New for Version 11.5

What's New in IMail Server v11.5

Full release notes are available at:

http://docs.ipswitch.com/_Messaging/IMailServer/v11.5/ReleaseNotes/index.htm

- New Version for Commtouch Anti-spam Engine

• ctasd.exe - v4.02.0014
  • Introducing advanced detection logic and improved performance.
• ctipd.exe - v3.01.0009
  • Introducing new detection capabilities. Advanced logic has been introduced to allow the detection engine to calculate thresholds of combined patterns extracted from the messages.
  • Improved Performance.

- New Realtime Whitelists

Realtime Whitelists are whitelist databases that store IP addresses and domain names of trusted sources. E-mail messages that find a Realtime Whitelist match will be considered trusted and further validation checks as set by the IMail Administrator will be bypassed.

Trusted Realtime Whitelist

A match made with a trusted realtime whitelist will bypass the following validations.

• DomainKeys will be bypassed if enabled.
• IP Reputation (if Premium Anti-spam is installed) if enabled.
• Realtime Blacklists will not be checked.
• Content Filtering checks will be skipped.
• Premium Content Filtering (if installed) will be bypassed if enabled.
• Attachment Blocking is skipped (checkbox is set by default). This check box can overridden by the IMail Administrator.

Important: Updates made to the Realtime Whitelist will not successfully update until the "Save" or "Apply" button has been clicked.

Note: Be sure that the SMTP and Queue Manager services have been restarted after updates have been applied.

For more details go to Web Administrator System > Realtime Whitelists and click Help.

- Web Administrator

• Mailbox Size Report. A new User Utilities Report has been added to the Web Administration. This report will display total mailbox sizes by users by domain. Selecting a specific user will display the user's file directory. To view this new report login to Web Administrator and from the home page go to Domains > User Administration > User Utilities and select Mailbox Size Report.

- Services

• New Account Harvesting Prevention feature for POP3 and IMAP to give IMail Administrators a tool to prevent malicious attempts by a client to continuously try logging in to attain user names and passwords. New user interface has been added to the standard POP3 and IMAP protocol settings page for both the IMail Web Administrator and the IMail Console Administrator, allowing the IMail Administrator to configure authentication settings.

  Configurable Authentication Settings

  • Enable Session Security. (Turned on by default) Configurable session options for user authentication, allows the IMail Administrator to set the following session options.
    • Max Failed Logins Per Session. (Default set to 3) Once this setting has been reached by failed authentication attempts, the client will be disconnected.
    • Max Failed Sessions Per IP. (Default set to 9) After this setting has been met by disconnections from the failed authentication attempts, the client will be terminated and blacklisted.
    • Blacklist Duration (in Minutes). (Default set to 60) Length of time that the offending IP will not be able to access the login page.
• Queue Manager - Daily Count Report now has new IMail Performance Objects used by "Perfmon" to report the following IMail statistics:
  • CTAS Spam Caught - Maintains a total ongoing count for Commtouch Anti-spam.
  • CTAV Viruses Caught - Maintains a total ongoing count for Commtouch Anti-virus.
  • CTZH Viruses Caught - Displays a total ongoing count for Commtouch Zero Hour.
  • SMTP Sessions Open - Displays the current sessions open for SMTP.

- SSL Configuration Utility.

The private key size for a SSL Certificate is now optional, with a default of 1024 bits (512, 1024, 1536 and 2048) to allow the certificate a higher security level. This utility "sslUtility.exe" is located in your "../IMail" directory.

- Web Client Password Strength Validation

A new validity check has been added to the web client to validate user password strength against the IMail Administrators Password Strength as defined at the Domain Properties > User Login Settings. After user login, if the user's current password does not meet the required password strength then the user will be redirected to a "Change Password" page, which will require a new password that meets the password strength before allowing access to the web client for mail access.

- IMail Client Applications

• IMail Collaboration (originally Workgroupshare) Client installation and Ipswitch Instant Messaging Client installation have been combined into one installation located under your IMail Server folder "...\Program Files\Ipswitch\IMail\IMail Client Apps".
  • IMail Client Applications is currently only available for 32-bit installations.
  • IMail Collaboration Client will only install if Outlook can be detected.
• Custom Installation
  • Warning: Turning off Ipswitch Instant Messaging Client will delete any existing IIM Client that is currently installed on a users machine.
  • Warning: Turning off IMail Collaboration Client will delete any existing IMail Collaboration Client (or WorkgroupShare Client) that is currently installed on a users machine.

    Note: Use the Custom option to turn off Ipswitch Instant Messaging Client installation or IMail Collaboration Client installation.

- New Ipswitch Instant Messenger Client and Server Release

A new Ipswitch Instant Messenger version 2.1.1 is available with the IMail Server release. The following fixes and enhancements are as follows:

• Corrected issue with Windows 7 32-bit environment crashing Ipswitch Instant Messenger when trying to add an attachment to send in an Instant Message.
• Warning added when a new conversation is initiated with multiple recipients.
• Capability to start a new conversation with same recipient of an open conversation can now occur.
• Conversation bar will display a count of all recipients in the conversation. Hovering over the count will display all recipients in the conversation.
• Upgrading your Ipswitch Instant Messenger Server will require all older Ipswitch Instant Messenger Clients to upgrade to the current Ipswitch Instant Messenger Client protocol. Older Ipswitch Instant Messenger Clients will receive an "Invalid protocol" error, and will no longer successfully connect with the latest IIM Server release. All current users will be required to run the IMail Client Apps found under "../Program Files/Ipswitch/IMail/IMail Client Apps"

Defect Fixes and New Features for IMail Server v11.5

Vulnerability

Ipswitch would like to thank Wietse Venema for reporting the vulnerability below that is now corrected: Vulnerability Note VU#555316 STARTTLS plaintext command injection vulnerability.

• OpenSSL v1.0.0b replaced OpenSSL v1.0.0.a to correct a security vulnerability, that affected SMTP, POP3, and IMAP.

Web Client

• Corrected calendar issues for latest Safari 4.03.

Other Mail Clients

• Lotus Notes and other mail clients - Inline Images - Corrected issue with messages containing inline images not appearing until forwarded.

Services

• Queue Manager - Corrected issue with %s in email address to cause Queue Manager service to restart and not deliver message.
• Logging to Remote Server - All logging will now correctly display in Queue Manager and SMTP when the Log Server is set to a remote server.
• Commtouch - Now writing the X-CTCH-RefID to the message headers.
• Commtouch Anti-spam - Corrected issue where logging was omitted for Commtouch Anti-spam. This correction will allow the IMail Daily Report to display all flagged Commtouch messages.
• SMTP - Issue with Domain Alias keys not resolving has been corrected.
• SMTP - Relay for Local Hosts - Corrected issue so that only domains in the Accept list are relayed.
• SMTP - Domain Forwarding - Corrected issue with wildcard settings not working correctly. Specifically "*.domain.com" will now forward correctly.

Collaboration

• Corrected IMail Collaboration (WorkgroupShare) from failing to synchronize due to custom Outlook attributes.

Installs

• Japanese OS Installation using ODBC - SQL database will now correctly set the "Fullname" field to Japanese_CI_AS.
• Removing IMail Server will leave behind a license path. Re-installation will now verify that the path is valid, and if not found will default to new installation defaults.
• SQL Express installation will now include SQL Express Management Tools. Customers with IMail Server v11.03 installed using SQL Express will automatically have the SQL Express Management Tools installed.

  Note: SQL Express Management Tools requires Powershell to install. The Tools will not be installed if Powershell is not installed.

• SQL User Databases Upgrading to v11.03 will now correctly update table modifications.
• Installations for Microsoft SQL Server Express with Management Tools has been upgraded to 2008 R2.

Ipswitch Instant Messenger

• Corrected issue with Windows 7 32-bit environment crashing Ipswitch Instant Messenger when trying to add an attachment to send in an Instant Message.

Utilities

• Message Expunger "immsgexp.exe" has been corrected to use local time versus universal time when calculating messages to be deleted.