Libraesva ESG v5.5: Release Notes

Andrea Redaelli Libraesva ESG

Main features of version 5.5

  • Semantic AI engine: A new local Small Language Model (SLM)-based engine that classifies emails
    by meaning, not just structure. This enhances detection of sophisticated, well-written phishing
    or social engineering emails, even when traditional red flags are absent.
  • Enhanced message scan indicators: message indicators now include both positive and negative
    signals and are integrated with the new "AI classifier engine" enabling more accurate and
    insightful threat assessments-making and response speed.
  • API configuration for domain admins: Domain-level settings can now be managed directly via API,
    allowing greater automation and remote management for MSPs or multi-domain environments.
  • AI dashboard widget: A new interactive widget displays real-time AI-driven threat classification
    activity, including drill-down views that help visualize detection trends and model classification
  • Custom semantic categories: Each domain can now define up to eight context-aware threat categories.
    This allows admins to tailor the classification system to business-specific risks (e.g. invoice
    fraud) for sharper alerting and reporting.

Version 5.5.3 (Jun 23, 2025)

Improvements

  • Dashboard: adaptive UI refresh, which reduces the HTTPs server loads and lets the session expire
  • Dashboard: data ranges have more "last X hours" ranges and no longer allow week or month ranges
  • Dashboard: show explicit warning when the license is expired
  • Dashboard: greatly optimize the database performance of the "analyzed message", "email flow", "threat maps", "cluster status", "AI classification", "message distribution", "top sender" and "top recipient" widget
  • Licensing: show previous license information when the license is expired
  • Microsoft Azure: triggers a post-deployment storage optimization procedure after every storage expansion
  • Microsoft Azure: upgrade agent version to 2.13
  • Search: added "last 6 hours", "last 12 hours" and "last 48 hours" filters
  • Web UI: temporary disable form on submission to avoid multiple actions caused by double-clicks

Bug fixes

  • Email Continuity: fixed mail compose editor when logged in as user with role "basic user"
  • License accounting: excludes released messages from accounted deliveries
  • Message details: fixed spam confidence when spam reports contains multiple rules with the same name
  • Syslog: fixed logging to syslog of some Web-UI failed login attempt

Version 5.5.2 (Jun 12, 2025)

Security

  • Notification to sender: notifications are sent only for outgoing messages

Improvements

  • Microsoft Azure: added post-deployment storage optimization procedure
  • Microsoft 365: added “hybrid” label in test page for users that are hybrid and not fully migrated
  • Microsoft 365: fixed import of user with duplicated additional addresses
  • ESG AI: fine-tuned engine parallelism when load average is high

Bug fixes

  • File type: updated blocked audio and video label descriptions
  • Message details: show when failed DMARC results are ignored since a message is sent by trusted sender
  • Microsoft Azure: fixed firewall rule for Microsoft management IP
  • Outlook add-in: fixed release action when a reason is required
  • Search: fixed export of saved search results
  • User management: fixed user export for domain admin
  • User management: permit to “reset to default” customized user defaults

Version 5.5.1 (May, 26 2025)

Security

  • Whaling protection: ignore outgoing email from SPF validated Google Workspace tenants

Improvements

  • Microsoft 365/Google Workspace: convert local users as functional, when a Google user is converted to group
  • Microsoft 365/Google Workspace: when a local user is converted to functional (e.g, shared mailbox,
    groups), all emails assigned from previous group membership are removed

Bug fixes

  • Google Workspace: fixed creation of functional users when group emails aren't assigned as user aliases
  • Google Workspace: fixed an exception when searching by address
  • Greylisting: avoid duplicated entries for auto welcomelisted senders
  • HTTP: avoid server name canonicalization for redirect when using self-signed certificates
  • Outlook addin: fixed report as bad action
  • Quarantine digest: null users and null functional users roles are ignored when generating reports

API

  • ADD: added /network/dns-forwarder to configure DNS forwarder
  • ADD: added /network/static-host-lookup to configure Static Host Lookup
  • ADD: added /sender-dependent-relay to configure sender dependent relay

Version 5.5.0 (May 12, 2025)

Security

  • WAF: improved application firewall blocks for API access
  • URLSand: improved "base URL" disarming
  • URLSand: improve scheme parsing for HTTP/HTTPS

Improvements

  • Mailer: added "%org-name%" header to all ESG generated emails and reports
  • Mail scanner: fine tuned configuration to avoid cpu saturation
  • Message details: show multiple SPF, DKIM and DMARC authentication results with extended information
  • View mail: show CC header in the header section
  • User management: user export will include email address and domain admin permissions
  • User role: allow customization of "can view" capability for "clean" result category

Bug fixes

  • Message details: show when welcomelist are ignored due to DKIM or DMARC failures
  • Message details: don't store "cid:" links and http local anchors
  • Search: apply custom permissions for message results to custom administrator roles
  • System preferences: removed empty section "System notification" in cloud appliances
  • Rebranding: replaced "Antispam Service" with "Email Security"
  • Saved search: disambiguate duplicate names

API

  • ADD: added /machine-learning/ai-classifier to configure AI Classification engine
  • ADD: property aiClassifier to /message/{id}
  • ADD: property hostname to /integration/pop3
  • ADD: added /trusted-network to configure trusted networks
  • ADD: property headers.spfValid to GET /message/{id}
  • ADD: added headers.authenticationResults to GET /message/{id}
  • IMPROVED /message/{id}/fetch returns 410/Gone when a message is removed or has been rotated
  • IMPROVED: property headers.dkimValid in GET /message/{id} will honor alignment to sender domain
  • IMPROVED: properties headers.spfResult/headers.spfIdentity from GET /message/{id}
  • FIXED: removed POST/PATCH/PUT action on non-editable /quarantine/release-request-entry
  • FIXED: removed /graph since it's included in /report output
  • FIXED: allow /report to domain administrator and user roles
  • FIXED: filter sender/recipient in GET /restricted-sender
  • FIXED: filter sender/recipient in GET /attachment-filter/file-name-rule,
    GET /attachment-filter/file-type-rule, GET /attachment-filter/password-protected-archive-rule
    and GET /attachment-filter/scan-archive-rule
  • FIXED: avoid duplicate entries with the same domain unique property for /relay
  • DEPRECATED: properties headers.spfResult/headers.spfIdentity from GET /message/{id}

Breaking changes

There are no breaking changes in this release.

Version 5.4

All upgrades from previous versions are included. See the full release notes of Libraesva ESG version 5.4.

Popular searches:GDPR, ESG 5 migration guide, "How to configure Libraesva ESG for Microsoft 365"