Libraesva ESG 4.6 to 4.7 Upgrade

Libraesva ESG v4.6 to
File Size10.94 KB
File MD5fa9b1b907b04a7e5a89717607e05acc3
File SHA256bf9ea797ce01be880a0b7951478dcf4c6806bc26d380c148c4c2b943ad36ca63
Create DateJanuary 3, 2020
Last UpdatedJanuary 4, 2021

Changes in v4.7.0


  • Adaptive Trust Engine: analyze sender/recipient trust and relationship
  • User Management: Support Read-Only administrator and domain administrator
  • Impersonation Protection: new "External Warning" banner to identify external first time senders
  • Cofense (PhishMe) Triage integration: submissions of false-positive and false-negative, will auto-train the engine
  • Mobile App: completely rewritten, available for IOS and Android, added Email Continuity
  • Outlook Add-In: completely rewritten, available as native Microsoft Add-In
  • Outlook Add-In: toolbar button to directly submit false-negatives to Esvalabs
  • Email Continuity: URLSand protection is active for each shown email
  • Email Continuity: allow sending of new email
  • Email Continuity: full scan of email generated on the WebUI
  • URLSand: support for white-labelling of scan pages (license needed)
  • LDAP configuration: main address used for quarantine report and licensing is now freely configurable
  • Email notification: new HTML templates for many automated notifications (license, services status, ...)
  • Account Takeover Protection: new "Access Control" policies allow more fine-grained sender/recipient rejection policy
  • New Remote Support: give feedback on connection enabled, and allow for connection on port other than 25
  • Hyper-V: automatic updates of guest tools
  • SNMP: in cluster environment, allow for distinct configuration on each node


  • New authentication and authorization system, with support fine grained capabilities and roles
  • Login: CSRF protection on all logins
  • Password Recovery: integrate with passwordless-authentication when applicable
  • Password Recovery: use one-time-password for recovery
  • Passwordless Authentication: rewritten to seamlessly integrate in the WebUI
  • Passwordless Authentication: only use HTTPS to increase security
  • Transport Layer Security: Let's encrypt auto-renewing certificate can now be used also for SMTPS
  • DNS: primary DNS is no longer editable, to avoid common misconfiguration which results in severe security issues
  • Antispam Engine: spam check can now be applied to the whole email, honoring MTA limits in all circumstances
  • Quicksand: dangerous email can now be flagged as infection to prevent users accidental release
  • Libraesva Update: new distribution system, which support transactions and CDN deployments
  • Quicksand: maintain distinct categorization for ZIP archives and contained sanitized PDF.
  • WebUI: separate session for HTTP and HTTPS to improve cookie security
  • URLSand: refactored code to support replacements of all text-links in HTML
  • Attachment Filters: blocks many new extensions by default (e.g. crt, perl, python, ...)
  • User interface: user capabilities on a message are checked for every action in quarantine and WebUI
  • Recall action now shows whether the user has read the email before it was recalled


  • DKIM: allow to export public keys
  • Maillog viewer: allow downloading of previously rotated logs
  • SMTP Policy Quota: renamed to Account Takeover Protection for consistency
  • Impersonation Protection: incorporate "Whaling" protection and "Phishing Highlight"
  • HTTPS: automatically enable "force SSL" option after Let's Encrypt certificate generation
  • Reports: allow filtering by Trusted source
  • Dashboard: new gauges shows all system resources and usage
  • Dictionary: find triggered words in message details
  • Spam Report: find domain which trigger malware or graymail rules
  • HTTPS: show relavant certificate details
  • SMTP TLS: show all relavant certificate details
  • UI: modernize button styling
  • Dangerous Content Release Override removed (superseded by user capabilities)
  • Passwords: require that password are at least 8 chars
  • Advanced settings: full-whitelist can now be configured as "antivirus only"
  • Improved database performance and reliability of: whitelist, blacklists, user manager, geolocation, user tokens, quarantine delivered, first time senders.
  • License: use incremental counting to speedup nightly jobs
  • SPF: updated deamon to latest version and added diagnostic page
  • New internal monitor for HTTPS service availability and recovery
  • Mail Encryption: sensitivity header detection is off by default
  • Message Details: added many rules descriptions
  • Message Details: highlight email received from trusted sources (network or SMTP-Auth)
  • Message Details: show whaling rule at top in spam reports
  • Message Details: add link to search attachments hash on VirusTotal
  • Message Details: improve mail details header
  • Message Details: shows signatures validation and notable headers
  • New quarantine disk monitor with better prevention of disk exhausted
  • Whitelabel: remove Libraesva prefix from user pages
  • Whitelist/Blacklist: automatic initialization of "Check Only From Envelope" based on user context and permissions
  • Authentication test: clear output from authentication logs
  • Web UI: added templates for HTTP exceptions
  • API: searchMessage supports more types
  • API: add userId and/or email to ReleaseMsg

Bug fixes

  • Whitelist/blacklist: cleanup empty data from DB which may interfere with analysis
  • Attachment warnings: implemented workarounds for Apple Mail visualization bugs
  • Attachment Filters: allow longer filename extensions
  • Distributed Setup: fix DKIM keys permissions on replication
  • Domain import: initialize URLSand/QuickSand configuration
  • Score Normalization: fix counting of normalization history
  • Message Details: better highlight for GRBL and URI_DOMAIN rules
  • UI: refer to "Infection" instead of "Virus" where appropriate
  • Quarantine: permission monitor scans quarantine multiple times per hour
  • MTA advanced: myhostname validation make sure that simple domain name are not used
  • Valid Recipient List: better cleanup and validation of email address
  • LogWatch: mail from and mail to are aligned with system preferences
  • Custom spam rules: prevent creating rules with invalid names
  • SMTP Auth: remove warnings about duplicate records
  • Rsyslog: increase rate limiting to prevent packed drops
  • SMTP Reject: properly log dynamic verification failures as recipient unknown
  • SMTP Reject: properly log some new SPF failures log
  • Cluster monitor: when resetting make sure to flush all isolated hosts
  • Firewall Checks: add more return codes analysis to improve reliability
  • User import: honor white labelling in email template
  • SystemHealth: properly check for ClamAV signatures updates
  • URLSand: skip domains .local and .intranet
  • LocalRBL: removed debug logs
  • Branding: aligned the product name to Libraesva ESG
  • API: stabilization of getmaillog and getspamlog

NOTE: This upgrade takes up to 5 minutes to complete (be patient!) and requires a system restart. A Snapshot is always recommended as a best practice!
All automatic updates changes are listed in the full release notes
Enter your Email to download