Libraesva ESG v4.9: Release Notes

Libraesva ESG

Changes in v4.9.9 (May 31, 2021)

Feature

  • new API getFullMaillog

Bug Fixes

  • Gsuite: add import of non editable aliases
  • Hosts file: correctly highlight “Apply Settings” button after changes
  • API `version`: show correct available version

Changes in v4.9.8 (May 11, 2021)

Improvements

  • Attachments Filters: allow Dos Device drivers
  • Allow message size up to 150MB

Changes in v4.9.7 (May 5, 2021)

Security

  • Improved detection of suspicious excel4/xlm macros

Bug Fixes

  • Logo & Messages: fix visualization of “Attachments Filters” customization

Changes in v4.9.6 (Apr 21, 2021)

Security

  • Installed security updates for Spam Engine.

Bug Fixes

  • Fix partial display of queued mails from WebUI.

Changes in v4.9.5 (Apr 7, 2021)

Security

  • Undisclosed security fix (thanks to Daniele Barattieri – Ethical Security for the responsible disclosure)
  • Whaling Protection: skip whaling checks only when the whale itself is the only recipient

Improvements

  • Threat Remediation recall show more detailed information on failure
  • SMTP Auth with LDAP: Search Base can be empty (required by Zimbra)

Bug Fixes

  • Better management of SSH sessions used for cluster replica
  • Fixed “Disable” option of scheduled report
  • Fix audit log when user delete a relay domain
  • Quicksand: improved detection of link in PDF documents

Changes in v4.9.4 (Feb 9, 2021)

Security

  • Quicksand: extend the function to disarm dangerous files inside archives, to all supported archive types (e.g. 7zip)

Bug Fixes

  • Trusted Networks: Show/Hide “Manage Hosted Services” based on license properties
  • Reload whole engine settings every 30 minutes

Changes in v4.9.3 (Feb 2, 2021)

Security

  • Improved detection of embedded objects in rtf files
  • Fix SQL injections in Report page

Improvements

  • Implement M365/GSuite oAuth login for Mobile Apps
  • Allow partial bulk update for Digest Report Options
  • Add audit Log events for LDAP/GSuite/Web Portal Authentication
  • Cluster Wizard: properly shows errors on database dump/restore
  • Message release request are acknowledged on any release action

Bug Fixes

  • Cluster Wizard: force “Pre Shared Key” to be withing 8 and 32 chars
  • User action Whitelist/Blacklist properly allowed for “Safe Learn” anonymous users

Changes in v4.9.2 (Jan 18, 2021)

Improvements

  • Threat Remediation: shows if a message is read when recalling from Message Operations
  • Web Portal Authentication: improved warning for incomplete set configuration

Bug fixes

  • Whaling Protection: avoid false positive caused by case-sensitive comparison
  • Account Takeover Protection: log all the Message Quota events
  • Threat Remediation: fix permission problem of the recall from Message Operations
  • Digest Report: restore View button when no other actions are configured
  • Domain Relay: fix bulk update of relay Server
  • DKIM Signing: Fix multiple deletion of DKIM keys

Changes in v4.9.1 (Jan 4, 2021)

Improvements

  • Whaling Protection: use DMARC to validate legitimate whales

Bug fixes

  • Address Rewriting: allow to add the same rewriting scheme for sender and recipient

Changes in v4.9.0 (Dec 29, 2020)

Features

  • New Multi-Factor Authentication with T-OTP (time-based one-time-password) is now available to admins and users
  • Threat Remediation (recall email messages from inbox) now available also for G-Suite
  • Custom TLS certificates can be used to relay email to internal domains. Microsoft365 inbound connectors can be based on the Common Name of the TLS certificate for a complete multi-tenant interoperability.
  • URLs rewritten by URLSand can be logged to syslog
  • Configurable sender/recipient address/domain rewriting. ESG can transparently replace domains or email addresses.
  • Domain Text Import: additional fields are supported by the batch import procedure.
  • New API “Mark For Release” is now available
  • Add Blacklist link now available in the Digest Report actions

Security

  • Updated Content-Security-Policy header
  • CentOS security repository migrated to Libraesva Extended Support service

Improvements

  • Microsoft 365 Threat Remediation: migrate from EWS to Graph API
  • Threat Remediation: Domain Admin/Multi Domain Admin can “Recall” messages from their domain
  • Add “Quarantine Report” option to IMAP/POP3 Set
  • Users can “Mark for Release” a message also from WebUI
  • Additional search options in Password-less Authorized Devices list
  • More reliable cluster wizard procedure

Bug fixes

  • Distributed setup: reload license on slave nodes after configuration push
  • Preserve hosts file after hostname change
  • Properly show hosts file record from WebUI
  • Fixed Backup and Restore of DKIM configuration
  • Search: fixed a bug that may cause different records to be displayed in message detail
  • Custom Spam Rules can be applied also on a single address
  • Properly apply “AntiSpam Engine Processes” configuration after change
  • Clean exported csv of relay domain from spurious columns