Libraesva ESG v5.5: Release Notes

Andrea Redaelli Libraesva ESG

Main features of version 5.5

  • Semantic AI engine: A new local Small Language Model (SLM)-based engine that classifies emails
    by meaning, not just structure. This enhances detection of sophisticated, well-written phishing
    or social engineering emails, even when traditional red flags are absent.
  • Enhanced message scan indicators: message indicators now include both positive and negative
    signals and are integrated with the new "AI classifier engine" enabling more accurate and
    insightful threat assessments-making and response speed.
  • API configuration for domain admins: Domain-level settings can now be managed directly via API,
    allowing greater automation and remote management for MSPs or multi-domain environments.
  • AI dashboard widget: A new interactive widget displays real-time AI-driven threat classification
    activity, including drill-down views that help visualize detection trends and model classification
  • Custom semantic categories: Each domain can now define up to eight context-aware threat categories.
    This allows admins to tailor the classification system to business-specific risks (e.g. invoice
    fraud) for sharper alerting and reporting.

Version 5.5.1 (May, 26 2025)

Security

  • Whaling protection: ignore outgoing email from SPF validated Google Workspace tenants

Improvements

  • Microsoft 365/Google Workspace: convert local users as functional, when a Google user is converted to group
  • Microsoft 365/Google Workspace: when a local user is converted to functional (e.g, shared mailbox,
    groups), all emails assigned from previous group membership are removed

Bug fixes

  • Google Workspace: fixed creation of functional users when group emails aren't assigned as user aliases
  • Google Workspace: fixed an exception when searching by address
  • Greylisting: avoid duplicated entries for auto welcomelisted senders
  • HTTP: avoid server name canonicalization for redirect when using self-signed certificates
  • Outlook addin: fixed report as bad action
  • Quarantine digest: null users and null functional users roles are ignored when generating reports

API

  • ADD: added /network/dns-forwarder to configure DNS forwarder
  • ADD: added /network/static-host-lookup to configure Static Host Lookup
  • ADD: added /sender-dependent-relay to configure sender dependent relay

Version 5.5.0 (May 12, 2025)

Security

  • WAF: improved application firewall blocks for API access
  • URLSand: improved "base URL" disarming
  • URLSand: improve scheme parsing for HTTP/HTTPS

Improvements

  • Mailer: added "%org-name%" header to all ESG generated emails and reports
  • Mail scanner: fine tuned configuration to avoid cpu saturation
  • Message details: show multiple SPF, DKIM and DMARC authentication results with extended information
  • View mail: show CC header in the header section
  • User management: user export will include email address and domain admin permissions
  • User role: allow customization of "can view" capability for "clean" result category

Bug fixes

  • Message details: show when welcomelist are ignored due to DKIM or DMARC failures
  • Message details: don't store "cid:" links and http local anchors
  • Search: apply custom permissions for message results to custom administrator roles
  • System preferences: removed empty section "System notification" in cloud appliances
  • Rebranding: replaced "Antispam Service" with "Email Security"
  • Saved search: disambiguate duplicate names

API

  • ADD: added /machine-learning/ai-classifier to configure AI Classification engine
  • ADD: property aiClassifier to /message/{id}
  • ADD: property hostname to /integration/pop3
  • ADD: added /trusted-network to configure trusted networks
  • ADD: property headers.spfValid to GET /message/{id}
  • ADD: added headers.authenticationResults to GET /message/{id}
  • IMPROVED /message/{id}/fetch returns 410/Gone when a message is removed or has been rotated
  • IMPROVED: property headers.dkimValid in GET /message/{id} will honor alignment to sender domain
  • IMPROVED: properties headers.spfResult/headers.spfIdentity from GET /message/{id}
  • FIXED: removed POST/PATCH/PUT action on non-editable /quarantine/release-request-entry
  • FIXED: removed /graph since it's included in /report output
  • FIXED: allow /report to domain administrator and user roles
  • FIXED: filter sender/recipient in GET /restricted-sender
  • FIXED: filter sender/recipient in GET /attachment-filter/file-name-rule,
    GET /attachment-filter/file-type-rule, GET /attachment-filter/password-protected-archive-rule
    and GET /attachment-filter/scan-archive-rule
  • FIXED: avoid duplicate entries with the same domain unique property for /relay
  • DEPRECATED: properties headers.spfResult/headers.spfIdentity from GET /message/{id}

Breaking changes

There are no breaking changes in this release.

Version 5.4

All upgrades from previous versions are included. See the full release notes of Libraesva ESG version 5.4.

Popular searches:GDPR, ESG 5 migration guide, "How to configure Libraesva ESG for Microsoft 365"