numeric separator -
New
Zero-fill right shift bitwise operator -
Imp
Ability to changeimport
loader type -
Imp
Includes SIZE= in MAIL FROM if server announces SIZE service extension -
Imp
SMTP client always send EHLO first (and then try HELO) -
Imp
Do not include detail in local-part in license count (user+detail@domain) -
Imp
MIMEqueue()
options for delay and hold -
Imp
Ability to override recipient domain for MX lookup in pre-delivery and all other places -
Imp
Access to the queued email data in pre/post-delivery as aFile
resource -
Imp
dns_query()
option for extended results including TTL and type-specific fields -
Imp
Added reply code option to allAccept()
functions -
Imp
Auto-Submitted
header to bounces (rfc3834) -
Imp
Active queue policy, suspend and delivery configurations in web admin code editor -
Imp
Saving custom views on queue pages -
Imp
Custom metadata groupings and columns on queue pages -
Imp
Number compare for metadata filters on queue pages -
Imp
Partial and case sensitive matching of local parts on queue pages -
Imp
Real-time rates for counters on process statistics page -
Imp
Added process stat counter for finished script hooks -
Imp
Added multiple recipientdomain and remotemx option to if statements in delivery configuration -
Imp
Network matching in queue conditions for sender-, local- and *remoteip& -
Imp
The API output is always normalised as UTF-8 -
Imp
The API supports comparing queue metadata as numbers -
Imp
TheMIMEPart.setBody()
andMailMessage.toString()
limitation of 1 MiB is now removed -
Imp
Extended error reporting from Sophos AV -
Imp
Added -R tohsh
to override scripting.rootpath -
Imp
Added --ffi tohsh
to override scripting.ffi -
Imp
Added --binary flag tohsh
-
Imp
Added support for FFI inhsl-lint
-
Imp
Integrated package is based on FreeBSD 12.1-RELEASE-p7 with quarterly packages -
Imp
Update to Sophos 3.2.07.379.0 -
Imp
Protobuf schemas are now part of the Linux package -
Imp
Removedhttprd
from the Linux package -
Imp
Added queue load command tohalonctl
to import messages -
Bug
Resolved issue with SMTPUTF8 and connection pooling -
Bug
Wait for support processes likerated
anddlpd
-
Bug
Log thread creation errors in updateQueue -
Bug
Make thedomain_includes()
function non-case-sensitive -
Bug
Fixed an issue with multiple network interfaces using DHCP -
Bug
Fixed an issue with storage disk resizing -
Bug
Fixed an issue with history search filter matching and less- and greater-than -
Bug
Depend onuuidd
runtime on Linux -
Dep
TheQueue()
function (overrides the built-in logic) may now exceed the transport's max retry count -
Dep
TheSetDSN()
function has been deprecated in favour of the "dsn" option to Bounce() and Queue() -
Dep
Theinet_includes()
function now return none on errors -
Dep
TheLDAPResult.next()
andFile.readline()
now return false on end-of-data instead of none -
Dep
TheMIMEPart.setBody()
limitation of 1 MiB is now removed -
Dep
The dns_query() function's ttl result property has been removed in favour of the extended_result option -
Dep
All messages in the active queue now have at least one localip (instead of showing an empty address)
5.3-p5
Released on 2020-06-10
-
Bug
Fixed a stability issue with the connection pool
5.3-p4
Released on 2020-05-26
-
Bug
Fixed issue with server connection concurrency limit -
Bug
Fixed tags (comments) for some types of manual active queue suspends -
Bug
Fixed issue with the proxy script hook -
Bug
Fixed web administration bug when adding active queue policy without concurrency value -
Bug
Fixed minor issue with integrated package's shell console interface -
Bug
Fixed locking issue with integrated package IDE's built-in run script window -
Bug
Increased the integrated package's max threads per process limit
5.3-p3
Released on 2020-05-04
-
Imp
Removed unsupported ClamAV safebrowsing -
Bug
Fixed SpamAssassin SPF issue -
Bug
Fixed web administration issue on Safari -
Bug
Fixed IP address configuration regression in video console interface
5.3-p2
Released on 2020-03-10
-
Imp
Support more charsets by inclusion of latest GNU iconv -
Imp
Changed log level of ldap_auth() function failures -
Bug
Fixed issue with active queue policy with certain groupings -
Bug
Fixed issue with decoding of RFC2231 parameters values -
Bug
Fixed regression with decoding of certain charsets -
Bug
Fixed regression with Mellanox (mlx5en) network adapters
5.3-p1
Released on 2020-02-24
-
Imp
Added SMTP state information to delivery error logs -
Imp
Addedport
option to dns_query() function -
Bug
Fixed issue with duplicate messages API call -
Bug
Fixed "neq" condition (not equal) with "size" and "retry_count" fields -
Bug
Fixed issue with message size variable and per-recipient end-of-DATA script -
Bug
Web administration fixes- Re-add quarantine view selector on queued messages page
- Re-add confirm dialog on all queue message actions
- Fixed display of file name of attachment in preview
- Fixed preview buttons of messages with invalid MIME formatting
- Fixed issue with FN/FP reporting links
-
Bug
Updated system packages- ClamAV 0.102.2
5.3
Released on 2020-02-11
-
New
Queue features and API- Connection pooling (reuse)
- Fine-grained queue query API (for list, update and distribution)
- Improved queue quota functionality
- Added delivery settings for active queue fields
- Added active queue suspend and policy functions to more script hooks
- Added message size including modifications to pre- and post-delivery script
- New on-disk queue format
-
New
Command-line inteface tool halonctl -
New
SMTP server scripting features -
Imp
Script language improvements- New Iconv() class for internationalization conversion
- Added array_every function to test all element against callback
- Re-implemented barrier using shared memory functions
- Added Base64 encoding option to the MIME set/addHeader functions
-
Imp
Web administration queue improvements- Merged open connections with message queue for better overview
- Powerful filter dialogue using the new queue conditions
- Column selector and inline messages preview in message viewer
-
Imp
Certificate can be in reloadable configuration even if private key is in startup -
Imp
Added graceful draining to the background http() process httprd -
Imp
Added idle timeout to virtual servers -
Imp
Updated system packages -
Bug
Patched Net-SNMP to fix memory leak -
Dep
Important changes- Removed SOAP API
- Removed several REST API queue commands in favour for new queue API
- Removed GetMailQueueMetrics() in favour for new queue_quota() function
- Merged smtpd and queued processes which affects logging
5.2-p7
Released on 2020-05-26
-
Bug
Fixed issue with server connection concurrency limit -
Bug
Fixed tags (comments) for some types of manual active queue suspends -
Bug
Fixed issue with the proxy script hook -
Bug
Fixed minor issue with integrated package's shell console interface -
Bug
Fixed locking issue with integrated package IDE's built-in run script window -
Bug
Increased the integrated package's max threads per process limit
5.2-p6
Released on 2020-05-04
-
Imp
Changed log level of ldap_auth() function failures -
Imp
Removed unsupported ClamAV safebrowsing -
Bug
Fixed SpamAssassin SPF issue -
Bug
Fixed web administration issue on Safari -
Bug
Fixed IP address configuration regression in video console interface
5.2-p5
Released on 2020-02-03
-
Bug
Fixed regression regarding interface order
5.2-p4
Released on 2020-01-29
-
Imp
Option to use operating system's network interface order instead of by MAC/hardware address -
Imp
Added software update version selector to web administration (patch/major) -
Imp
Support DANE for non-MX destinations -
Bug
Fixed protocol violation with LMTP and STARTTLS -
Bug
Fixed issue with smtp_lookup_rcpt() function -
Bug
Fixed memory leak in TLSA DNS resolving
5.2-p3
Released on 2019-12-27
-
Bug
Fixed issue with long-running script hooks which could cause internal congestions -
Bug
Fixed stability issue with newly implemented TLS 1.3
5.2-p2
Released on 2019-12-06
-
Imp
Support overlapping active queue policy groupings by order of appreance -
Imp
Addedenvironment.syslog.mask
option to startup configurations -
Bug
Fixed regression which could cause DSNs to be sent too early -
Bug
Prevent adding multiple queue policy counters on same field in web administration
5.2-p1
Released on 2019-10-10
-
Imp
Addedtimeout
option to SMTP client delivery options -
Bug
Fixed issue with listen address when IPv6 is disabled -
Bug
Fixed issue when adding policy to suspend entire active queue
5.2
Released on 2019-09-25
-
New
Queue subsystem features- Asynchronous SMTP and DNS connection processing
-
Concurrency and rate control in active queue
- Custom counters with regex/wildcard matching for rollup
- Job ID field for scriptable/custom match parameters
- Dynamic control via script and API
- Queuing to multiple source IP/HELO pairs with round-robin and exclusion via suspend
- Transport group hierarchy with setting inheritance
- Simplified pre- and post-delivery scripts with new
Try()
,Queue()
and$message
symbols - Added
mx_include
/exclude options to deliver functions to control MX resolution - Enabled forward-confirmed reverse DNS lookups (used in Received header) by default
-
New
Script language features- Added FFI class for calling routines in external libraries
- Added shared memory functions and API for counting and caching
- Added csv_encode() function useful for CSV logging
- Added
redirects
option to http()
-
Imp
Web administration improvements- New queue distribution page which can group by age and next retry
- New process statistics page that shows internal counters
-
Imp
Updated system packages- FreeBSD 12.0-RELEASE-p10
- FreeBSD 12 quarterly packages
-
Dep
Important changes- Removed the options for MX delivery (zone= and query=)
- Removed the transport profile priority and pause setting in favour for virtual queues, hold and suspend
5.1-p3
Released on 2019-06-17
-
Bug
Fallback to HELO if EHLO fail and we do not require TLS -
Bug
Reintroduce accept reason in delivery log -
Bug
Fixes Cyren issue with a cache purging command -
Bug
Web administration regressions- Fix clearing individual cache items
- Fix multi-select on queue items
- Fix issue with showing clustered graphs
5.1-p2
Released on 2019-05-15
-
Bug
New $connection variable were populated incorrectly in regards to local/remote information.
5.1-p1
Released on 2019-05-08
-
Bug
Resolve DANE-TA issue by switching from LDNS to OpenSSL's DANE implementation
5.1
Released on 2019-04-25
-
New
SMTP server scripting features -
Imp
SMTP server improvements- Support for PROXY protocol v2
- Added wildcard matching in domain relay table
- Added many options and flags to script functions
- Added
reason
andreply_codes
to Accept() - Added
decode
to mail message getBody() - Added
type
to MIME appendPart/prependPart() - Added various settings for DMARC and Cyren RPD
- Added
- Compatibility mode for previous predefined variables and setter functions
-
Imp
Script language improvements- Added pkcs7_sign() function for S/MIME
- Added xtext_decode() and encode functions useful for parsing SMTP parameters
- Added X.509 class returned by many functions
- Added header_addresslist_extract() and header_dkim_decode() functions
- Reworked spf_query() and dns_query() with improved return types
- Added
encode
option to MIME addHeader() - Added to
tls_client_cert
to http() - Added
local
timezone flag to strftime() and strptime() - Added
getpeerx509()
to LDAP class - Added
readonly
variables to classes - Support for remainder
…$rest
in destructing assignments - Allow access to private properties in anonymous functions returned from classes (with closure)
-
Imp
Updated system packages- FreeBSD 12.0-RELEASE-p3
- FreeBSD 12 quarterly packages
-
Bug
Fixed issue with TLS certificates being read multiple times -
Bug
Fixed issue with paused transports creating unnecessary logs -
Dep
Important changes- The SMTP server reject/defer functions doesn’t prepend pre-defined messages
- Underscores are now allowed in variable names
- Removed "null" as literal null transport destination
- Removed size limit from mail message getBody()
5.0-p2
Released on 2019-03-04
-
Bug
Fix issues in web administration with new REST API -
Bug
Fix issue with license user count expiration -
Bug
Use true/false rather than 1/0 for all boolean types- rate() return type
- smtp_lookup_rcpt() flag for TLS started
-
Bug
Fix issues with firewall script- Include files in folders could not be used in firewall script
- The built-in FTP server’s passive mode didn't work with a firewall script
-
Bug
Fix memory leak in new LDAP class -
Bug
Suppress harmless warning in quarantine retention cleanup
5.0-p1
Released on 2019-02-20
-
Bug
Properly detect the Amazon EC2 hypervisor -
Bug
Inline delivery wasn't logging sender information on errors -
Bug
Numerically named include files could not be checked for errors -
Bug
Fixed a rare crash that could occur during DKIM signing -
Bug
Fix regressions in web administration with new REST API
5.0
Released on 2019-01-24
-
New
RESTful API with OpenAPI specification -
New
SMTP server scripting features- Added per-message end-of-DATA script
- Added
snapshot()
andrestore()
to the end-of-DATAMIME()
class - New
$transaction
variable with sender and recipients that's gradually populated - New
senderlocalpart
andrecipientlocalpart
variables in original format - New options in connect script's
Accept()
function-
reason
to set banner response -
senderptr
to set sender hostname printed in "Received" header
-
- New options in RCPT TO
Accept()
function-
recipient
for overriding the default$recipient
context variable -
transportid
for overriding the default$transportid
context variable
-
- New option
from_name
in pre/post-deliverySetDSN()
-
Imp
SMTP server improvements- TLS 1.3 support
- Wildcard matching in SNI
- Sender information can be overridden per queued recipient
- Added configuration options
- Implicit TLS per virtual server listener
- Verbose logging per virtual server
- Bare LF is converted to CRLF
- Disable client-initiated TLS renegotiation
-
Imp
Script language improvements- Added spread operator to array type
- Added wildcard function and variable
import
into a namespace - Added compile-time text, JSON and CSV
import
into a variable - Added
csv_decode()
function that parses a string according to a schema - Added
inet_reverse()
function that creates a reverse DNS for PTR or DNSxL lookups - Added
array_find()
function - New
LDAP()
class - Reworked standard library functions
-
length()
function that supports multiple data types -
array_join()
,array_includes()
andarray_range()
-
str_find()
,str_rfind()
,str_lower()
,str_upper()
,str_slice()
andstr_strip()
-
random_number()
,domain_includes()
,inet_includes()
-
- Added
getPath()
andreadline()
methods toFile()
class - New
allow_comments
option injson_decode()
- New
type
option indns()
- New
proxy
option inhttp()
to override the system default
-
Imp
Web administration improvements- Script editor improvement
- Custom input controllers for CSV files using schemas
- CSV import using custom delimiter
- Syntax highlighting for JSON files
- Scratchpad for quickly writing and running code
- History and queue search support
>=
and<=
operators - Moved catch-all domain settings to virtual server configuration
- Moved SSH, HTTPS and FTP TLS keys to host server configuration
- Script editor improvement
-
Imp
System distribution improvements- Ability to configure HTTP proxy, used by all HTTP clients throughout the system
- Ability to clear individual entries from built-in DNS cache
- DHCP support for DNS resolvers
- Configuration now accepts
/
in IDs, used for folders in the script editor
-
Imp
Updated system packages -
Bug
Fix issue withlagg
network interfaces on boot -
Dep
Important changes- The
is_number()
function to no longer return true on boolean variables - Removed
$tlsprotocol
,$tlscipher
and$tlskeysize
variables from RCPT script - Removed calling a function as a string from
cache
- Removed
Deliver()
from post-delivery script - The
Quarantine()
function's option parameter must be an array - Removed
system_default_transport
- Renamed processes
dlpd
andqueued
- The
4.8-r1
Released on 2018-11-01
-
Imp
Added acrypt()
function -
Imp
Updated to Sophos 3.2.07.374.0
4.8-p1
Released on 2018-10-03
-
Bug
Fix issue whereldap_bind()
return error (-1) rather than failure (0) on a failed bind -
Bug
Patch libspf2 to completely deprecate the SPF record type in favor of TXT -
Dep
Show deprecation warning for transports without explicit bounce destination, and domain cluster overrides
4.8
Released on 2018-09-20
-
New
SMTP server scripting features- Added
SetHELO()
,$saslauthed
and$saslusername
to HELO script - Added "changes" option to
GetMailFile()
to include message modifications - Support for meta-data queries in
GetMailQueueMetric()
- Preserve 7bit ASCII when the modifying messages with
MIME.setBody
if possible
- Added
-
Imp
Script language improvements- Added native boolean type
- Added string repeat and array repeat repeat operator
*
- Added string format operator
%
- Added strict comparison operator
===
- Added steps argument
::
to slice operator - Added
idna_encode()
andidna_decode()
- Added
aes_encrypt()
andaes_decrypt()
- Added
random_bytes()
-
Imp
API improvements- Added API call
mailQueueDownload
to download a message (original or with modifications) -
hslCacheClear
,hslRateClear
andstatClear
returns affected rows -
mailQueueRetryBulk
supports "retryts" (timestamp) and "retrydelay" (offset) -
configImport
support "revision" option for atomic imports
- Added API call
-
Imp
Updated system packages- FreeBSD 11.2-RELEASE-p3
- FreeBSD 11 quarterly packages
-
Bug
Debug points were removed when clearing debug results -
Bug
The video console interface could not run programs (like ping) -
Dep
Important changes- Replaced
radius_authen()
, new implementation usingSocket()
- Removed
tacplus_authen()
andtacplus_author()
(TACACS+) - Removed
system_disk_cache
configuration key (ATA disk cache)
- Replaced
4.7-p1
Released on 2018-08-07
-
Bug
Updated kernel to FreeBSD 11.2-RELEASE-p1 (SA-18:08)
4.7
Released on 2018-07-09
-
New
SMTP server scripting features- Live debugging with breakpoints via live staging
-
HELO
phase script - Support
arc
(Authenticated Received Chain) inDKIMSign()
- Added
ed25519-sha256
(EdDSA) toDKIMSign()
-
ed25519_sign()
anded25519_verify()
functions -
rsa_sign()
andrsa_verify()
functions - Added
timeout
anddns_function
options toDKIMSDID()
- Added
oversign_headers
option toDKIMSign()
-
getHeaders()
function in theMIME
class - Added
field
option toMIME.getHeader()
returning entire line - Added
encode
option toMIME.addHeader()
andsetHeader()
-
New
SMTP server features- Support for multiple IPs and netmasks in live staging
- Require HELO option
- Support for PKCS#8 private keys
-
Imp
Script language improvements- Reworked
DKIMVerify()
function - Added array slice assignments and
unset
slices - Only return one result per domain in
DKIMSDID()
- Reworked
-
Imp
SMTP server improvements- Change default TLS ciphers to
HIGH:MEDIUM
- Updated Cyren outbound configuration
- Change default TLS ciphers to
-
Imp
Web administration improvements- Option to automatically restart live staging on changes
- Color picker for area and pie charts
- Stacked percentage mode for area charts
- HTTP redirect option, useful for HTTP-to-HTTPS
- Enabled HSTS and denies frame embedding (X-Frame-Options)
- Many other small improvements
-
Imp
Updated system packages- FreeBSD 11.2-RELEASE-p0
- FreeBSD 11 quarterly packages
- Unbound 1.7.0 which fixes one DNSSEC-related issue
- Sophos 3.2.07.372.0
-
Bug
Fixrated
behaviour with IPv6, reloading and display on non-synchronised items -
Bug
Fix issue with DATA script scan functions caching and extended results -
Bug
Fix bug with negative indexes and append -
Bug
Deleting statistic values on graph page for all hosts didn't work -
Dep
Important changes- Switched to regular peer name checks in
SetTLS
- DNS functions no longer support hostnames as resolver server option
- Renamed
rate()
optionlocal
tosync
- Removed
DKIMADSP()
- Removed historic variables from connect script
- Switched to regular peer name checks in
4.6-p1
Released on 2018-05-03
-
Bug
Fixed regression in SMTP server affecting implicit TLS on port 465 -
Bug
Fixed issue with FreeBSD 11.1-RELEASE-p8 (SA-18:03) affecting some CPUs -
Bug
FixedTLSSocket.getpeercert()
MD5 fingerprint option
4.6
Released on 2018-04-28
-
New
Support for Cyren outbound anti-spam -
New
Support for SNI insmtp_lookup_*()
,SetTLS()
and SMTP server -
New
Script language features -
Imp
SMTP server scripting improvement- Added
extended_result
toScanRPD()
, ScanKAV, ScanCLAM, ScanDLP and ScanSA - Default DKIM canonicalization changed to relaxed
- Added
GetMetaData()
to DATA context
- Added
-
Imp
Script language improvement -
Imp
SMTP server improvements- Asynchronous connection processing
- Added millisecond precision to log files and remote syslog
- Allow hyphen characters in metadata fields
-
Imp
Script editor improvements- Completion items for built-in variables
- Parameters, return type and description for completion items
- Hover provider for built-in functions and variables
- Added link provider for files
- Code folding, tabs and minimap
-
Imp
Web administration improvements- Halon script syntax highlight in plain-text configuration format
- Added checkbox to disable a SMTP listener on the SMTP listeners page
-
Imp
Support forena
network driver -
Imp
Changed to DHCP in default configuration -
Imp
Updated system packages -
Bug
Fixed issue withhttp()
background requests connection errors -
Bug
The connect script was executed despite connections per IP limit -
Bug
The connect script replies didn't work with implicit TLS -
Bug
SMTP banner was sent despite connections per IP limit -
Bug
Fixed issue with client certificates -
Bug
Clearing chart data could cause it to be removed on another node -
Bug
Fixed issue with firewall script and passive FTP -
Dep
Important changes- Deprecated the
ScanRPDAV()
function
- Deprecated the
4.5-p2
Released on 2018-01-29
-
Bug
Updated ClamAV to 0.99.3 (due to various CVE's) -
Bug
Regression in code editor where file comments could not be added
4.5-p1
Released on 2018-01-22
-
Reg
Regression with AUTH LOGIN could cause$saslpassword
to be incorrectly populated
4.5
Released on 2018-01-22
-
New
Script language features- Added
MIME.signDKIM()
function - Added
TLSSocket.getpeercert()
function - Added
dnsns()
function - Added
inet_pton()
andinet_ntop()
functions - Added
tls_client_cert
toTLSSocket()
- Added functionality to
smtp_lookup_rcpt()
- Added
tls_client_cert
andtls_capture_peer_cert
arguments for client certificates - Added an
xclient
argument - Added
on_rcptto
and TLS information to theextended_result
array
- Added
- Added
tls_verify_peer
toldap_search()
andldap_bind()
- Added
extended_result
tospf()
- Support multiple escapes in
ldap_search()
- Added
-
New
AddedGetTLS
to AUTH, MAIL FROM, RCPT TO and DATA with STARTTLS info,tlsrpt
andpeer_cert
-
New
AUTH script features -
New
Pre-delivery script features- Added
SetXCLIENT()
function - Added
dkim
andfrom
toSetDSN()
- Added
tls_client_cert
toSetTLS()
- Added
tls_capture_peer_cert
toSetTLS()
- Added
-
New
Post-delivery script features -
Imp
SMTP server improvements- Added support for client certificate requests in server HELO (per IP)
- Added support for custom SASL methods
- Set server preference for TLS ciphers
- Explicitly handle NULL MX (rfc7505)
- Removed line length limiting (8K SMTP, 256K (headerline), 512K header total)
-
Imp
Web administration improvements- Redesigned script mappings page
- Improved script errors in editor (with line decorations)
- Search in code editor directly from top search
- Faster loading in code editor
- Redesigned forms with more client side input validation
- Improved keyboard navigation
- And a lot of overall improvements
-
Imp
API changes- Added support for more fields in SOAP
mailQueueUpdateBulk
and also duplicate - Added support for
program
argument in SOAPhslCacheClear
- Added support for more fields in SOAP
-
Imp
Improved Sophos antivirus detection by using CXmail -
Imp
DLP engine now supports regular expression modifiers -
Imp
Improved performance of libdkim++ -
Imp
Allow "." delimiter in all ID fields -
Bug
Received header "with ...SMTP..." always adds E on AUTH and STARTTLS -
Bug
Improved DSN parsing inGetDSN()
with multiline headers -
Bug
Bug with behaviour onQuarantine()
reject => false followed by Quarantine reject => true -
Bug
Fix bug with DKIM delivery block in Web UI -
Dep
Important changes- Aliased
error_code
toextended_result
insmtp_lookup_rcpt()
- Aliased all
ssl_
options totls_
inhttp()
- Removed
object []
syntax (in favour of class syntax) - Default action is now to block on script errors in firewall script
- Made
$connection
and$transaction
read-only insmtpd
's context - $tlsprotocol, $tlscipher, $tlskeysize in RCPT TO context in favor of
GetTLS()
- If using the
RULE
syntax to ScanDLP() with regular expresssions, you may need to add modifiers to keep compatibility (eg.//i
for filenames).
- Aliased
4.4-p2
Released on 2017-12-04
-
Bug
Fixed regression with $errormsg in Post-delivery -
Bug
Fixed regression with Deliver() in Post-delivery -
Bug
Fixed bug when importing some specific named keys -
Bug
Fixed bug when typing in script blocks using the simple flow editor
4.4-p1
Released on 2017-10-30
-
Bug
Fixes regression in file() function
4.4
Released on 2017-10-26
-
Imp
Script language features- Added
nonlocal
toSocket.bind()
andnonlocal_source
tosmtp_lookup_rcpt()
- Added
tls_default_ca
toldap_search()
- Added new formats
eEvV
topack()
- Added new formats
eEvVax
tounpack()
- Added offset argument to
unpack()
- Added flags to
Socket.recv()
- Added support for
private static
class variables and functions - Fixed
smtp_lookup_rcpt()
to properly return return-1
on 400 errors - Fixed
file()
to support lines longer than 65k characters. -
MIME
class andmail()
uses quoted-printable by default -
MIME.send()
andmail()
now fail on empty recipients - Warnings when compiling code with unsupported operators on literals
- Lot's of memory optimisations in script engine
- Added
-
Imp
Connect flow changes-
SetSenderIP()
was added, which can be used to change$senderip
-
-
Imp
DATA flow changes-
MIME.setBody()
to keep quoted-printable and base64
-
-
Imp
Pre-delivery script script- Added
SetSenderParams()
andSetRecipientParams()
to carry extra MAIL/RCPT parameters - Added
Bounce()
to bounce messages - Added
SetDSN()
to change DSN settings -
SetSouceIP()
now accepts an address in each address family - Added
reset_retry
andtransportid
option toReschedule()
- Added
$context
variable which is passed on the post-delivery script
- Added
-
Imp
Post-delivery script changes -
Imp
Script editor improvements- Added support for save using Ctrl/Cmd+s in CSV editor
- Warning if there are unsaved changes when starting live staging
-
Imp
Web administration improvements- Refreshed interface, for example search field and login session expiration in menu bar
- Fixed support for renamed HTTP certificates when starting clustering
- Show diff between hosts’ configuration when clustering
- Ability to cancel pending disk grow/format
- SHA-256 is used in new certificate generation
- Message preview retains header letter case
-
Imp
Updated system packages- FreeBSD 11.1-RELEASE-p2
- New quarterly packages
-
Imp
Ability to choose multiple addresses per SMTP listener -
Imp
Added a per-transport default bounce transport setting -
Imp
Added source metadata (_original_[message|queue|action]_id) to bounces -
Imp
Reworked SMTP errors -
Imp
LDAP profiles are migrated to use standard URIs, which allows for failover -
Imp
Firewall script now uses per-application filtering instead ofipfw
divert sockets -
Bug
The "Line too long” error is now sent after END-OF-MESSAGE -
Bug
Fixed a missing SSL timeout in the SMTP client -
Bug
Fixed a syslog issue by properly using a blocking socket -
Bug
Fixed regression withsystem-storage-
graphs andiostats
command for some storage disks -
Bug
DSNs Arrival-Date wasn't properly set to the original message arrival date -
Dep
Important changes- Deprecated
Deliver
function in post-delivery script - Renamed
GenerateDSN()
toBounce()
in post-delivery script - Replaced
DeliverWithDKIM()
withDKIMSign()
in simple flow compilations
- Deprecated
4.3-p1
Released on 2017-09-06
-
Bug
TLS certificate regression caused by change in OpenLDAP 2.4.45 (ITS#8529)
4.3
Released on 2017-08-08
-
New
Script language features- Added
private
keyword to classes - Added
TLSSocket()
class - Added
sha2()
andhmac_sha2()
functions - Added
pack()
andunpack()
functions - Added
$sourceip
variable to post-delivery script
- Added
-
Imp
Added status and NDR code options toReject()
,Defer()
,Deliver()
, etc. -
Imp
Web administration improvements- Redesigned toolbar on many pages
- Spinning icon when running a script in code editor
-
Imp
Updated system packages -
Imp
Detect Amazon Web Services' EC2 -
Imp
Overall improvements and code modernization -
Bug
Failed to properly differentiate SASL failures insmtp_lookup_auth()
-
Dep
Theobject
cast operator
4.2
Released on 2017-06-22
-
New
Script language features- Classes added with
class
keyword - Added
is_object()
function - Added static function
Socket::AF()
to Socket class - Added
tls_verify_name
option toSetTLS()
andsmtp_lookup_*
- Added
max_file_size
option tohttp()
-
ScanDLP()
function accepts rules as argument
- Classes added with
-
New
DLP engine now support file hashes of SHA2-256 and SHA2-512 -
Imp
Script editor improvements- Sorting folders before files
- Fixed header alignment of empty CSV files
-
Imp
Web administration improvements- Show popover on ellipsis in email tracking
- Fixed return to scroll position in on all pages
- Simple flow editor styles are now flat
- Simple flow editor comment is no longer a required field
- Bulk update queued and quarantined messages
-
Imp
Updated system packages- CYREN ctasd 5.1.1.1 and ctipd 4.1.1.1
- Sophos 3.2.7.368.1
- HTML Purifier 4.9.3
-
Imp
Aquire serial number and license without Internet vialicenseImport
API call -
Imp
smtpd now has a less aggressive default timeout -
Bug
$x["x"]
did not throw error (non-existing variable) -
Bug
Corrected default HELO message insmtp_lookup_*
function -
Bug
DLP engine reported a recursion error (instead of generic errors) on bad archives -
Bug
CYREN ctasd did not restart after license expiration
4.1
Released on 2017-05-10
-
New
Live staging in pre/post-delivery (queue) -
New
Purge cached items from API (and web admin) -
New
Script language features- Modules with
import
keyword - Added
get
/setBody()
to DATA script's MIME class - Added
tls_default_ca
andtls_verify_host
options toSetTLS()
andsmtp_lookup_*
- Added the
none
keyword - Added
strptime()
andord()
functions - Reworked code validation to support more advanced coding patterns
- Loosen up syntax with
()
and->
- Nested named functions are now function scoped
- Supports referencing files without
file:
prefix - Added explicit warning about Unicode whitespace
- More dead-code eliminations
- Modules with
-
Imp
Script editor improvements- Return to cursor position on commit
- Supports folders via a dot
.
ID hierarchy convention and renaming IDs - Auto-complete context-specific function names
- Many improvements to CSV editor (shows position, fixed headers, etc)
- Search options for regular expressions and case sensitiveness
- Running code in sandbox uses local checkout, and has a host selector
- New save indicator, "save all" button and keyboard shortcut
-
Imp
Web administration improvements- Generate X.509, DKIM and DANE on PKI page
- Support changing ID of listner, flows and scripts, etc
- Cluster delete on statistic legends
- Re-added quick access to RPD and SA results in tracking
- Quick access to revision page diffs by URL hash
- Delete domain and domain aliases on SMTP server delete
- Defer color now shown as purple
- Fixed regressions with IE/Edge, DLP page, revision page timezone, stats, duplicate domains, etc
-
Imp
Updated system packages -
Imp
Make searchlog use time hint for RSET message id -
Bug
Closure over function scope caused memory leak -
Dep
Removeddovecot_auth()
andident_lookup()
, new implementations usingSocket()
-
Dep
Doesn't explicitly set$error
in RCPT TO script any more
4.0-p1
Released on 2017-03-16
-
Bug
Web administration fixes- Updated htmlpurifier to 4.9.2
- NTP field on Date and time page didn't work with multiple servers
- Some disks weren't selectable on the Disks page
- Script errors in Simple flow editor page caused template engine error
- Clearing critical log always cleared the local log
- Added poll delay on Dashboard page's CPU to show usage more accurately
- History and queue page
- Don't show queue information for quarantine
- Re-added info field in listing
- Re-added active queue/quarantine selector
- Comment field on SMTP servers appeared in two places
- Minor redesign of the Configuration revisions page to mark special revisions
- Hide cluster synchronisation on Users page if there's only one host
- Added redirects for old web admin URLs for bookmarks
-
Bug
HSL functionstrftime
was incorrectly returning in local time -
Bug
consoleui couldn't add new IP's if all were removed
4.0
Released on 2017-03-06
-
New
Live staging; running a parallell SMTP config version for some connections, based on conditions -
New
Redesigned web admin with checkout/commit and diff with expressive configuration syntax -
New
SMTPUTF8 support -
New
SMTP server scripting features- Pre-defined connection
$context
variable, shared between all SMTP scripts - MAIL FROM script
-
SetSender/Recipient()
in MAIL FROM and RCPT TO scripts - Added
SetSenderIP/SetSenderHELO()
to DATA scripts -
Accept()
,Reject()
andDefer()
in connect script - Disconnect flag to all
Reject
/Defer
andDeliver
functions - The SMTP scripts exposes all available variables (as they become available)
-
GetMailFile()
in DATA, pre- and postdelivery scripts.
- Pre-defined connection
-
New
Scripting features -
Imp
Configuration format- Allow config keys to contain a-z, eg.
include "file:api"
- New file key types to differentiate plain text from scripts
- New SMTP listener settings for TLS, HAproxy and concurrency
- Allow mounting of storage disk/partition by UFS label
- Allow config keys to contain a-z, eg.
-
Imp
SOAP API-
configKeysImport
atomic commit with "expected head"id
field -
configKeysCheck
to verify non-running configuration -
mailQueueInTransit
information about mailqueued's delivery attempts
-
-
Imp
Updated system packages -
Imp
Anti-spam/virus database information command -
Imp
Being a major release, it features a large numbers of fixes and improvements -
Dep
Changed LSI RAID driver frommfi
tomrsas
, will affect users mountingmfiX
by device name -
Dep
Script include from /cfg partition -
Dep
Firewall script's Block() ignore response -
Dep
DATA script's WrapMessage() -
Dep
Removed rate limits from acl_flow (moved to SMTP listener) -
Dep
Some config keys, such as system_user, service_ssh_*, ntp and syslog are no longer synched between hosts -
Dep
Renamed some config keys, such as acl_flow and mail_flow -
Dep
When upgrading an existing host, a swap disk needs to be added (2-8 GiB) or RAM increased to at least 3 GiB (preferable before the update) since swap files no longer works in FreeBSD 11.0
3.5-r5p6
Released on 2017-01-10
-
Imp
Added support for interfaces as gateway (route) -
Bug
Fix issue with smtpd and certain load balancers
3.5-r5p5
Released on 2016-12-07
-
Bug
Fix issue with dnsCacheFlush -
Bug
SASL always failed in smtpd after an unsupported method was issued -
Bug
Shutdown SSL connections more gracefully in smtpd -
Bug
Bug with HSL code check and barriers -
Bug
snmpd could produce error message on the console
3.5-r5p4
Released on 2016-11-09
-
Imp
Updated system packages -
Bug
HELO/EHLO hostname was not set for invalid domain names -
Bug
Recipient limit was decreased compared to previous releases -
Bug
License users export could fail
3.5-r5p3
Released on 2016-09-27
-
Bug
Updated to FreeBSD 10.3-RELEASE-p9 that fixes an OpenSSL regression
3.5-r5p2
Released on 2016-09-23
-
Sec
Updated to FreeBSD 10.3-RELEASE-p8 that fixes OpenSSL CVE-2016-6304 and others -
Imp
Setting for and changes insmtpd
's log verbosity
3.5-r5p1
Released on 2016-09-08
-
Imp
Enabled TCP_NODELAY on SMTP client socket -
Imp
More user friendly errors in mailQueueRetry, mailQueueDelete and mailQueueBounce API -
Imp
Updated to htmlpurifier 4.8.0 -
Bug
Properly reload scripts with deleted include files when re-added -
Bug
Fixed regressions with XCLIENT, implicit TLS and IP flow statistics
3.5-r5
Released on 2016-09-05
-
New
ident_lookup() function to lookup users over the ident protocol -
New
$senderport
in IP, RCPT TO and DATA context -
Imp
Postfix is not longer the default MTA
3.5-r4
Released on 2016-08-29
-
Imp
Improvements in the script editor- Added support for matching closing brackets
- Variable highlighting in strings
-
Imp
Updated system packages- CYREN ctipd 4.0.35.5
- FreeBSD 10.3-RELEASE-p7
-
Imp
Improve detection of password protected ZIP files -
Bug
Fixes in REST API and SOAP proxy- hslRate() regression with affected rate pie charts
- mailQueue() regression with affected email tracking metadata display
-
Bug
Fix delivery to numeric MX with DANE
3.5-r3
Released on 2016-08-03
-
New
Added an interface for editing CSV files to the script editor -
New
Added a revision-based diff utility to the script editor -
Imp
Switched to Monaco (MS VC code) and enabled autocompletion -
Imp
Added paging to the SOAP functionconfigRevisionLog
-
Imp
Added retry functionality to background http() requests -
Imp
Addedextended_result
option to the http() function -
Imp
HSL now supports keyed assignments when destructing arrays -
Imp
Updated system packages to the latest quarterly; such as- FreeBSD 10.3-RELEASE-p6
- PHP 7.0.9
- ClamAV 0.99.2
- PostgreSQL 9.3.13
- nginx 1.10.1
-
Bug
Failed http() requests always returnsNone
on errors -
Bug
Always send an authentication header on "401" errors (fixes issue with some SOAP clients) -
Bug
Web admin interface fixes- Increase timeout to prevent "504" timeout errors
- File viewer couldn't show files larger than 2 GiB
- Fixed a rare crash which chould occur with certain setups
-
Dep
Config keymail_transport
's parameter sasluser/pass renamed to saslusername/password -
Dep
Config keymail_server
's parameter sasl_tls renamed to sasltls -
Dep
Removed the GuessAttachmentType() function
3.5-r2
Released on 2016-05-26
-
Imp
Switch to nginx and php-fpm (from Apache 2.4 and mod_php) -
Bug
Fixed issue with reloading some configurations -
Bug
Fixed regression in the new SOAP proxy which was introduced in 3.5-r1- getTime() had the wrong default UTC mode
- It didn't handle 401 (Unauthorized) errors correctly
- Cluster sync (clusterd) didn't work with pipes in configuration values
- Cluster overrides couldn't be added
3.5-r1
Released on 2016-05-20
-
New
Added SOAP function mailQueueUpdateBulk to set various fields (quarantine
,transport
, etc.) -
New
Added MIME.getHeaderNames() to the DATA MIME object -
Imp
Added an option array to MIME.get/set/delHeader() to address a specific header by index -
Imp
Replaced gSOAP with a REST/JSON API and a PHP SOAP proxy for compatibility -
Bug
Fix problem when clearing empty rate entries
3.5
Released on 2016-04-18
-
New
New HSL scripting editor -
New
Added MIME.send() to builtin MIME object -
New
Added MIME.getBody() to builtin MIME object -
New
Added MIME.toString() to builtin MIME object -
New
Added??
(null coalescing operator) to HSL -
New
Addedinclude_once
to HSL -
New
Addedobject
andthis
to HSL -
New
Added destructuring assignment to HSL -
New
Added support for HAProxy's proxy protocol -
Imp
Based on FreeBSD 10.3 -
Imp
Disabled SSLv3 for inbound SMTP connections -
Imp
Added support forsourceip
as anetaddr:X
insmtp_lookup_rcpt()
andsmtp_lookup_auth()
-
Imp
Updated components -
Imp
Deliver()
andQuarantine()
now supports an option array -
Bug
Fix problem with partial updated Sophos databases -
Bug
Fix problem with where the flow wasn't reloaded if a include file was changed -
Bug
Fix problem withmail()
wheretransportid
wasn't used -
Bug
Fix problem with IE11 and placeholders in flows -
Dep
UndocumentedCopyMail()
andDirectDeliver()
in favour ofDeliver()
arguments -
Dep
Deprecated GuessAttachmentType() -
Dep
Removed template support from themail()
function -
Dep
Removed the trigger URL configuration key from the quarantine -
Dep
Removed the Blacklist() function -
Dep
Removed the ScanBWList() function -
Dep
Removed the ScanSPF() function -
Dep
Removed the deliver_type and deliver_args arguments from DeliverWithDKIM() -
Dep
Removed support for switch with variable assignment -
Dep
Removed support for function without argument list -
Dep
HSL returns None (instead of an empty string) when dereferencing a non-existing elements in arrays
3.4-r4p2
Released on 2016-03-02
-
Sec
Addresses the DROWN vulnerability (CVE-2016-0800)
3.4-r4p1
Released on 2016-02-20
-
Bug
Fix regression in CYREN's ctipd 4.0.32 (included in 3.4-r4) by rolling back to 4.0.31
3.4-r4
Released on 2016-02-16
-
New
DATA context MIME class for working with an email's body -
New
Standard library MIME class for creating MIME parts -
New
closures in addition to lambda functions -
New
dnscname() function to resolve CNAME records (RR) -
New
is_function() function to check if data is a function -
New
array_sort() function to sort arrays -
New
HSL cache statistics in SOAP and web admin -
Imp
The ScanDLP() function can return where matches were found withpartid
option -
Imp
Added RCPT TO context$tlsprotocol
,$tlscipher
and$tlskeysize
variables -
Imp
Clear HSL rate()s based on a query (namespace and/or entry) over SOAP or web admin -
Imp
Updated components- CYREN IP reputation (ctipd) and RPD (ctasd) engines
- FreeBSD 10 quarterly packages
- FreeBSD 10.2-RELEASE-p9 fixing CVE-2015-3197 (SSLv2 disabled by default)
-
Dep
Removed thesystem_default_quarantine
configuration key -
Dep
Removed theGetMailTransport()
function -
Dep
Removed the DeliverAsSpam() function -
Dep
Deprecated the WrapMessage() function -
Dep
Renamed the domain typeany
(catch-all) to the literal*
in the configuration (converted) -
Dep
Many default settings were moved to the user configuration (making them removable)
3.4-r3
Released on 2015-12-07
-
New
Added anonymous functions and named function pointers -
New
Added array_filter(), array_map() and array_reduce() functions -
Imp
The in_file(), in_array() and pcre_replace() may take a function callback as argument -
New
Added csv_explode() function -
New
$serverip
in AUTH, RCPT TO and DATA context -
Imp
Optionstls_protocols
andtls_ciphers
added to SetTLS() and smtp_lookup_* -
Imp
Reconnect without TLS if STARTTLS fails for optional TLS connections -
Imp
SSLv3 disabled by default on outbound SMTP connections -
Imp
Renamed DKIM function to DKIMSign(), which may return signature as a string -
New
Added csv_explode() function -
Imp
Deny() in SOAP API may give a reason as faultstring -
Imp
Improve logging in mailqueued (with queueid) -
Imp
Settingsyslog_use_fqdn
which sends the FQDN in syslog messages -
Imp
Overall elegance, design and usability improved -
Sec
Updated FreeBSD to 10.2-RELEASE-p8 which fixes CVE-2015-3194 to 3196 -
Bug
Improved DNS reloading in HSL; affected the spf() and ldap_*, tacplus_* and radius_* functions
3.4-r2
Released on 2015-11-04
-
New
DANE support -
Imp
Added settings page for CYREN -
Imp
Addedextended_result
option to thedns*()
functions -
Imp
Addedpretty_print
option tojson_encode()
-
Imp
Added$receivedtime
to pre- and post-delivery contexts -
Imp
SOAPmailQueue*Bulk()
functions returns number of affected messages -
Imp
The default configuration now contains only one HTTPS web admin interface -
Imp
Many small changes improving performance, stability, elegance, design and usability -
Bug
Regression inScanRPD()
withctasd
for "valid-bulk"
3.4-r1
Released on 2015-10-19
-
New
Sophos anti-virus (savdid
) engine -
New
Spam classification report buttons on email tracking page -
Imp
Addedexplode()
limit argument -
Imp
Key size option when creating private keys on PKI page -
Imp
Many small changes improving performance, stability, elegance, design and usability -
Bug
Updated CYRENctasd
settings to better cope with connection errors -
Bug
Updated Net-SNMP to fix memory leak insnmpd
3.4
Released on 2015-09-23
-
New
Based on FreeBSD 10.2 -
New
SetTLS function to the pre-delivery context -
New
pie chart functionq()
to graph queue/quarantine searches -
New
Ability to disable services (such as. SNMP, FTP and SSH) -
New
RCPT flow block for DNSBL and IP reputation -
Imp
Zoomable graphs -
Imp
Save graph layouts per user -
Imp
Pie chart supports custom refresh intervals -
Imp
Updated components -
Imp
Scripting page may easily run scripts from the (virtual text) file store -
Imp
Optionally turn ontotalhits
in SOAP API -
Imp
Switch between HTML and plain view in message preview -
Imp
The AUTH rate limit flow block defer rather than reject when exceeded -
Imp
Replacedrpcmplexd
with an async web admin implementation -
Imp
Overall performance, stability, elegance, design and usability improved -
Dep
Updated OpenSSL requires DH key size of more than 512 -
Dep
Graphs now include "dots" in their names (previously replaced with a dash) -
Dep
SOAP API changes- mailQueue's totalHits renamed to totalhits (lowercase)
- Replaced loginFullname() and loginRemoteHost() with login() return object
- Removed loginCheckPermission()
-
Dep
End user interface considerations- If you're using
display-stats
(graphs) you need to update the end user - Toggle preview on HTML/text message part is now supported
- If you're using
3.3-r6
Released on 2015-06-04
-
New
Added an "update" function to the cache that can pick expired (but valid) items -
New
Added abackground
flag to the http function for async, non-response calls -
New
Added a hash function, useful together withhttp()
's background mode -
Imp
Added a syslog port settings -
Imp
Support implicit SSL (wrapper mode) by specifying "465" as the first listener port -
Imp
Raised the free disk requirement to 1 GiB in order to receive new messages -
Bug
Fix regression when enabling the DLP processmaildlpd
and viewing license users -
Bug
Fixed augmented assignment (+=) behavior with function calls when dereferencing arrays -
Bug
First run didn't add the second domain to the relay table -
Enduser
If you use end-user logging, you may want to employ the new http background feature
3.3-r5
Released on 2015-05-11
-
New
Validate HSL scripts when saving a text file (in file store) -
New
Added aDefer()
function to the AUTH flow -
Imp
Automatically detect and support all network interfaces supported by FreeBSD -
Bug
The backend could crash when using LDAP in the API (auth) script -
Bug
Regression in web admin causing some requests to fail due conservative settings -
Bug
Adding new cluster nodes could fail if remote systems were unsorted (by id) -
Dep
SOAP functionconfigValidateArgument
replaced withhslCheckScript
3.3-r4
Released on 2015-04-27
-
Imp
return
statement in HSL without a value -
Bug
ESC
key in console may not work as expected if pressed twice rapidly -
Bug
Temp disk may become full
3.3-r3
Released on 2015-04-22
-
Imp
Updated a lot of FreeBSD packages to quarterly -
Imp
Support for Intel(R) 10Gb (ix) network adapters -
Bug
SOAP request could be delayed with up to 1 second on idle systems -
Bug
Adding too large text files in the File store now returns an error -
Dep
switch statement in HSL with explicit variable storage
3.3-r2
Released on 2015-04-16
-
New
dovecot_lookup_auth() to authenticate using Dovecot's authentication protocol -
New
Done() makes it easier to do advanced routing -
New
pcre_quote() makes it possible to use regex on user input -
New
Preview on PKI page -
New
Review & save in plain-text editor -
Imp
http() function may skip SSL/TLS verification with ssl_verify_peer = false -
Imp
Performance improvements in HSL's file handling -
Imp
Updated third-party libraries -
Imp
Easier to use CSV editor in web admin -
Imp
Add support for keep-alive and gzip/deflate encoding in SOAP API -
Imp
Support for QLogic NetXtreme II (bcm) network adapters -
Imp
Fixed bug in "release duplicate" regarding delta files -
Imp
Fixed bug with creating a cluster over HTTPS -
Dep
ScanSPF() in favor of spf() -
Dep
ScanSARules() in favor of ScanSA(["rules"=>true]) -
Dep
Quarantine profile's trigger URL
3.3-r1
Released on 2015-03-02
-
New
VHD image runs on Microsoft Azure -
New
DHCP addressing, default on Azure and GCE -
Imp
Support hardware-assisted software RAID for many vendors such as Intel -
Imp
Support for VirtIO (vtbd) and Xen (xbd) disks -
Imp
Support for Intel 10Gb (igb) network adapters -
Imp
Ctrl+A/E in web terminal -
Bug
Fixed regressions in web admin
3.3
Released on 2015-02-16
-
New
Updated to FreeBSD 10.1 -
New
Added transparent proxy features- The
system_nonlocal_source
setting enablesSetSourceIP()
to spoof source IPs - XCLIENT support for external proxies
- The
-
New
Added new features to the scripting language (HSL)-
SetMetaData()
andGetMetaData()
to pass data between DATA and queue scripts -
syslog()
function -
unset()
statement -
SetRecipient()
in pre-delivery script -
$senderhelo
in pre-delivery script -
$transfertime
in post-delivery script -
$saslusername
in queue (pre- and post-delivery) script - Raw strings, like ''raw string''
- Allow
globalview()
anddnsbl()
to be executed fromhsh
-
-
New
Extended search filters (HQL) syntax-
metadata.field=
corresponding toSetMetaData()
-
size=
(message body) -
helo=
(HELO/EHLO hostname)
-
-
Imp
Web admin interface- Refreshed with many improvements (in layout and functionality)
- The icons and images are vectorized (to support retina/HiDPI displays)
- Button to reset (RRD) graphs
- Custom score popup for Internet Explorer (which allows spam scores and refid to be copied)
-
Imp
Added "msgsize" and "msghelo" to SOAP API -
Imp
SMTP balancing uses uniform distribution of traffic -
Imp
Support for QLogic 10Gb (bxe) network adapters -
Imp
Searching text logs is a lot faster -
Imp
mail_queue_threads
may now be raised -
Imp
Updated 3rd-party components such as CYREN (8.0.110) and Kaspersky (3.8.0.4) -
Dep
Built-inbatv_*()
is removed, use the HSL implementation -
Dep
Renamed "gmt0" to "utc" in SOAP API -
Dep
$recipientdomains
and$recipients
in DATA context are now read-only -
Dep
http()
return empty results on non 2** responses -
Dep
GetAddressList()
returns empty list on parse errors instead of throwing an exception -
Dep
Web admin's flow block "Add header" appends a new header instead of usingSetHeader()
-
Dep
GetID()
is now removed, was deprecated in 3.0 -
Dep
$directprocessing
is now removed, was deprecated in 3.2
3.2-r10p1
Released on 2014-12-23
-
Bug
Stability fixes inmailscand
-
Bug
Fixes regression that caused some admin andclusterd
requests to fail
3.2-r10
Released on 2014-11-17
-
Imp
SetSender() in pre-delivery (queue) script -
Imp
LSI MegaRAID tool (mfiutil) available -
Imp
hslCacheClear() SOAP API may clear a specific namespace/function -
Imp
Added SOAP API mailQueueRetryBulk() function -
Imp
Added 'duplicate' option to SOAP's queue function for cloning messages(s) from an archive -
Imp
Setting mail_log_size to zero will disable logging (even realtime) -
Imp
Disable SSLv2 and SSLv3 on administration UI (and SOAP) -
Imp
Add custom headers to HSL mail() created messages -
Imp
pcre_replace() HSL function -
Imp
Variable substitution with ${name} -
Bug
'Next retry' could be presented with the wrong timezone (didn't affect delivery) -
Bug
Memory usage could show erroneous on 64 bit platforms -
Dep
SOAP API mailQueueRetryAll() removed (reimplemented with mailQueueRetryBulk) -
Dep
SOAP API devList() removed
3.2-r9
Released on 2014-10-01
-
New
Added LMTP support, useful for more efficient Dovecot delivery -
Imp
retry=x in search filter, useful to show delayed messages -
Imp
Added "\r\n\t" syntax in HSL strings -
Imp
Added HSL http() max-time timeout, also renamed connect_timeout -
Imp
Added the SMTP ping command -
Imp
Decouple antivird and clamd for more efficient RAM utilisation -
Imp
New installations are 64-bit, with VMware "guest OS" set to "freebsd-64" -
Imp
Review before save on virtual text files and DLP pages -
Imp
New certificates are generated with SHA256 -
Imp
Faster clearing of rate limits (may interrupt garbage collection) -
Imp
Faster connect() timeout in smtp_lookup_rcpt() -
Imp
Lower connect() timeout to 30s (like Postfix) -
Bug
Problem when searching rates in web user interface -
Dep
Undefined values in HSL was branched as true (not false)
3.2-r8
Released on 2014-09-11
-
Sec
Updated to FreeBSD 10.0-RELEASE-p8 which addresses new OpenSSL bugs -
New
Multiple "shadow" port support for mail listener, for better pool utilisation -
New
AddedSetHELO()
function and$sourceip
to pre-delivery script -
Imp
Global HSL variables are committed when calling a second function -
Imp
New chart for swap operations, as complement to swap usage chart -
Imp
Updated Kaspersky anti-virus engine to 8.3 -
Imp
Some search queries are maintained when browsing cluster nodes -
Imp
Many 64-bit fixes in preparation for upcoming 64-bit release -
Imp
Display Kaspersky virus base version in log on startup -
Bug
Rate limit page support any valid UTF8 as namespace and entry -
Imp
Overall improvements throughout the system -
Bug
Fixes NTP client regression -
Bug
Fixes VMware guest info regression -
Bug
Link aggregation fixes; omitted from cluster, and brings up all ports -
Bug
Fixed cluster system update page's node link -
Bug
Fixed cluster configuration override page with multiple fields per key -
Dep
Forbids ambiguous HSL concatenation of numbers
3.2-r7
Released on 2014-08-20
-
New
Implemented a pre-delivery (queue) script for dynamic transport behaviour -
New
Added the log() function which can be used for things such as GeoIP lookup -
New
Added the timelocal() function to get time in local time -
New
Link aggregation support -
Imp
Support using system disk as storage on bare-metal installs, or if the virtual disk is grown -
Imp
The post-delivery (transport) script is unified for all transport, on the flow page -
Imp
The GetHeaders() function can be used to fetch all headers as a multidimensional array -
Imp
Allow multiple include of same file in HSL -
Imp
The post-delivery (transport) script executed for successful deliveries, useful for external logging -
Imp
Added$actionid
variable to DATA, queue and transport flows, for tracking of recipients, etc between flows -
Imp
Loopback addresses configuration, useful for DSR load balancing -
Imp
Change VLAN and link aggr. settings from console -
Imp
Updated FreeBSD packages to latest quarterly -
Imp
Auto-configuration on Google Compute Engine -
Imp
Many minor improvements -
Bug
Changed SpamAssassin queue algorithm to decrease wait time -
Bug
Issue when searching logs larger than 2 GiB fixed -
Bug
Issue where Kaspersky wrote files to /tmp fixed -
Dep
Disabled Bayesian by default
3.2-r6p1
Released on 2014-06-18
-
Bug
Resolved uncommon stability issue
3.2-r6
Released on 2014-06-10
-
Sec
Fix OpenSSL CVE-2014-0195, 2014-0221, 2014-0224 and 2014-3470 -
New
DiscardMailDataChanges() function, allowing different data changes for different CopyMail()s -
New
Support for variadic function syntax in HSL -
New
Added spread operator (argument unpacking) to HSL -
Imp
Added executable file (by file name, even in ZIP and other archives) blocking to antivirus block -
Imp
Performance improvements in ScanDLP for efficient file extension scanning -
Imp
Encode headers as quoted-printable instead of Base64 for readability -
Imp
View ScanRPDAV (VOD) results in web admin's message tracking -
Imp
Improved virtual text file editor, with HSL code support (great for includes) -
Imp
Removed deprecated browser-specific CSS3 options (Mozilla, Opera) -
Imp
Enable auto-scroll on keypress in web terminal -
Imp
Many minor improvements
3.2-r5
Released on 2014-05-23
-
New
Added SetDelayedDeliver() function to HSL for extra queueing time before delivery -
New
Added builtin and global control structures to HSL functions -
New
Added json_encode() function to HSL -
Imp
Added max depth option HSL's ScanDLP(), useful for file extension matching in archives, eg. -
Imp
Added named match groups to HSL's PCRE functions -
Imp
Adding filtering on retry and sender field to HSL's GetMailQueueMetric function -
Imp
Updated SpamAssassin to 3.4.0 -
Imp
Web terminal (command page) support pasting with Ctrl+V -
Imp
Always prefer IPv6 when clustering with hostnames -
Imp
Support RFC 2231 header parsing -
Imp
Various web admin enhancements, such as links from quarantine page to tracking -
Imp
Overall performance and reliability improved -
Bug
Resolved issue where adding and removing headers with zero offset conflicted
3.2-r4
Released on 2014-04-28
-
Dep
Deprecated updateNetwork SOAP API function -
Dep
Deprecated HSL's null coalescing operator -
New
Added default function arguments in HSL -
Imp
HSL's header functions decode and refold by default -
Imp
Addedmsgqueueid
to mailHistory API andhistoryid
search filter -
Imp
Overall performance and stability improved -
Bug
HSL'sper_message
cache now works in functions -
Bug
Pressing back button in Firefox no longer reset forms
3.2-r3
Released on 2014-04-08
-
Sec
Patched OpenSSL "heartbleed" vulnerability (CVE-2014-0160) -
Dep
Deprecated BATV functions in favor of HSL implementation -
New
Introduced array slicing to HSL -
Imp
HSL's DeliverWithDKIM() function can load private key from variable, such as http() request -
Imp
New HSL variable $tlsstarted in AUTH and RCPT flow -
Imp
New HSL variables $messageid and $queueid in transport flow -
Imp
Message queue IDs (exposed as $queueid or via SOAP API) upgraded to 64-bit integer -
Imp
Improved http()'s POST data serialisation and added "response_headers" option -
Imp
Added a gethostname() function to HSL -
Imp
Many performance optimisations in HSL -
Bug
Fixed Firefox quirk with forms resetting when going back on page -
Bug
HSL's dnstxt() concatenate multiple strings with space -
Bug
Clustered line charts now merge new legends from secondary results -
Bug
Display error message if unable to clear cluster's HSL cache
3.2-r2
Released on 2014-03-10
-
New
Extended the HSL scripting language- GetMailQueueMetric() to implement usage quotas in queues
- json_decode(), is_string() and is_number() for making API calls, etc
- http() function now supports custom request method and headers
- %= and **= operators
- Switch statements validates that a switch is directly followed by a case or default label
-
Imp
Updated SOAP API- configKeys() now takes "key" (filter) argument which is also exported in $soapargs[]
- configKeySet() allows partial updates (not all parameters needs to be specified)
- hslRate() and hslRateClear() exports "ns" and "entry" to $soapargs[]
- hslRate() and statList() now implements pagination and backend-side search/filtering
- mailQueue() and mailHistory() includes msgsasl for username and msgts0 for GMT timestamp
- mailQueue() and mailHistory() supports filtering on sasl=
-
Imp
SASL username can be viewed on tracking page -
Imp
DSN messages now include original header "Undeliverable: This was the original header" -
Imp
Support for Broadcom's bge NICs -
Bug
Web admin interface fixes- Netcat (nc) command with custom port was not correctly documented
- Active HTTPS sessions may not be degraded to HTTP
- The authentication script test sandbox could produce the wrong output
- Some quarantine retention policies were kept for too long, affected users need to reselect their intended policy
3.2-p1
Released on 2014-02-12
-
Bug
Xen PVHVM network driver "xn" was not detected properly -
Bug
The command API could return empty results under extremely rare circumstances -
Bug
The web admin's hardware page didn't list "ada" devices
3.2
Released on 2014-02-10
-
New
Hyper-V para-virtualization; gigabit network, VLANs, SCSI disks, etc -
New
Virtio (KVM) para-virtualization; improved network and disk performance -
New
VMware VMXNET3 support -
New
Xen PVHVM support -
New
Line graphs showing disk IOPS and latency -
New
Show message modifications when browsing queued or quarantined messages -
New
The DATA flow registers$recipients
and$recipentdomains
-
New
New HSL functionabs()
-
New
Addedtcpdump
to API and web administration -
Imp
Based on FreeBSD 10 and compiled with clang -
Imp
LDNS and Unbound as replacement for BIND (as resolver and DNS cache) -
Imp
Automatically grow storage disk when resized in hypervisor -
Imp
Overall throughput increased by careful profiling -
Imp
Large number of HSL scripting language optimisations, such as- R-value optimisations
- Made
str_replace()
significantly faster - Optimised augmented assignments
- Pre-compiled regular expressions
-
Imp
More concise and helpful logging throughout the system -
Imp
Increased swap partition size to 2 GB -
Imp
Updated all 3rd-party components -
Imp
Show warnings if no storage disk is found or configured -
Imp
Rebrand Commtouch as CYREN -
Imp
Enable some SpamAssassin DNSBLs by default -
Imp
Cache DKIM signature for all recipients -
Imp
Overall improvements -
Bug
DKIM DNS generator lacked_domainkey
part -
Bug
Under certain circumstances, the command API could fail -
Bug
Reload flows when file store objects are changed -
Bug
Fixed issue with pre-boot command line shutdown -
Dep
Deprecated the second argument to HSL'sround()
function -
Dep
Deprecated the DATA flow's$result
and$directprocessing
predefined variables -
Dep
New (S)ATA storage disks are identified as "ada" instead of "ad" -
Dep
At least one DNS server is necessary; unbound is not configured to traverse from the DNS root
3.1-r4p1
Released on 2014-01-16
-
Bug
Prevent NTP reflection attacks
3.1-r4
Released on 2013-12-20
-
Imp
Refactoring for performance improvements -
Imp
Warn about 32-bit hosts as preparation for 64-bit releases -
Imp
Estimates the number of mail tracking search results -
Imp
Changed various settings from byte to megabyte -
Imp
Overall web administration improvements -
Bug
Unable to add cluster nodes with literal IPv6 -
Bug
Regression on graph page's rate counter
3.1-p3
Released on 2013-11-21
-
New
Clusteredrated
process for improved rate limiting -
New
GetAddressList() function in DATA flow -
New
is_subdomain() HSL function -
Imp
Support sub-domains i black/whitelists (.example.com) -
Imp
Search for transports on tracking page -
Imp
Web admin terminals now work in background tabs -
Imp
IPv6 cluster support -
Imp
Always give a authentication failure reason inmailpolicyd
-
Bug
Catch exception in video console for systems without serial number -
Bug
Do not create sessions for unauthorized web admin clients
3.1-p2
Released on 2013-10-29
-
Imp
Improved mail queue/quarantine delivery performance -
Imp
Significantly improved mail tracking performance -
Imp
Support for more than two NTP servers -
Imp
Returns to current page, when fixing TLS fingerprints -
Imp
Warns about Cisco SMTP fixup which is known to cause issues -
Imp
Shows inode usage on storage/hardware page -
Imp
Other minor improvements -
Bug
Detect scrolling more accurately when viewing logs -
Bug
Windows users couldn't type @ in the terminal
3.1-p1
Released on 2013-10-10
-
Imp
Improved Bayesian performance using SDBM database -
Imp
Cluster overview page shows new software versions -
Bug
Regression causing issues for users with ATA write cache enabled
3.1
Released on 2013-10-09
-
New
Based on FreeBSD 9.2 -
New
Support for KVM VirtIO networking -
New
Create pie graph from rate() information with r() -
New
Buy licenses directly from within product -
Imp
Improved rate control page (with thresholds) -
Imp
DLP engine inspects more archive formats -
Imp
Download messages as ZIP instead of tar -
Imp
Restructured menu layout -
Imp
Script editor behaviour in Firefox and Internet Explorer -
Imp
Overall performance improvements
3.0-p9
Released on 2013-09-23
-
Imp
Better user experience for Hyper-V deployments -
Imp
Pages loads faster thanks to GZIP compression -
Imp
Overall performance improvements -
Bug
Rebooting was required to effectuate some license changes
3.0-p8
Released on 2013-09-09
-
New
DMARC flow block and ScanDMARC function -
Imp
Convert white/blacklist input to lower case -
Imp
Optimized history/mail API (database API) -
Imp
Optimized message logs extractions (from 4 minutes to ~0 seconds) -
Imp
Improved charset detection (ICU) -
Imp
Improved escape sequence in VMware terminal (detach keyboard) -
Imp
Search for scores and RPD ID in tracking -
Imp
Improved SPF caching -
Imp
Updated Ace editor and Kaspersky anti-virus engine -
Bug
IE9 had problems with search on tracking page -
Bug
Searchlog didn't always find message logs (if incomplete log) -
Bug
7-zip couldn't open downloaded tar (message) archives -
Bug
Paging with a quarantine folder selected
3.0-p7
Released on 2013-08-12
-
Imp
SMTP client prefers "strongest" SASL method announced by server -
Bug
Memory leak in the console UI
3.0-p6
Released on 2013-08-09
-
Bug
Initial vApp configuration imported multiple times -
Bug
XML warning on non-VMware system's interface page
3.0-p5
Released on 2013-08-07
-
New
Network setup guide in OVF (VMware vCenter) -
Imp
Create cluster with optional TLS -
Imp
Test end-user API with from scripting page -
Imp
Added an extra certificate (pki:2) for SMTP -
Imp
http() support HTTPS -
Bug
Clustering with SSL certificate chains
3.0-p4
Released on 2013-07-24
-
New
Black/whitelist module for end-user interface -
Imp
Full-text search in subject lines -
Imp
Clear search query on tracking page -
Imp
Return to referring page when editing profiles, etc -
Imp
Export users per domain on license page -
Imp
Prefer outbound CRAM-MD5 authentication method if supported -
Bug
BATV interoperability improvements
3.0-p3
Released on 2013-07-05
-
Imp
Search filters are now case-insensitive for from/to/ip -
Imp
Blacklist module in RCPT TO flow -
Imp
Dragging/selecting an interval in a graph opens tracking -
Imp
Various improvements to the DLP engine -
Imp
Filter commandRun and fileRead arguments in authentication script -
Imp
Compare IP addresses with in_network() in white/blacklists blocks -
Imp
Discard mailqueue's pre-fetched work queue when deleting messages
3.0-p2
Released on 2013-06-25
-
New
Complete overhaul of the product -
Imp
The SOAP API is completely changed -
Imp
SNMP MIB is completely changed -
Dep
Quarantine is deprecated; moved from the system to a GitHub project
2.4.0.3
Released on 2013-02-21
-
Imp
Microsoft Hyper-V legacy network driver support -
Bug
Some freshclam still couldn't download daily updates
2.4.0.2
Released on 2013-02-18
-
Bug
ScanSA() could miscalculate the estimated queue wait time -
Bug
Workaround for freshclam failing to update since ClamAV didn't create a daily diff
2.4.0.1
Released on 2012-10-15
-
Imp
Overall improvements -
Bug
Resolved bug in recipient flow's blacklist module's script generation -
Bug
Resolved statistics bug that could create spikes during database failures -
Bug
Resolved database issues generating warnings under rare circumstances -
Bug
Cluster overview's reporting could fail to load
2.4
Released on 2012-10-09
-
New
Based on FreeBSD 9 -
New
ScanSA() got fair queueing, time estimation, size limit, etc -
New
Boot-time management via bootsysmgr -
New
TTL argument to IP Policy's Allow() and Block() -
Imp
Improved performance -
Imp
Improved watchdog with better logging -
Imp
Save RAM by only starting maildlpd if ScanDLP() is used -
Imp
In case of storage disk problems, boot without storage -
Imp
Allow messages to be viewed instead of downloaded in quarantine -
Imp
GetDSN() and GetDSNHeader() to support text/rfc822-headers -
Imp
DNS shuffling based on MessageID (always the same per message) -
Imp
Reboot/shutdown is significantly faster -
Bug
Missing {FOOTER} replacement in WrapMessage -
Dep
The following SOAP API's has been removed:- System_Reboot_Hard
- System_Shutdown_Hard
- System_Online_Status
- Management_SetStorageRecover
- Management_StorageRecoverStatus
- Management_SetStorageMigrate
- Mail_Domain_Report
- Config_Diff
- System_GetKey("system_config_revision")
- System_Command_Run_XXX (replaced with by System_Command_Run)
- Management_GetArguments' filter parameter
2.3.6.3
Released on 2012-09-07
-
Bug
Regression inbackend
's SOAP server
2.3.6.2
Released on 2012-09-04
-
New
Deliver to an MX of a hostname using lookup-mx:hostname -
Imp
Configuration diff is coloured in red and green -
Imp
SPF module is moved to content flow in default configuration -
Imp
SOAP API's WSDL file moved to /remote/?wsdl -
Imp
SOAP API deprecated key system_config_revision, use GetHistoryEntries -
Imp
SOAP API deprecated Config_Diff -
Imp
SOAP API's gSOAP updated -
Imp
Disallow saving a configuration with no changes -
Imp
Web administration checkbox labels made clickable -
Imp
backend's watchdog report error codes -
Bug
SPF couldn't verify IPv6 senders -
Bug
The configuration partition wasn't checked properly -
Bug
Monotonic time was not used for all timers -
Bug
Visual bugs in web administration resolved
2.3.6.1
Released on 2012-07-18
-
Bug
Fixes various spam assassin errors -
Bug
Fixes clustering page when clustering is not configured
2.3.6
Released on 2012-07-04
-
New
Introduces pattern analysis rules from Halon -
New
Introduces valid bulk (RPD score 40) for non-spam -
Imp
Rate limits now summarized in cluster -
Imp
Display of rate limits and licensed users loads faster -
Imp
Table elements' full content shown on mouse over -
Imp
Improved cluster navigation behavior -
Imp
Updated 3rd-party libraries -
Imp
Faster spam-assassin updates -
Imp
Faster rendering of log files -
Bug
IP policy charts was not available on overview page -
Bug
Spam assassin error (introduces in previous release) -
Bug
Fixed MIME-decoding in quarantine
2.3.5
Released on 2012-06-08
-
New
French translations -
Imp
Pattern analysis' (SA's) score values are reported in Tracking/History -
Imp
HSL'sScanSARules()
can return score values -
Imp
HSL'sQuarantine()
has new reject and final action options -
Bug
Issue with HSL'sQuarantine()
$recipient resolved
2.3.4.1
Released on 2012-05-08
-
New
Addedtcpdump
to CLI's Network > Diagnostic Tools (console/SSH) -
Imp
Commtouch reference IDs in web administration -
Imp
HSL'sScanRPD()
can return reference ID -
Imp
Added server= and transport= to the Tracking's search filters -
Imp
HSLpcre_match
improved, empty capture groups, etc. -
Bug
Web administration spelling
2.3.4
Released on 2012-03-22
-
New
Mail tracking supports boolean search filters -
New
Mail tracking integrates history and queue -
New
HSL pcre_match functions -
New
HSL Mail Content GetHeaders function -
Imp
Cluster mail tracking displays scores, and more -
Imp
Jump between message tracking and logging seamlessly -
Imp
Jump between pages/tabs before loading completes -
Bug
Issue with DSNs/NDRs displaying in Microsoft OWA resolved -
Bug
Issue with UDP when ARP tables changes resolved -
Bug
Web administration diagnostics issue resolved
2.3.3
Released on 2012-02-23
-
Imp
Multi-line reject/defer messages -
Imp
Updated 3d-party modules (ctipd, ctengine, postfix, clamav, openldap) -
Imp
Added user defined callback to cache[], using "ttl_function" argument -
Imp
Include SMTP transaction state in SMTP errors -
Imp
Support for CA in LDAPs -
Bug
Web admin could visually overflow if too many remote systems -
Bug
Resolved rare bug with anti-virus engine -
Bug
Fix TLS warning on startup -
Bug
Verify last fingerprint in SSL chain (consistently) -
Bug
Scripting console could not connect to SMTP servers over TLS -
Bug
Resolved issue with HSL construct barrier {} -
Bug
SMTP lookup recipient could cache entires for too long
2.3.2
Released on 2011-12-21
-
Imp
Quarantining informs sender; rejects (550) instead of accepts (220) -
Imp
The SMTP recipient lookup forwards errors from the mail server -
Imp
Removed the incoming mail queue -
Imp
Show Script looks much better with colors and formatting -
Imp
The getting started has an option to trust server (use as smart host) -
Imp
Clustering operations are faster thanks to newrpcmplexd
-
Imp
Option to export list of users per domain -
Imp
The reporting's pie charts reflects selected period (day/month) -
Imp
The console supports page up/down -
Imp
The log viewer (searchlog) is faster -
Imp
Korean language updated -
Imp
Support for Internet Explorer 10 -
Bug
Issue with quarantine's history and domain administrators resolved -
Bug
Anonymous LDAP authentication issue resolved -
Bug
Issue with HSL's in_network() resolved
2.3.1
Released on 2011-10-04
-
New
View and reset rate control (Diagnostics > Rate Control) -
Imp
Improved support for KVM virtualization platforms -
Imp
Disabled auto-scroll in logs on mouse scroll -
Imp
Improved graphs (bandwidth graphs and layout) -
Imp
HSL's GuessAttachmentType() is faster -
Bug
Resolved issues when upgrading 2.3-series on first boot
2.3.0.4
Released on 2011-09-22
-
Imp
Quarantine automatically sanitizes input -
Imp
Pattern analysis' update is run every 6th hour -
Bug
Pattern analysis' update error reporting issue resolved
2.3.0.3
Released on 2011-09-14
-
Bug
Serial console issue on SPG-150 resolved
2.3.0.2
Released on 2011-09-02
-
Bug
LDAP synchronization issue resolved -
Bug
Pattern analysis' bayesian filter issue resolved
2.3.0.1
Released on 2011-08-17
-
Bug
Updated list of time zones (some didn't exist) -
Bug
Guessing of character set issue resolved -
Bug
Pattern analysis (ScanSA) custom rules issue resolved
2.3
Released on 2011-08-02
-
New
Based on FreeBSD 8.2 -
New
Content Inspection (DLP), ScanDLP() function -
New
File store with CSV editor, deprecates FTP, in_file() function updated -
New
Support for VMware vmxnet adapters -
New
View history in Quarantine interface -
New
Show header modifications in Quarantine interface -
Imp
Quarantine interface is now fully clustered (user creation) -
Imp
Updated Commtouch RPD and GlobalView engines -
Imp
Updated Kaspersky anti-virus engine -
Imp
Option to reset SpamAssassin bayesian database -
Imp
The mail() function has a plain-text option -
Imp
Fullscreen editors has "import from file" functionality -
Imp
VMware/serial console auto-logout after 10 minutes -
Imp
Mail Gateway > Domain section tables show more information -
Imp
Many small improvements in functionality and stability -
Bug
Storage fallback to memory issue resolved -
Bug
Issues with static routes resolved
2.2.6.3
Released on 2011-05-11
-
Imp
Web Administration improvements (translations, statistics) -
Imp
HSL functions floor() and ceil() added -
Bug
Fixed incorrect return type from round() -
Bug
Kaspersky anti-virus regression issue solved
2.2.6.2
Released on 2011-05-05
-
Imp
Updated 3rd-party components (Commtouch, Kaspersky, etc.) -
Imp
Overall reliability and performance improved
2.2.6.1
Released on 2011-04-06
-
Bug
Mitigating HSL data type issue
2.2.6
Released on 2011-03-31
-
New
IPv6 support in IP Policy Flows (added $family variable) -
New
Automatic configuration truncation option (System > Configuration) -
Imp
dnsbl() function now queries for IPv6 according to RFC5782 -
Imp
Improved the Web Administration with some new functionality -
Imp
Internet Explorer 9 support in Web Administration -
Imp
Improved phishing protection -
Imp
Improved SMTP IPv6 handling (prioritized) -
Imp
DSN messages now includes only message/rfc822-headers -
Imp
DKIMWithDeliver() now returns 500-error on un-signable messages -
Imp
Updated 3rd-party components (libc, postfix, htmlpurifier etc.) -
Imp
Overall performance improved -
Bug
Folders created on FTP did not appear until after a reboot -
Bug
IP Policy Flow's $serverport variable was not a number (string) -
Bug
dnsptr() now supports compressed IPv6 addresses -
Bug
Kaspersky's logfile not available on first run -
Bug
Web Administration over IPv6 was partly broken -
Bug
smtp_lookup_*() should not use transport fallbacks -
Bug
Quarantine() function did not honour SetMailTransport()
2.2.5.2
Released on 2011-02-10
-
New
Prioritized queues (per mail transports) -
New
IO statistics tool in Web Admin (iostat) -
Imp
Updated 3rd-party components (clamav) -
Imp
Overall reliability and performance improved -
Bug
BATV format bug -
Bug
Deliver to A/AAAA records did not load balance properly
2.2.5.1
Released on 2011-01-24
-
New
VMware Zimbra integration in quarantine -
New
Custom authentication with System Authentication Script -
New
RADIUS (rad_authen) function for System Authentication -
New
TACACS+ (tacplus_authen and tacplus_author) functions -
New
Context-aware help (links to the doc. wiki) in Web Admin. -
Imp
Updated 3rd-party components (ctipd, syslog, clamav, php) -
Imp
Include kernel debugging in logs -
Imp
Quarantine > Users, double-click users to 'sign as' as them -
Imp
Activity > Logging has time interval option for faster searching -
Imp
Some HSL functions are cached per default (per-message) -
Imp
Admins can change quarantine users' passwords -
Imp
Force web browsers to update cache on H/OS upgrades -
Imp
HSL arrays may be initiated with [ ] instead of array() -
Imp
LDAP debugging command hides passwords -
Imp
Sort user's joined accounts in quarantine -
Imp
Support for [IPv6 address]:port in network tools -
Imp
New strnatcmp JavaScript library for better natural ordering -
Bug
GlobalView, etc. stability improved with glibc patch -
Bug
Fixed host name length (was limited to 32) -
Bug
Fixed SMTP DNS lookup implementation misbehaviour -
Bug
Heartbeat probe for Spam Assassin to resolve locks -
Bug
Fixed missing SSL chain for certificates -
Bug
Fixed multiple pages bug in Activity section of Web Admin. -
Dep
Configuration key config_user renamed to to system_user -
Dep
Signed in account used to browse cluster in web admin -
Dep
Admin accounts must use @local for quarantine sign-in
2.2.4
Released on 2010-11-25
-
Imp
Performance optimizations on message delivery -
Imp
Double-click on messages to display text log -
Imp
Version history information button on update section -
Imp
Option to enable ATA write-cache -
Imp
Non-blocking Kaspersky anti-virus database update -
Imp
Getting Started allows example.org and another domain -
Imp
Display newly added quarantine branding -
Imp
GlobalView is logged as ctipd instead of [ctipd] -
Imp
Unified authentication scheme -
Imp
Updated 3rd-party components -
Imp
Database errors are logged -
Bug
Memory usage was erroneously calculated -
Bug
Value rounding in reporting charts -
Bug
Forbid domains ending with a dot -
Bug
Flow selection race condition for first message resolved -
Bug
Memory leak in mailscand resolved -
Bug
Spelling corrected in web administration -
Bug
Overall reliability and performance improved
2.2.3
Released on 2010-10-25
-
New
Storage disk migration section -
New
Unique self-signed certificate during install -
New
New DirectDeliver() function to deliver inline -
New
RPC log for SOAP API calls -
New
Puny-codes for domains and in calculator -
Imp
Much improved logging with session tracking -
Imp
Graphical fixes for iPhone/iPad -
Imp
Cluster administration performance improved -
Imp
Updated 3rd-party components -
Imp
User count for license in mailscand -
Imp
Option to skip Getting Started -
Imp
Russian language in quarantine -
Imp
Overall graphical improvements -
Imp
Improvements in flow presentation -
Imp
Forbid non-ascii e-mail addresses -
Imp
HSL function get_defined_functions() -
Imp
TLS settings in smtp_lookup_rcpt/auth -
Imp
Updated statistics to BIGINT -
Bug
ClamAV could be started twice -
Bug
LDAP search cached non-existent users for 24 hours -
Bug
SNMP could fail to get ippolicyd statistics -
Bug
Inventory keys denied for read-only users -
Bug
ippolicyd could report statistics inaccurately -
Bug
DNS failures (NXDOMAIN and NODATA) results in immediate bounce -
Bug
Overall performance and stability improved -
Dep
It's recommended to empty your browser cache before signing on to your updated system -
Dep
The log format is heavily changed; be aware if you rely on machine parsed logging
2.2.2.2
Released on 2010-09-02
-
Imp
DNSSEC trusts newly signed root -
Imp
CPU indicator in clustering overview -
Imp
Simplified configuration management view -
Imp
Remote systems alphanumerically sorted -
Imp
Final actions terminate user defined functions -
Imp
3rd-party modules updated -
Imp
Russian translations updated -
Bug
HSL isset() function now works on arrays -
Bug
IPv6 support in Syslog -
Bug
Detect primary domain from Active Directory -
Bug
Reporting tab timed out in large clusters -
Bug
Overall performance and stability improved
2.2.2.1
Released on 2010-07-29
-
New
Novell GroupWise support in quarantine -
Imp
3rd-party components updated -
Bug
Do not synchronize "fallback" configurations in cluster
2.2.2
Released on 2010-07-07
-
New
Backscatter protection with BATV -
New
Comments (C++ style, //) in address lists in web administration -
New
Minger protocol recipient lookup function minger_lookup() in HSL -
New
SetRecipient() function in HSL's Content Flow -
New
HSL control structure "barrier" to do advanced synchronous scripting -
New
HSL isset() function, to check if a variable is defined or not -
New
Set listen addresses for SSH, FTP and SNMP services -
New
Prompted configuration download in web administration -
New
Show configuration changes between revisions -
Imp
Changed default IP to 169.254.1.1 (not to conflict with customer networks) -
Bug
Do not allow recipient with trailing "." in the domain name
2.2.1.1
Released on 2010-06-17
-
Bug
A script validation error in Web Administration fixed -
Bug
Syslog could fail at boot on rare occasions
2.2.1
Released on 2010-06-14
-
Imp
Show PKI information (X.509, private and public key) -
Imp
Require passwords to be typed twice -
Imp
Better TLS information in SMTP logs -
Imp
DNSSEC and DNS cache made private in cluster -
Imp
RPDAV icon changed to be distinguished from RPD -
Imp
Show full AV, AS, LDAP and boot logs -
Imp
Sort cluster nodes by name on Cluster > Overview -
Imp
Support TLS/SSL for LDAP servers (Quarantine and HSL) -
Imp
SMTP listener/transport support "internal-hostname" as hostname -
Imp
More restrictive read-only users (no ping, etc) -
Imp
Commands (ping, etc) in console are continuously updated -
Imp
More private keys (Send to Server, etc) -
Imp
3rd-party components updated (ClamAV, etc) -
Bug
RPDAV could not set "delete" action -
Bug
View message button in outgoing queue fixed -
Bug
No script errors for action on empty message queues -
Bug
Graph X-axis could be a few seconds off in cluster -
Bug
Failed to save flows when custom functions were used -
Bug
Session timeout when saving services (SMTP, HTTP, etc)
2.2.0.1
Released on 2010-05-19
-
Bug
syslog needs to be restarted in order for hostname to be applied -
Bug
If STARTTLS was announced but failed, optional TLS aborted -
Bug
LDAP queries failed in HSL
2.2
Released on 2010-05-17
-
New
DNSSEC support and an internal DNS cache -
New
DKIM signing and validation in Content flow -
New
Reworked statistics with JavaScript graphs and a new layout -
New
Show Script button on flows, displaying generated HSL code -
New
Ability to write reject/defer messages in flow blocks -
New
HSL variables $service (IP) and $messageid (Content) added -
New
HSL functions file() and file_get_contents() added -
New
Defer(), SetMailTransport() and AddHeader() in Content flow -
New
Trusted (whitelist) block in Recipient flow -
New
Web Administration organization with flows in one section -
New
Unit identification used as internal hostname -
New
Button for jumping to flows and profiles -
New
Warning messages before discarding unsaved changes -
New
Bookmarks to sections and tabs in Web Administration -
Imp
Renamed processes to mailscand and mailqueued -
Imp
Major performance improvement in mailscand -
Imp
Overall performance from chunked statistic updates -
Imp
Free-text search in Activity > Logging -
Imp
Quarantine mail listing show scores and logging -
Imp
Clustering menu and timeouts improved -
Imp
E-mail file maintenance (lostfiles) added -
Imp
Outbreak (RPDAV) anti-virus accuracy improved -
Imp
Web Administration performance and caching improved -
Imp
Updated 3rd-party components -
Imp
Hop count in mailscand implemented -
Imp
Overall performance and stability improved -
Bug
SpamAssassin update bug resolved -
Bug
SNMP label swapping bug resolved -
Bug
Disabling of certain domains bug resolved -
Bug
Zero-bitmask error in in_network() function resolved -
Bug
IPv6 scope in network functions is now discarded -
Bug
GMT timezone confusion on System > Time clarified -
Del
Domain statistics reports removed -
Del
Deprecated recipient databases migrated into flows -
Del
Incoming listener (smtpd) doesn't listen to localhost -
Del
Removed Deliver() as error fallback action -
Del
Invalid PKI certificates no longer validates in config -
Del
Deprecated $spamscore and LDAPLookup() removed -
Del
Diagnostics > Troubleshooter tab removed
2.1.5
Released on 2010-03-01
-
New
Clustering of multiple SPG/VSP units -
New
Graphical Console (replacing the CLI) -
New
mail() function in HSL -
New
GuessAttachmentType() in HSL -
Imp
3rd-party components updated -
Imp
Quarantine reset password, does not send a new password, instead allows it to be changed -
Imp
Overall improvements in functionality and reliability -
Imp
HSL cache [] is not LRU per default (least recently used) -
Bug
Domains were not disabled properly (nor alias domains) -
Bug
IP Policy response were not always received -
Bug
GetAttachmentName() were not decoded properly -
Bug
Self-genrated messages had the wrong Content-Disposition -
Bug
Unable to bind in queueprocessor (when custom source-ip was used) -
Bug
Domain reports could take very long time to complete -
Bug
Statistics could be collected for recipient instead of sender -
Bug
Disk, CPU and Memory usage where 24 hours off in bar-indicator
2.1.4.4
Released on 2010-01-14
-
Bug
Issue with domains without MX records resolved -
Bug
Internet Explorer 8 can now view message logs -
Bug
Exporting users can now handle invalid UTF-8 chars
2.1.4.3
Released on 2010-01-07
-
Imp
Automatically format and use available disk (Xen and Hardware) -
Bug
Xen could not leave firmware OS -
Bug
Wrap-around long log lines in Web Administration -
Bug
Rate-control would cause random reboots -
Bug
GlobalView did not always start at boot -
Bug
Newly downloaded SpamAssassin rules were not applied until reboot
2.1.4.2
Released on 2009-12-22
-
New
Console in Web Administration (Diagnostics > Local Console) -
New
Show licensed users in Web Administration and SOAP -
New
Access Quarantine from Web Administration -
Imp
3rd-party components updated -
Imp
in_network() now supports IPv4 and IPv6 -
Imp
dns() is now IPv6 ready, use dns4() or dns6() to choose -
Imp
Improved compatibility with "tag subject" and non UTF-8 -
Imp
Colors in log search -
Imp
Fixed MX-shuffle (rare round-robin delivery problem) -
Imp
Delivery will only try the first three A/AAAA records -
Imp
Selecting text in Web Administration logs -
Imp
Many other improvements -
Bug
Next retry wasn't presented in the local timezone -
Bug
Rare bug while reverting between configurations -
Bug
Could not save whitelist in Internet Explorer 8 -
Bug
Reload services when SSL certificate is updated -
Bug
Retention policy in Web Administration was restricted to 32-letter -
Bug
Adding one's own domains as domain alias confused quarantine -
Bug
Spelling corrections -
Bug
Overall stability fixes
2.1.4.1
Released on 2009-11-06
-
Bug
Better handling of questionable SMTP responses. -
Imp
Russian and German in VSP's Getting Started. -
Imp
Spam Assassin size limited raised to 500KiB. -
Imp
Charset detection for Korean and other Asian languages. -
Bug
Scripting error for Anti-Virus block in Content Flow. -
Bug
Web Administration bug in Gettings Started for IE6/7. -
Imp
Flow blocks in IP Policy log their results. -
Bug
Japanese may now be default language in Quarantine. -
Imp
Statistic's performance is improvements. -
Imp
HSL does not resolve $var to the value of $var. -
Imp
HSL function eval() implemented. -
Imp
Overall improvements in functionality and reliability.
2.1.4
Released on 2009-10-21
-
Warning
Storage disk must be at least 2GB for all units and configurations -
Imp
Automatic initialization of new Storage disks for VSP/SPG -
Imp
Firmware updates by self hosted Web Updates -
Imp
Getting Started -guide in Console and Web Administration -
Imp
IPv6 support in Web Administration -
Imp
Keep current search in History/Queues while browsing and performing actions -
Imp
IP-address whitelist in Content-Flow -
Imp
Quarantine action "Empty" only empties the selected folder -
Imp
Japanese language support in Quarantine -
Bug
If no MX is found, try to use the A/AAAA record -
Bug
SNMP and NTP problems with reconfiguration -
Imp
3rd party components updated -
Imp
Overall improvements in functionality and reliability
2.1.3.1
Released on 2009-08-09
-
Imp
Overall improvements in functionality and reliability
2.1.3.2
Released on 2009-08-09
-
Imp
Overall improvements in functionality and reliability
2.1.3
Released on 2009-07-10
-
Imp
Throughput vastly improved, read the guidelines -
Imp
Option to disable internal statistics and history -
New
New HSL functions -
Imp
Overall improvements in functionality and reliability
2.1.2
Released on 2009-06-25
-
New
SNMP monitoring; custom MIB with statistics and information -
Bug
Fixed Kaspersky engine error -
Imp
Truncate configuration from CLI to save memory -
Bug
Cache timeout set at execution instead of completion -
Imp
IP Policy may also block UDP packets ($protocol) -
Imp
Removed start-up related warnings -
Bug
http() function can handle more than 10 parameters -
Imp
Exceptions in Recipient Flow are reported as Defer() -
Imp
Global quarantine admin users may blacklist globally -
Imp
Blacklist handles domains and wildcard (%@domain) -
Imp
Notify senders that they are blacklisted -
Imp
Re-arranged tabs into new system menu in Web Admin. -
Bug
Redirection bug when accessing a HTTPS interface using HTTP -
Bug
Configuration upgrade for remote systems could cause timeouts -
Imp
Better transport-lookup for messages generated internally -
Imp
Mail function GetRoute() in HSL improved -
Imp
Array function array_reverse() in HSL -
Imp
Rate control function rate() in HSL -
Imp
Rate control module in Recipient and Authentication Flows -
Imp
Default message rate for authenticated users is 100 msg/h -
Imp
HSL may cache results per message/session -
Imp
Overall improvements in functionality and reliability
2.1.1
Released on 2009-06-03
-
New
Advanced options on Mail Content Flow with custom rules -
Imp
Larger history (100.000 msgs.) for small disks (4 GB) -
Imp
Anti-virus and Pattern Analysis (SA) results in history -
Imp
Quarantine allows users to download messages -
Imp
Quarantine web interface scales content to browser size -
Imp
Quarantine accepts LDAP sign-in using alias as username -
Imp
Quarantine has Korean translation -
Imp
Quarantine displays outgoing queue -
Imp
Quarantine displays folder's message count on mouse over -
Imp
SPF module has trusted forwarders white-list field -
Imp
Option to reject messages with virus -
Imp
Recipient Flows reports the reason for rejection to sender -
Imp
Overall performance and reliability improved -
Bug
Quarantine now shows attachments correctly -
Bug
Delivery forced default transport during certain circumstances -
Bug
Quarantine now honors the LDAP version setting -
Bug
It is now possible to mix recipient flows with "disabled"
2.1
Released on 2009-05-18
-
Imp
New Quarantine with LDAP support and Clustering -
Imp
Administrator can access the Quarantine using their credentials -
Imp
Quarantine has administrator-only folders (invisible to users) -
Imp
Reporting > Real Time Log displays Anti-Virus, LDAP, etc. -
Imp
The console's startup screen displays IP address -
Imp
FTP access requires full permissions or the "f"-flag -
Imp
Administrators cannot change their own permissions -
New
Added "null" transport (discards messages) -
Imp
VMware ESXi users need to resize the disk during install -
Imp
Added "Per Domain" for the SMTP Recipient Flow lookup module -
Bug
Trace configuration revisions changes by administrator user -
Imp
Recipient Flows are per-domain instead of per-incoming. -
Imp
Improved queue/history management responsiveness -
Imp
Performance optimizations -
Imp
3:rd Party Components Updated -
Imp
CLI command "version" displays appliance information -
Imp
Overall performance and reliability improved
2.0.9
Released on 2009-03-24
-
New
Import Configuration from Clipboard -
Bug
Installer on Windows 2000 -
Bug
Installer field validation -
Imp
Warning on VMware Configuration Import -
Imp
Repair License in Web Admin. -
Bug
History Page in Internet Explorer fixed -
Imp
Changes in terminology (Process Flow = Content Flow, etc) -
Bug
Long lines message bug fixed -
New
Implemented cache [] function(); -
Bug
IP Policy cache is now cleared properly -
Imp
Web Admin. Script fields is monospace and support [tab] -
New
Added !~ (negated regular expression) matching -
Imp
Updates 3d-party libraries -
New
Caches the Incoming's smtp_rcpt_lookup -
Imp
Clear cache button (Mail Gateway -> Settings) -
Bug
Non-UTF-8 bug (Mail Gateway -> Activity) -
Imp
IP Policy performance improved -
Bug
HTTP re-configured during address change -
Imp
Removed reverse DNS lookups -
Bug
Memory storage capacity resolved -
Bug
Authentication and Recipient Flow re-configuration -
Bug
NTP producing false error messages -
Imp
Autodetect language in Web Admin. -
Imp
Mail Content Flow didn't virus-check spam messages -
Imp
Overall improvements and stability
2.0.8
Released on 2009-02-27
-
Imp
Firmware Update with step-by-step guide -
Imp
VSP Installation with quick-start guide -
Imp
"Paging" in Mail Gateway Activity tabs -
New
dnstxt(), dnsmx() and implode() functions in HSL -
Bug
500-errors handled correctly -
New
Support for alternative DNS in lookup-mx -
Bug
Handle UTF-8 in Tag Subject i Mail Flow -
New
More languages added -
Imp
Graph directions changed (left to right) -
Imp
More SMTP debugging -
New
Direct Processing gives reject function -
New
Reject() function in Mail Flow -
Imp
Set concurrent connections per Incoming (server) -
Imp
Function declaration and "include" support in HSL -
Imp
Full UTF-8 support -
Imp
Overall improvements and stability
2.0.7.1
Released on 2009-01-16
-
Imp
SMTP/LDAP SMTP authentication support -
Bug
Disk Operation Stability -
Imp
Storage Management (backup and restore) -
Imp
Add multiple domains from Web Admin -
Imp
Authentication and Recipient Flows -
Imp
Many new functions added to HSL (see Wiki) -
Imp
Secure Disk Wipe from Recovery Console -
Imp
Send test mail to administrator from Web Admin -
Imp
Reset Statistics in Web Admin -
Bug
DNS/MX resolving -
Imp
Authentication in Outgoing Transports -
Imp
Preview mail in Quarantine -
Bug
Quarantine handles quoted-printable -
Bug
Quarantine reports handles quoted-printable -
Imp
Warn users when Quarantine getting full -
Imp
Script testing tool -
Imp
Searching logs indicates when showing realtime -
Imp
Custom icons for script blocks in Web Admin -
Imp
Improved anti-virus detection -
Imp
SOAP interface improvements -
Imp
Better Default Flows -
Bug
Resolved back-to-default-config bug
2.0.6.2
Released on 2008-11-25
-
Bug
Quarantine templates
2.0.6.1
Released on 2008-11-20
-
Bug
Quarantine templates
2.0.6
Released on 2008-11-12
-
Imp
Send Domain Reports from Web Admin -
Bug
Domain Statistics reported correctly (lowercase) -
Bug
Overall Web Admin reliability -
Imp
LDAP debugging -
Imp
Mail throughput performance vastly improved -
Imp
SPF Query Tool in Web Admin -
Imp
in_network() now supports IP-ranges in HSL -
Imp
Block() may send reason for blocking in HSL -
Imp
dnsptr() to lookup PTR (ipv4 and ipv6) in HSL -
Imp
5 s timeout for dns() request by default in HSL -
Imp
in_file() function (eg. black/white-lists) in HSL -
Imp
First comment in a Flow Script shown as title -
Imp
Customize generated e-mail -
Imp
Multiple LDAP servers on incoming listerners -
Imp
Default contact changed to "Postmaster" -
Imp
Multidimensional arrays in HSL -
Bug
Overall reliability and functionality -
Imp
Quarantine translated to Swedish and customizable -
Imp
Better default mail gateway Process Flow
2.0.5
Released on 2008-08-21
-
Imp
Improved quarantine with reports -
Imp
Statistics in Web Administration -
Imp
Domain reports with additional statistics -
Imp
Logging is separated and improved -
Imp
Message tracking (Activity) -
Imp
Web Administration re-organization -
Bug
Storage recovery from power failures -
Imp
Certificate tunable "Optional but Verify" -
Imp
Error messages are displayed as dialogues -
Imp
Generate SSL certificates (Diagnostics section) -
Imp
Name (tag) configuration revisions -
Imp
SOAP configuration API (using WSDL file) -
Imp
NFS replaces SMB for network storage -
Imp
Graceful shutdown and restart -
Imp
Boot procedure with progress and log -
Imp
Multidimensional arrays in HSL -
Imp
Headers are UTF-8 decoded in HSL -
Imp
GetDSN(), GetRoute(), DeliverAsSpam() in HSL
2.0.4.1
Released on 2008-06-09
-
Bug
Web Administration error on factory reset units -
Imp
Added German and Japanese language support -
Imp
HSL Scripting in Outgoing Queue -
Imp
Domain name variable in HSL -
Imp
WrapMessageAddHeader function added in HSL -
Imp
Revert to default config upon fatal errors -
Imp
Disable Incoming Listeners upon storage failure -
Imp
Regular Expression modifiers in HSL -
Imp
Initial Access Control Flow statistics -
Imp
Incoming Queue shows entire message -
Imp
http() and explode() functions added to HSL -
Imp
Pattern Analysis (spam assassin) module added -
Imp
LDAP testing on Diagnostics section -
Bug
Max Message Size can be increased -
Bug
Overall reliability and functionality
2.0.3
Released on 2008-05-15
-
Imp
Added Italian, Spanish and Korean language support -
Imp
Overall reliability improved
2.0.2
Released on 2008-05-12
-
Bug
SPF calculated $spamscore incorrectly -
Imp
Reboot to Update Firmware from Web Admin. -
Bug
Removed extra newline in messages -
Bug
Database conversions could fail -
Imp
Ability to disable ACL flow for services -
Bug
NTP synchronization problem solved -
Imp
Model-specific performance optimizations -
Bug
Recovery from power failure -
Bug
Windows (SMB) share no longer fails -
Imp
Added date/time functionality to HSL -
Imp
Overall reliability improved
2.0.1
Released on 2008-04-28
-
Bug
Problems in the parser of the mail scanner are fixed -
Bug
Ajax problems in the mail processing flow are fixed -
Imp
New functions in HSL (Halon Scripting Language) -
Imp
UTF-8 support in HSL -
Bug
Internet Explorer and Opera support -
Imp
Overall reliability improved
Comments
0 comments
Article is closed for comments.