Main features of version 5.4

• Fine-Grained Roles and Permissions: role administrators can define customized roles with precise control over configuration and message permissions.
• New Domain Administrator Access Levels: domain administrators can now have "user management" or "full administration" capabilities.
• Anti-Spoofing for Welcomelist and Blocklist: sender domain authentication results for SPF, DKIM, and DMARC are now used to refine selection of Welcomelist and Blocklist entries.
• User profile: new page for personal information, with support for quarantine digest configuration, password change, and 2FA setup.
• Message metadata: compress and encrypt metadata stored in the database (e.g., headers).
• Valid recipient list: on delete, optionally remove or detach the recipient from all users.
• Avira antivirus: new detailed engine status page with per-domain configurations.
• Bitdefender antivirus: new detailed engine status page with per-domain configurations.
• ClamAV antivirus: new detailed engine status page.

Version 5.4.1 (Jan 20, 2025)

Security

• Cluster setup: use ED25519 instead of RSA

Improvements

• Auditing: improved account takeover configuration logging message.
• FTP backup: allow custom filename format for remote backup
• Web portal: added configuration to completely disable access to the API

Bug fixes

• Auditing: prevent audit log of unchanged configurations
• Change network: avoid double reconfiguration of static hosts
• Change network: fixed configuration of network interface without gateway
• Antispam custom rules: fixed validation of custom regular expressions
• Dictionary: fixed detection of words in Arabic language
• First run: preserve manual configuration of secondary network interfaces
• FTP backup: restrict validation for server configuration
• Integration: fixed a bug that blocked import after the rollback of an invalid user
• Licensing: fixed the computation of overuse days
• Local RBL: fixed reload of new allowed/blocked IPs
• Mail queues: restored detail button for outgoing messages
• Mail logs: cut spurious sender/recipient addresses greater than 254 chars to fit in database records
• Attachment filters: fixed generation of attachment warnings for removal
• Menu: fixed relay search for Domain Admin with domain features
• Release requests: fixed creation and notification of message release requests
• Report to labs: fixed action for main role user and network
• Summary report: clarified that deferred messages are not included
• User actions: fixed message actions for users with role networks
• User default config: fixed view and editing permissions for domain administrators
• User role: fixed setting of "Not allowed" for email continuity permissions
• User role: fixed setting of "User preferences only" to Domain Administrator main role

Version 5.4.0 (Dec 23, 2024)

Security

• Blocklist: ignore explicitly welcome listed recipient when looking for blocklists
• TLS Certificate: allow uploading certificate using EC (Elliptic Curve) algorithms
• Welcomelist: disable welcome lists when sender's is spoofed based on SPF/DKIM/DMARC
• Welcomelist: only activate welcome list behaviour if all recipients are explicitly welcomelisted
• Whaling: improved identification of legitimate delivery using SPF/DKIM/DMARC

Improvements

• CSV import: handle BOM in uploaded files.
• Email continuity: enable or disable the feature based on roles and capabilities.
• Email forward: by default, disable email forwarding when user permissions don't include "release".
• External warning exception: added creation date (retro-compatibility provided by audit log).
• Firewall check: moved page under "Admin area > status".
• Integration: functional and normal users can now have different default permissions.
• LDAP Integration: allow passwords up to 254 chars.
• Login test: deny access to "login test" page for quarantine and read-only administrators.
• Mail intercept exception: added creation date (retro-compatibility provided by audit log).
• Mail scanner: added support for Microsoft BATV address format (e.g., msprvs1).
• Mail templates: use username as fallback for empty full names.
• Quarantine report: automatically add "message preview" link if the user has login capability.
• Relay: renamed "group tag" column to "comment" and extended it to 1024 characters.
• Roles: added "Role Appliance Manager" for changing appliance configurations.
• Roles: added "Role License Manager" for modifying license information.
• TLS Certificate: support uploading of externally generated certificates without CSR.
• User manager: removed obsolete "User can change spam settings" option.
• User messages: allow usage of almost all variables in all contexts.
• Web UI: added "multi delete" and "Save and new" on many pages.
• Web portal: allow creating custom users with disabled login for tracking licensing and reports.
• Welcomelist/Blocklist: added creation date (retro-compatibility provided by audit log).
• Welcomelist/Blocklist: support BATV tag removal before lookup.

Bug fixes

• Auditing: ensured logged "old raw" data reflects the persistent original data.
• Message details: renamed "SPF Error" result to "SPF Failed" for clarity.
• Search: limit export to 10k records to avoid long execution times.
• User messages: fixed mail signature replacements when backslashes are used.

API

• ADD: added POST /appliance/apply-settings to apply configuration changes.
• ADD: added POST /message/{id}/report-as-good and POST /message/{id}/report-as-bad
• ADD: property comment to /relay/{id}
• FIXED: GET /licensing/accounted-email won’t list automatically discounted licenses
• DEPRECATED: properties aviraEnabled/bitdefenderEnabled/clamavEnabled o /antispam and /antispam/{id} pages always return false.
• DEPRECATED: property grouptTag of /relay/{id}, use comment instead

Breaking changes

• Licensing: appliances exceeding the licensing quota may experience limited editing functionality. Please ensure your accounting information is up to date before proceeding with the update.

Version 5.3

All upgrades from previous versions are included. See the full release notes of Libraesva ESG version 5.3.