Libraesva ESG v5.3.gpg
File Size16 KB
File MD5c8f302fe057afb7ee508f0fe27f699c8
File SHA25602ef40aa52d80276c7e26c531a7a410c3fd7c1cd659d0481afe56c9d9161aa99
Create DateMay 22, 2024
Last UpdatedJuly 16, 2024

Libraesva ESG 5.3

These are the major features of this release.

Distributed cluster setup

Up to 64 worker nodes can now be configured to integrate the standard active-active cluster configuration. A worker node is focused only on processing email, with only administrator access for maintenance and monitoring. All data collected by a worker, including scan results and quarantined email, is asynchronously transferred to the mail cluster for user access and daily usage.

Threat remediation: automatic recall of 0-hour threat

URLSand IoC (Indicators of Compromise), which are currently utilized to block threats, will now seamlessly integrate with Threat Remediation, facilitating prompt risk mitigation. Upon detection of a compromised message that has been delivered, it will be automatically recalled and securely relocated to the recycle bin on remote servers. Additionally, the quarantine retention period is extended for subsequent analysis. This feature ensures proactive threat mitigation and sustains
a secure email environment for end users.

This feature is not available for MSSP licenses.

Domain summary page DNS enhancement

The Domain Summary Page now includes comprehensive details on MX, SPF, DKIM, and DMARC records. This feature offers a complete overview of the current records and validates their configuration related to the ESG appliance. Additionally, it integrates with Libraesva LetsDMARC, facilitating easier domain management and enhancing email security insights.

Centralized apply settings

Configuration made in the web interface aren't immediately replicated to the scanner engine. In this new release, when there are pending configuration changes a single "Apply settings" action is shown in the main navigation bar. This will greatly ease system administration, since multiple changes can be collected and applied atomically, without having to recall all settings that need engine update.

Encryption at rest

Data storage is primarily occupied by stored emails, which are highly sensitive and accessed infrequently by the application. With this release, emails are encrypted upon writing and compressed during idle time, ensuring increased security and saving an average of 30% of storage space. In a clustered setup, storage synchronization now exclusively monitors compressed files, conserving network bandwidth and reducing I/O accesses.

MTA Strict Transport Security (STS)

With the addition of MTA-STS, ESG enhances the confidentiality of email communications and strengthens email security by automatically enforcing verified and encrypted TLS connections between mail servers that announce policies via DNS. Administrators retain the flexibility to define local rules that supersede globally defined domain rules, enabling tailored security configurations that align with specific organizational requirements.

Allow one-time setup of trial domain

MSSPs can now initiate trial domains to enhance the onboarding process for new clients, all without incurring additional expenses. These trials have a duration of 30 days, providing ample time for evaluation. Throughout the trial period, email addresses associated with the trial domains are exempt from license usage metrics but are distinctly labeled as "trial" in delivery records.

This feature is available only for MSSP licenses.

Full release notes

See the full release notes

Minor upgrades for this release, which includes all 5.3.x versions, are automatically updated as soon as they are publicly available. These updates include all security fixes and bug fixes that can be installed without service downtime, and the expected behavior of the appliance remains unchanged.

Breaking changes

This version introduces some changes which require your attention.

  1. API application need to apply changes. After any (or multiple) configuration changes, a call
    to `POST /api/v2/appliance/apply-settings` is required in order to make the changes effective. In
    previous version a configuration reload was forced after every change, disrupting performance
  2. DMARC report sender address changed. DMARC sender is now always set as "no-reply@$hostname"
    like other locally generated email. Verify that any SPF related to your hostname is correct.
  3. Subject no longer allow dynamic variable substitution. Review your User Message settings, most
    notably "Spam notification" subject is now changed to "Spam not delivered".

NOTE: This upgrade takes up to 15 minutes to complete. The appliance will reboot after the upgrade, so the expected MTA downtime is approximately 1 minute. A Snapshot is always recommended as a best practice!
Enter your Email to download