Libraesva ESG v4.6: Release Notes

Giorgio Premi Libraesva ESG

Changes in v4.6.12

Security:

  • Intercept new macro malware variant as suspiciouos in Quicksand

Changes in v4.6.11

Security:

  • Increase known senders history size to increase accuracy of spam engine

Improvements:

  • Suspend background jobs (cron) during upgrades
  • Implemented auto-reboot after system upgrade

Changes in v4.6.10

Security:

  • Whaling: blocks evasion techniques using crafted multi-line headers

Improvements:

  • Improve email HMAC watermark handling
  • Bitdefender updated autorecovery configuration

Changes in v4.6.9

Improvements:

  • Tuned DoS protection for NDR flood
  • More reliable parser of mail text log

Bug fixes:

  • Properly log SMTP reject for user custom Content Filtering rules
  • Avoid HTTP 500 error page for email removed from quarantine

Changes in v4.6.8

Security:

  • Whaling: improve UTF-8 support in matching by name
  • Better recognition of encrypted PDF

Improvements:

  • Added automatic check of SMTP Policy Quota service
  • Added automatic check of options included in the license

Bug fixes:

  • Adjusted the length of the “LDAP Host” field in LDAP Configuration
  • Fixed the loading of “Multi Domain Admin” domains
  • Fixed QuickSand logging for documents contained in an archive
  • Better parsing of the From Header to prevent false positives

Changes in v4.6.7

Bug fixes:

  • Properly sanitize spam score on fallback situations
  • Update codebase to integrate latest Let’s Encrypt changes

Security:

  • Whaling: narrow domain applicability derived from Whale user aliases

Changes in v4.6.6

Improvements:

  • More reliable SMTPd service in case of server configuration problems

Bug fixes:

  • Properly attach Quicksand warnings to email with ‘multipart/alternative’ or ‘multipart/related’ root entity
  • Fix database connection errors which may happens in Bayes learning engine

Security:

  • Improve audit log for Whaling functionality

Changes in v4.6.5

Features:

  • Extend dictionary retention to MCP defaults

Improvements:

  • Optimized Whitelabeling feature
  • Speedup syncronization for HTML and HTML images
  • Don’t replicate temporary table in cluster

Bug fixes:

  • Properly calculate and set relay default config, based on existing configurations
  • Disable signatures only when DKIM is enabled
  • Restore normal Bayes cleanup which affected some appliances

Security:

  • Disable Recall (thread remediation) for domain admins
  • Better audit log for quarantine_delete

Changes in v4.6.4

Features:

  • Option “block email with attachment removed” now applies also to outgoing emails
  • Support DHCP for first setup, and fallback to static IP
  • New bootsplash images and console welcome message

Bug fixes:

  • Added workaround to support quoted-printable of binary files
  • Added support for utf-16 attachments sent with transfer encoding quoted-printable
  • Fix attachment extension rules for files with long extensions

Security:

  • Whaling features use Whale user aliases if available to expand domains applicability
  • Improve sinergy between Quicksand analysis and anti-spam engine to block phishing campaign

Changes in v4.6.3

Bug fixes:

  • Restore DKIM functionality when HTML comment disarming option is enabled
  • Fix table pagination in authorized devices page
  • API: fix domain and type options in addldapset
  • Tuned SMTP DoS limits for trusted senders

Changes in v4.6.2

Security:

  • QuickSand: blocks office documents with specially crafted unparsable macro

Changes in v4.6.1

Security:

  • Delete safe-network obsolete option Notify as it may allows for metadata disclosure
  • Show HTML disarm in dangerous report

Improvements:

  • Cleanup old kernels after successful upgrade
  • Hide virus report table header when there’s no content
  • Console: distinct commands for Database repair and optimize

Bug fixes:

  • Fix race condition on vmware migration script
  • Fix issue on recipient delete from license details page.
  • Fix update cron for Office 365 Trusted IPs
  • UI: explicitly highlight actions applied to whitelist and blacklist
  • UI: Fix label good/bad for bayes messages/audit
  • UI: Show proper licensing errors
  • UI: Fix a bug in visualization of subtables in Web portal authentication

Changes in v4.6.0

Features

  • Office 365: native support for users and valid recipients import
  • Threat remediation: recall delivered messages from user’s mailboxes (O365, Exchange, Zimbra)
  • Quarantine Report: From field new show “via domain” envelope informations
  • Disarm Microsoft conditional comments from email HTML
  • Full deliverability test available from relay page
  • Attachments table in details page with security hashes
  • Configurable TLS security level

Improvements:

  • Domain Anti-spoofing integrations with user SPF and DMARC
  • Licensing: highlight accounted email
  • Dashboard: improve status summary table and license usage
  • Improved Avira, BitDefender and ClamAV integrations and service reliability
  • URLSand: show original domain as a title to rewritten URL
  • Whitelist and Blacklist now share the same CSV format
  • Add new Search filter “Only SMTP Reject”
  • Automatic VMWare Tools upgrade
  • Highlight OR filter semantics in active filters
  • Dictionary filters applies to subject field
  • Rename HAM/SPAM with simpler terms Good/Bad where possible (bayes, submit, …)
  • Removed “forgot” bayes filter action which is now automatic
  • Syslog: improved support to RELP/TLS and replication
  • Add pending/deleted/unknown delivery statuses in details page
  • Add SNMP OID to monitor cluster status
  • Add minor releases to ESVA Version to SNMP OID
  • Removed header X-%org-name%-MailScanner-ESVA

Bug fixes:

  • Mail signatures: generate proper configuration when only domain is customized
  • Set system administrator email as MailFrom and MailTo for logwatch
  • Align message security tag in every web page and quarantine report
  • Fix replication of DKIM Keys in Distributed Setup
  • Fix report filter with attachments fields
  • Properly handle content-disposition in mail continuity

Security:

  • Whaling plugin: improve fuzzy email comparison
  • URLSand: improved detection of inlined plain text files
  • Intercept new RTF variant embedded in OLE objects
  • Add DLL to File Extension blocked by default
  • Allow “Release and Whitelist” to domain administrator from quarantine digest
  • Changed defaults SMTP Denial of Service limits
  • Properly follow link shorted with is.gd
  • Whitelist and Blacklist are applied to envelope by default
Popular searches:GDPR, ESG 5 migration guide, "How to configure Libraesva ESG for Microsoft 365"