MDaemon Server Release Notes
MDaemon 23.5.3 - March 7, 2024
CHANGES AND NEW FEATURES
- [17659] Content Filter - Added Help button to Content Filter UI.
FIXES
- [27611] fix to Webmail - memory leak
- [27616] fix to Webmail - Block Sender and Allow Sender may not work if the folder is not subscribed
- [27563] fix to ActiveSync - meeting invitations may not be sent for meetings created using protocol version 16.1
- [27568] fix to MDRA - "Unable to load string!" displayed instead of AM/PM on applicable reports
- [27630] fix to Webmail - possible crash
- [27628] fix to ActiveSync - shared folders are empty
MDaemon 23.5.2 - January 30, 2024
CHANGES AND NEW FEATURES
WEBMAIL
- [5759] Changed the server to no longer load unsubscribed folders when HideUnsubscribedFolders=Yes for the user. The unsubscribed folders will be loaded for the Settings | Folders page.
- [27164] Pro theme - users can now click on the current folder, and it will reload the list view. All contacts, and all documents views will be turned off.
- [27429] Pro theme - Added the "Advanced Compose" setting at Settings | Compose. When enabled, the CC and BCC fields will always be visible in the Compose view.
- [27454] Added client side logging for device authentication failures.
OTHER
- [22209] IMAP Server - Added support for the ID extension (RFC 2971). It is enabled by default. To disable it, edit \MDaemon\App\MDaemon.ini and set [Special]
EnableIMAPID=No. If the option to hide software version information is enabled, the MDaemon version is only disclosed after authentication.
- [27500] SMTP Server - To prevent inbound SMTP smuggling, MDaemon now requires message data to end with <CRLF>.<CRLF>. Previously, it would allow <LF>.<LF>.
To disable this, edit \MDaemon\App\MDaemon.ini and set [Special] SMTPRequireCRLFdotCRLF=No.
- [27507] SMTP Server - To prevent outbound SMTP smuggling, MDaemon by default removes bare <CR> characters from messages. To disable this, edit
\MDaemon\App\MDaemon.ini and set [Special] SMTPAllowBareCR=Yes.
FIXES
- [27473] fix to ActiveSync - When sending a mail fails due to an improperly formatted recipient address, the message is left in the temp queue
- [27350] fix to Pro theme - reminders from an instance of a recurring event that differ from the series are never delivered
- [27358] fix to Pro theme - "Shared Folders" and "Public Folders" show up and order of folders is incorrect
- [23625] fix to Pro theme - Inline images sent from Pro theme may not show up when using IIS
- [27420] fix to Pro theme - The correct signature value given for the default email address is not displayed on load
- [27427] fix to Webmail - Published appointment scheduler treats events marked Free as Busy
- [27410] fix to SpamAssassin - envelope_sender_header set to wrong value in local.cf
- [27060] fix to ActiveSync - Issue with message flags in multi-account Outlook profiles when Reading Pane is enabled
- [27477] fix to possible crash in WebAdmin.dll and WorldClient.dll
- [26730] fix to Let's Encrypt - The list of alternate hostnames is truncated when performing a certificate request
- [27474] fix to SpamAssassin - blocklist rules scored twice
- [27488] fix to Webmail - Schedule sometimes shows incorrect availability
- [27461] fix to MDRA - In multiple queues, clicking Learn Spam or Learn Non-Spam generates this error: URL variable [File] not found
- [27356] fix to Pro theme - Delete All Attachments button is available when the user does not have delete permissions
- [27486] fix to possible crash in MdMbSrch.dll
- [27475] fix to possible crash in MDAirSync.dll
- [27514] fix to messages being scanned by AV even when the IP is excluded
- [27497] fix to Spam Filter files not fully updated to say "Welcomelist" instead of "Whitelist"
- [27509] fix to Cluster Service - Failure to add Secondary Cluster nodes due to error retrieving Join Timestamp
- [27523] fix to SPF records that use "include:domain.com." are not evaluated properly
- [27545] fix to ActiveSync - PIM item changes not being sent to clients until cached data times out
- [27552] fix to MDRA - unable to assign a moderator to a mailing list
MDaemon 23.5.1 - November 29, 2023
CHANGES AND NEW FEATURES
WEBMAIL
- [27139] Pro theme - Publish Schedule - Added optional location and comment fields that will be included in any event created through the schedule page.
- [27248] Pro theme - Improved the organization of the Folder Actions page.
- [27169] The WebAuthn feature on the 2FA page now automatically starts the authentication process when WebAuthn is the only option.
ANTIVIRUS
- [26323] AV log will log attachment file names.
- [27283] IMAP server excludes trusted IPs from virus scanning when option is enabled.
- [27414] Turned off HTTPS for Outbreak Protection due to possible crashes.
FIXES
- [26956] fix to ActiveSync - Performance issues when servicing 4000+ clients
- [27240] fix to AntiVirus - AV Updater screen shows 0 for IKARUS signature version
- [27241] fix to ActiveSync and Autodiscover servers and MDPGP do not hide software version information by default
- [27247] fix to possible crash in DynScrn.dll related to Location Screening
- [27228] fix to WorldClient theme - When you right-click a contact and click Send vCard, the VCF file is not attached to the new message
- [27251] fix to Webmail - Verification email has lines longer than some email servers will allow.
- [27250] fix to MDRA - Enabling/Disabling Greylisting leaves the Save button greyed out
- [27254] fix to Webmail - When publicly publishing your calendar, the hyperlink does not work
- [27261] fix to Pro theme - Drafts are not auto saved if the user's most recent keystroke is a space
- [27200] fix to Webmail - When viewing an MS Teams invitation, there are broken links found at the bottom of the message
- [27264] fix to Pro theme - Category colors missing from the category selection page
- [27267] fix to mailing list subscription reminder emails are missing a Message-ID header and are not DKIM signed
- [27287] fix to incorrect text in message logged to Windows event log after AV or Spam Filter timeout
- [27294] fix to MDRA - landing page links for Spam Filter | Blocked senders, Allowed senders are incorrect, and blocklist_from is being prepended with blacklist_from
- [27276] fix to MDSpamD leaving temp folder after shutting down
- [27140] fix to possible ClamAV/CFengine hang
- [23754] fix to Content Filter copy user action places message in wrong queue
- [27334] fix to Webmail - Two Factor Auth Setup on sign-in - Options are not displayed correctly
- [27347] fix to Pro theme - Reminders are not saved correctly until the user changes the default reminder
- [27141] fix to Pro theme - When replying to emails with large bodies the reply window is very slow
- [27359] fix to Webmail - Setting up 2FA using an authenticator app is not working
- [27355] fix to MDaemon may generate extra meeting invitations when it processes an invitation to the meeting organizer
- [27372] fix to ActiveSync - Unable to re-schedule meeting when using WindowsOutlook15
- [27284] fix to MDRA - Accounts created using deleted mailing lists addresses are still treated as mailing lists
- [27242] fix to Pro theme - A blank window is displayed when clicking a mailto link
- [27223] fix to Webmail - Filters - The OK button is barely visible when selecting a custom header
- [27352] fix to MDRA - Learn Spam button in Spam Trap Queue menu does not work
- [27286] fix to performance counter for ActiveSync server state is 0 until the MD GUI is opened
- [27335] fix to accepting a meeting invitation in eM Client results in a duplicate event being added to the user's calendar
- [27311] fix to Header Translation - When translating forwarded messages, the X-Return-Path and X-MDRedirect_From headers are unchanged
- [27033] fix to Dynamic Screening - Unable to disable "Attempted AUTH on port with AUTH disabled" notifications
- [27008] fix to MDaemon allows creation of mailing lists with accented characters
- [26938] fix to Installer - possible "There was a problem encountered. This program will exit." popup when updating
- [27384] fix to CalDAV - Tasks do not support attachments
- [27014] fix to DSN messages disclose the MDaemon version when "Hide software version identification" is enabled
- [27383] fix to ActiveSync - unable to open shared calendar folder until the folder owner has used ActiveSync
- [27387] fix to possible crash in MDaemon.exe
- [27389] fix to CardDAV - The contact "office" field is not synchronized
- [23785] fix to CalDAV - Attendee properties in VTODO data uploaded via CalDAV are not persisted
- [23786] fix to CalDAV - Location property in VTODO data uploaded via CalDAV is not persisted
- [27390] fix to CardDAV - IM Address type is lost and IM addresses are duplicated when synchronized with eM Client
- [27399] fix to CardDAV - Business/Home Website contact fields are not synchronized with eM Client
- [27406] fix to CardDAV - Children contact field is not synchronized with eM Client
- [27402] fix to ClamAV reporting "Heuristics.Limits.Exceeded.MaxFileSize" as infected instead of non-scan
- [27401] fix to MDaemon GUI - Webmail Enable Password Recovery setting is not honored. Enable Password Recovery is now a domain level setting and enabled by default.
- [27419] fix to duplicate reminders are created for a recurring event with multiple reminders
MDaemon 23.5.0 - September 26, 2023
CHANGES AND NEW FEATURES
WEBMAIL
- [26455] Added a Public Schedule option, so that users can allow others to schedule a meeting.
- [20285] Added support for WebAuthn (formerly FIDO U2F) as a passwordless authentication method or as a Two Factor Auth method.
-
[26890] Pro theme - Added AI based functionality to summarize a message, suggest a reply, and improve an email being composed by the user.
This feature submits message data to openai.com, so please be cautious about the information you submit.
Webmail's AI message features are disabled by default for all domains. They can be enabled by checking "Enable AI message features" in
the MD GUI at Setup | Webmail & IM Services | Webmail | Settings and the Domain Manager's Webmail screen, or in MDRA at
Main | Webmail Settings | Settings and Main | Domain Manager | Webmail Settings.
Webmail's AI message features are disabled per user by default. You can enable them as part of a Group controlled by an Account Template or per user.
The Domain setting takes precedence over the user setting. If it is disabled on the Domain level, then enabling it on the Group or user level does nothing.
If the feature is disabled, the WCAPI will return a 404 Not Found error.
- [26604] Made some visual updates to Pro theme.
- [26612] Added a warning message on the login screen when the caps lock is turned on.
- [26603] Updated CKEditor to v4.20.1.
- [15742] Added an option in webmail to hide the "Help" link on the login page. Add HideLoginHelp=Yes to the MDaemon/WorldClient/Domains.ini [Default:Settings] or [%DOMAIN%:Settings] section to hide the link.
- [26283] Separated Two Factor Auth email verification from authenticator app verification.
- [26822] Password Recovery feature now sends an email without revealing to the user where the email was sent. Two Factor Auth occurs after clicking the recovery link in the email.
- [6358] Pro theme - Added a dialog on the Compose view contact picker for adding a contact with three fields (Name, Email, Mobile Phone).
- [26896] Changed how Webmail authenticates to MDaemon's SMTP server so the user's password is not needed.
- [26196] Added an option to delete all attachments from a given message in the WorldClient and Pro themes.
- [26755] Pro theme - Updated the Tiny Editor to not include the path information.
- [26756] Pro theme - Reduced the size of the first letter/checkbox in the mail list for desktop sizes.
- [26757] Pro theme - Added new Style options at Settings | Personalize.
- [22045] Pro theme - Added a total new messages count, and current folder unread count badge for less than 992px browser widths.
-
[25239] Webmail will now by default use STARTTLS when sending mail to MDaemon via SMTP. It can also be configured to use port 465
and implicit TLS. To change this, edit \MDaemon\WorldClient\Domains.ini and set [Default:Settings] SmtpPort, SmtpUseImplicitTLS,
SmtpUseStartTLS, and SmtpRequireTLS.
- [13171] Webmail - Added an option to "Mark deleted messages as read" at Settings | Personalize.
- [9698] Pro and WorldClient themes - Added a Description column to the Documents view.
- [9694] Added an All Documents toggle button in the Documents view.
- [27039] Changed the compose <P> replacement from <DIV> to <BR> + <DIV>.
- [21515] Pro theme - Added support for multiple event reminders.
REMOTE ADMINISTRATION (MDRA)
- [26416] Added editor GUIs for all direct edit files.
- [9854] Added a button to hide any given chart in the Traffic and Mailboxes summary pages. Once hidden, charts can be displayed in the current user settings (top right) or by click the related button.
- [26152] Added a warning message below the password field when the caps lock is turned on.
- [26622] Made some modernizing updates to the list views.
- [26603] Updated CKEditor to v4.20.1.
- [16189] Added a "Delete All" button to the Mailing List Members page.
- [26840] Added support for WebAuthn (formerly FIDO U2F) as a passwordless authentication method or as a Two Factor Auth method.
- [16112] Added the ability to choose a folder to nest under in the public folder and shared folder editors.
- [20672] Added a note that a user might show as a member of a mailing list due to membership in a Group.
- [24788] Added the ability to view the email message as a user would see it in addition to being able to view the source in the Message Search and Queues. RAW messages are still only in text/plain.
- [26868] Added links to the Queues on the Status page.
- [12637] Added the ability to include multiple addresses on the public folder access control page, but only for New rights.
-
[27032] Added a Health Check page at Security | Health Check, which allows global admins to see all the important security settings values and compare them with the default values.
Admins can also select multiple settings to change to the default value or click a link to go to the page where the setting is located.
In addition, admins can undo the most recent change made on the page, or view previous changes made during the current browser session and undo specific changes.
SECURITY
- [27183] Updated ClamAV to 1.0.3.
- [26599] Added HTTPS support for Outbreak Protection.
- [26898] Updated SpamAssassin to 4.0.0.
XMLAPI
- [26893] Added MDaemon Connector management.
- [25484] Added administrative user interface for the XMLAPI service.
- [21264] Added SPF management.
- [26688] Added Bandwidth Throttling management.
- [26668] Added IPShield management.
- [26660] Added Site Policy management.
- [26655] Added DNSBL management.
- [26640] Added Spam Honeypot management.
- [26558] Added Hijack Detection management.
- [26557] Added Recipient Block management.
- [26556] Added Spambot Detection management.
- [26555] Added SMTP Screen management.
- [26554] Added Location Screen management.
- [21266] Added IPScreen management.
- [21265] Added HostScreen management.
- [19297] Added Sender Block management.
- [26808] Added 'Mark all as read' feature to 'FolderOperation'.
- [26580] The FolderOperation 'list' action returns IMAP flags for mail folders.
- [27101] Added API functions/methods to update an existing Dynamic Screening Allow/Block/Gateway list entry.
- [27076] Added more detailed warnings and error messages to API clients.
OTHER
- [26930] Added option at Accounts | Account Settings | Other | Passwords for whether to delete an account's app passwords when the account's password is changed. It's enabled by default.
-
[14327] Added Restrictions to the Account Templates. When an account is removed from a group with an account template
that controls restrictions, the account's restrictions revert to their previous values, or possibly to another group's
account template if the account is a member of multiple groups.
-
[19656] The Location Screening option "SMTP connections are accepted but authentication is blocked" is now per country instead
of global. Blocking SMTP connections prevents your server from receiving mail from a country. Allowing SMTP connections with
authentication disabled lets your server receive mail from a country while blocking brute force / dictionary attacks from them.
Configure this at Security | Security Manager | Screening | Location Screening. Protocols other than SMTP are not affected.
- [26791] MDaemon ignores CRYPT_E_NO_REVOCATION_CHECK errors when validating remote servers' SSL certificates.
- [25888] Removed obsolete "Compose in new browser window" Webmail option from the UI.
- [26996] Dynamic Screening - Added single record Get API functions for DS Block and Allow records: HrDSGetBlackItem and HrDSGetWhiteItem. See DynScrn.h for additional information.
- [27100] Dynamic Screening - Added API functions/methods to update an existing Allow/Block/Gateway list entry. (ie. Change Expiration, Comment, etc.)
- [27099] Dynamic Screening - Spam Honeypot trigger address is included in the comment when blocking an IP address.
- [27102] ActiveSync - Logging for Dynamic Screening Access Denied now includes the reason (blocklist, location screening, policy violation).
- [26336] LetsEncrypt - Added support for TLS 1.3.
FIXES
- [26567] fix to Webmail - SendCode link does not work on the Two Factor Auth verification page
- [26569] fix to Webmail - Compose attach view reloads the folders
- [26618] fix to Pro theme - "List refresh time" setting not being honored
- [26664] fix to Pro theme - With Voice Recorder disabled, you can still access it using the Pro theme via HTTPS
- [26683] fix to Pro theme - Use APOP displays as true in Mailboxes where it is false
- [26706] fix to WorldClient theme - "Do not ask me again" option is missing the checkbox in confirmation popups
- [26693] fix to Pro theme - Dropbox reconnect account statement appearing for all OAuth connections
- [26758] fix to Pro theme - Unsubscribe by email opens a blank page
- [26766] fix to MDRA - Unable to add IPv6 address with CIDR notation to Dynamic Screening Allow or Block lists
- [26776] fix to MDRA - Unable to delete an account via Domain Manager
- [26784] fix to Pro theme - Some non-ASCII characters are HTML encoded in Notes, Tasks, Contacts, and Event bodies
- [26787] fix to Pro theme - Error when changing the text of the default signature when using a non-English language
- [25049] fix to MDRA - Security | Content Filter | Compression, Unchecking used fixed archive name should disable the input field for the archive name
- [26819] fix to MDRA - "Current password" not being translated
- [26828] fix to Pro theme - Google Drive folders do not show up immediately after setup is completed
- [26829] fix to Webmail vulnerability
- [26841] fix to MDRA - Both Add Email Address and Replace Mismatched Email can be enabled when only one should be able to be selected
- [26883] fix to Pro theme - Shared documents not allowing files to be downloaded
- [26589] fix to Pro theme - Cannot edit an occurrence of a recurring event on small screen sizes
- [26831] fix to Pro theme - Folders containing non-ASCII characters are not displayed correctly
- [26891] fix to MDRA - Unable to see secondary drive when editing an account's mailbox path - it only displays the C: drive
- [26919] fix to Pro theme - Weekly recurring event does not default to the day of the week for the date of the event
- [26762] fix to MDaemon - Message is not sent to custom queue host name when a global smart host is set
- [26739] fix to MDaemon - SPF verification exemption domain name not applied in SPF records with redirects
- [26714] fix to MDRA - Unable to open file error after clicking "Edit Mailing List Admins" button
- [26711] fix to MDRA - Enable mailing list subscriptions manager option re-enables after restart
- [26701] fix to MDaemon - Failure to send outbound messages when sending restriction exception is used and To header exceeds 255 characters
- [26504] fix to MDaemon - Minger lookup fails when address doesn't exist and is set as a public folder submission address
- [25932] fix to MDaemon - Bandwidth throttling is not applied to LAN domains and IPs
- [26984] fix to MDaemon - Requeing a message releases the message instead
- [25706] fix to MDaemon - Domain and account signatures may be added to messages collected via DomainPOP and MultiPOP
- [26993] fix to MDaemon - Messages released from quarantine are not processed by account IMAP filters
- [27005] fix to MDRA - fusion charts are not showing up as dark when dark mode is enabled
- [25399] fix to MDaemon Server - Success DSN not sent for messages that use a route slip
- [27011] fix to MDRA - show password toggle and notification edit icons have poor contrast in Dark Mode
- [25366] fix to MDaemon - wrong characters in messages such as autoresponders for Latvian and other languages, by changing the charset for auto generated messages from iso-8859-1 to utf-8
- [27040] fix to Webmail - App Passwords list does not show up when 2FA is required, 2FA is enabled and the user uses 2FA Remember Me to sign-in
- [27046] fix to Webmail - Cannot delete Notes from the note list in some themes
- [27018] fix to process holding queue after each AV signature update not working with Ikarus AV
- [27047] fix to WorldClient theme - recurring month interval input field is missing in the calendar editor
- [27045] fix to MDRA - Wrong dialog shows up in Message Search view if user has been to the Account Manager recently
- [27058] fix to MDRA - Clicking the type of search on the Messages and Queues landing page checks that type of search on the page
- [27050] fix to LetsEncrypt not correctly processing requests with no alternate hosts
- [27062] fix to SPF - Failure to match DNS record that contains macros when using IPv6
- [26994] fix to ASLogView.exe - command line parameters not functioning as expected
- [26986] fix to Cluster Service - Slow Primary shutdown
- [26990] fix to Cluster Service - Slow Secondary shutdown
- [26594] fix to XMLAPI - List Management operations do not enforce security
- [26578] fix to XMLAPI - UpdateUser AutoResponder only updates if DaysActive is specified
- [27054] fix to ActiveSync - Global/Domain Virtually Merge public contacts option does not work
- [27079] fix to IKARUS AV sometimes fails to scan the first message when scanserver service starts
- [27089] fix to message body search not finding Chinese text
- [27090] fix to Pro theme - "Unable to evaluate: SESSIONID" error in Webmail logs
- [27067] fix to WorldClient theme - When creating a task in a new Tasks folder and then changing the Complete value, duplicate entries are displayed in the list
- [26995] fix to Webmail - With public contacts set as the default view, adding a contact from within a message stores the contact in the public contacts folder
- [27091] fix to Webmail - When the UserOverrides:Theme is set to Pro then trying to access any other theme causes the page to reload over and over instead of sending the user to the Pro theme
- [22855] fix to Webmail - Using the All Unread saved search, certain messages do not stay marked as read
- [24096] fix to Pro theme - Adding event to second calendar in side-by-side view does not select the right calendar
- [25428] fix to LookOut theme - Incorrect behavior occurs when checking/unchecking the "Complete" checkbox
- [24421] fix to Webmail - Unable to create a new shared or public folder under a hidden folder
- [27029] fix to MDRA - "Today Only" button does not work with a date format other than MM/DD/YYYY
- [27113] fix to account settings not returning to New Accounts template settings when removed from a group using an account template
- [27131] fix to Pro theme - Current calendar not selected when creating a new event
- [27159] fix to Pro theme - Link in Signature or message body changed to relative path
- [27163] fix to Pro theme - Selected signature not being used when composing
- [27186] fix to possible crash in WorldClient.dll
- [27194] fix to issues when logging in to Webmail without full email address when using Two Factor Auth
- [27198] fix to Pro theme - clicking the expand button results in a duplicate of the top level message
MDaemon 23.0.2 - June 27, 2023
SPECIAL CONSIDERATIONS
[26982] Outbreak Protection has been restored. Please review your Outbreak Protection settings, as they may have been reset to their default values.
CHANGES AND NEW FEATURES
MDAEMON SERVER
- [5705] Added an option at Setup | Server Settings | MultiPOP to send a notification email after multiple failures when checking a MultiPOP account. Since temporary failures are not uncommon, there is an option for how many consecutive failures it takes to trigger the notification. There is also an option for how many days to wait between notifications, to avoid sending too many of them. The content and recipients of the notification emails can be customized by editing \MDaemon\App\MPOPFailureNotice.dat. By default the notifications are sent after 5 failures, no more than once every 7 days, to the MultiPOP account owner.
REMOTE ADMINISTRATION (MDRA)
- [26473] Added checkbox to "Exclude trusted IPs from AntiVirus scanning"
- [26434] Added the Do not allow authentication on the SMTP port settings
- [26430] Added an option for the ActiveSync Display Name at Setup | Public Folders | Public Folder Manager | Edit
- [26428] Added four more filter options for the user list. Admins Only, Non-Admins Only, Global Admins Only, and Domain Admins Only
- [26433] Added DQS page at Spam Filter -> Data Query Service
SECURITY
- [26433] Added support for Spamhaus Data Query Service (DQS) at Security | Spam Filter. For more information on Spamhaus DQS visit https://info.spamhaus.com/getting-started-with-dqs.
WEBMAIL
- [26425] Made the unsnooze option more visible with an orange highlight.
OTHER
- [2157] Content Filter - $LIST_ATTACHMENTS_REMOVED$ can be used in rule action (ex "send note", "add warning...")
FIXES
- [26517] fix to ActiveSync - Meeting invitations may not be sent when a meeting is created using an EAS 16.1 client
- [26855] fix to ActiveSync - Meeting response is not sent when accepting invitation from iOS device using EAS 16.1
- [26842] fix to ActiveSync - Possible crash when there are very many connected clients
- [26826] fix to ActiveSync - Session may not be removed from Connection Monitor after GetItemEstimate command
- [26424] fix to Pro theme - Message list has whitespace at the end of a row
- [26484] fix to Pro theme - Unable to make the message preview bottom smaller (minimum height is 200px, minimum width is 330px)
- [26330] fix to Pro theme - Deleted Items folder is showing the folder list above the Inbox after being remembered
- [26502] fix to Pro theme - An expired Remember Me token may result in a never ending loading screen
- [26573] fix to Content Filter - Messages encrypted by a content filter rule are not DKIM signed
- [25725] fix to Content Filter - "Add attachment" rule causes incorrect MIME structure in email
- [26885] fix to MDRA - AV Updater page shows incorrect IKARUS signature date
- [26881] fix to MDRA - Possible crash when searching
- [26888] fix to MDRA - Message Search not finding messages when searching for foreign characters
- [26882] fix to AntiVirus - Some messages were considered non-scan that should have been tagged as infected
- [26879] fix to MDaemon - Possible crash at startup if ClstrSvc is disabled in Plugins.dat
- [26895] fix to MDaemon GUI - Incorrect command text in ActiveSync Clients right-click menu
- [26858] fix to ActiveSync - possible server hang
- [26880] fix to AntiVirus - IKARUS scanserver service not stopped when IKARUS is disabled
- [26900] fix to MDRA - List Administrators have the ability to edit the global Mailing List Settings
- [26904] fix to AntiVirus - IKARUS reporting a ZIP file with an EXE as non-scan
- [26909] fix to possible crash in WorldClient.dll
- [26906] fix to Pro theme - Marking a message as spam from the message preview window may cause the screen to go blank
- [26917] fix to LookOut and WorldClient themes - message list reloads when a message is clicked even if nothing changes in the list
- [26913] fix to MDRA - Save and close does not disable new account dialog while waiting on MDaemon
- [26886] fix to MDaemon - Error routing messages to mail directory that ends with period
- [26926] fix to MDRA - content filter rule list view cuts off bottom entry
- [26939] fix to Lite theme - Deleting a folder prompts you with "Are you sure you want to empty the trash?"
- [26929] fix to ActiveSync - 100% CPU hang when validating PIM mrk file integrity
- [26927] fix to ActiveSync - PIM Items not always being persisted to disk when add or change is made
- [26937] fix to Webmail - Memory leaks when exporting or sending contacts or events
- [22728] fix to MultiPOP - Previously downloaded messages are being randomly redownloaded
- [26970] fix to ActiveSync - Recipient Cache entries not emitting correctly
- [26943] fix to ActiveSync - Possible crash in MDAirSync.dll
- [26942] fix to Pro theme - Theme does not load if the server uses a proxy and downgrades the connection from HTTPS to HTTP. Added a setting at MDaemon\WorldClient\Domains.ini [Default:Settings] WorldClientAPI:AllowHttpsToHttpDowngrades
- [26944] fix to WorldClient theme - White dots above toolbar icons when viewing message
- [26948] fix to LetsEncrypt - Error email being sent if an error is returned when trying to remove old certificates
- [26961] fix to LetsEncrypt - Not logging errors returned by New-AcmeOrder
- [26958] fix to MDaemon - Entries added to the SPF Cache are limited to 1024 characters
- [26953] fix to Content Filter GUI - Temporary hang when trying to display a long tooltip
- [26973] fix to Content Filter GUI - Cannot disable the "Add warning to top of message body if attachment is removed" option
- [26974] fix to ActiveSync - Windows Mail on Windows 10/11 reporting failure when downloading attachments
- [26969] fix to ActiveSync - Windows Mail on Windows 10/11 causing excessive Sync operations
- [26878] fix to Webmail - When you drag and drop an attachment it saves a link instead of the file
- [26864] fix to MDaemon GUI - DMARC Reporting contact email cannot be set to account on other domain sharing host
- [26988] fix to LetsEncrypt - FQDN may not be used as subject of certificate
- [26992] fix to MDaemon GUI - ActiveSync right click menu has "Disable ActiveSync ActiveSync"
- [26981] fix to ActiveSync - Crash in ActiveSync server
- [26908] fix to Pro theme - If there is no inline image in your message, the text breaks will be missing when it's sent
- [24368] fix to MDaemon GUI - Toggling XMPP server may not set it to disabled
- [26689] fix to MDaemon - XMPP server may not be started when MDaemon is restarted
- [27000] fix to Webmail - Cannot create a new App Password if the user password has an & in it
- [27009] fix to ActiveSync - Numerous Sync State Locked warnings when iOS devices make simultaneous Sync requests
- [26997] fix to Content Filter - Possible crash in CFEngine.exe
- [27019] fix to MDaemon Instant Messenger - Languages other than English are not displayed
- [26956] fix to ActiveSync - Performance issues when servicing thousands of clients
MDaemon 23.0.1 - April 18, 2023
SPECIAL CONSIDERATIONS
[26765] Cyren Anti-Virus has been replaced with IKARUS Anti-Virus. Cyren recently announced its plans to discontinue operations with little warning. This necessitated the need for us to find a new anti-virus partner. After a thorough evaluation, IKARUS stood out for its excellent detection rate and speed. The IKARUS Anti-Virus automatically updates its definitions every 10 minutes. Scanning with IKARUS is disabled if your AntiVirus license is expired.
[26802] Cyren Outbreak Protection been removed. Cyren recently announced its plans to discontinue operations with little warning. We are actively researching and considering viable antispam technologies as suitable additions to the existing antispam mechanisms found in our software products.
[26778] IMAP keyword flags support can now be enabled or disabled via the setting [Special] IMAPKeywordFlags=Yes/No in \MDaemon\App\MDaemon.ini. IMAP keyword flags are disabled by default when updating MDaemon from a version before 23, to avoid the potential loss of message tags in Thunderbird mail clients. When Thunderbird connects to an IMAP server that supports keyword flags, it overwrites its local message tags with tags read from the server, which are initially blank. IMAP keyword flags are enabled by default for new installs and when updating from version 23.0.0.
CHANGES AND NEW FEATURES
SECURITY
- [26738] Updated ClamAV to version 0.105.2.
OTHER
- [26759] LetsEncrypt - Updated script to check orders that are ready or valid.
FIXES
- [26729] fix to MDRA - While creating a new user, the "Loading..." box does not go away after switching domains
- [26731] fix to Pro theme - Changing a special folder displays the original folder after a successful change
- [26732] fix to Pro theme - Default folders with non-ASCII characters are written incorrectly to the User.ini file
- [26748] fix to some POP3 clients will not download new messages since upgrade to 23.0.0
- [26764] fix to LookOut and WorldClient themes - Unable to delete, copy, or move contacts
- [26710] fix to ActiveSync - iOS device sending MoveItems request repeatedly when moving event to a public calendar
- [26726] fix to ActiveSync - When performing a search of all mailboxes using an iOS device, the Element Not Found error occurs
- [26607] fix to ActiveSync - Messages do not appear in Microsoft Mail
- [26744] fix to ActiveSync - Non-default mail folders extracted from PST file are not synced
- [26768] fix to ActiveSync - Crash when client attempts to monitor shared folder root
- [26770] fix to ActiveSync - Possible crash when moving messages to another folder
- [26790] fix to Pro theme - Unable to save contacts to distribution list
- [26777] fix to LookOut and WorldClient themes - Searching messages for non-ASCII characters fails
- [26664] fix to Pro theme - EnableVoiceRecorder setting is not being honored
- [26483] fix to Pro theme - Adding too many recipients causes the message box to disappear
- [25674] fix to Content Filter - Option to decompress attachments will delete message attached to an email
- [26665] fix to Content Filter - Route file not always copied over when using rules to move messages to folder
- [26525] fix to MDaemon collects MultiPOP mail for disabled accounts
- [26497] fix to self-signed certificates generated by MDaemon cannot be trusted by recent versions of Chrome and Android
- [26742] fix to ActiveSync - Categories set on messages in Outlook may disappear moments later
- [26807] fix to ActiveSync - Changes to individual occurrences of recurring events may not be synced to server
- [26809] fix to possible crash in MDaemon.exe
- [26813] fix to possible crash in MDASMgmt.dll
- [26827] fix to WorldClientAPI does not respond with 404 Not Found for bad origins
- [26832] fix to ActiveSync - Server may send wrong error code when sync state is locked
- [26447] fix to ActiveSync - events created with no reminder on iOS are synced to the server with a 0 minute reminder
- [26856] fix to possible crash in MDUser.dll
MDaemon 23.0.0 - February 8, 2023
CHANGES AND NEW FEATURES
MDAEMON SERVER
- [6984] Added IMAP server support for keyword flags. This allows email clients such as Mozilla Thunderbird to store Message Tags on the server, which lets you see tags set in one client in another instance of the client.
- [26376] Improved the IMAP server's performance when opening large mail folders.
- [23873] MTA-STS now has an exempt list, so problem domains can be made exempt instead of MTA-STS needing to be turned off when failures affect deliverability.
- [18486] MDaemon sends a warning email to admins when SSL certificates configured for use by MDaemon, Webmail, or Remote Administration are about to expire.
- [22800] Added OAuth 2.0 support for MultiPOP mail collection from Gmail and Office 365. OAuth 2.0 is modern authentication, which these services will require once they disable support for legacy/basic authentication. Simplified setup instructions are:
- Create an app using the Google API Console (for Gmail) or Azure Active Directory (Office 365).
- Enter the app's Client ID and Secret in MDaemon at Setup | Server Settings | MultiPOP.
- On the Account Editor's Web Services screen, enable "edit MultiPOP settings" for the accounts that need to use OAuth.
- On the Account Editor's MultiPOP screen, select the Gmail ("pop.gmail.com:995") or Office 365 ("outlook.office365.com:995") entry, check "Use OAuth", click Replace, then save. Users can also do this for themselves in Webmail or MDRA.
- Users then need to authorize the accounts in Webmail. On the Settings | Mailboxes page, click the "Authorize" button for the Gmail or Office 365 entry. Sign in to Google or Microsoft and consent to the application. Users may need to reauthorize on a weekly basis.
Detailed setup instructions can be found in Knowledge Base articles https://knowledge.mdaemon.com/how-to-setup-oauth-google (Gmail) and https://knowledge.mdaemon.com/how-to-setup-oauth-m365 (Office 365).
- [26476] The "MultiPOP always deletes mail..." option has moved from Setup | Event Scheduling | Mail Scheduling | MultiPOP Collection to Setup | Server Settings | MultiPOP.
WEBMAIL
- [10314] Integrated Google Drive into Webmail Documents. Users can view their Drives, Folders, and Files that are in Google Drive. Users can upload, download, move, copy, rename, and delete files, as well as copy/move files to and from the local document folders. If the user wants to edit a document, clicking the option to View the file in Google Drive will allow the user to make edits in accordance with their permissions in Google Drive. To Setup the integration view the Knowledge Base Article at https://knowledge.mdaemon.com/mdaemon-google-drive-setup.
- [26164] Pro theme - Added read receipts support.
- [26236] Pro theme - Added an option to disable the HTML editor context menu.
- [25647] Pro theme - Added the ability to resize the folder list.
- [24927] Added option to enable drag and drop folders at Settings | Folders. Setting is enabled by default.
- [26275] Made the session cookie Secure over HTTPS.
- [26278] WorldClient no longer modifies the robots.txt file on startup.
- [26309] The built-in web server prevents the download of .dll files from the HTML directory.
- [26535] Pro theme - Changed the validation process to allow BCC only recipients when composing a message.
REMOTE ADMINISTRATION (MDRA)
- [26188] Added an option at Main | Webmail Settings | Settings and at Main | Domain Manager | Edit | Webmail Settings to "Allow users to receive Two Factor Authentication verification codes over email". This setting is enabled by default.
- [26274] Changed the default permissions when adding a new ACL entry to Lookup and Read.
- [26257] Test buttons at Spam Filter | DNS-BL | Hosts and Setup | Active Directory | Authentication are now disabled while the process is ongoing.
- [26312] The built-in web server prevents the execution and download of .dll files in the Templates directory.
- [25041] Updated the UI to use a stacked menu for widths of 1024px and greater. Added a user settings page that can be accessed by clicking the username in the top right. User settings include a Dark Mode, font size options, and the current language.
- [26304] Changed the account delete confirmation to use the custom confirmation feature.
SECURITY
- [26114] Dynamic Screening - There is a new option titled Block Logon Policy Violations. If the logon policy to require full email addresses is active, and Block Logon Policy Violations is active, then the offending IP address will be blocked immediately. Also added a new option for Auth Failures, to only ignore duplicate passwords for valid accounts. This means that if a password change was done at a client, then another client still running the old password will still have ignore duplicates enabled, since it would have the correct logon name. A bot trying random logons with a similar password would not have that same benefit, and will be blocked as soon as it surpasses the auth failure threshold. This will help to defeat bots much quicker. The XML API DynamicScreen operation has been updated to reflect these new features.
- [26115] Content Filter - Added an option to add a warning at the top of the message if a restricted attachment is removed from message under Content Filter | Attachments.
- [26328] AntiVirus - Updated ClamAV to version 0.105.1.
- [26036] AntiVirus - Added an option to exclude trusted IPs from virus scanning.
- [26695] AntiVirus - Removed option to send notification if Cyren virus definitions have not updated.
ACTIVESYNC
- [26305] Added the ability to define a custom display name for mailbox and public folders.
- [26287] Added option to disable the ability to factory wipe devices.
- [26215] Improved shutdown performance.
- [26184] ActiveSync clients can now send to Personal Distribution Lists in Contact folders.
- [26067] Changed layout of Client Settings Dialog to add room for new settings.
- [26030] Added Client Setting to block sender when item moved to Junk Email folder.
- [26446] Outlook's Junk E-mail folder should always be associated with the server-side spam folder.
OTHER
- [26059] MDaemon GUI - Changed the default permissions when adding a new ACL entry to Lookup and Read.
- [18756] MDaemon GUI - Added warning popup if you attempt to set the Webmail, Remote Administration, or XMPP BOSH Server ports to have conflicting values.
- [26027] XMLAPI - Added Editor operation which can be used to edit MDaemon's various INI files
- [26191] Changed several plugins to allow newer versions to run so customers can test possible hotfix/patch versions.
FIXES
- [26387] fix to Message Indexing - maintenance does not use as many worker threads as it's configured to
- [26253] fix to Pro theme - Event Editor - Add attendees auto complete output is hidden by the Add Recurrence section
- [26245] fix to LookOut theme - popup does not close after removing a canceled event from calendar
- [26254] fix to MDaemon stops responding after failed SMTP delivery to smart host if the hostname is in brackets and a port is specified
- [26244] fix to Pro theme - Resend option is not always available in the right click menu
- [26231] fix to Pro theme - Drag and Drop PIM attachments not working
- [26268] fix to MDRA - When clicking "Sender block list", a large list causes a long delay
- [20207] fix to Lite theme - Advanced search date range does not work
- [25737] fix to Lite theme - List Refresh time shows incorrectly when set to a non-standard value
- [10527] fix to Outbreak Protection - processing will skip messages when the recipient is in the sender's allow list if this option is enabled in Spam Filter
- [26334] fix to Outbreak Protection - skip reasons are now logged during SMTP processing
- [26282] fix to messages with password-protected files that are allowed through not getting archived
- [26306] fix to MDRA - After creating an IMAP Filter to forward, the rule is displayed incorrectly when viewing it
- [26375] fix to Content Filter - typo in restricted attachment logging
- [21233] fix to MDRA - Requiring two factor authentication is not enforced if TFA not already set up in Webmail
- [26343] fix to Webmail - When replying to a message with a long From header, the To address is truncated
- [24865] fix to Webmail - After setting a default language, only English is set when first logging in. Added an option to disable the "Default to user's browser language" in MDRA at Main | WorldClient Settings | Settings
- [26349] fix to Pro theme - iOS - When you tap a message in your search results, it enables the checkmark icon
- [26339] fix to Pro theme - When changing your password on the login screen, the Save button is unavailable
- [26066] fix to MDaemon shutdown delay when real-time message indexing is enabled
- [26310] fix to ActiveSync and Autodiscover do not honor the "Hide software version identification" option
- [26338] fix to ActiveSync - delay processing Ping and Sync wait expirations
- [26380] fix to ActiveSync - crash when client downloads particular message
- [26379] fix to Clustering - Deadlock possible while removing secondary node
- [26302] fix to ActiveSync - Crash when attempting to wipe data using protocol version 14.1
- [26296] fix to Autodiscover is not enabled on new installations
- [26238] fix to Clustering - ClstrSvc.ini written to the root of C:
- [26110] fix to MDaemon GUI - AutoDiscovery Service Help does not work
- [26064] fix to ActiveSync - WindowsOutlook15 client may enter an indefinite Sync/Ping loop
- [26047] fix to XMLAPI - GetVersionInfo emits non-UTF8 encoded strings (specifically LegalCopyright)
- [26319] fix to Pro theme - Compose - window not wide enough for navbar in some languages
- [26368] fix to AntiVirus - messages that contained password-protected files that can not be scanned will have "X-MDAV-Infected: password-protected" header added
- [26307] fix to Pro theme - Compose - If the extended HTML editor toolbar is present, alerts are covered by it
- [21938] fix to Pro theme - iOS - Cannot scroll all the way down New Event page
- [21200] fix to Webmail IM - When adding a contact, it shows up on your list only after a refresh
- [18802] fix to MDRA - No error when entering invalid path in RF queue path
- [26176] fix to Pro theme - HTML Editor - Firefox not loading inline images
- [26040] fix to MDaemon creates X-MDDNSBL-Result header when error code is returned
- [26400] fix to AntiVirus - Cyren Cloud Assist will use proxy info from AVUpdate if enabled
- [26217] fix to SPF HELO lookup result is ignored if DMARC verification is enabled
- [26398] fix to Pro theme - Folder list vertical scroll bar is partially covered by line
- [26408] fix to MDRA - Signing in from Webmail's Advanced Settings link fails
- [26342] fix to SMTP server RFC compliance check mistakenly rejects valid "From" header syntax
- [26353] fix to OCAddins.dat.lck file left behind by crash causes MDaemon Connector performance issues
- [26264] fix to Mail Statistics Summary email duplicates the MDaemon Statistics Report
- [18112] fix to Content Filter - non-ASCII attachment filenames are garbled when using outbound compression
- [26070] fix to Installer - translated Cf*.dat files may not be installed on a fresh install
- [26415] fix to Pro theme - Cannot unsnooze a snoozed message
- [26452] fix to Pro theme - saved draft has ../../../ in the image url when sent and image cannot be viewed
- [25952] fix to inaccurate text in SMTP screening notification email about sending to unknown recipients
- [26470] fix to MDRA - SMTP Screening "Send notification when IP is blocked" checkbox is tied to the wrong setting
- [26472] fix to ActiveSync - timestamps in Received headers with extra whitespace are not parsed correctly
- [26447] fix to ActiveSync - events created with no reminder on iOS are synced to the server with a 0 minute reminder
- [26474] fix to Pro theme - An expired CSRF token prevents a user from sending a message
- [26454] fix to possible crash in MDaemon.exe
- [23477] fix to SMTP server ignores the From header if the Sender header exists when checking message headers for addresses on the block list
- [26478] fix to messages routed from the Inbound queue to the Bad queue may be deleted silently
- [26421] fix to CNAME in A record lookup response causes SSL certificate validation failure
- [26492] fix to security vulnerability in Webmail
- [26509] fix to Pro theme - Default From Address is not saved to the User.ini correctly
- [26564] fix to Outbreak Protection not using proxy username and password
- [26566] fix to possible crash in WorldClient.dll
- [26570] fix to possible crash in CFilter.dll
MDaemon 22.0.3 - August 30, 2022
FIXES
- [26292] fix to AntiVirus - update notifications may have blank FROM header
- [26297] fix to Active Directory monitoring corrupts non-ASCII text in the Comment field of public contacts
- [26299] fix to Pro theme - When HTML Compose is disabled, "Loading" is displayed when composing
- [26289] fix to Content Filter - Some extended characters not recognized during filtering
- [26293] fix to AntiVirus - Changed ClamAV definition update notification to 7 days by default
- [26300] fix to AntiVirus - ClamAV will not run on older systems without proper runtime libraries
- [26345] fix to Content Filter - Non-ASCII characters in attachment filenames may be corrupted
MDaemon 22.0.2 - July 26, 2022
FIXES
- [26222] fix to MDRA - Access Denied errors given accessing Account Editor views
- [26225] fix to AntiVirus - gibberish line in AV log when Cyren AV is disabled
- [26206] fix to Spam Filter - changed sa-update.exe to use the next mirror in the list if mirror failed with verification
- [26224] fix to possible crash in WebAdmin.dll
- [26230] fix to ActiveSync - Gmail app crashes when opening a particular meeting request
- [26234] fix to Pro theme - Spell check not working in HTML editor
- [26235] fix to MDRA - Using the log filter, opening a result that contains umlauts results in an empty window
- [26250] fix to AntiVirus - reverted Cyren AV back to version 6.5.2r2
- [26249] fix to Pro theme - folder list cached from previous login
- [26256] fix to MDRA - When double clicking a session at Main | Active Sessions an iframe with an error appears
- [26259] fix to MDRA - Unable to add an account to the list of ActiveSync Accounts at ActiveSync | Account Management
- [26258] fix to MDRA - Unable to revoke all accounts at ActiveSync | Account Management
- [26261] fix to MDRA - Unable to save gateway forwarding changes
- [26262] fix to AntiVirus - possible fix to ClamAV "init-error" when scanning messages
- [26273] fix to AntiVirus - Cyren threat lookup disabled by default in UI when it should not be
MDaemon 22.0.1 - July 5, 2022
CHANGES AND NEW FEATURES
- [24735] MDRA - Added ability to resize and move the dialog popups.
- [26010] MDRA - Added a Delete All button for Queues, and added the ability to use CTRL + A to select all items in a Queue.
- [24811] MDRA - Added a table of each user's thirty most recent Webmail sign-ins at Main | Account Manager | Edit account.
- [26042] AntiVirus - Added an option to enable/disable Cyren's Threat Lookup at AntiVirus | Virus scanning | Use the Cyren... | Configure
- [25817] MDRA - Added a new mobile-friendly list control to replace the multi-select list
- [24782] A client signature can now be set per group. The client signature will be pushed to members that use Webmail or MDaemon Connector.
A group client signature overrides a domain client signature, which overrides the default client signature. In the MDaemon GUI go to
Accounts | Groups & Templates to edit a group and set its client signature. Clear the text in the editor to remove a client signature.
- [26069] Pro theme - Switched from Jodit to TinyMCE HTML editor.
- [25958] Pro theme - Added "Message Window Closes on Delete" feature.
- [25957] Pro theme - The message window will close when deleting the last message in a folder.
- [26158] Spam Filter - Added an option to log Spam Filter updates at Security | Spam Filter | Updates.
- [26193] AntiVirus - Updated Cyren AV to version to 6.5.4r21.
FIXES
- [26017] fix to EDNS0 is not being used for outbound SMTP and POP connections
- [26029] fix to MDRA - Unable to save changes after changing content filter rule condition
- [21966] fix to Content Filter - restricted attachments not being applied to nested RAR files
- [26054] fix to AntiVirus - possible lock up during virus scanning
- [26048] fix to Content Filter - restricted attachments not being applied to nested 7zip files
- [25993] fix to Webmail - Published Calendar - Event that spans two days between two months causes empty list view
- [25750] fix to possible crash in WorldClient.dll
- [26103] fix to Pro theme - Message List - When there is no message preview, double-clicking a message opens three instances
- [25950] fix to Webmail - Remember Me often lost when upgrading the MDaemon server
- [26140] fix to AntiVirus - wrong version of ClamAV included
- [26143] fix to AntiVirus - possible crash if debug logging is enabled for ClamAV
- [23762] fix to XMPP Server - possible crash during shutdown
- [26157] fix to MDRA - Reflected Cross Site Scripting (XSS) vulnerabilities reported by Pankaj Kumar Thakur from Green Tick Nepal Pvt. Ltd.
- [26156] fix to MDRA - Compression Exempt list entries are written to the CFCompress.dat file on a single line
- [26169] fix to MDRA - Minger - Shared Secret password is limited to 10 characters
- [26174] fix to Pro theme - Cannot send a message with only BCC recipients
- [26175] fix to Pro theme - Inline images are not working in the Compose view
- [26177] fix to Pro theme - Password Recovery page does not work when 2FA is enabled
- [26159] fix to Pro theme - IIS - When message view is set to 500, messages remain when deleting a full page
- [24677] fix to Content Filter - header line not MIME-encoded back after being modified
- [26144] fix to ActiveSync - all day events may span two days
- [26127] fix to MDIM - MDMailCheck - If a user logs out of Webmail and tries to use MDMailCheck to open Webmail the login page will be shown
- [26197] fix to Webmail - Logging in from MDIM goes to an error page if 2FA is enabled
MDaemon 22.0.0 - May 17, 2022
SPECIAL CONSIDERATIONS
[25771] 32-bit MDaemon has been discontinued. MDaemon 22.0 and newer will only be available in 64-bit. If you are currently running
a 32-bit version on a supported 64-bit operation system, you can simply install the 64-bit version on top of the existing installation.
[23752] The minimum length for strong passwords must now be at least 8 characters. If your minimum length was set to fewer than 8 characters
before updating to MDaemon 22, it will be changed to 8. The default minimum length for strong passwords on new installs is now 10.
[25215] MDaemon is moving away from using the terms "whitelist" and "blacklist". In many cases, they are now "allow list" and "block list".
Features that had a "white list" to exempt IPs, addresses, etc., now have an "exempt list". The per-user spam filter contacts folders are now
named "Allowed Senders" and "Blocked Senders". The folders for all accounts will be renamed when MDaemon 22 starts up for the first time.
CHANGES AND NEW FEATURES
WEBMAIL
- [25278] When strong passwords are required, there is now a list of password requirements that displays green and checked off as the user meets the requirements.
Also added more descriptive error messages for what is wrong with an invalid password on submission.
- [25418] Pro theme - Added a contact hover popup in the message views that gives options to add a contact (if it does not exist), send a message, add to allow sender or add to block sender.
- [16458] Added a Two Factor Auth Exception IPs view in Remote Admin. Exception IPs apply to both Webmail and Remote Admin.
- [19670] Added options to set a default from address on reply and forward at Settings | Compose.
- [25670] Pro theme - Added support for external compose, message, event, contact, task, and note views over HTTP connections.
- [25394] Pro theme - Added an option to open the next unread message from the message preview pane and message view.
- [25608] Added a 1 minute option to the List Refresh Time at Options | Personalize.
- [24147] Added HTTP Strict Transport Security as a default response header.
- [25431] Pro theme - Added message snippets to the message list when in multiline mode.
- [17531] Pro theme - Added the ability to edit the Display Name of an alias at Settings | Compose. Disabled by default. Can be enabled in MDRA at Main | Webmail Settings | Settings | "Allow users to edit their alias display names".
- [25805] Added support for CSRFTokens on the Sign-in page.
Enabled when "Use Cross-Site-Request-Forgery tokens" is enabled in MDRA at Main | Webmail Settings | Web Server.
If you are using custom templates for Webmail, add a hidden input to the Login form as follows:
<input type="hidden" name="LOGINTOKEN" value=<$LOGINTOKEN$> />
- [25796] Public Calendar - Modified the List view to start on the current day and show the next 30 days.
- [25744] Added automatic conversion of URLs to hyperlinks in the message view.
- [25845] Pro theme - Added the Flag column to the mail list sort options.
- [16750] The names of default folders (Drafts, Sent Items, etc.) are translated into the Webmail user's language no matter which language of MDaemon is installed (previously only the English MDaemon did this).
- [25751] Added an option to send Two Factor Auth verification codes to an email address.
- [25923] Pro theme - Added red color to overdue tasks text in the Tasks list.
- [25922] LookOut and WorldClient themes - Changed all list category display behavior to match.
- [24576] Pro theme - Upgraded the XMPP client to version 4.4.0.
- [25215] The Allowed Senders and Blocked Senders folders now have different icons to indicate that they are special folders.
- [25951] Added Content-Security-Policy and Referrer-Policy as default response headers.
- [26006] Webmail - Upgraded CKEditor to v4.18
REMOTE ADMINISTRATION (MDRA)
- [16458] Added a Two Factor Auth Exception IPs view in Remote Admin. Exception IPs apply to both Webmail and Remote Admin.
- [25612] Changed autocomplete="off" to autocomplete="new-password" on password fields to stop FF from autocompleting passwords outside of the login page.
- [25137] Added the Notifcation Message Editor at Security | Content Filter | Notifications.
- [24147] Added HTTP Strict Transport Security as a default response header.
- [25805] Added support for CSRFTokens on the Sign-in page.
Enabled when "Use Cross-Site-Request-Forgery tokens" is enabled in MDRA at Remote Admin Settings | Settings.
- [25868] Added ability to view and manage custom remote and local queues.
- [25951] Added Content-Security-Policy and Referrer-Policy as default response headers.
SECURITY
ACTIVESYNC
- [25872] Improved FolderSync performance.
- [25756] The ActiveSync Connection Monitoring Dialog has a new right-click menu command to terminate a session and block a client.
- [25843] Added the ability for Outlook to send mail using an alias. If Reply-To is set to a valid alias for the sending account, the message will be sent via that alias.
- [24846] Added support for EAS 16.1 Find command. Removed the protocol restriction preventing iOS from using EAS 16.1
OTHER
- [21284] Content Filter - Added support for $CONTACT...$ macros in the "Append a corporate signature" action.
These macros can be used to personalize the signature with information from the sender's contact in their public
contacts folder. Search the documentation for "Signature Macros" for a full list of supported macros.
- [24180] Content Filter - Added an action to extract attachment and add attachment linking into the message.
- [17799] Summary Emails for the holding, quarantine, and bad queue may now have links to release, re-queue, or delete each message. This option is enabled by default.
It can be disabled at Queues | Mail Queues / DSN | Mail Queues | Holding Queue. The Remote Administration URL must be set for the links to be generated.
- [25708] LetsEncrypt - Updated the script to work with PS 7.
- [24330] Added a Deferred Delivery option at Setup | Server Settings | Message Recall to replace the 'Date:' header with
the current date and time when a message is released from the Deferred Queue. It is disabled by default.
- [25860] MDaemon Connector has been updated to version 7.0.7.
- [25770] XMLAPI - Added support for forwarding scheduling.
FIXES
- [23799] fix to DSN messages are not DKIM signed
- [16896] fix to settings for the 'Everyone' and 'MasterEveryone' mailing lists are reset at startup
- [25677] fix to Pro theme - does not save language settings from login
- [25785] fix to Pro theme - Disabling HTML Compose prevents message composition
- [25799] fix to Pro theme - Messages with no body do not finish loading
- [25828] fix to Pro theme - relative URLs in emails are being converted to absolute paths in the plain/text part
- [25830] fix to Pro theme - When Auto-Cancel Saved Search is unchecked searches are still canceled when switching between folders
- [25835] fix to Pro theme - Saved Searches do not show up in the folder list if there are none
- [25841] fix to spam released from trap/holding queue going to junk mail folder
- [25848] fix to CalDAV - invalid iCalendar generated from event with HTML comments
- [25948] fix to disabling Dynamic Screening via the configuration property sheet does not work as expected
- [25851] fix to Webmail - Text not translated on Folder Options page
- [25852] fix to MDRA - Upload Custom Image not working
- [25856] fix to Pro theme - Cannot copy or move an entire page of messages to another folder
- [25878] fix to SMTP server closes connection when it receives a BDAT 0 LAST command
- [25880] fix to MDRA - Browse Users and Browse Groups buttons may not work when running in IIS
- [25813] fix to ActiveSync - attachments in meeting events may not be shown
- [25836] fix to ActiveSync - memory leaks
- [25777] fix to ActiveSync - SendMail operations from a particular client fail with a bad request error
- [25873] fix to ActiveSync - BlackBerry Hub unable to sync mail
- [25671] fix to ActiveSync - BlackBerry Hub doesn't show attachment
- [25870] fix to XMLAPI - not validating the format of date/time values
- [24801] fix to MDRA - incorrect German translation of From and To in the Reports section
- [25901] fix to Webmail - In the Task list, printable ASCII symbols are displayed in their HTML-encoded form
- [25891] fix to Active Directory monitoring Windows domains limited to 17 characters
- [25925] fix to MDRA - account data is not moved to new location when mail folder is changed
- [25934] fix to SMTP response code mismatch when "Send heuristic results to SMTP clients" is enabled
- [25971] fix to possible crash in WorldClient.dll
- [25975] fix to Attachment Linking - when logged into WebMail with HTTPS attachment link will not work
- [25990] fix to Webmail - XSS vulnerability
- [14404] fix to mailing list headers and footers may not be applied to messages with attachments or inline images
- [25991] fix to Content Filter not expanding $MESSAGEID$ macro properly for a particular message
- [26004] fix to Pro theme - deleting a message from the message preview results in the wrong message being selected next
- [26007] fix to Pro theme - Possible to double click on Save in Contact, Event, Task, and Note editors and create multiple items
- [25750] fix to possible crash in WorldClient.dll
- [26058] fix to ActiveSync - iOS clients can delete public contacts without having the required permissions
MDaemon 21.5.2 - February 8, 2022
CHANGES
- [25707] MDaemon Connector has been updated to version 7.0.6.
- [25471] XMLAPI - Improved UpdateUser group membership operations.
- [25709] LetsEncrypt - Changed the Log function to use add-content instead of out-file. Add-content uses the default system code page which should enable the log file to be viewed in MDRA. No change will be made to the encoding of the log file until a new log file is created.
FIXES
- [25683] fix to ActiveSync - performance issues
- [25664] fix to ActiveSync - Unable to enable ActiveSync for the final licensed user
- [25681] fix to XMLAPI - Autoresponder schedule being set wrong
- [25667] fix to Pro theme - Cannot add members to a distribution list
- [25678] fix to MDaemon writes auth failures to Windows Event Log even when option is turned off
- [25679] fix to MDaemon's Auth Failures log may have incorrect ACCOUNT values
- [25658] fix to WorldClient theme - Option to recur every X weeks missing in the event editor
- [25676] fix to MDRA - Unable to add an alias using $LOCALDOMAIN$
- [25646] fix to MDRA - When editing group membership it's possible to accidentally revoke your own global admin status
- [25690] fix to MDRA - Using Apply when creating a new Template or new Group causes an error when making additional changes
- [25695] fix to MDRA - Problems editing rules when there are more than 1000 rules
- [25694] fix to Pro theme - Pasting links from Youtube into compose view and sending message results in the links missing in the received message
- [25701] fix to possible message corruption when MDaemon releases or requeues a message
- [25705] fix to Pro theme - Attendees are not notified when meetings are changed
- [25714] fix to Webmail - Previously removed categories on messages reappear with new sessions
- [25698] fix to domain signature with inline image may not be applied properly to a message with an inline image
- [25718] fix to IMAP server does not return BAD response to a command line that's too long
- [25750] fix to possible crash in WorldClient.dll
- [25767] fix to ActiveSync - Unable to sync PIM folders that do not have .MRK files in them if folder name contains extended characters
MDaemon 21.5.1 - December 14, 2021
CHANGES AND NEW FEATURES
- [25395] MDRA - The last view is now remembered for expired sessions, but not for sessions signed out by the user.
- [25396] Webmail - Changed all Login referrences to Sign-in.
- [25397] Pro theme - Added the View Source and Save Source options to the Message View and Message Preview.
- [25248] Content Filter - Added macro support for 'Add an attachment' action.
- [23758] WorldClient theme - Added an option to "Use Auto Formatted Date" at Options | Personalize | Inbox Settings. When the setting is disabled, the message list dates are displayed the same as in LookOut theme.
- [25474] LookOut and WorldClient themes - Users can now select and copy some text from event tooltips in the calendar view. Use CTRL + C to copy.
- [25283] Webmail - Added options at Options | Calendars to enable the event tooltips and to change the hover timer required to see the tooltip.
- [25328] Pro theme - Added a "Favorites" checkbox to toggle at Settings | Folders, Folder Options dialog.
- [25426] Pro theme - Added an overwrite checkbox on the document list view.
- [25393] Pro theme - Added an option to attach documents to a message in the compose view.
- [17687] DSN - Added $RECIPIENT$ macro support to custom DSNFail.dat and DSNDelay.dat files.
- [24960] Content Filter - Increased total character limit for all entries added to the Attachments exclusion list.
- [25171] MDRA - Added version 16.1 to ActiveSync Protocol Restrictions.
- [25478] Pro theme - Made some performance improvements.
- [25624] LetsEncrypt will no longer delete the log file each time it runs.
- [25643] LetsEncrypt - You can add -SkipPortCheck to the command line to skip the port check.
- [25644] LetsEncrypt - added the ability to copy challenge files to an external path.
FIXES
- [25386] fix to Webmail - Users no longer being asked if they wish to enable desktop notifications in Firefox
- [25133] fix to AntiVirus - ClamAV reports error when scanning a zero byte file
- [25258] fix to DSN - Macros in custom DSN message text are not processed per message
- [25469] fix to XMLAPI - CreateUser operation allows alias to be created for an account that already exists
- [25499] fix to possible MDaemon.exe hang related to gateway LDAP lookup caching
- [25523] fix to MDRA - removing an ActiveSync client may inadvertently remove account-level client settings
- [25515] fix to Pro theme - Clicking Advanced Settings opens two windows
- [25492] fix to MDRA - Adding more than one public folder to a content filter rule's copy action causes incorrect naming
- [25532] fix to MDRA - Add attachment path uses forward slash instead of backslash
- [25454] fix to MDRA - In the Do not filter messages larger than setting, it shows KB instead of MB
- [25505] fix to non-ASCII characters are not encoded correctly when they are exported to an LDAP address book
- [25564] fix to WorldClient theme - Edit link in hover box doesn't show all event info
- [25434] fix to mailing list "Replace 'From:'" options incorrectly process From header
- [23721] fix to mailing list messages may not use the correct smart host settings
- [25573] fix to MDRA - Including quotes (") in the name of a content filter rule results in the rule list not being displayed
- [25543] fix to ActiveSync - accounts without access rights can search public contacts
- [25577] fix to ActiveSync - possible hang when searching public contacts
- [25607] fix to LookOut theme - possible hang after resizing the browser window
- [25609] fix to MDRA - Content filter "if subject header contains" condition gets changed to user defined header
- [25610] fix to possible MDaemon crash if Dynamic Screening whitelist contains invalid IP address
- [25629] fix to Message Indexing - maintenance fails when messages.mrk does not exist
- [25616] fix to MDRA - unable to add/remove per-user autoresponder address exclusions
- [25619] fix to Pro theme - Remember Me not working after server restart
- [25563] fix to Pro theme - Mailbox languages do not change when changing language
- [25628] fix to Pro theme - Memory leak when using external windows
- [25634] fix to Pro theme - Users with long folder names cannot see new message counts
- [25639] fix to MDRA - Access denied when editing group memberships
- [25621] fix to ActiveSync - folders may not sync due to "ImapMrk: Corrupt File Header"
- [25641] fix to MDaemon attempts to send message again if socket error 10053 occurs when sending QUIT
- [25653] fix to MDaemon does not try the next DNS server after an A record query is refused
- [25655] fix to Spam Filter - Sa-Update.exe not downloading updates
MDaemon 21.5.0 - November 9, 2021
SPECIAL CONSIDERATIONS
[24475] The 'X-MDOrigin-Country' header, which Location Screening can add to messages, now has the two-letter ISO 3166 country and continent codes instead of full country and continent names. Be sure to update any filters you may have that look for particular values in this header.
[24943] With the renaming of the Webmail Mobile theme to Pro, there is a possible side effect for users that are using the Mobile theme and have remember me enabled. These users may find that they cannot open attachments. To work around this, the user must simply log out and log back in.
MAJOR NEW FEATURES
[21032] APP PASSWORDS
App passwords are long randomly generated passwords that clients can be configured to log in with instead of a user's account password. When used along with Two-Factor Authentication, which is supported by MDaemon Webmail and Remote Administration, they can help protect an account from unauthorized access. App passwords are supported by MDaemon's SMTP, POP, IMAP, ActiveSync, WebDAV, and XMPP servers.
App passwords are enabled by default. They can be disabled at Accounts | Account Settings | Other | Passwords. Two-Factor Auth can optionally be required for users to set up app passwords (enabled by default). The Web Services screen in the account editor and account templates has an "edit app passwords" permission, enabled by default. The Settings screen in the account editor and account templates has an option for whether an app password must be used to log in to the account using one of the supported protocols, disabled by default.
Users can manage app passwords in Webmail, at Options | Security, or Remote Administration, at My Account | App Passwords. The UI displays a list of the user's app passwords, with their name, creation timestamp, last used timestamp, and last used IP address. App passwords can be created, renamed, and deleted (revoked). An app password is displayed only once, when it is generated. If a password is lost, delete it and generate a new one. A different app password should be generated for each of a user's clients. If the user stops using a client or loses a device, any app passwords for them should be deleted. As a security measure, all of an account's app passwords are deleted when the account's password is changed.
CHANGES AND NEW FEATURES
WEBMAIL
- [24438] Renamed the Mobile theme to the Pro theme.
- [13407] Added an Unsubscribe link next to the From address when the List-Unsubscribe header exists in a message. This can be disabled at Settings | Personalize.
- [20461] Added ability to import email into the current message list.
- [24087] Pro theme - Added Cross-Site-Request-Forgery tokens for more secure transactions. The feature is disabled by default. To enable it through MDRA go to Main | Webmail Settings | Web Server and check "Use Cross-Site-Request-Forgery tokens".
- [22154] Pro theme - Added an option at Settings | Personalize to enable Dark mode.
- [24133] Pro theme - Added a link to "Track my package" in opened messages.
- Carrier tracking numbers being watched by default are USPS, UPS, OnTrac, FedEx, and DHL.
- The default configuration file is \MDaemon\WorldClient\package_tracking.json
- Admins can add more carriers by creating \MDaemon\WorldClient\package_tracking.custom.json using the same format as the default config file.
- At least one service name, a tracking url, and at least one valid regular expression is required.
- Include service names that may appear in a message to reduce the chances of false positive matches.
- [24124] Updated the Dropbox integration to use the refresh_token provided by Dropbox to reconnect users without interaction with the OAuth dialog. When the access_token expires, Webmail will attempt to use the refresh_token to get a new access_token. No longer necessary settings have been removed from the Cloud Apps page. The admin does NOT need to make any changes to the Dropbox app at Dropbox.com.
- [22940] Pro theme - Added a password strength meter.
- [24192] Search All / Subfolders requests no longer search unsubscribed folders when unsubscribed folders are hidden.
- [23501] Added a checkbox named "Skip Search" to exclude specific folders from Search All / Subfolders requests.
- [24151] Added a setting in Remote Admin that allows the Two Factor Authentication Remember Me checkbox to be hidden.
- [24186] Added a blur effect for the background when the user session is expired.
- [24207] Pro theme - Added the Message List Layout dialog to the smaller browser size. Only the Message List Density setting is displayed.
- [24165] Added an Automatic CC and BCC feature at Settings | Compose.
- [20666] Added an option in WorldClient\Domains.ini [Default:Settings] PreventComposeWithAlias. Setting is off by default.
- [20172] Lite theme - Added auto-save draft message to the Compose view.
- [23221] Pro theme - Added the Voice Recorder.
- [17966] Added an option in the Options | Folders view to allow users to skip contact folders in auto-complete searches. Added the option in the right click menu as well.
- [24222] Pro theme - Added the image slideshow feature for the message view.
- [24209] Pro theme - Added a card view for the contacts list.
- [9877] Added a Webmail log entry for the User-Agent when a user logs in.
- [20852] Added a notification in the Compose view if a local recipient has their autoresponder enabled.
- [20994] WorldClient theme - Added a paperclip icon to event tiles that have attachments.
- [24474] Maximum attachment size is set to 25 MB for new installs.
- [24492] Pro theme - Moved the "new item" button from the toolbar to the space above the folder list for desktop sizes.
- [24493] Pro theme - Added a plus icon next to "Personal" to create a new calendar in the calendar view.
- [17840] Pro theme - Added an event tooltip with edit options and send an email to an attendee option.
- [24679] Pro theme - Made the search bar always visible for browser window widths of 1200px or greater.
- [20414] Pro theme - Added a dialog to allow users to remove a contact from the the BlackList when adding them to the WhiteList and vice versa.
- [24725] Pro theme - Added an error message when there is an error creating or renaming a folder.
- [6309] Pro theme - Added support for HTML notes in Events, Contacts, Tasks, and Notes.
- [24796] Pro theme - Replaced the current HTML editor (CKEditor) with Jodit.
- [24955] Pro Theme - Changed the basic header view to show the From email address.
- [25262] Changed the "Delete All" folder action to "Empty Folder"
- [25260] WorldClient theme - Added "Change Password" and "Change Recovery Email" buttons to the Security page
- [25358] Pro theme - Changed the refresh button to refresh all folder counts
- [24526] Messages are sent to MDaemon's MSA port (587) by default instead of the SMTP port (25).
REMOTE ADMINISTRATION (MDRA)
- [16302] Updated trusting local domain host warning to prevent adding the local domain host when clicking "No".
- [11289] Added the ability to drag and drop content filter rules. The copy, edit, and delete buttons are now on each respective rule.
- [24088] Added Cross-Site-Request-Forgery tokens for more secure transactions. The feature is enabled by default. To disable it go to Main | Remote Admin Settings | Settings and uncheck "Use Cross-Site-Request-Forgery tokens".
- [24167] Added a password strength meter to some password fields.
- [24151] Added an option for Webmail and Remote Admin Two Factor Authentication Remember Me at Main | Webmail Settings | Settings and per domain at Setup | Domain Manager | Edit | Webmail Settings.
- [14331] Added Blocked IPs and Refused IPs reports for Dynamic Screening.
- [24239] Added the Groups and Client Types views under ActiveSync.
- [24255] Updated the ActiveSync | Diagnostic and Tuning pages.
- [24278] Added a browser usage by OS chart and table at Reports | Traffic | Webmail Login Statistics.
- [10444] Added buttons to open a popup for browsing users and groups to add to mailing lists at Main | Mailing Lists | Edit | New. Only Domain Admins or Global Admins have access to the buttons.
- [24847] Added Account Only Wipe options at Main | My Account | ActiveSync Clients and at ActiveSync | Client Management.
- [15277] Change logging has been added. It will log every change that is made via Remote Administration.
- [25000] Updated Message Recall to match the MDaemon GUI.
- [25050] Added the "Extract attachments from winmail.dat" option at Security | Content Filter | Compression.
- [25267] Added Slovenian language to MDaemon Remote Administration.
OTHER
- [24220] Added support for SMTP Command Pipelining (RFC 2920). MDaemon will send MAIL, RCPT, and DATA commands in batches instead of individually, which improves performance over high latency network links. SMTP pipelining is always enabled for inbound connections. It is enabled by default for outbound connections, but can be disabled at Setup | Server Settings | Servers & Delivery | Servers.
- [24252] Added support for SMTP CHUNKING (RFC 3030). CHUNKING allows non-line-oriented messages to be transferred. It is enabled by default for inbound connections, but disabled by default for outbound. Bare line feeds in received messages are converted to carriage return line feeds by default. These defaults can be changed by setting [Special] SMTPChunkingInbound=Yes/No, SMTPChunkingOutbound=Yes/No, and SMTPChunkingAllowBareLF=Yes/No in \MDaemon\App\MDaemon.ini.
- [24247] Content Filter - Updated the default restricted attachments list.
- [21277] XMLAPI - Added Support to report/modify settings from Setup/Server Settings/Logging.
- [24386] ActiveSync Server start/stop entries are written to MDaemon's System log.
- [24089] ActiveSync - Corrupt Message Notifications are sent less often.
- [24221] Clustering - Added support for synchronizing reminders from secondary nodes.
- [24714] Dynamic Screening - Added option to log location data using ISO codes instead of names.
- [23746] Dynamic Screening - Improved the logic used for ignore attempts using identical passwords.
- [24817] XMLAPI - Added support for ActiveSync AlwaysSendMeetingUpdates setting.
- [24881] XMLAPI - Added support for semaphore file creation.
- [19329] MDaemon Instant Messenger - Improved group chat feature by adding ability to multi-select chat buddies for group chat. Also added an option to auto-accept chat room requests.
- [24665] MDaemon GUI - Location Screening has a new option for whether a 'X-MDOrigin-Country' header is added to messages. It is enabled by default.
- [2118] Content Filter - Added rule action to add attachment to message.
- [25200] MDaemon GUI - An option for whether to allow logon using aliases has been added at Accounts | Account Settings | Aliases | Settings. It is enabled by default.
- [25315] MDaemon Connector has been updated to version 7.0.5.
- [24667] The default delivery confirmation message text (in \MDaemon\App\Receipt.dat) has been changed to use the $HEADER:X-RCPT-TO$ macro instead of $RECIPIENT$ to avoid disclosing the actual email address an alias resolves to.
FIXES
- [24238] fix to SMTP server may allow out of sequence commands
- [24276] fix to Pro theme - Folder list updates inconsistently
- [24353] fix to MDRA - Cannot disable feature "Only send antivirus update notification on failure"
- [24297] fix to Pro theme - info icon in Message View Layout popup should not exist
- [24491] fix to Webmail and MDRA - Two Factor Authentication one time password is reusable
- [24712] fix to Pro theme - Autocomplete box never goes away
- [24711] fix to Pro theme - Session has expired error when logging out
- [24700] fix to Pro theme - Body of message is not focused on when replying
- [24719] fix to Webmail - MDaemon sends the accepted meeting request message addressed from the wrong user when accepting in calendar view
- [24787] fix to MDRA - Problems with the "Use HTML" setting when adding a footer or adding to the top
- [24822] fix to Pro theme - Unable to open a new message after using Shift+Del to permanently delete a message
- [24814] fix to MDRA - Enabling a group in an account does not apply its selected template
- [24800] fix to Webmail - Email search results do not clear when selecting another section in webmail
- [24795] fix to Pro theme - Importing Events or Contacts with attachments takes time and there is nothing to inform the user that the import is ongoing
- [24909] fix to MDRA - domain editor has blank SMTP host name for domain admins
- [24859] fix to Pro theme - onSpam is not a function in external message window
- [24925] fix to XMPP Server - Server does not create chat rooms correctly
- [24864] fix to Webmail - Corrupted text added to message body when removing an attachment
- [24632] fix to ASMCUI - Command line still contains XMLAPI options though /ImportFile method is selected
- [24513] fix to ASMC - When importing contacts, duplicate GUID and Modified entries are created.
- [24634] fix to ASMC - Only create mailbox folders for Folder Types specified in migration
- [24279] fix to MD GUI - Resetting Root Node counters does not reset Dynamic Screening or ActiveSync counters
- [24433] fix to MD GUI - Wrong dialog opens when double clicking Accounts/ActiveSync
- [24617] fix to MD GUI - ActiveSync Accounts and Clients dialogs in the Domain Manager may show the wrong domain
- [24350] fix to Clustering - possible hang when moving mail queues
- [24618] fix to Clustering - possible crash at startup
- [24930] fix to Webmail - Invalid cookie for the requested session when downloading PDF files in Chrome
- [24949] fix to MDRA - Cannot edit a domain that has capitalization in the Domain name
- [24966] fix to MDRA - Cannot save autoresponder script in template
- [24992] fix to Pro theme - Very long email addresses cause the address to overflow the container in the To field of the compose view
- [25015] fix to MDRA - Attachment linking is not disabled when clustering is enabled
- [25021] fix to MDRA - possible crash when clicking "Restrict MDaemon folder access to Admins, Backup Operators, and System"
- [25097] fix to MDRA - Account Manager Filter does not display MDaemon Connector accounts
- [25083] fix to Pro theme - Contact, Task, and Note list does not refresh when a new item is created
- [25081] fix to Pro theme - DefaultFromAddress not being used in the Compose view
- [25077] fix to MDRA - In the Quotas settings, any value containing Japanese characters displays corrupt
- [24980] fix to LookOut theme - the "Show Snoozed" messages button does not do anything
- [25132] fix to Webmail - Whitelist and Blacklist folders are not regenerated if accidentally deleted by users
- [25075] fix to MDRA - Log actions taken on messages from the Queues pages
- [25172] fix to AV updater - Send notification if virus definitions have not updated checkbox gets value from CyrenAV
- [25179] fix to Pro theme - Enable/disable Two Factor Authentication options are reversed when logging out and back in
- [25189] fix to Pro theme - Email admin lost TFA device does not work
- [25176] fix to AV - When a virus is detected in winmail.dat the winmail.dat is removed from the message instead of the message getting quarantined
- [25188] fix to AV - Scan fails with Winmail.dat files containing attachments with special characters
- [25192] fix to DMARC processing is skipped for certain messages
- [25234] fix to possible MDaemon.exe crash when generating quarantine queue summary email
- [25237] fix to Pro theme - unable to send a message without a subject
- [25273] fix to XMLAPI - Create/UpdateUser does not set NTAccount value when specified
- [25086] fix to MDPGP - Invalid CRC error when decrypting particular messages
- [25256] fix to DSN message has remote server's BATV tag removed, which may cause delivery failure
- [25263] fix to Pro theme - Strings in folder context menu not translated
- [25266] fix to WorldClient and LookOut themes - if you import an ics file with thousands of events it looks like nothing is happening
- [25261] fix to Webmail - some HTML messages are not displayed properly
- [25269] fix to Webmail - XSS vulnerabilities
- [25305] fix to meeting updates can cause duplicates in Outlook if an account using MDaemon Connector is set to automatically process meeting requests
- [22378] fix to MDMigrator Unable to export message, pConvSess->MAPIToMIMEStm failed [0x80070005] in WriteMimeMessage
- [25317] fix to Pro theme - unable to clear search results after opening email
- [25243] fix to MDRA - Message Search may not find words that contain non-ASCII characters
- [24763] fix to Webmail - Attachments in meeting invites are not displayed correctly in Outlook
- [24934] fix to MDaemon GUI - Header Translation edits are not saved
- [25217] fix to MDaemon GUI - Domain Manager allows a domain with the same name as a disabled gateway to be created
- [25090] fix to mailing list administrators are not updated when renaming a domain
- [23962] fix to SPF lookups fail for certain multi-line SPF records
- [25285] fix to only the first mailing list's Last Access value is updated when a message is sent to multiple mailing lists
- [24331] fix to AD Monitoring replaces lowercase umlaut characters with uppercase letters
- [24189] fix to forwarding to a public folder submission address fails
- [25352] fix to possible hang in MdMbSrch.dll when indexing new mail items
- [25351] fix to WorldClient theme - Contact phone number is displayed incorrectly when parentheses or a plus sign exist
- [25343] fix to WorldClient theme - When setting invitee as Optional, it reverts to Required when saving
- [25353] fix to ActiveSync - search of all mailboxes returns no results
- [25078] fix to Content Filter - restricted attachment may not be quarantined
- [25346] fix to Pro theme - Message view right, unable to resize preview window using FF
- [25354] fix to Content Filter - "Compress outbound local domain attachments" option does not work
- [23299] fix to STARTTLS white list not being honored in all cases
- [25359] fix to Pro theme - IE11 - Users get a blank screen
- [23055] fix to public contact for an account may not be deleted when setting it as private using a template
- [25365] fix to MDaemon GUI - Domain Sharing password edit box does not allow enough characters
- [25372] fix to Pro theme - right clicking on a message in the message list and selecting Spam/Not Spam is not moving the message
- [25369] fix to high CPU usage in MDaemon.exe while verifying a particular DKIM signature
- [25268] fix to Content Filter - sender/recipient password-protected exclusion "Apply" button disabled when removing entry
- [25383] fix to MDRA - When editing group membership, the windows overlaps the last account in the list
- [23168] fix to Content Filter - "Append a corporate signature" with HTML may cause DKIM signature to fail
- [25201] fix to ATRN connections fail if they are on the STARTTLS Required List
- [25407] fix to message recall fails for messages in the the Deferred queue with no To header
- [25451] fix to Webmail - CKEditor upgraded to version 4.16.2 to get vulnerability fixes
- [25526] fix to possible crash in MDaemon.exe
MDaemon 21.0.3 - August 3, 2021
FIXES
- [24876] fix to ActiveSync - possible public contacts corruption when PIM mrk file validation is enabled
- [24877] fix to ActiveSync GUI - Help button does not work on Client Settings dialog
- [24899] fix to untitled attachments on recurring events with changed occurrences that were saved by MDaemon Connector
- [24905] fix to changed occurrences of a recurring event edited in both Webmail and MDaemon Connector can get out of sync
- [25096] fix to delay during MDaemon startup if there are many gateways
- [24971] fix to MDaemon performance issue when there are many domains
- [25087] fix to Webmail - Spell Check may use 100% CPU for German and Finnish
- [25085] fix to Webmail - XSS vulnerabilities
- [24918] fix to Mobile theme - Unicode (e.g. Japanese) Public and Shared parent folder names are not displayed correctly
- [25115] fix to possible crash in MDASMgmt.dll
- [25029] fix to ActiveSync - password expiration warnings may be sent to client repeatedly
- [25150] fix to XMLAPI - CreateUser does not work properly
- [25152] fix to XMLAPI - AutoResponder times not adjusted to/from UTC
- [25178] fix to possible crash in MdMbSrch.dll
- [25175] fix to possible crash in MDaemon.exe
MDaemon 21.0.2 - May 18, 2021
SPECIAL CONSIDERATIONS
[24757] The settings at Setup|Preferences|Miscellaenous to copy all system generated postmaster notifications
to global admins and domain admins now apply to more notifications, such as Account Freeze and Disable, No Such
User, Disk Error, Low Disk Space, and Beta and AV expiration. If you do not feel it appropriate for your
administrators to receive these notifications you must disable these settings.
CHANGES AND NEW FEATURES
- [24754] Updated ClamAV to version 0.103.2.
- [24810] MDaemon Connector has been updated to version 7.0.4.
- [24583] LetsEncrypt - Updated script for new staging issuer.
- [24586] Mobile theme - Added trial version warning on logon pages.
- [24538] Mobile theme - Expanded the navigation items for desktop window sizes.
- [24537] Mobile theme - Included the add image and hyperlink buttons in the HTML compose toolbar.
- [24604] Mobile theme - Compose - CC and BCC are now shown automatically on load when populated.
- [24517] Mobile theme - Moved the move and copy alerts to a notification message in the bottom right corner.
- [9206] WorldClient and LookOut themes - Allowed right click context menus in textareas like Notes.
- [14217] MDRA - Added an error message when attempting to create a new account with an already existing account mailbox name.
- [24452] AntiVirus - Improved update notifications for Cyren AV and ClamAV.
- [24707] Webmail - Added support for URL links in event and meeting previews.
- [24824] Improved MDMigrator compatibility with newer versions of Exchange and Outlook.
- [24830] The Let's Encrypt script has been updated to support ECDSA certificates. Let's Encrypt is currently only supporting
ECDSA certificates via their staging system and via an allowed accounts list in production. If you'd like to request an ECDSA
certificate from their production system, comment out lines 747 - 753 in MDaemon\LetsEncrypt\LetsEncrypt.ps1. For more information
please visit https://community.letsencrypt.org/t/ecdsa-availability-in-production-environment/150679. If you comment out
these lines and request an ECDSA certificate without being on the allow list, you will get an RSA certificate.
To request an ECDSA certificate add "-ECDSA" to the command line.
- [11947] Added a Cancel button to the log file search window in the MD GUI.
FIXES
- [24547] fix to Mobile theme - missing translations
- [24548] fix to Webmail - Snoozed messages are still displayed in the message view
- [24556] fix to Mobile theme - When you delete all messages in the message list, the list is not refreshed to show the rest of the messages in the folder
- [24553] fix to Mobile theme - Shift to select multiple items is not working correctly
- [24531] fix to Webmail - Cannot restore the default Custom Original Message Attribution setting
- [24595] fix to MDRA - Error when enabling ActiveSync - Form field [LocationScreenExempt] not found
- [24589] fix to MDRA - Remote Admin IMAP filter - unable to display "when any of these conditions are true" in the editor
- [24587] fix to MDRA - Apply to Subfolders is missing when editing the ACL of a public folder in some languages
- [24616] fix to outbound SMTP MTA-STS failure after falling back to smart host
- [24557] fix to MDaemon Statistics log does not roll over to the next day if a max log file size is configured
- [24516] fix to messages to multiple local users are deferred when option to not defer local messages is enabled
- [24508] fix to Content Filter may corrupt Japanese attachment filenames
- [24605] fix to MDRA - Forwarding - Clicking Schedule button as a domain admin, you receive Access Denied error
- [24613] fix to Mobile theme - mailto links are broken in messages
- [24639] fix to Lite theme - "remote Images were blocked" is missing from message view
- [24641] fix to Attachment Linking does not extract attachments from messages sent using Webmail
- [24487] fix to MDaemon disconnects an ATRN session after refusing a MAIL command due to the Sender Blacklist
- [24574] fix to Webmail - Chrome - Unable to drag and drop attachments to desktop
- [24509] fix to Webmail - IE11 - When clicking the attachment filename, only a blank tab appears
- [24467] fix to trusted IPs are not exempt from "Authentication is always required when mail is sent from local IPs"
- [24567] fix to Mobile theme - LDAP address book does not show up in contact folder lists
- [24657] fix to Webmail - CKEditor upgraded to version 4.16 to get vulnerability fixes
- [24658] fix to MDaemon accepts IPv6 connections using the default domain instead of a domain bound to the IPv6 address
- [24661] fix to "View" button on the Account Editor's "Mail Folder & Groups" screen does not open MDStats to the account's mail folder
- [24669] fix to Webmail - Version is not hidden on logon page when "Hide software version identification in responses & "Received:" headers" is checked
- [24670] fix to MDRA - Version is not hidden on logon page when "Hide software version identification in responses & "Received:" headers" is checked
- [24673] fix to MDRA - Page description panel tile settings tile to the right
- [24615] fix to MD GUI - Adding mailing list members using the account picker removes mailing lists configured as members
- [24668] fix to MDRA - Cannot remove groups from mailing lists members
- [24633] fix to Content Filter "remove header" action may not work
- [24684] fix to possible crash in WorldClient.exe
- [22716] fix to AV Updater screen showing wrong ClamAV information
- [24708] fix to Webmail - View PDF in browser not working
- [24671] fix to MDIM - Unable to send message with certain Japanese characters
- [24541] fix to MDIM - Disable option to send files in group chat
- [24681] fix to possible Alias.dat file corruption
- [24710] fix to Mobile theme - Cannot sort by Sender or Recipient in message list
- [24542] fix to MDIM - Unable to send files with Japanese character names
- [24739] fix to Webmail - Signature images are not attached when sending from an alias
- [24675] fix to duplicate Queue Summary messages may be sent to the postmaster
- [24648] fix to MD GUI does not warn when a public folder submission address is added as a spam honeypot
- [24749] fix to MDRA - Japanese characters are corrupted on the registration information window
- [24751] fix to Webmail and MDRA - fixed jQuery vulnerabilities
- [24752] fix to LetsEncrypt script not run when there is a space in the path
- [24758] fix to Mobile theme - deferred delivery is not working
- [24676] fix to calendar events marked as private in MDaemon Connector do not show as private in Webmail
- [24771] fix to Antivirus - AV exclusions not applied to IMAP and Webmail sessions
- [24737] fix to CalDAV - when sending a recurring meeting invitation in Apple Calendar for the Asia/Novosibirsk timezone the start time may be off by an hour
- [24726] fix to CalDAV - monthly recurring event set to occur on the last day of month occurs on the last seven days of the month after saving the event on the client
- [24778] fix to Mobile theme - Android - Unable to view PDF files in the browser when clicking on the attached file
- [24718] fix to Webmail IM not being able to log in while using Mobile theme
- [24826] fix to Dynamic Screening GUI Whitelist Add does not allow IPv6 address with mask
- [24833] fix to MDaemon delivers to the A record when all MX lookups fail due to the DNS servers reporting technical problems
- [24821] fix to possible MD GUI crash when doing a log file search
- [24854] fix to Cyren AV updates are failing when TLS 1.2 is not enabled on the system
- [24842] fix to ActiveSync GUI does not allow "Wipe device or enter 'Timed Lockout Mode' after repeated failed password attempts" policy option to be disabled
- [24791] fix to MD GUI - Adding mailing list members using the account picker may change the type of existing members
MDaemon 21.0.1 - March 16, 2021
CHANGES AND NEW FEATURES
- [24294] LetsEncrypt - Changed script to look for the new Certificate Issuer that LetsEncrypt changed to, and the fake Issuer that is
used with the -staging switch.
- [24293] LetsEncrypt - Updated script to look at -DNSName instead of Subject when looking for certificates to delete.
- [24400] Changed how split DKIM keys are displayed in the dns_readme.txt file to make copy & paste easier.
- [24327] MDRA - Users must enter their current password when attempting to change their account password.
- [24178] The "Enable ActiveSync" checkbox in the Account Editor is disabled when the ActiveSync license is full.
- [23955] When viewing the quarantine queue, the "Explanation" shown for messages quarantined by the Mailbox Scanner is "(Mailbox Scan) WARNING: infected with ($VIRUS_NAME$)".
- [24619] MDaemon Connector has been updated to version 7.0.3.
- [24601] Updated Cyren AV engine to version 6.4.0r2.
FIXES
- [20298] fix to DMARCReporter error 80004003 when decompressing .gz files on 64-bit version
- [24468] fix to possible crash in CFEngine.exe
- [24470] fix to Mobile theme - contact email addresses remain for new messages after a message is sent
- [24451] fix to Mobile theme - distribution lists do not expand correctly in the autocomplete field
- [24181] fix to MDaemon service can run as a configuration session
- [24464] fix to possible cause of DKIM verification failures
- [24462] fix to DMARC aggregate report generation issues
- [24476] fix to Mobile theme - Display Previews option cannot be disabled
- [24494] fix to Webmail - Public Calendar - If there are more than 100 events on a calendar, the page reloads constantly
- [24529] fix to Mobile theme - Selecting the To, CC, and BCC fields requires a click farther to the right of the header name than expected
- [24503] fix to MDaemon may not authenticate to a smart host when configured to "Send all email directly first, and then to smart hosts if there are problems"
- [24535] fix to Android ActiveSync clients may not be able to open attachments
- [24554] fix to ASMC does not sync data from an Office 365 account
- [24571] fix to archiving issues related to forwarding
- [24372] fix to distribution list contact corrupted after editing with ActiveSync client
- [24578] fix to XMPP Server does not create database correctly on clean install
- [24596] fix to possible crash in MDaemon.exe
- [24622] fix to contacts from MDaemon Connector have their contact picture as an attachment in Webmail
- [24628] fix to issues in MDaemon Connector with attachments of calendar and contact items saved in Webmail
- [24303] fix to Cyren AV mistakenly detects some PDF files as being password protected
MDaemon 21.0.0 - February 9, 2021
MAJOR NEW FEATURES
[19661] PERSISTENT CHAT ROOMS
MDaemon's XMPP server now supports persistent chat rooms, which do not need to be recreated every time all users leave the room. Configure them at Setup | Web & IM Services | XMPP.
[22236] VIRUS/SPAM MISCLASSIFICATION REPORTING
When on the Quarantine, Bad, or Spam Trap queue screens in the MDaemon GUI, a right-click popup menu option was added to report messages to MDaemon.com as false positives or false negatives.
Similar options have also been added to MDaemon Remote Administration. The messages will be analyzed and passed along to third-party vendors for corrective action.
[23722] ACTIVESYNC MIGRATION CLIENT (ASMC) GUI
A GUI has been created to assist in running ASMC (ASMCUI). It allows you to store your options and recall them at a later time.
WEBMAIL MOBILE THEME IMPROVEMENTS
- [22883] Added a way to see that a Note or Task has an attachment from the list view.
- [22879] Added dialog to choose between editing an occurrence and editing the series, and another to choose between deleting an occurrence and deleting a series.
- [22569] Added saved searches to the advanced search dialog.
- [22571] Added saved search folders.
- [23182] Added options to create a New Event, New Task, or New Note from a message.
- [23240] Added the Scheduling Assistant to the Event editor.
- [23401] Added Dropbox features.
- [23429] Added autocomplete functionality to attendees, distribution lists (name field), and folder share users.
- [23471] Added the Check Attachments feature.
- [23472] Added the resend message feature.
- [23486] Added Group By Company feature to the contact picker.
- [23457] Added the MDaemon IM client.
- [23551] Added keyboard shortcuts.
- [23572] Added ability for users to view Mailbox Quota status in View Options dropdown.
- [22852] Added the create All Unread and All Flagged saved search prompts.
- [22155] Added support for message threading.
- [23627] Added support for opening attachments in the browser in addition to the download option.
- [23699] Added ability to drag list items to folders for move or copy actions.
- [23707] Added right-click context menu to list views.
- [23710] Made some visual refinements to the swipe right to delete feature.
- [23718] Added a swipe left to toggle read/unread for the message list feature.
- [23731] Added additional dialog options for Contacts and Calendar folders in Settings | Folders.
- [23742] Added the ability to create a calendar event for the Anniversary or Birthday of a contact from the contact edit page.
- [23743] Added a contact's picture to the contact list.
- [23784] Added informational text to settings pages.
- [23815] Added an icon next to the subject line in the message view for toggling the flagged state of a message.
- [23836] Added an option use the auto-formatted date and time in the message list.
- [23840] Added preview popup windows for contacts, tasks, and notes with an option to enable/disable them under Settings | Personalize.
- [23857] Added ability to access the first two attachments of a message in the message list.
- [23861] Moved the "Message Sent" alert to a non-intrusive notification.
CLUSTERING IMPROVEMENTS
- [22342] Added Multi-Node Mail Routing, where mail queues are shared between the cluster nodes. Having multiple machines process and deliver the messages allows them to split the work
more evenly and prevents messages from being stuck in the queues of any machines that are down.
- [22218] SSL certificates are replicated from the primary to secondary nodes.
- [23345] Queues on secondary nodes are frozen during the initial data replication, which improves responsiveness during startup.
- [23668] Replication is paused as soon as MDaemon shutdown starts, eliminating clustering-related shutdown delays.
- [23340] The admin is notified if the automatic update option is disabled when enabling the clustering service.
- [24190] Cluster nodes may be added using IP address or DNS name.
CHANGES AND NEW FEATURES
REMOTE ADMINISTRATION (MDRA)
- [23352] Updated the styling of the graphs and reports.
- [23438] Added the ability to view a typed password. Setting values that contain passwords are masked when requested from the server.
- [23452] Moved Administrator Notes into Administrative Roles view for Global Admins.
- [23426] Added Host Authentication under Setup | Server Settings.
- [23420] Added Groups under Account Templates | New Accounts and updated Group selection to use a tree-based checkbox interface.
- [23562] Added an option to enable/disable the show password feature.
- [23550] Added the Explanation column to the Quarantine queue list.
- [23516] Added additional information when the "Apply to sub-folders" button is clicked.
- [23443] Mailing list names are trimmed of spaces when saving changes.
- [9627] Updated the appearance of the status page tables and the disk usage statistics.
- [11845] Added list filters for Config Files and Log Files.
- [23794] Added Domain NAT Exemptions page under Security | Dynamic Screening | Domain NAT Exemptions.
- [22429] Added ability to resize list columns.
- [22088] Added ClamAV and CyrenAV configuration options at Security | AntiVirus | AntiVirus.
- [23040] Added Test buttons at Setup | Active Directory | Authentication and Main | Mailing Lists | Edit | Authentication.
- [20168] Added custom branding options for Remote Administration at Main | Remote Admin Settings | Branding.
- [12032] Added a table of Domain Statistics at Main | Status that shows the Total Messages and Total Space used per domain according to the quota counts. This feature is only available in
MDaemon Private Cloud version.
- [15209] Added a "Restart Spam Filter" button to the Spam Filter | Spam Filter | Spam Filter page.
- [16016] Added a way to display the password requirements in the case that the user must change their password before login.
- [12472] Added ability to manage the RAW queues under Messages and Queues | RAW Queue.
- [14565] Added ability for Domain Admins to manage Spam Trap. This feature is only available in MDaemon Private Cloud version.
- [14727] Added ability to create custom links that are added to the navigation menu. This feature is only available in MDaemon Private Cloud version.
- [23934] Added Webmail Custom Links manager at Main | Webmail Settings | Custom Links for GAs and Main | Webmail Custom Links for DAs.
- [16769] Added options to set List Admin permissions levels.
- [16966] Added "Create new Backscatter Protection key" button at Security | Other | Backscatter Protection.
- [17000] Added the "Test" button at Spam Filter | DNS-BL | Hosts.
- [16963] Added the "Send aggregate reports now" button at Security | Sender Authentication | DMARC Reporting.
- [18033] Added a mailbox exclusions list at Main | Remote Admin Settings | Settings to prevent display of specific mailboxes in Reports.
- [12541] Added "Release All" and "Requeue All" buttons to the Queue managers at Messages and Queues | Deferred Queue, Holding Queue, Quarantine Queue, Spamtrap Queue.
- [16964] Added the VBR Certification Setup page at Security | Sender Authentication | VBR Certification "Configure a domain for message certification".
- [11060] Added a directory browse button that can be used across several pages in MDRA by Global Admins.
- [23941] Changed the name of Mobile Devices to ActiveSync.
- [16859] Added a "Recommended" button to restore the recommended settings for the account Web Services page.
- [23940] Added the domain level "Log Level" option for ActiveSync client settings.
- [23987] Added a button to take users to the Dynamic Screening Logging Options from the Setup | Logging | Settings page.
- [24228] Added the Edit Default Autoresponder file button at Setup | Account Settings | Autoresponders
CONTENT FILTER
- [16490] Added ability to search for restricted files inside 7-Zip compressed files.
AUTORESPONDERS
- [6783] Autoresponders now support Unicode (UTF-8), allowing the text to be in any language.
IMAP FILTERS
- [24068] IMAP filtering rules can now search the message body for particular text.
WEBMAIL
- [22104] Added ability to attach an event to a new email from the right-click menu in LookOut and WorldClient themes, and from the event preview in Mobile theme.
- [23667] All New Account Creation features have been removed.
- [23701] Added an option to set the default calendar view for published calendars.
- [22124] Added an option to skip the IP persistence check on a per user basis. In MDRA edit a user account, go to Web Services and check "Skip IP persistence check for Webmail sessions".
- [14232] Added ability to search the CC field in advanced search.
- [22176] Added an option to publish a free / busy calendar link in addition to a normal calendar link.
- [23862] Added Maximum Messages sent per day to the displayed quotas.
SPAM FILTER
- [24021] Updated to SpamAssassin 3.4.4.
- [24083] Removed deprecated settings in local.cf.
MDAEMON CONNECTOR
- [24119] MDaemon Connector has been updated to version 7.0.2.
USER INTERFACE
- [23920] Setup | Mobile Device Management has been removed and replaced by the ActiveSync Management dialog at Setup | ActiveSync.
- [22670] The ActiveSync Client Settings screen has been removed. Customize client settings on the Tuning, Domains, Groups, Accounts, and Clients screens.
- [23577] The ActiveSync Client Type screen has menu commands to whitelist and blacklist client types.
- [23629] Added screens at Setup | Message Indexing for the configuration of real-time and nightly maintenance of the search indexes used by Webmail, ActiveSync, and Remote Administration.
- [23435] Several plugins now share a common Diagnostics configuration screen.
- [22653] Additional information is logged to the Plug-ins log.
- [23829] Dynamic Screening allows 0 for recurrence penalties when blacklisting IP addresses.
- [24129] Updated the text for the "Hide account" option at Account Editor | Settings.
XMLAPI
- [23824] The appearance of the XMLAPI documentation portal can be customized globally and by domain. See the "Changes and development notes" in the help portal (ie. http[s]://ServerName[:MDRAPort]/MdMgmtWS)
or view the file \MDaemon\Docs\API\XML API\Help_Readme.xml on disk using Internet Explorer for more information. A sample company.mail directory is provided at \MDaemon\Docs\API\XML API\Samples\Branding.
- [23736] Added Alias operation to simplify Alias management, resolve and report aliases.
- [23642] Added FolderOperation Search action to search messages.
- [22174] Added support for the Cluster Service to QueryServiceState and ControlServiceState.
ARCHIVING
- [24179] When a message is sent between local accounts, both "in" and "out" archive copies will be created if both "Archive inbound mail" and "Archive outbound mail" are enabled.
- [23802] The option to archive spam messages, which was removed in version 20.0, is back.
- [24163] Spam messages released from the Spam Trap are archived.
ANTIVIRUS
- [24196] Updated ClamAV to version 0.103.0.
- [24287] Updated Cyren AV engine to version 6.3.0.2.
OTHER
- [23724] ASMC supports new command line options. /LogLevel:UnsignedInteger : The logging detail level [Default = 1 (Debug)]. /GPI:UnsignedInteger : The number of minutes between when the global processing
status is logged. [Default = 1 Minute].
- [23936] WDaemon - The "Server" response header is now hidden when "Hide software version identification in responses & "Received:" headers" is checked at Setup | Preferences | Headers.
- [23591] XMPP Server - Updated database backend to version SQLite 3.33.0.
- [24127] AD Monitoring - proxyAddresses attribute values that do not start with "smtp:" are ignored.
- [24202] MDaemon Instant Messenger - Added support for Slovenian language.
FIXES
- [23791] fix to incorrect API documentation for MD_DeleteAlias
- [23711] fix to ActiveSync server may limit Sync Window Size to 100
- [23692] fix to Cluster Service may not restart correctly when joining or leaving cluster
- [23631] fix to 32-bit and 64-bit mailbox search databases differ in file format
- [23597] fix to possible hang during cluster service shutdown
- [23575] fix to ActiveSync - Overriding log level to None at non-global levels does not work
- [23410] fix to F1 key does not open help on Dynamic Screening dialogs in the MD GUI
- [23437] fix to MDRA - Dropbox - Clicking "Edit text of privacy policy" button results in access denied
- [23434] fix to MDRA - No error when creating a gateway with the same name as your domain in Domain Manager
- [23424] fix to MDRA - Mailing Lists Export not working
- [23353] fix to MDRA - Public folder submission address not allowing non-existent local address
- [23301] fix to Mobile theme - Unsubscribed calendar's events still show up when calendar was checked prior to unsubscribe
- [20765] fix to Webmail - Sending via RPost no longer works
- [20135] fix to MDRA - Search returning incorrect results for Recipients
- [23725] fix to Mobile theme - compose text area is difficult to use on a mobile device
- [23735] fix to Mobile theme - drag and drop attachments in compose view is hidden on desktops
- [23744] fix to Mobile theme - Options | Folders - folder collapse button is too small on handheld devices
- [23684] fix to Webmail - Calendar event editor might show wrong start and end dates and times
- [20422] fix to MDRA - Everyone and MasterEveryone lists are not created when the setting is enabled and not deleted when the setting is disabled
- [23817] fix to Mobile theme - Mark as Read on Preview setting not being honored
- [9768] fix to LookOut theme - If you resize the preview pane to the very top of the window you cannot drag it back down
- [23855] fix to Mobile theme - Sometimes the back button in the browser takes the user to the login screen
- [23876] fix to Webmail - Some text is not translated
- [23383] fix to Mobile theme - Calendar event drag and drop not working
- [23872] fix to MDRA - the Download button does not work when viewing a log file
- [23885] fix to MDRA - No configuration error when setting forward schedule to start and end on the same date and time
- [23883] fix to MDRA - Clearing and saving Forwarding Schedule causes menus to disappear
- [23891] fix to Mobile theme - On smaller devices, the View/Sort options are cut off on the left side
- [23881] fix to AD monitoring creates incomplete alias list for accounts with many aliases
- [23931] fix to Mobile theme - IMAP Filter - Folders containing non-ASCII characters are not displayed correctly
- [23942] fix to possible MDStats.exe crash with long public folder name
- [23944] fix to message with route slip may not be bounced immediately if the smart host returns a 5XX RCPT error
- [23852] fix to incorrect deferred delivery logging
- [23895] fix to CalDAV - with the Outlook CalDav Synchronizer plugin tasks are duplicated after synchronization
- [23921] fix to MDRA - When you edit the External Warning message rule it changes the action to "then sign with private key"
- [23953] fix to Mobile theme - Message Preview - Clicking details on one message causes all future messages to display headers
- [23981] fix to MDRA - Changes to SPF whitelist do not take effect until MDaemon is restarted
- [23985] fix to Webmail - Messages sent from Outlook do not print correctly in Chrome-based browsers
- [24029] fix to Webmail - Remember Me only works for one device / browser at a time
- [24042] fix to Spam Filter - queue-based scan is incorrectly interpreting the scan size limit
- [24048] fix to MDRA - Editing domain settings for ActiveSync results in an exception
- [24046] fix to Webmail - If AV engine is configured to not allow macros, Webmail reports that the attachment is infected instead of containing macro
- [24009] fix to incorrect syntax in generated Authentication-Results headers
- [23749] fix to Print/Copy in the MD GUI not always working
- [24082] fix to Mobile theme - No error displayed when AV detects macro in uploaded attachment
- [24079] fix to Lite theme - Double clicking on the Send button will send a message twice
- [23990] fix to Attachment Linking may not extract files from HTML messages created by iOS Mail
- [24097] fix to --pgpx not causing some emails to bounce back to sender as undelivered
- [22967] fix to Mobile theme - No messages are displayed when Enable Message Snooze is disabled
- [24128] fix to possible Account Manager UI crash
- [23346] fix to Clustering - some notifications were not being sent between secondary nodes
- [23162] fix to ActiveSync - the formatting of notes may be lost on iOS clients
- [24176] fix to Mobile theme - The calendar translations are in Russian when English-UK is chosen for the user language
- [24182] fix to MDRA - ActiveSync Clients list may be populated with other users' clients from the same domain
- [24193] fix to trusted IPs are not exempt from RFC compliance check
- [24184] fix to Lite theme - HTML messages appear blank in newer versions of Firefox
- [24203] fix to Mobile theme - new features are not being loaded (old code is cached)
- [24159] fix to Webmail - IE11 - Only 100 contacts in a Japanese Addrbook.mrk file are displayed
- [24199] fix to MDRA - bottom half of mailing list member lists are highlighted in grey
- [24197] fix to Content Filter - Restricted attachment actions not logged and notifications not sent when attachment extracted from rich text mail
- [24218] fix to Cyren AV Updater - Updater does not always try to reattempt to download updates for certain errors
- [24224] fix to MDRA - branding image uploads are failing due to caching
- [24154] fix to "SMTP server requires STARTTLS on MSA port" is not enforced for AUTH command
- [24229] fix to Mobile theme - Invalid parameters error being displayed to users
- [24241] fix to MD GUI requires autoresponder end time to be after the start time even when the end date is after the start date
- [24250] fix to Mobile theme - Mark as Spam and Mark as Not Spam do not work in the message preview dropdown
- [24256] fix to MDRA - Dynamic Whitelist and Blacklist entries use the wrong time zone
- [24270] fix to MDaemon creates "Tentative" meeting when it processes a "Busy" iCalendar invitation from Outlook
- [24318] fix to Mobile theme - Unable to delete the first filter and wrong filters being deleted
- [24405] fix to Autodiscover not working for Outlook IMAP accounts
MDaemon 20.0.4 - January 12, 2021
FIXES
- [24322] fix to MDRA vulnerability that may allow remote code execution
- [24323] fix to security vulnerability in MDRA
- [24324] fix to Webmail cross-site scripting vulnerability
- [24325] fix to security vulnerability in Webmail
- [24258] fix to possible MDaemon.exe crash when using POP3 with SSL
- [24211] fix to possible crash in WorldClient.dll
- [24342] fix to potential security vulnerability
MDaemon 20.0.3 - October 20, 2020
CHANGES
- [24113] MDaemon will comment out the line "AlertExceedsMax yes" in ClamAV's clamd.conf due to it causing
too many "Heuristics.Limits.Exceeded" AV scan failures.
FIXES
- [24032] fix to possible crash in MDASMgmt.dll
- [24025] fix to possible crash in AclShlFx.dll
- [24093] fix to possible crash in MDAirSync.dll
- [24057] fix to possible crash in CFilter.dll
- [24053] fix to possible crash in WorldClient.dll
- [24109] fix to possible crash in WCXMPPServer.exe
- [23867] fix to MDaemon may not authenticate to a smart host when sending a message with a route slip
- [24107] fix to $CLIENTSIGNATURE$ macro does not work for a domain-level client signature
- [24022] fix to ActiveSync - CPU usage spikes when syncing a particular message
- [24110] fix to ActiveSync - HTML message formatting is lost on Windows Mail
- [24121] fix to ActiveSync - members are removed from distribution lists
MDaemon 20.0.2 - September 22, 2020
FIXES
- [10307] fix to Webmail - compose text may have the wrong font size in Firefox
- [23858] fix to ActiveSync - high CPU and memory usage when syncing particular HTML messages
- [23928] fix to ActiveSync - error when accessing shared mail folders
- [23932] fix to MDRA - possible crash
- [23908] fix to Gateway Manager does not save changes after the first time Apply is clicked
- [23816] fix to Content Filter - HDR files not being deleted from CFilter\Temp automatically
- [23886] fix to Content Filter/AV/Spam Filter activities possibly not being logged on 64-bit installs
- [23889] fix to Outbreak Protection - MDOP header not being added to message before being moved to quarantine folder
- [23959] fix to distribution list/contact group downloaded via CardDAV is not displayed correctly in eM Client
MDaemon 20.0.1 - August 18, 2020
SPECIAL CONSIDERATIONS
[16827] The network resource access settings at Setup | Preferences | Windows Service now configure the
MDaemon service (and the Remote Administration and XMPP Server services) to run as the specified account,
instead of MDaemon running as SYSTEM and then it running specific processes and threads as that account.
The installer will update the services to run as the specified account when updating to this version.
[23399] Because of changes to and deprecation of many settings in clamd.conf, the installer will now overwrite
existing clamd.conf. If you have customized your clamd.conf you may need to review and make changes to
clamd.conf after installation.
CHANGES AND NEW FEATURES
- [23267] MDRA - Added the X-MDaemon-Deliver-To default header condition to Content Filter rule editor.
- [23369] Mobile theme - Added mini calendar in the left menu for jumping to dates.
- [23371] Mobile theme - Added side by side calendars for desktop sizes.
- [23387] Mobile theme - Added the ability to play audio file attachments in the message view.
- [23388] Mobile theme - Added ability to import an S/MIME certificate to a contact from a signed message.
- [23377] WorldClient and Mobile themes - Changed the "change password" page that shows up after login to highlight the Current Password.
- [23239] WorldClient and Mobile themes - Added the ability for users to view the password that they are typing as a means to confirm for themselves that they are typing it correctly.
- [23490] MDRA - Darkened the background color of the primary navigation menu to increase the contrast between it and the secondary menu.
- [23559] MDRA - Added an option to enable/disable the ability for users to view the password that they are typing under Main | Webmail Settings | Settings and Domain Manager | Edit | Webmail Settings.
- [23574] Clustering - When clustering is enabled MDaemon writes the machine's FQDN to the Received header instead of the domain's FQDN. The machine name is also included in the Subject of Queue Summary emails.
- [22627] DNS lookups using EDNS0 that fail with an "incorrect packet format" error are now retried without EDNS0. After enough of these failures, EDNS0 will be disabled.
- [23492] The VBR certification host "vbr.emailcertifcation.org" has been deprecated and removed from VBR settings.
- [22765] Antivirus - In Quarantine Queue, attachments that cannot be scanned or detected as containing macro will show "WARNING! attachment cannot be scanned ($ATTACHMENTFILENAME$)" and "WARNING! macro detected ($ATTACHMENTFILENAME$)".
- [23101] The default permissions for a domain's public contacts folders is now read-only instead of read/write. Existing permissions are not changed though so check the permissions on your folders and adjust them to your liking.
- [23663] When creating a new mailing list "Allow subscription requests" is disabled by default.
- [23789] ClamAV - Updated to version 0.102.4.
FIXES
- [23113] fix to Mobile theme - translations are not working in the calendar view
- [23186] fix to Mobile theme - "Back" navigation always takes users to the first page
- [22959] fix to Mobile theme - When using IIS, inline images do not show up in messages or drafts
- [23270] fix to LookOut theme - Settings pages are missing their titles
- [23397] fix to Webmail - If a user enters an optional password that is too long for a published calendar the request will not complete in a timely fashion
- [23399] fix to Antivirus - will now report ClamAV "Heuristics.Limits.Exceeded" as non-scan instead of a virus
- [23403] fix to SMTP screening logging saying "Dynamic screening"
- [23407] fix to Mobile theme - Unable to save start/end time values after editing autresponder
- [23167] fix to MDMigrator - Unable to import more than a single alias
- [23488] fix to Task Due Date set to a day in the future when using CalDAV Synchronizer
- [23491] fix to MDRA - Recipient Blacklist editor does not add items correctly if there's an entry with unmatched double quotes
- [23509] fix to Mobile theme - Contacts list stuck loading when all contacts selected
- [23554] fix to Mobile theme - date picker calendar not translated
- [23561] fix to Webmail - MDPGP results string has HTML tags enclosing the key id
- [23549] fix to Webmail - MDPGP options - subject may be overridden incorrectly
- [23545] fix to Outlook task assignment messages are corrupted by winmail.dat attachment extraction
- [23567] fix to MDRA - missing radio button at Security | AntiVirus | AntiVirus
- [23560] fix to MDRA - Dropbox Integration settings not saving
- [23432] fix to SSL/TLS session resumption does not work
- [23579] fix to meeting organizer's calendar item loses formatting and hyperlinks when an attendee accepts the meeting request
- [23596] fix to Mobile theme - Password Recovery screen will not allow password to be changed
- [21016] fix to Webmail - attachment filenames encoded according to RFC 2231 are not decoded
- [23601] fix to Mobile theme - From select field is missing in the Compose view
- [23600] fix to Mobile theme - Dates typed into date entry field revert to the previous value
- [23609] fix to Webmail - possible crash when importing iCalendar file into calendar
- [23633] fix to Dynamic Screening notifications about IPs blocked by SMTP Screen that are already on the blacklist
- [23626] fix to possible MDaemon.exe crash when generating DMARC aggregate reports
- [23635] fix to possible crash in WorldClient.dll
- [22290] fix to Webmail - When forwarding certain messages, cke_protected is added to the body
- [23648] fix to Webmail - Share Folder option missing when user has admin permissions but not edit permissions
- [23657] fix to deleted account may reappear in GroupWareUsers.dat when enabling MDaemon Connector for another account
- [23634] fix to MDRA - Location Screening - Unable to save Whitelist entries since Save button is unavailable
- [23573] fix to Mobile theme - Email templates show up with \\ at the end of each line
- [18461] fix to tray icon problems with config session - also added a 'Reset Tray Icon' to tray and Help menus which will stop the flashing and return status message to normal
- [23678] fix to the default domain's IP is used for all other domains
- [23676] fix to Mobile theme - User experience - Nothing to indicate that you have to enter your current password when changing the recovery email address
- [23677] fix to Mobile theme - Sign In button is not enabled until the password meets minimum length requirements
- [23686] fix to Mobile theme - Calendar list view is not translated
- [23685] fix to MDRA - The forwarding address field's max length is only 72 characters
- [23673] fix to Mobile theme - Forgot password page has "null" in the email address field
- [23451] fix to content filter possibly causing a message to go missing
- [23670] fix to messages in the Deferred queue with no To header are moved to the Bad queue
- [23654] fix to SPF "Maximum number of 'void' lookups" setting may not work properly
- [22815] fix to AV Updater proxy settings not written to freshclam.conf
- [23715] fix to AD Monitoring - A change in an AD account causes MultiPOP or Forwarding to be disabled
- [23730] fix to AD Monitoring issues when accounts are removed from a group
- [23717] fix to folder permissions may be changed when exporting to public address book
- [23688] fix to clustering replication may fail due to an unexpected error
- [23656] fix to Webmail - XSS vulnerabilities
- [23776] fix to MDRA - Domain missing in Domain Manager for domain admins
- [23777] fix to Webmail - Edge reveal icon displayed next to Webmail reveal icon in password fields
- [23780] fix to Mobile theme - Columns settings page may not load
- [23502] fix to XMPP server - server not sending user's presence back to them
- [23660] fix to non-ASCII characters in account administrator notes may be corrupted
- [23805] fix to possible crash in WorldClient.dll
- [23800] fix to ASMC - Mail item Add operations overwrite previously added message files
- [23786] fix to default autoresponder text (OutOfOffice.rsp) is not translated
- [23844] fix to contact and calendar items may fail to sync to the Outlook mobile app
MDaemon 20.0.0 - June 16, 2020
SPECIAL CONSIDERATIONS
[8930] Please carefully read the section in the full release notes labeled as task [8930] as it involves changes to the
Active Directory integration system and you may find things that were broken in the past now starting to work.
Please be aware of all changes made in that area and carefully read that section of these release notes.
[22733] MDaemon 20.0 requires Windows 7, Server 2008 R2, or newer.
[12190] Setup|Preferences|Miscellaneous has two new checkboxes that control whether system generated notification
emails periodically sent to the Postmaster alias should also be sent to Global and Domain level administrators.
By default, these options are both enabled. Domain administrators are restricted to receiving only those emails
which are for their domain and the Release Notes. Global administrators receive everything including the Queue
Summary report, Statistics report, Release Notes, 'No Such User' found (for all domains), Disk Error notifications,
Account Freeze and Disable notifications for all domains (which, like Domain admins, they can unfreeze and re-enable),
warnings about licenses and beta test versions about to expire, Spam Summary reports, and perhaps others as well.
If you do not feel it appropriate for your administrators to receive these notifications you must disable these
settings.
[22604] How autoresponders are stored has changed. The text for an accounts autoresponder is now stored as OOF.MRK
within the account's DATA folder which is a new sub-folder inside the account's root mail folder. Autoresponder script
files are no longer kept in the APP folder and they are not shared between accounts. When MDaemon starts for the first
time it will migrate all existing autoresponder files and settings to the correct places for every account. The
AUTORESP.DAT file is obsolete and will be deleted along with every account specific .RSP file (OutOfOffice.RSP and
non-account specific files will remain for reference and sample purposes). If you wish to quickly assign a single
autoresponder configuration to multiple accounts you can use the new Publish button found at Account Editor|Account
Settings|Autoresponder. This button will copy the existing autoresponder script text and all settings for the current
account to other accounts that you select. There is also a button at Accounts|Account Settings|Autoresponders|Settings that lets you
edit the default autoresponder script (OutOfOffice.rsp). This default is copied into an accounts OOF.MRK if the
OOF.MRK is missing or empty.
[22738] How account signature files are stored has changed. Signature files are now stored as SIGNATURE.MRK within
the account's DATA folder which is a new sub-folder inside the account's root mail folder. When MDaemon starts for
the first time it will migrate all existing signature files to the correct places for every account. The root
MDaemon Signatures folder will no longer contain account specific signature files however it remains in place as it
may still contain items needed by WebAdmin and the Content Filter. The original Signatures folder was backed up to
\Backup\20.0.0a\Signatures\ prior to migration.
Finally, every account's ADMINNOTES.MRK has been moved from the account's root mail folder to the new DATA sub-folder.
[8014] Security|Spam Filter|White List (automatic) has had the default value changed to disabled for the option
'...only whitelist addresses that authenticate using DKIM'. Having this enabled turns out to be a little restrictive
for many and prevents address book whitelisting from working for MultiPOP and DomainPOP mail. Re-enable the setting
if this is not to your liking.
[22512] Setup|Preferences|UI 'Center all UI dialogs' has been reset to a default of 'enabled' for everybody. If
you prefer otherwise you can disable it. This prevents screens from being created partially out of frame (which
is better IMO) but it also makes multiple overlapping screens harder to select at times.
[22515] Security|Security Manager|Screening|Location Screening - The default for this feature has been changed from disabled to enabled.
When Location Screening is enabled the connecting country/region will always be logged (if known) even when the
particular country/region is not being actively blocked. So, even if you do not wish to block any country you can
still enable Location Screening (without selecting any countries to block) so that country/region can be shown and
logged. Since the default setting for this has changed upgraders should take a look at their Location Screening
configuration for correctness. MDaemon will insert the header 'X-MDOrigin-Country' that lists the country and region
for content filtering or other purposes.
[19910] The hard-coded fixed size limit of 2 MB for spam filter scans has been removed. There is now no theoretical
limit to the size of a message that can be spam scanned. It is still possible to configure your own limit in
case this is a problem but configuring 0 (zero) now means no limit. Additionally, the size limit has been converted
from KB to MB and your existing value has been automatically converted or set to zero. You should check it at
Security|Spam Filter|Settings and make sure this value is set how you want.
[21527] Added 'Sender Domain' and 'Recipient Domain' columns to the Queues screens in the main UI. As a result
of this a one-time reset of saved column widths had to be done. Once you set the column widths to your liking
they will be remembered.
[18617] By default now the Host Screen is applied to MSA connections. You can disable this at
Security|Security Manager|Screening|Host Screen if you like.
[2356] By default MDaemon IMAP, WebMail, and ActiveSync servers no longer provide access to the shared folders of
disabled accounts. You can change this with a new settings at Setup|Server Settings|Public & Shared Folders.
MAJOR NEW FEATURES
[14587] Clustering
MDaemon's new Cluster Service is designed to share your configuration between two or more MDaemon servers on your network.
This makes it possible for you to use load balancing hardware or software to distribute your email load across multiple MDaemon
servers, which can improve speed and efficiency by reducing network congestion and overload and by maximizing your email
resources. It also helps to ensure redundancy in your email systems should one of your servers suffer a hardware or software
failure. More information on setting up MDaemon in a cluster can be found in the MDaemon Help file.
[17087] REQUIRETLS (RFC 8689)
The RequireTLS effort in IETF is finally finished. Support for this has been implemented. RequireTLS allows
you to flag messages which MUST be sent using TLS. If TLS is not possible (or if the parameters of the TLS
certificate exchange are unacceptable) messages will be bounced rather than delivered insecurely. For a complete
description of RequireTLS see the RFC specification and especially the Abstract, Introduction, and Security
Considerations sections.
RequireTLS is enabled by default. You can disable it with a new switch at Security|Security Manager|SSL & TLS|SMTP Extensions. It's fine
to leave the service enabled. Only messages specifically flagged by a rule you must create using a new Content
Filter action or messages sent to <local-part>+requiretls@domain.tld (for example, arvel+requiretls@mdaemon.com)
are subject to the RequireTLS process. All other messages are treated as if the service was disabled.
Several requirements must occur before a message will be sent using RequireTLS. If certain of them fail the
message will not be sent and will bounce back rather than be sent in the clear. The requirements are:
- RequireTLS must be enabled via the switch mentioned above
- The message must be flagged as needing the RequireTLS treatment
- DNS lookups for recipient MX hosts must use DNSSEC (see below), or the MX must be validated by MTA-STS (see [16696])
- The connection to the receiving host must use SSL (STARTTLS)
- The SSL certificate of the receiving host must match the MX host name and chain to a trusted CA
- The receiving mail server must support REQUIRETLS and say so in the EHLO response
- If any of these steps fail the message is not delivered and is bounced back to sender.
RequireTLS requires DNSSEC lookups of MX record hosts, or the MX must be validated by MTA-STS.
You can configure DNSSEC at Security|Security Manager|SSL & TLS|DNSSEC
by specifying criteria whereby lookups will request DNSSEC service. DNSSEC requires appropriately configured
DNS servers which is your responsibility. MDaemon's IP Cache and MX Hosts files have been updated to accept
DNSSEC assertions. There's a new checkbox at Setup|Server Settings|DNS & IPs|IP Cache and you'll find fresh instructions at the
top of the MX Hosts file for how to take advantage of this.
RequireTLS is an important advance against several possible attacks on email security and we are proud to have
been a participant in this effort. Hopefully in the coming year all mail systems will deploy this.
[18705] DOMAIN/COMPANY-WIDE MDPGP ENCRYPTION WITH A SINGLE KEY
MDPGP now supports encrypting messages between domains using a single encryption key for all users. For example,
suppose 'Domain-a' and 'Domain-b' wish to encrypt all emails sent between them but do not wish to setup and police
individual encryption keys for every user account within the domain. This can now be done as follows:
'Domain-a' and 'Domain-b' each provide the other with a public encryption key via any method they like. For example,
they can email the keys to one another by right-clicking on an existing public key in the MDPGP UI and selecting
'Export & Email Key.' If they wish to create new keys dedicated for this purpose they can click the 'Create keys
for a specific user' button and choose the '_Domain Key (domain.tld)_ <anybody@domain.tld>' item which has
been put there for this purpose (although any key will work). Once each side has received the other's key they
click the 'Import Domain's Key' button on the MDPGP UI and enter the domain name to which all emails will be encrypted
using the provided key. The system does not create a key in the dropdown list for every one of your domains. You
can use the key that is provided for all your domains or you can create domain specific keys yourself if you wish.
If either side already has a public key they wish to use and it is already on the key-ring they can right-click on
the key in the MDPGP UI and select 'Set as a Domain's Key'.
Do not use a key for which you also have the corresponding private key. If you do, MDPGP will encrypt a message
and then immediately see that the decryption key is known and promptly decrypt that very same message.
At this point MDPGP creates a Content Filter rule called 'Encrypt all mail to <domain>' which will invoke the
encryption operation on every email sent to that domain. Using the Content Filter means that you can control this
process by enabling or disabling the Content Filter rule. You can also tweak the rule to fine-tune the criteria you
wish to employ before messages are encrypted (for example, maybe you want to do this same thing but for two domains
or for only certain recipients within the domain). The Content Filter provides the flexibility to achieve this.
[18705 PART 2] ENCRYPTING OUTBOUND MAIL BASED ON RECEIVING IP
MDPGP has a new checkbox and setup button where you can map IP addresses to specific encryption keys. Any outbound
SMTP session delivering a message to one of these IPs will first encrypt the message using the associated key
just prior to transmission. If the message is already encrypted by some other key no work is done. This is useful
(for example) in situations where you want to make sure all messages sent to certain key partners, suppliers,
affiliates, etc are always encrypted.
[9745] MACROS FOR MAILING LIST MESSAGES
The Mailing List Editor|Routing screen has some new options which will allow for macros to be used within the
message body of list posts. This will allow you (for example) to personalize each list message. Macros have
been supported for a long time in list mail header and footer files but never the message body until now. Since the
macros are related to individual list members this option is only compatible with lists that are configured to
"Deliver list mail to each member individually." That's why these options are on the Routing screen. For
security purposes (probably you don't want all list members to be able to use this) you can select a checkbox
which requires that the list's password be provided or no macros will be expanded. The list password is an old
setting and can be found on the Moderation screen. If you don't provide a password that means any list member
with "Write" privileges will be able to submit a post with macros so I recommend using a password /or/ enabling
this feature for lists that have all "Read-only" members but who knows, it's up to you really. Here are the
current macros available for use:
- $LISTNAME$ - the name of the mailing list (ie.. md-beta)
- $LISTDOMAIN$ - the domain of the mailing list (ie.. mdaemon.com)
- $SENDER$ (or $POSTER$) - the email address of the person sending the message
- $EMAIL$ - the email address of the list member
- $FULLNAME$ - the full name of the list member (if available)
- $FIRSTNAME$ - the first name of the list member (if available)
- $LASTNAME$ - the last name of the list member (if available)
The list member name parsing code can handle "First Last" and "Last, First" formats OK.
[19572] IMPROVED HIJACK DETECTION SYSTEM
Security|Security Manager|Screening|Hijack Detection has been improved. There are some new controls which will cause MDaemon
to count the number of times that an authenticated user tries to send an email to an invalid recipient. An invalid
recipient is defined as a 5xx error code in response to a RCPT command when trying to send the user's mail.
If too many of these errors occur within too short a time frame you can have MDaemon freeze the account (the
postmaster will get an email about this and they can respond to re-enable the account). This is a powerful measure
to protect against accounts who have had their passwords stolen and are blasting out spams. I'm assuming that most
of the attempted spams will result in a "5xx User Unknown" error fairly often. This should help prevent hijacked
accounts from doing too much damage.
As part of this work the From Header Modification controls had to be moved to their own screen to make room for
the new hijack detection controls. The From Header Screening settings can now be found at Security|Security Manager|Screening|From
Header Modification.
[22391] DEFERRED MESSAGE QUEUE AND IMPROVED MESSAGE RECALL
MDaemon now has a dedicated queue for deferred messages. Messages are deferred as part of the Message Recall
and Deferred-Delivery header support. Previously, the INBOUND queue was clogged up with deferred messages
slowing down the system from delivering non-deferred mail. You can see there is a Deferred queue listed with
the other queues in the tool window now and there's a Deferred sub-tab of the Queues root-tab so you can inspect
the content of the DEFERRED queue. Messages in the DEFERRED queue are placed there by the system and have the date
they are set to leave the queue encoded into the file name. MDaemon checks the DEFERRED queue once per minute
and when it's time for messages to leave the queue they are moved to the INBOUND queue and subject to normal
message processing/delivery. Activity is logged to the Routing tab/log file.
The Message Recall system no longer requires any delay or time spent in the DEFERRED queue. So, you can set
the delay time to 0 if you want. However, this risks the strong possibility of the message you want to recall
being delivered so a delay of at least 1 or 2 minutes is recommended. Otherwise you give your users very little
time to realize they want to recall, send the recall request, and have time left over for MDaemon to process
the request. But, also consider that since the recall system is now able to remove recalled messages from the
remote queue(s) where there might already be a delay it didn't seem necessary to force a second delivery delay
by making you use the DEFERRED queue needlessly. However, if you have your MDaemon setup to immediately deliver
everything that gets into the remote queue(s) the instant it arrives there then you should consider using a delay
value (something besides 0); otherwise recall won't have time to remove mail from the remote queue(s).
MDaemon now tracks the Message-IDs of the most recent email sent by each authenticated local user. This means
users can recall the last message they sent (but only the last message they sent) simply by putting RECALL
(alone by itself) as the Subject in a message sent to the mdaemon@ system account. There is no need to find and
paste the Message-ID of the message you want to recall when it is the last message sent that needs to be recalled.
Recalling any other message still requires the Message-ID be included in the Subject text or the original message
from the users SENT folder attached to the recall request.
In addition to remembering the most recent email sent by each authenticated user MDaemon also remembers the
locations and Message-IDs of the last 1000 emails sent by all authenticated users. This completely eliminates any
need to ever iterate across mail folder content which would be a prohibitive performance drain. There's a new
control at Setup|Server Settings|Message Recall that will allow you to increase this 1000 value if you want (if you have a busy
server). Recall attempts will fail if the message being recalled isn't within the last 1000 emails sent (or whatever
value you set). This has made it possible to recall messages right out of user mailboxes even after they've been
delivered. So, messages will disappear from user mail clients and phones if they are recalled.
Messages sent to multiple recipients will ALL be recalled by a single request. The Message Recall system does
not work without the X-Authenticated-Sender header to provide security and keep others from recalling messages
they did not originate. Therefore, the option to disable this header (found at Setup|Preferences|Headers) will
be overridden if Message Recall is enabled.
[13710] AUTHENTICATION FAILURE LOG
The Security root-tab has a new sub-tab called 'Auth Failures' and there is a corresponding new log file.
This tab/log will contain a single line with details on every SMTP, IMAP, and POP logon attempt that fails.
The information includes the Protocol used, the SessionID so you can search other logs, the IP of the
offender, the raw Logon value they tried to use (sometimes this is an alias), and the Account that matches
the logon (or 'none' if no account matches).
You can right-click on a line in this tab and have the IP address of the offender added to the blacklist(s).
[4915] AUTHENTICATION WHEN FORWARDING / ROUTING MAIL
Several places in the code that forward messages have had authentication capability added. This means that
several files in the \APP\ folder including forward.dat, gateways.dat, MDaemon.ini, all Mailing List .grp
files, and possibly others now have the potential to contain obfuscated logon and password data in a very
weakly encrypted state. The encryption is strong enough to defeat an over-the-shoulder glance but it is not
strong enough to defeat hackers. As we always warn you, use the operating system tools at your command and
any other measures to secure the MDaemon machine and directory structure from unauthorized access.
[4915] The Setup|Server Settings|Servers & Delivery|Unknown Mail screen has had new options added which let you specify an
AUTH logon and password for use with the host value specified on that screen. Also, the screen has
been laid out differently and some text labels updated to better explain what some of these options
do.
[9333] The Mailing List Editor|Routing screen has had new controls added which let you specify an
AUTH logon and password for use with the host value specified on that screen.
[22385] The Gateway Manager|Forwarding screen has had new options added which let you specify an
AUTH logon and password for use when forwarding a message to another domain/host. Also, the screen has
been laid out differently and some text labels updated to better explain what some of these options
do.
[22413] The Gateway Manager|Dequeueing screen has had new options added which let you specify an
AUTH logon and password for use when dequeueing mail to a remote domain/host/IP. Also, the screen has
been laid out differently and some text labels updated to better explain what some of these options do.
[22427] The Account Editor|Account Settings|Forwarding screen has had new options added which let you
specify an AUTH logon and password for use when forwarding mail to a remote domain/host/IP. Also, the
screen has been laid out differently and some text labels updated to better explain what some of these
options do.
[17402] HOST AUTHENTICATION
Setup|Server Settings|Host Authentication is a new screen where you can configure port, logon, and password values for any
host. When MDaemon sends SMTP mail to that host the associated credentials found here will be used. Please
note that these credentials are a fallback and are only used when other more task specific credentials
are unavailable. For example, if you configure a logon and password using the new Account Editor forwarding
controls (see task 22427 above) or the new Gateway Manager|Dequeueing controls (see task 22413 above) or
any of the many other task specific settings then those credentials are used and they supersede what is
configured here. This feature works with host names only (not IPs). I was able to easily code for one or
the other (for now) so host names are more user friendly. Also please note that the UI for this is simple
and doesn't (please Lord) need complication.
Many years ago I added logon and password capability to the MXCACHE.DAT file as a quick-fix for customers
with immediate needs. This remains in place however the logon and passwords in that file are unencrypted.
You now have the same functionality with this new Host Authentication feature so you no longer need to hack
the MXCACHE.DAT file. Host Authentication uses HostAuth.dat where logon and password data is encrypted
(however weakly) and it has a UI so it's better than MXCACHE.DAT hacks. If you want you can manually edit
HostAuth.dat with notepad and enter plain-text logon and password values (which MDaemon will encrypt for
you). See the instructions at the top of HostAuth.dat for how to do it.
[4085] IMPROVED CUSTOM QUEUES AND MESSAGE ROUTING
Queues|Mail Queues|Custom Queues has been improved. You can now specify a host, logon, password, SMTP
return-path, and port for any remote queue. If provided, all messages in the queue are delivered using
these new settings. However, it still remains possible in some circumstances that individual messages
within the queue might have their own unique delivery data and if so then that data takes priority over
these new settings. This is by design and is not a mistake.
Now, the UI for this leaves something to be desired but it can't be improved right now. The UI does
not (and will not) show logon and password data in the list-view. The UI cannot edit an existing
entry (you must delete and recreate an entry to change it). The UI Add and Remove buttons do their
work instantly - there is no pressing CANCEL to undo changes. If you make changes they are done.
Please don't ask for a better UI because I can't do it. But these limitations are minor compared to
the functionality gained. You can now setup as many remote queues as you want, filter mail into them
using the Content Filter based on whatever criteria you choose, give to each queue its own delivery
schedule, and have completely different routing take place based on your wishes.
[8504] IMPROVED DOMAIN SHARING
[16798] For some time Domain Sharing has performed lookups on SMTP MAIL sender values as needed. However,
messages were often refused with 'Authentication Required' and yet there is no way authentication can be
performed when the sender account resides on a different server. This has been addressed and MDaemon can
accept mail from accounts that are found to exist on other servers without requiring authentication. This
can be disabled with a new checkbox at Security|Security Manager|Sender Authentication|SMTP Authentication. If you would
rather not perform Domain Sharing lookups on the SMTP MAIL sender at all you can completely disable that
with a new checkbox at Setup|Server Settings|Domain Sharing. These checkboxes are enabled by default.
[8504] Setup|Server Settings|Domain Sharing has a new checkbox that enables sharing of mailing lists. When a message arrives
for a mailing list a copy is created for each Domain Sharing host that also keeps a version of that list
(a query is made to check). When these hosts receive their copies they will make delivery to all the members
of that list which they serve. In this way mailing lists can be split across multiple servers with no loss
in functionality. For this to work each Domain Sharing host must include the other hosts IPs in their
Trusted IP configuration (Security|Security Manager|Security Settings|Trusted IPs). Otherwise list messages might be refused
with a 'Sender is not a member of the list' type error.
[8723] Setup|Server Settings|Domain Sharing has a new Advanced button which opens a file where you can configure domain names
that are allowed to use Domain Sharing. When nothing is in this file (the default condition) then all your
domains can use Domain Sharing. See the instructions at the top of the file for more information.
[12628] IMPROVED CONTROL OVER MESSAGE FORWARDING
[12628] Setup|Preferences|Miscellaneous has a new checkbox that allows administrators to prevent account mail
forwarding from sending emails outside the domain. If a user configures mail forwarding for their account to
send to a foreign domain the message will be moved to the Bad Message queue. This setting only applies to
messages that are forwarded using the mail forwarding options for the account.
[12791] The Account Editor|Forwarding tab has a new 'Schedule' button that will let accounts configure a
schedule for when forwarding starts and stops. Also, this is included in the Account Templates as well.
These settings configure the date and time forwarding starts and the date and time that it stops but
forwarding will only happen on the days of the week you select.
[12927] The Forwarding Address field in the New Account Template now works with account macros. The only macros
with data at the point of new account creation however are those related to the account user's full name,
domain, mailbox, and password values. So (for example) if you want every new account to forward to the same
email address but at a different domain you can put this in the Forwarding Address field: $MAILBOX$@otherdomain.com.
Macros also work in the Send As, AUTH Logon, and AUTH Password fields (these are new) in case that is useful
for you.
[12455] Forwarding a message now updates the forwarding account's last access time (ie the LastAccess=date gets
updated in the account's hiwater.mrk file). This means that accounts which do nothing else but forward mail are
no longer potentially deleted for inactivity. Note that forwarding must actually occur and not be defeated by
other configuration options such as restrictions on where the forwarder can send mail or being 'off-schedule'
(see 12791 in this document), etc. Just having a forwarding address configured will not automatically flag the
account as active - the forwarding needs to actually happen.
[15076] IMPROVED SMTP AUTHENTICATION
[15076] & [15265] Security|Security Manager|Sender Authentication|SMTP Authentication has had two new options added.
'Do not allow authentication on the SMTP port' will completely disable AUTH support over the SMTP port. AUTH
will not be offered in the EHLO response and will be treated as an unknown command if provided by the SMTP client.
Also, '...add their IP to the Dynamic Screen if they attempt it anyway' will add the IP address of any client
that attempts to AUTH when AUTH is disabled to the Dynamic Screen. The connection will also be immediately
terminated. These settings are useful in configurations where all legitimate accounts are using the MSA or
other port to submit authenticated mail. In such configurations the assumption is that any attempt to
authenticate on the SMTP port must be from an attacker.
[10458] IMPROVED ACCOUNT MANAGEMENT
[10458] The Account Manager has been improved. You can now select accounts that are enabled, or are using
MultiPOP, or are near quota (70%), or are near quota (90%), or are not forwarding. You can also search the
account description field for any text you want and select accounts based on that.
[14105] The Account Manager right-click menu has had new options added which let you add or remove all the
selected accounts from or to mailing lists and groups.
[23083] The Account Manager right-click menu has a new option which lets you copy an existing account when
creating a new account. All settings of the existing account are copied to the new account except Full Name,
Mailbox, Password, and Mail Folder.
[11427] The Account Editor|Account Settings|IMAP Filters has a new button called Publish that adds the new rule
to the account being edited and to every other account in that account's domain. This should save some time when
a rule is needed for everybody. Also fixed a problem with the rule editor which was allowing duplicate rules to
be added.
[9921] ENABLE 'DO NOT DISTURB' FOR ENTIRE DOMAIN
[9921] The Domain Manager|Host Name & IP screen has a new settings that lets you enable "Do Not Disturb" for a
domain. When active the domain will refuse all connections from all users for all services but still accept messages
from the outside world. You can schedule when 'Do Not Disturb' starts and stops. For example, if you configure April
1, 2020 to May 31, 2020 from 5:00pm to 7:00am, Monday thru Friday then this means that no mail services will be available
for that domain's users on those days of the week beginning at 5:00pm and resuming at 7:01am so long as the current date
falls between April 1 and May 31, 2020. Erasing the scheduled start date deactivates the schedule (and has the effect of
putting the domain on 'Do Not Disturb' forever).
[22678] IMPROVED ARCHIVING
MDaemon's simple message archiving system has been changed to be more efficient and consistent. Setup|Server Settings|Archiving now does
its work as follows: When a message is delivered from the Local Queue(s) to a user's mail folder an archive copy
will be created at that time (in the 'IN' folder of the recipient if so configured). When a message is picked up from
the Remote Queue(s) for SMTP delivery (whether delivery succeeds or not) an archive copy will be created at that time (in
the 'OUT' folder of the sender if so configured). You will see lines like "ARCHIVE message: pgp5001000000172.msg" in the
Routing log or you might see lines like "* Archived: (archives)\company.test\in\frank@company.test\arc5001000000023.msg"
in the Routing log when Local and Remote mail is processed.
Mailing list traffic is never archived. Spam is never archived (the option to do so has been deprecated and removed from
Setup|Server Settings|Archiving). Messages with viruses are never archived. System level messages are never archived and finally autoresponders
are never archived.
A 'ToArchive' queue now exists as a system queue (not exposed in the UI). This queue is checked at regular intervals for
messages which have been dropped there (manually, or by a plugin, or otherwise). When messages are found here they are
immediately archived and deleted. If messages are found which are not eligible for archiving then they are simply deleted.
The name of the queue is \MDaemon\Queues\ToArchive\. The Routing screen/log will show details whenever a message is
successfully archived.
[20579] Archiving of encrypted messages is now handled more consistently. By default unencrypted copies of encrypted
messages are stored in the archive. If a message can't be decrypted then the encrypted form will be stored instead
(because what other choice is there?) If you would rather have encrypted versions stored then you can check a new
checkbox at Setup|Server Settings|Archiving.
[22693] Setup|Server Settings|Archiving has an option to archive messages sent to public folder submission addresses. This is especially
needed now that submissions addresses are not required to be an actual account on the server (see 12311 below). This
option is enabled by default.
[15960] MORE EFFICIENT LOGGING
[15960] Setup|Server Settings|Logging|Settings screen ran out of room so some of the items had to be moved to a new screen called
(drum roll please) Setup|Server Settings|Logging|More Settings. This was necessary as part of the task to prevent the creation of
log files for items which have logging disabled. For example, if you disable 'Log SMTP activity' then there is
no reason to create an empty SMTP log file. MDaemon no longer creates empty log files. When items are disabled
on this screen their associated log file will not be created at all on startup. Log files that may already exist
when an item is disabled are left in place (not removed). If a log file is missing when an item is enabled then
the required log file will be created instantly. For example, if you have not been logging POP activity there will
be no POP log file. If you then enable POP logging the required log file appears. From now on we do not carry
around empty log files for services we don't use (or services we do use but don't care about logging). This change
applies to all log files that the core MDaemon engine manages (which is most of them). Log files for Dynamic
Screening, Instant Messaging, XMPP, WDaemon, and WebMail run external to MDaemon and haven't been updated so they
behave as before. But, we are getting closer to perfecting the logging system. As a result of this work if you
change the logging 'mode' option at Setup|Server Settings|Logging|Log Mode MDaemon must be restarted.
[22480] Several logging related changes such as making ATRN session logs look correct; making all logs consistent
in colors and how they log Session and Child IDs; the MultiPOP server no longer tears-up and tears-down sessions for
accounts that are already over quota and therefore there is no longer wasteful logging in these cases.
Also, the Router log was only logging INBOUND and LOCAL queue message parsing. It now also logs REMOTE queue parsing
when delivery attempts are made. This way you don't have to search the Router log and the SMTP(out) logs to see
when a message was processed.
[22617] IMPROVED ACTIVE DIRECTORY INTEGRATION
[8930] Use of Active Directory groups with MDaemon has been debugged and now works as expected. When you add someone
to an Active Directory group they will be added to MDaemon. When you remove someone from an AD group their MDaemon
account will be disabled (but not outright deleted - I'm relunctant to do that in a automated way as it results in
the complete loss of account folders and mail data which I feel is something best left to an admin to do directly).
Within Active Directory adding a user to a group or adding a group to a user (either way) is not considered a change
to the user (which MDaemon is looking for and needs) but it is considered a change to the group only. This fact
caused me a lot of headaches. To solve this issue (in addition to a lot of new code) MDaemon needs a search filter that
looks for changes to the group AND changes to users who are members of the group. The query for the group change is needed
because MDaemon now tracks the 'members' attributes that are returned. The query for users who are members of the group is
needed because that's where the user's data comes from. The group query doesn't return that.
So, to setup a proper search filter for a group called 'MyGroup' this will work:
(|(&(ObjectClass=group)(cn=MyGroup)) (&(objectClass=user)(objectCategory=person)(memberof=cn=MyGroup,ou=me,dc=domain,dc=com)))
Replace the 'ou=' and 'dc=' bits with something appropriate to your network.
There is still some room for improvement here during the v20 series but this is finally working correctly now
(let's hope).
[12696] When you configure 'Alias=%proxyAddresses%' in ActiveDS.dat MDaemon will create an alias for every value
returned by that attribute so long as it's an SMTP type address (X500 and other types are ignored).
[16403] Accounts|Account Settings|Active Directory|Authentication has a new control that lets you specify a separate (different)
search filter for contact searches. Previously, contact searching was done using the user search filter. There's
also a separate test button for the contact search filter. AD searches have been optimized so that when the search
filters are identical a single query updates all data. When they are different two separate queries are necessary.
The layout and labels on some of the controls on this screen had to be modified to make things fit. Also, the Page
Size control was removed. It can still be manually altered if more than 1000 is needed.
[20853] The following fields have been added to the ActiveDS.dat file templates so that they are included in contact
records when Active Directory monitoring creates/updates address books: abTitle=%personalTitle%, abMiddleName=%middleName%,
abSuffix=%generationQualifier%, abBusPager=%pager%, abBusIPPhone=%ipPhone%, abBusFax=%FacsimileTelephoneNumber%. If
these create problems for you or you don't want them included when contacts are created you can comment out these
templates in ActiveDS.dat using notepad.
[6444] The ActiveDS.dat file [CharacterConvert] processing has been improved to allow single characters to be replaced
with two characters (for example, ß will be converted to SS). Open ActiveDS.dat with notepad to see the default
conversions that will be made. Also, conversion will take place on the Alias values (if any) as well as the Mailbox
value by default.
[11729] Public folder contacts will now be deleted when the associated account is deleted from Active Directory. The
contact is only deleted if it was created by the Active Directory integration feature. A new setting at Accounts|Account Settings|
Active Directory|Monitoring lets you disable this if you wish.
[22617] When Active Directory monitoring system creates or updates an account and finds a mailbox value that is too
long to fit in MDaemon's limited space for the mailbox value it will truncate the mailbox value as before but now it
will also create an alias using the full size mailbox value. Also when accounts and aliases are created the accounts
Administrator Notes data will be updated for auditing purposes.
[22578] List Manager|Active Directory 'Test these settings' button result text was setup for localization. The
results will also display the Base DN used for the test.
[22661] List Manager|Active Directory now allows you to enter an AD attribute for the full name field of list members.
You can still specify only an email address AD attribute if you wish but to also fetch full name values for list members
setup the AD attribute like this: 'displayName, Email' rather than just 'Email'. The first attribute specified should
point to the AD attribute where the full name resides (usually that will be 'displayName'). The second is the email
attribute.
[22589] Text which appears in the Active Directory screen/log is now setup for localization and colors added.
[22657] MDaemon no longer creates an account for an AD group object. Previously, when a search filter included an
AD group MDaemon would create an account for that group. But what's really in mind here is to create accounts for
members of an AD group and not for the AD group object itself - which lacks several properties necessary for a
proper MDaemon account anyway.
[23019] Changes to account properties in Active Directory can trigger the recreation of that same account within
MDaemon even when the account had previously been deleted using the MDaemon GUI (or web administration). To
keep accounts from being recreated in this way a new checkbox has been added to Accounts|Account Settings|Active Directory|Monitoring.
The checkbox is enabled by default (don't recreate accounts deleted using the GUI).
[22613] IMPROVED FROM HEADER SCREENING
[22613] 'From Header Modification' has been renamed 'From Header Screening' and some new features have been
added. Security|Security Manager|Screening|From Header Screening has a new checkbox that will check 'From' header display-names
for anything that looks like an email address. If one is found and it does not match the actual email address
then it is replaced with the actual email address. For example, if the 'From:' header looks like this:
From: "Frank Thomas <friend@friend.com>" <enemy@enemy.com> then it will get changed to this:
From: "Frank Thomas <enemy@enemy.com>" <enemy@enemy.com>. This option is disabled by default. Also,
there's a new checkbox to apply all the settings on this screen to non-authenticated mail only. As before, only
messages to local users are eligible for these settings.
[21601] CHECK FOR COMPROMISED PASSWORDS
MDaemon can check a user's password against a compromised password list from a third-party service.
It is able to do this without transmitting the password to the service. If a user's password is present
on the list it does not mean the account has been hacked. It means that someone somewhere has used the
password before and it has appeared in a data breach. Published passwords may be used by hackers in
dictionary attacks. Unique passwords that have never been used anywhere else are more secure.
See Pwned Passwords for more information.
At Accounts | Account Settings | Other | Passwords, MDaemon has an option to not allow an account's password
to be set to one that is found in the list. It can also check a user's password every so many days when they
log in, and if it is found, send a warning email to the user and postmaster. The warning emails can be customized
by editing message template files in the \MDaemon\App folder. Since instructions for how a user should change their
password may depend on whether the account is using a password stored in MDaemon or using Active Directory
authentication, there are two template files, CompromisedPasswordMD.dat and CompromisedPasswordAD.dat. Macros
can be used to personalize the message, change the subject, change the recipients, etc.
[16696] SMTP MTA-STS (RFC 8461) - STRICT TRANSPORT SECURITY
The MTA-STS effort in the IETF has finished. Support for this has been implemented. SMTP MTA Strict Transport
Security (MTA-STS) is a mechanism enabling mail service providers (SPs) to declare their ability to receive
Transport Layer Security (TLS) secure SMTP connections and to specify whether sending SMTP servers should refuse
to deliver to MX hosts that do not offer TLS with a trusted server certificate.
MTA-STS is enabled by default. It can be disabled at Security|Security Manager|SSL & TLS|SMTP Extensions.
To set up MTA-STS for your own domain, you will need a MTA-STS policy file that can be downloaded via HTTPS
from the URL https://mta-sts.domain.tld/.well-known/mta-sts.txt, where "domain.tld" is your domain name. The
policy text file should contain lines in the following format:
version: STSv1
mode: testing
mx: mail.domain.tld
max_age: 86400
Mode can be "none", "testing", or "enforce". There should be an "mx" line for each of your MX hostnames. A
wildcard can be used for subdomains, such as "*.domain.tld". Max age is in seconds. Common values are 86400 (1
day) and 604800 (1 week).
Also needed is a DNS TXT record at _mta-sts.domain.tld, where "domain.tld" is your domain name. It must have a
value in the format:
v=STSv1; id=20200206T010101;
The value for "id" must be changed every time the policy file is changed. It is common to use a timestamp for the id.
[21595] SMTP TLS Reporting (RFC 8460)
TLS Reporting allows domains using MTA-STS to be notified about any failures to retrieve the MTA-STS policy
or negotiate a secure channel using STARTTLS. When enabled, MDaemon will send a report daily to each STS-enabled
domain that it has sent (or attempted to send) mail to that day.
TLS Reporting is disabled by default. It can be enabled at Security|Security Manager|SSL & TLS|SMTP Extensions.
Also make sure DKIM signing is enabled (at Security|Security Manager|Sender Authentication|DKIM signing) because
TLS Reporting emails are supposed to be signed.
To set up TLS Reporting for your domain, you must create a DNS TXT record at _smtp._tls.domain.tld, where "domain.tld"
is your domain name, with a value in the format:
v=TLSRPTv1; rua=mailto:mailbox@domain.tld
Where mailbox@domain.tld is the email address you want reports for your domain to be sent.
CHANGES AND NEW FEATURES
MDPGP
-
[22710] MDPGP decrypt operation is no longer limited to using the recipient's key to decrypt blocks. If the encryption
was performed by a different key and MDPGP knows that key then the block will be decrypted.
-
[22713] MDPGP no longer logs decryption or verification failures due to not having the necessary key (unless debug logging
is enabled).
-
[22806] MDPGP right-click menu text updated to better explain what options are for and what they do.
-
[22823] MDPGP no longer wastes cycles/logs/headers immediately verifying signatures that it itself just finished
calculating and inserting unless there is a local recipient of the signed message found.
-
[17877] The Content Filter has a new 'Sign with user's private key' action.
-
[22929] MDPGP encrypt/decrypt/sign/verify operations will happen even when MDPGP (or individual services themselves) are
disabled if the operations are invoked via a content filter rule, the command line utility, or the IP-to-Key mapping system
(see 18705).
- [23289] MDPGP will not include version identifiers within encrypted and/or signed message bodies if
the option to hide version information is enabled at Setup|Preferences|Headers.
USER INTERFACE
-
[22634] The layout of the Setup|Server Settings|Server Settings screen has been changed to add some sub-node groupings. It was
becoming a giant catch-all.
-
[20211] When editing a mailing list the account picker object will pre-select existing local members
and will remove de-selected local members.
-
[22349] UI was updated to add a few toolbar buttons, group menu items, and fix several small annoying things.
-
[22393] The Mail|MDaemon tab now uses the color system (yellow means valid command found, red otherwise).
-
[22415] The 'ETRN requests require authenticated sessions' checkbox was moved from Gateway Manager|Settings to
Gateway Manager|Dequeueing where the rest of the ETRN related options are located.
-
[14448] Each queue tab in the UI will remember its own sort order and column widths.
-
[19238] Tab key will navigate between the tool window and the tab windows in the main UI. Pressing space
on a tool window node will toggle expand and collapse states. Use the left and right arrow keys to move
through tabs.
-
[22491] Setup|Server Settings|Servers & Delivery|Sessions 'Limit simultaneous connections by IP to' was renamed 'Maximum simultaneous
connections from any single IP'.
-
[19983] Added separator bar to Account Editor|MultiPOP screen to help indicate that the bottom two options
on that screen apply to all MultiPOP entries.
-
[15200] Copy buttons have been added to the Domain Manager, Gateway Manager, List Manager, Groups Manager, and Templates
Manager which let you copy the settings of the currently selected item into a newly created item. The only setting not
replicated is the mail folder of a new Gateway because that must be specific to the new Gateway.
-
[22585] Re-worked code which was needlessly updating UI elements when running as a service.
-
[22565] The Account Editor|Administrative Notes edit box where an admin can enter notes about an account has
been moved to the Account Editor|Administrative Roles screen.
-
[18729] Updated text of warning message that appears when deleting a DKIM selector.
-
[22770] Added colors to DKIM log/screen. Orange for signing, green for verifying, red for errors.
-
[22633] The Domain Manager no longer auto-expands all the domain nodes anymore. This was creating difficulty
getting at a certain domain when many exist. Only the first domain root node is expanded.
-
[8249] The Account Editor|Settings screen has a new button that shows you all the shared folders the account has access to.
- [23115] Some key MDaemon UI screens are now restricted to a single instance of it at a time.
SECURITY
-
[10324] Security|Security Manager|Security Manager|Reverse Lookups - previously there was a single white list for all the
functions on this screen. This single white list covered PTR, EHLO, and MAIL reverse lookups. Now there
are three white lists - one for each function. The old single white list now serves only for PTR lookups.
New white lists serve the EHLO and MAIL lookup functions. The old single white list was copied into the
two new white lists so that existing behavior is preserved. However, the old white list which now serves
only the PTR function may still contain domain and host names. These serve no purpose for PTR lookups.
Keeping them in the file is OK but they are just wasting space. I don't have a good routine to remove
them safely so I left them in there (no harm done). You can use the PTR White List button and remove
them from the PTR white list when you have time.
-
[14345] Account Editor|Mail Services has a new setting that allows you to restrict SMTP access to LAN IPs only
(Security|Security Manager|Other|LAN IPs). This way you can prevent accounts from sending mail unless they are connected
to your network. If the account tries to send mail from an outside IP the connection will be refused and
dropped. This also works fine with account templates.
-
[14772] Security|Security Manager|Screening|Sender Blacklist 'Delete messages sent from blacklisted senders (otherwise, put
in bad queue)' now applies to MultiPOP and DomainPOP collected mail (and really any blacklisted mail that
somehow finds its way into the local or remote queue(s)).
-
[22422] Security|Security Manager|Screening|Sender Blacklist option to notify senders that their message was refused has been
deprecated and removed. I found out that it was actually spamming postmasters and not senders. I don't want
to do either of those things. This change made the files Refusal.rsp and LocOnly.rsp obsolete (no code uses
them so they have been removed). As part of this work the SetupPreferences|Miscellaneous 'Delete messages
sent from blacklisted senders (otherwise, put in bad queue)' was moved to Security|Security Manager|Screening|Sender Blacklist.
-
[22358] Setup|Preferences|UI has a new checkbox that governs whether the Subject: line data is shown in
MDaemon UI tabs and written into log files. To preserve existing behavior the setting is enabled by default
(show/log the Subject: data). Note that the Subject: line can contain information the sender of a message
would not wish to display and wouldn't want tracked into log files. Disabling this switch is strongly
recommended. Also, mailing lists can have a password which users place in the Subject: line. I don't have a
good way at present to strip this password out before it is shown and logged by the UI (it is stripped out
before list messages are sent to members) so if you have mailing lists that use a password you should disable
this switch.
-
[20820] Account restrictions on inbound mail are no longer defeated by a 'From:' header address that is
missing the @domain.com bit. Previously such addresses were treated as if sent from the default domain.
Also, RFC message compliance checks on inbound SMTP will refuse as illegal any message that has a 'From:'
header address missing its @domain.com bit.
-
[20382] SMTP connections refused by the IP/Dynamic Screen mechanisms now reply with code 530 (was code 421).
-
[22524] Setup|Server Settings|Servers & Delivery|Sessions has two new checkboxes which allow you to control whether or not Trusted
IPs and/or Reserved IPs are included when the 'Limit simultaneous connections to any single IP' is calculated. The
default is to not count them.
-
[22619] The default key bit size when MDaemon creates RSA keys (DKIM, BATV, etc) was changed from 1024 to 2048.
The dns_readme.txt file generated when creating DKIM keys has been updated with additional instructions related to
use of longer keys.
MESSAGE PROCESSING/QUEUES
-
[19681] Queues|Mail Queues|Retry Queue has a new setting where you can put a number of minutes to delay
subsequent message delivery attempts following an SMTP temporary (4xx) error. This solves a problem where
MDaemon was trying to deliver the same messages over and over again too quickly. With this new change
the next delivery attempt on the message is delayed a number of minutes which greatly increases processing
efficiency and reduces log waste. The default is to delay the next attempt for 3 minutes but you can change
it to what you prefer (or to zero to disable it). Delayed messages will sit in the RemoteQ as before but
will be ignored by the message spooling code during the delay. If a message comes off a delay and again
experiences an SMTP temporary error it will again be delayed the configured number of minutes.
-
[22698] The Gateway Editor|Domain screen has a new option that makes the gateway use the retry queue mechanism
when delivering mail. This is disabled by default meaning that gateway mail will be held in the gateway folder
forever - even if it can't be delivered. In the past there was a secret global setting that forced all gateways
to use the retry queue (or not). This is now a per-gateway option and the secret setting is gone. Please check
your gateways and configure how you like.
-
[19489] If a temporary DNS error occurs during A record processing messages will no longer be immediately
bounced. Instead, they will remain queued for later delivery and bounced according to queue lifetime limits.
-
[22609] By default MDaemon will now attempt delivery to every A record for each MX host on errors or failures.
Sometimes an MX will have multiple A records configured in DNS and MDaemon was only picking one at random
and trying to connect and delivery to it. If this failed for any reason (there are lots of reasons) then
MDaemon simply gave up on that MX host entirely and moved on. Now MDaemon will attempt each of the remaining
A records (randomly) and only move on to the next MX if all of them fail. If for some reason this causes a
problem for you it can be disabled via a new switch at Setup|Server Settings|Servers & Delivery|Sessions.
-
[22615] In support of 22609 the MX Cache and Windows Hosts file editors have been converted to use
MDaemon's internal file editor object rather than Notepad and both files are kept in memory now rather than
read from the disk all the time. Internal functions that read the IP Cache and Windows Hosts files now honor
all IPs that match the host you're looking for (in support of 22609) and multiple IPs to the same host are
supported everywhere.
-
[22863] The IP Cache and its white list data are kept in memory now rather than read from disk so often.
-
[22895] The IP Cache white list file now accepts wild-cards and CIDR notation when entering host names
and IP addresses.
-
[22828] The custom queues UI and system allows queues to be created and placed under the MDaemon root queue
folder now at all times.
MAILING LISTS
-
[15295] Mailing list membership and Sender Blacklist checks will be performed when each RCPT command is
received. In the past these checks were only being performed after the DATA and message body were received.
Making this change will improve deliverability of multi-RCPT messages when one (or more) RCPT values are
rejected.
-
[21132] The Mailing List Manager|Subscription screen has two new settings which (1) cause the list processor to ignore
subscription requests unless they come from a member of the same domain as the list itself and (2) cause the list processor
to ignore subscription requests unless they come from a member of any local domain on the MDaemon server. Subscription
requests from other domains are ignored when these options are set.
-
[20457] The Mailing List Editor|Headers screen has a new checkbox which causes the 'From' header to be
replaced with the list's name and email address.
-
[13690] The Mailing List Editor|Members screen no longer automatically sorts list members when its created.
Customers report that doing so ruins sort orders that they need and have already performed. You can still change
the sort order by clicking the column headers. Also, UP and DOWN buttons have been added and you can multi-select
members to move around as needed.
-
[22596] Mailing List reminder emails are now sent using the list's SMTP bounce-back address as reverse-path
(if there is one) rather than always sending with NULL reverse path. This prevents problems with message
rejection due to BATV policies.
-
[22603] The 'From' header on mailing list reminder emails changed to this form:
'\"MDaemon at fqdn (MDaemon@domain.tld)\" <noreply@domain.tld>" to avoid triggering autoresponders.
-
[10518] The content of a file called UnSubUser.dat (if it exists) will be appended to the email sent to users
when they unsubscribe from lists.
MESSAGE DEQUEUEING
-
[18143] Setup|Server Settings|Dequeuing (formerly called Mail Release) has been placed under the control of the Domain Manager
which means that you will now find per-domain settings for dequeueing inside the Domain Manager. Even though
many dequeue sessions are now possible they will all happen according to the same "do dequeue every X times
remote mail is processed" mechanism from previous versions. That still works fine. All dequeue sessions must
complete before the next round of them can occur. I think in some future version this might be put on its
own schedule.
LOCALIZATION
-
[21010] The 'No Such User' email that is (depending on configuration) generated when an email arrives for a
non-existing user has been localized. Remember that you can control the content of this email by creating a
file called NoShUser.dat in the \MDaemon\App\ folder if you ever want custom text sent.
-
[12160] Went through the code and setup every MDaemon system-generated message to accept localized text.
-
[22583] Many strings used by the Minger server were setup for localization.
QUOTA SYSTEM
-
[8546] All macros related to user accounts (ie.. $EMAIL$, $MAILBOX$, $DOMAIN$, etc..) can now be used in
the NearQuota.dat file. This is the file that is put into user mailboxes when they are getting close to
being over quota limits.
-
[17880] When a 'Near Quota' warning email message is place into a user's INBOX the system log will be updated
to say so. The log isn't updated if the warning message already exists in the users INBOX and is just being
updated. This way users can't delete the warning and say they never got it. If the log is updated over and
over you know that the user is deleting the warning and possibly ignoring it.
-
[22533] In the past cached quota values were only reset if the daily quota report was being generated and sent
out. Now cached quota values are always reset as part of the daily maintenance routine if you enable this
with a new switch at Accounts|Account Settings|Other|Quotas (default is disabled).
MINGER
-
[20328] Straightened out the problems with Minger results on over quota accounts. Minger queries are supposed
to exhibit the same behavior that the SMTP server code itself would do in relation to over quota accounts.
1. Minger query will result in an 'account disabled' response code when the following conditions are met (all
of them): (a) the account is over quota and (b) the over quota account is provided to the SMTP server in the MAIL
command and (c) Accounts|Account Settings|Other|Quotas 'Refuse outgoing messages sent from over quota accounts' is checked. In
this case the account is trying to originate mail and they cannot because they are over quota. 2. Minger query
will result in an 'account disabled' response code when (a) the account is over quota and (b) the over quota account
is provided to the SMTP server in the RCPT command and (c) Accounts|Account Settings|Other|Quotas 'Refuse incoming messages sent to
over quota accounts' is checked. In this case someone is trying to send a message to the over quota account and
that is not allowed. I had thought about adding a new response code to specifically indicate an over quota
condition but this creates interoperability problems between versions.
PUBLIC & SHARED FOLDERS
-
[7983] Setup|Server Settings|Public & Shared Folders has a new checkbox where you can set whether you want disabled accounts to be removed
from the domain's public contacts folder and re-added back when re-enabled. This option is enabled by default to prevent
disabled accounts from showing up in WebMail's auto-complete system.
-
[12311] The requirement that a public folder's submission address be a valid existing account has been removed. The
address must be local but doesn't have to be an existing account. The SMTP server will accept it.
GROUPS & TEMPLATES
-
[18942] In previous versions Groups could apply Templates and Templates could apply Groups. This was creating some crazy
logic and preventing controls from acting how you'd expect. It also setup a sort of race condition where things were turning
on and off other things and it was just confusing as hell. Starting now Groups can apply Templates but only the New Account
Defaults template can apply Groups. Since the only way to apply a Template is with a Group anyway there is nothing gained by
having Templates that apply Groups (except for the New Account Defaults template).
LOGGING
-
[22701] MDaemon will add a line to log saying that no options were enabled to deal with unknown user mail rather
than just deleting the message silently without saying anything when this is the case.
-
[22679] As part of the midnight cleanup event MDaemon will write the names and email addresses of every account
deleted that day to the day's system log. This way all deleted accounts all appear together in one place for log
searching (search the system log for 'Accounts deleted today'). MDaemon still logs individual account deletions
in real time to system log as before.
-
[8296] The IMAP session log will include "* Message <file.msg> deleted" for tracking purposes.
WEBMAIL
-
[22297] Mobile theme - Added a radio button to indicate which note color is being selected for notes in the note list.
-
[22660] Mobile theme - Added PIM Attachments for Events, Contacts, Tasks, and Notes.
-
[22711] Mobile theme - Added the contact picture to the contact edit view.
-
[22659] Mobile theme - Added sub navbar for Contacts, Tasks, Notes, and Documents views for Desktop browser sizes.
-
[22740] Mobile theme - Added external popout view/edit windows for Events, Contacts, Tasks, and Notes for Desktop browser sizes.
-
[22751] Mobile theme - Moved the settings navbar view links to the left side of the view for Desktop browser sizes.
-
[22494] Mobile theme - Added a confirmation dialog when deleting a message attachment.
-
[22658] Mobile theme - Added a dialog for increasing or decreasing the message list density, and moved the message
preview position to the same dialog.
-
[22568] Mobile theme - Added an advanced search option to the message list.
-
[22570] Mobile theme - Added ability to search all folders or search all sub folders in message list advanced search.
-
[22768] Mobile theme - Added auto complete support for email addresses in the compose view.
-
[23161] Webmail - The X-Mailer header of generated messages no longer includes the version when MDaemon's "Hide software version identification ..." option is enabled.
REMOTE ADMINISTRATION
-
[22869] MDRA - Added DNSSEC page and RequireTLS option.
-
[22211] MDRA - No longer require users to expand ActiveSync under Mobile Devices to get the ActiveSync sub menu, because ActiveSync is the only item under Mobile Devices.
-
[22874] MDRA - Updated Mail List editor settings to match the MDaemon GUI.
-
[22992] MDRA - Added the Custom Queues dialog at Setup | Mail Queues/DSN | Custom Queues.
- [22875] MDRA - Added the Authentication and Monitoring pages under Setup | Active Directory.
- [23062] MDRA - Added RequireTLS, Sign, Encrypt, and Decrypt actions to Security | Content Filter.
OTHER
-
[22736] LetsEncrypt: Added a -Staging switch that can be passed on the command line so the LetsEncrypt staging system can be easily used for testing instead of the live system.
-
[21419] Mail session ID values were increased to 8 digits so they roll-over less often.
-
[22309] Improved shutdown process to better inform as to the steps and order of operations being performed.
-
[22700] Some internal code re-factoring was done to keep Gateway data in memory rather than going to disk
for it all all the time.
-
[20009] Removed code which was needlessly referencing obsolete Standard/Lite versions.
-
[8200] Greatly increased speed of account delete operation when there are public folders with large numbers of
messages in them.
-
[6408] MDStats (Queue and Stats Manager) no longer automatically loads the mail and folder content of the first
user when you select 'User Folders'. This avoids needless cycles and frustration especially when the first user
isn't the one you are wanting to look at (making you wait for no reason).
-
[7854] Setup|Server Settings|DomainPOP|Parsing has a new checkbox which disables the sending of warning emails to postmaster
when no addresses are found by the parsing process.
-
[22482] Security|Spam Filter|DNS-BL|Settings has a new checkbox to exempt DNS-BL lookups from taking place on mail collected over
ATRN dequeue sessions. This setting is disabled by default but you can enable it if your smart-host is perhaps already
doing DNS-BL checks on your stored mail.
-
[9866] Added $FROM$, $FROMDOMAIN$, and $FROMMAILBOX$ macros for use with certain content filter actions which honor
macros. These always expand to the email address found in the 'From' header and are therefore different from $SENDER$,
$SENDERDOMAIN$, and $SENDERMAILBOX$ which prefer the email address found in the 'Sender' header (when present).
-
[22964] Reduced disk I/O in message parsing routine.
-
[22836] AVUpdater - Cyren AV updater verifies the server URL with the SSL certificate when using HTTPS.
-
[23347] ClamAV - Updated to version 0.102.2.
-
[22975] Antivirus - Added the ability to choose what time mailbox virus scanning runs.
-
[23085] The MDHealthCheck.exe tool and associated files have been deprecated and removed. We will be adding Recommended links
within MDRA for this in the future.
- [23152] When reading the DNS servers from Windows, MDaemon ignores the deprecated IPv6 site-local default addresses (fec0:0:0:ffff::1 - fec0:0:0:ffff::3).
- [20892] ActiveSync PIM validation will add a modification timestamp to items that are missing one.
- [23178] Updated MDaemon Connector to version 6.5.2.
- [15897] Messages sent to disabled accounts by ActiveSync clients will generate a DSN now.
FIXES
- [22389] fix to Routing log not logging correct or complete file creation data for routed mailing lists
- [22409] fix to some non-localized data in Routing log (there's probably lots more still to fix)
- [22441] fix to Queues tab / Remote and Local sub-tabs not showing custom queue content
- [17587] fix to account editor not enabling mail services properly at times
- [17822] fix to alias editor losing items - to edit an item do a slow double-click on it
- [17726] fix to several problems with MultiPOP collected mail with accounts at or near quota limits
- [18803] fix to RelayFax fax path permitting invalid or non-existing directories
-
[18461] fix to tray icon problems with config session - also added a 'Reset Tray Icon' to tray and Help menus
which will stop the flashing and return status message to normal
- [22469] fix to secondary DNS servers not tried following an MX lookup 'server is having technical problems' error
- [17054] fix to Outbreak Protection changes made via Remote Admin not taking immediate effect
- [22480] fix to ATRN session code sometimes ending as if an error occurred when technically it didn't
-
[19668] fix to ATRN messages refused with 'Authentication Required' when the 'AUTH must match address in 'From:'
header' option enabled
- [22481] fix to Gateway rename operation not moving and renaming the Gateway's mail folder
- [14223] fix to Bayesian learning system not working on some OS flavors due to long file name troubles
- [19824] fix to RelayFax properties screen accepting invalid email addresses
-
[22509] fix to never being able to get off an autoresponder schedule once you start one. Also added text to the
UI to explain that wiping the schedule start-date deactivates the schedule. Also fixed several problems related to
warning being given when they shouldn't and warnings not given when they should
- [22511] fix to account delete operation not updating groupwareusers.dat file immediately
- [17066] fix to forwarding unknown local mail not deleting original when configured to do so
- [22544] fix to moderated list submissions refused when sent from an alias
- [22555] fix to log files not writing data to disk from time to time
- [20704] fix to content filter COPY TO action not working with mailing lists at times
- [22582] fix to several data types being logged even when disabled in log settings
- [22590] fix to screen flashing/flickering when deleting large numbers of users at once
- [22611] fix to SMTP server accepting RCPT with a comma in it only to have mangled and not delivered properly later
-
[22614] fix to MDaemon rejecting as invalid a local-part with 'forbidden' characters even in quoted-string form
(which makes them NOT 'forbidden')
- [22616] fix to possible 'IP=IP for X minutes' wastefully added to IPCache.dat file by auto-cache system
- [19860] fix to ODMR server routing failed deliveries to smart host. We are the smart host in these cases!
- [22625] fix to gateway mail folders not cleared of orphaned lck files on a restart
- [19260] fix to content filter 'copy to user' action not allowing more than about 45 characters
- [19792] fix to ODBC mailing list not logging error when data-store offline/missing
- [22636] fix to ODBC selector wizard sometimes returning syntax error in query string when using test button
- [22663] fix to ODBC selector wizard missing + char in query string when using test button
- [2389] fix to ODBC selector wizard not creating proper query string for tables with spaces in them
- [22637] fix to MDaemon not prompting to restart the server when the log file path changes (this is required)
- [22640] fix to From Header Screening not wrapping the header it creates when it gets too long
- [22647] fix to From Header Screening including empty display-names in the header it creates
- [2347] fix to Mailing List rename not updating content filter rules
- [21080] fix to header translation on the From header defeating simple message archiving system
- [21619] fix to messages released from quarantine queue not getting archived
- [22690] fix to CF sometimes sending notifications to spam honeypot addresses
- [22696] fix to IP Cache editor allowing duplicate values to be entered
- [22695] fix to Alias Editor in Account Editor hiding selected item with blue bar
-
[22725] fix to Minger sender lookups using Domain Sharing settings for Gateways rather than the settings for the gateway.
Also, Domain Sharing no longer needs to be enabled for these Gateway checks to be performed.
- [22731] fix to massive POP server logs because option to log multiline responses not honored for client (only server) processing
- [20769] fix to MDPGP encrypt operation preventing domain and user signatures from being added to message prior to encrypt operation
- [22798] fix to Content Filter MDPGP dialog allowing selection of keys that aren't on the key-ring
- [22796] fix to custom and gateway queues not loading content into queue window when double clicked
- [22803] fix to MDPGP not logging ops like disable key, delete key, create key properly
- [22799] fix to MDPGP not send results email when a key import operation fails
- [22801] fix to MDPGP key export email having incorrect text when fetching key for self
- [22804] fix to MDPGP text logged when keys disabled/enabled/created not including key ID
- [22773] fix to MDPGP some --pgp commands working even when service turned off
- [22822] fix to MDPGP writing out LastSessionID all the time wasting disk and cycles
- [22848] fix to MDPGP auto-key generation making keys for the MDaemon system account
- [22962] fix to MDPGP not working with domain sharing properly
- [22829] fix to MXHost parser not handling cases of IP addresses with spaces around the brackets
- [22842] fix to log file midnight roll-over routine logging half its actions in the next day's system log file
- [22840] fix to default domain fqdn value not written to domains.dat
- [22849] fix to gateway mail not routing to bad queue when unable to create gateway mail folder
- [22857] fix to white list not checked before putting something on the black list
- [22846] fix to MDRA - DKIM Signing adding blank selector
- [22853] fix to Mobile theme - Messages sent with text/plain section empty
- [22816] fix to Mobile theme - Using contact picker wipes out addresses entered in prior fields
- [22500] fix to Mobile theme - "Ignore attempts using identical passwords" is being ignored
- [22762] fix to WorldClient theme - Some month names are incorrect in French and other languages
- [22854] fix to Mobile theme - Calendar - Certain month name lengths cause the arrow to be moved to the next lines
- [22778] fix to MDRA - Saving autoresponder causes MD UI to not show line breaks
- [22681] fix to MDRA - In account's Mailing Lists tab, non-ASCII characters in Type values are incorrectly decoded
- [22499] fix to MDRA - The Authorize Client button is missing on the Client Management screen
- [22621] fix to Webmail - tab characters are inserted into long message subject values
- [22769] fix to CalDAV - Potential memory corruption and crash
- [20503] fix to MDSpamd - When debug logging is enabled then messages in RAW queue might not be deleted
- [22923] fix to routed list mail with no remote recipients creating orphaned files in remote queue
- [22934] fix to mailing list refusing posts from Active Directory list members at times
- [22876] fix to Mobile theme - Checkbox letter shows bracket for email address of format <address@domain.com>
- [22974] fix to Antivirus - when mailbox scanning is started with config session the process will stop when the user logs off computer
- [22990] fix to MDRA - Gateway Manager | Forwarding allows invalid email address
- [23012] fix to Active Directory not allowing Comments template to be commented out of ActiveDS.dat file
- [23056] fix to vCard 4.0 distribution list/contact group uploaded via CardDAV is saved as a regular contact
- [23021] fix to MDRA - Spambot Detection - saved Whitelist changes are not applied to MDaemon
- [22937] fix to MDRA - Hijack detection whitelist button is not enabled when it should be
- [22899] fix to MDRA - "Unable to format string" error occurs when editing mailing list settings
- [22212] fix to MDRA - ACL names on Edit ACL screen wrapping
- [23018] fix to Mobile theme - iOS - When viewing public calendars, the domain is not displayed in the folder name
- [23010] fix to Mobile theme - Unsubscribed public contacts and calendar folders are still available
- [23058] fix to WorldClient theme - When printing an event that exists at the end of the month the date is one day ahead
- [23065] fix to Minger returning that all email addresses are valid for gateway domains
- [23090] fix to Webmail - Chrome - Audio notifications cause the sound file to be downloaded instead of played
- [23074] fix to error email not sent to admins on SA update download/unzip/install fail
- [23105] fix to Mobile theme - When switching from Mobile theme to WorldClient or LookOut themes, the user gets a blank page
- [22378] fix to MDMigrator Unable to export message, pConvSess->MAPIToMIMEStm failed [0x80070005] in WriteMimeMessage
- [23128] fix to Mobile theme - setting a date for an event that is within the Timezone bias of UTC results in the date being set to the following day
- [23124] fix to Configuration Session active session window may display a partial log line at the top
- [23120] fix to WorldClient and LookOut themes - Page 1 of tasks appears in print preview regardless of which page of tasks is selected
- [23139] fix to DOMAINS.SEM not reloading all domain data properly or creating domains that were added
- [23140] fix to MDRA - Account Editor->Mail Services Enable MDaemon Connect should require IMAP
- [23141] fix to crash when Active Directory search string too long
- [23142] fix to domain data being left in WorldClient\Domains.ini after domain deleted
- [22311] fix to Antivirus being enabled after upgrading
- [23166] fix to option to freeze accounts when disabled in active directory causing accounts to be disabled rather than frozen
- [23163] fix to MDRA - When editing a rule with group member condition, User-defined condition gets selected
- [23164] fix to MDRA - Whn creating a rule, if you select condition "If RECIPIENT is member of group" you cannot save the group if only one exists
- [23171] fix to Cyren AV updater running when Cyren AV is disabled
- [20270] fix to Dynamic Screening UI does not list more more than 427 blacklist entries
- [23215] fix to MDPGP signing mail sent to self (or to all local recipients) when configured not to do so
- [23216] fix to DSN reporting on empty failed recipient list as if wasn't empty
- [23217] fix to LookOut theme - When including a remote email address as an event attendee, the next local address overrides the remote address
- [23220] fix to slow processing of a particular meeting invitation
- [23225] fix to MDRA - Usage button does not work under Mobile | Policy Manager
- [23226] fix to MDRA - A device is duplicated when assigning a policy at Mobile | Client Management
- [23229] fix to CfUpdate.dat is missing after a fresh install
- [23245] fix to Mobile theme - Japanese - Opening a saved draft displays only "Loading"
- [23073] fix to DMARC sp= policy not being ignored when policy record lives at sub-domain of org-domain
-
[23246] fix to Account Editor allows a weak password to be set when strong passwords are required if
"Account must change password" is checked
- [23290] fix to CardDAV - a distribution list member added in eM Client from the user's address
book (existing contact) is not synchronized to MDaemon
- [23300] fix to MDPGP sometimes trying to import a public key that does not exist in a message
- [23314] fix to .tmp files are sometimes created in the APP folder rather than the TEMP folder
- [23316] fix to IPCache.dat file being rewritten excessively
- [23299] fix to STARTTLS white list not being honored in all cases
- [23450] fix to MD GUI crash
- [23440] fix to MDRA - Unable to enable/disable 2FA options
- [23459] fix to WEBDAV - ETag HTTP header is not enclosed in quotes
- [23460] fix to WEBDAV - If-Match HTTP header is ignored
- [23513] fix to ActiveSync - Certain messages with non-ASCII characters are not displayed correctly in Outlook
- [23656] fix to Webmail - XSS vulnerabilities
MDaemon 19.5.5 - March 23, 2020
FIXES
- [23335] fix to Webmail - XSS vulnerabilities
- [22769] fix to CalDAV - Potential memory corruption and crash
MDaemon 19.5.4 - February 4, 2020
FIXES
- [22865] fix to ActiveSync - Possible server crash
- [22837] fix to ActiveSync - PIM item changes from one client are not synchronized to other clients
- [22930] fix to ActiveSync - Server may shut down after several weeks of uptime
- [22907] fix to ActiveSync - Slow performance loading very large SYNCMAP files
- [22998] fix to ActiveSync - Calendar sync not working properly with Outlook mobile app
- [22769] fix to CalDAV - Potential memory corruption and crash
- [23002] fix to CalDAV - Crash when synchronizing IMAP folder with very long path on disk
- [22810] fix to Mobile theme - When spell check is enabled, replies and forwarded messages are not sent
- [22968] fix to Mobile theme - No login page shows up on iOS 10
- [22498] fix to Mobile theme - IE/Edge compose being restricted to width of unexpanded HTML compose toolbar
- [22789] fix to Mobile theme - Searching for UTF8 characters fails to show expected results
- [22737] fix to MDRA - Unable to select a Default Type on the settings tab when editing a mailing list
- [23005] fix to MDRA - Deadlock may occur
- [22825] fix to MDRA - Existing domain signatures are not displayed
- [23027] fix to MDaemon GUI - Possible crash when clicking Edit on the ActiveSync Client Settings screen
MDaemon 19.5.3 - December 12, 2019
FIXES
- [22772] fix to MDaemon service may hang at startup and prevent other services from starting
MDaemon 19.5.2 - December 10, 2019
SPECIAL CONSIDERATIONS
[17138] The "Max RSET commands allowed" options at F2|Server Settings|Servers have been removed since they are
essentially less flexible duplicates of the same functionality found at Ctrl+S|Screening|SMTP Screen. The SMTP
Screen version is part of the Dynamic Screening system which takes into account more factors (ie..has a white list,
considers authentication status, etc). Your old values from the F2|Server Settings|Servers settings have been
moved to the SMTP Screen. Please check Ctrl+S|Screening|SMTP Screen to make sure the values there are as you
expect. Correct defaults (and recommended) are 20 for the RSET maximum and "Close SMTP session after blocking
IP" should be checked/enabled.
CHANGES AND NEW FEATURES
- [22334] SMTP server will respond with "Sender Disabled" rather than "Sender Unknown" for disabled mailing lists and
the reply code will be 550 if the option to respond to disabled accounts with a 550 code is enabled.
- [22513] Inbound Queue count in UI will show message recall delay value if that feature is being used so that
you won't sit there wondering why the Inbound Queue isn't processing messages.
- [18005] The UI with throw a warning if the advanced settings option is enabled at F2|Unknown Mail and no
host value is specified.
- [21237] The Learn.bat file (used by the bayesian system) was slightly reworked for simplification and efficiency.
- [20211] When editing a mailing list the account picker object will pre-select existing local members and will remove
de-selected local members.
- [22340] The mailing list editor membership page has been improved by adding a Domain column to sort on and by
saving/restoring the column widths. Also the import process had its string-table localized.
- [20909] Changed language on MDPGP UI to show that --pgpk command requires mail sent to self.
- [20213] Public Folder Manager tree-view data is no longer automatically expanded.
- [18236] The Account Editor|Settings button which shows subscribed lists now reports properly on membership to
Everyone@ and MasterEveryone@ lists based on whether the account is hidden (private) or not. Also, I changed
the wording of the checkbox which hides (makes private) the account so that referring to the HELP is no longer
necessary. Finally, remember to click Apply if you change the hidden state of the account or pressing the
button to show list membership will not be up-to-date.
- [18828] Updated tooltip and warning text to indicate that freezing the Remote queue also freezes the Retry queue.
- [20817] The $MAILDIR$ macro has been deprecated and removed.
- [20260] The System log will be updated any time someone deletes an account using the console GUI.
- [18019] Hijack Detection no longer has a hard-coded exception for the postmaster@ alias. There is a white-list
feature for Hijack Detection which can be used to make anyone an exception (if necessary).
- [19235] Added a Forwarding column to the Account Manager which shows a Yes or No (whether forwarding or not)
along with the account's forwarding address. Since it's possible to have a forwarding address configured but
not currently in use the column could show something like "No: arvel@company.test"
- [22350] The Account Manager will save the widths of all its columns when you click OK.
- [12477] The Sender Blacklist will now (also) be checked following each MAIL command. Since there isn't yet a
RCPT domain to test the list against the MAIL value is checked only against the "All Domains" section of the
Sender Blacklist.
- [22371] The Spam Filter|DNS-BL|Settings option "Ignore DNS-BL result if not in 127.0.0.1 - 127.255.255.255 range"
has been removed. Any response outside that range is automatically ignored (no option necessary these days).
- [22332] MDRA - Updated context sensitive help links for Categories.
- [22505] The "Npcap Loopback Adapter" is ignored when reading DNS servers from Windows.
- [22579] Updated MDaemon Connector to version 6.5.1.
- [22649] LetsEncrypt will now check the version of Powershell that is on the machine and exit the script when the required version is not present.
- [22652] LetsEncrypt will now add the MDaemon\LetsEncrypt\Modules directory to the PSModulePath environment variable for the session if it is not
included.
- [22675] LetsEncrypt will now delete and recreate the account when changing between the staging and live LetsEncrypt systems.
- [22688] LetsEncrypt will now retrieve errors from LetsEncrypt when a challenge fails and write the information to the screen and to the log file.
- [22672] The ACME-PS module used for communicating with LetsEncrypt has been updated to the latest version.
FIXES
- [22266] fix to Webmail - commas in the name part of an email address are not being properly handled in some instances
- [22316] fix to MDRA - Cannot save the default value of the skip rule action or the message processing priority action
- [22294] fix to MDRA - unable to remove activesync profiles
- [22289] fix to WorldClient theme - Importing/Exporting Contacts or Calendar Events - radio buttons hidden in some languages, e.g. Japanese
- [22290] fix to LookOut theme - When forwarding some messages, cke_protected is added to the body
- [22263] fix to LookOut theme - HTML encoding visible in contact comments, department, company, etc.
- [22269] fix to Lite and WorldClient themes - Missing event recurrence settings
- [22189] fix to MDRA - Some settings are missing under ActiveSync Client Settings
- [21676] fix to Webmail - MDPGP Results language is confusing and needs to be updated
- [20401] fix to sub-addressing not working with wild-card domain aliases
- [22288] fix to auto-freeze of inbound queue on configured number of disk i/o errors not working
- [22337] fix to MDPGP causing double the message recall delay
- [22338] fix to alias editor sometimes allowing entry of alias already in use
- [21125] fix to wrong data in SMTP response when over quota sender tries to send mail
- [22428] fix to Mobile theme - Themes unavailable on Personalize settings page when HideLoginTheme=Yes; Languages unavailable
on Personalize settings page when HideLoginLanguage=Yes
- [22437] fix to Webmail - Use HTTP Compression setting not being honored
- [22439] fix to Mobile theme - Cannot download attachments in folders other than Inbox
- [22440] fix to Mobile theme - Missing translations
- [22432] fix to Webmail - The date range in saved searches is saved, but it is not used in the search
- [22347] fix to ASMC - After migrating an account twice, folders with ampersands have an extra hyphen added
- [22352] fix to ASMC - Events recurring yearly are not migrated correctly
- [22298] fix to Dynamic Screening - IP is not blocked after many login attempts with the same password but different accounts
- [22460] fix to MDRA - When forced to change your password, you are prompted twice to change it
- [22483] fix to Dynamic Screen sometimes being invoked after a single (rather than configured number) of failed RCPTs
- [22412] fix to Webmail may not display the entire body of certain messages
- [22488] fix to MDaemon.exe crash in AclShlFx.dll during the daily ACL cleanup
- [22508] fix to Antivirus - if it takes clamd.exe longer than 5 minutes to scan a file then clamd.exe will get restarted even if it is still able to process other files
- [22521] fix to Mobile theme - Events are created one day in the past depending on the time zone specified
- [22519] fix to Mobile theme - Umlauts in folder names do not display correctly in Calendars list
- [22495] fix to Mobile theme - when changing the theme at Settings | Personalize the new theme is not saved for the logon page
- [22563] fix to Mobile theme - message bodies of draft messages composed in plain text are not displayed
- [22566] fix to MDRA - Client Signatures are not deleted when the input is empty
- [22567] fix to LookOut theme - External message Add Filter button not working
- [20992] fix to Webmail displays a backslash in front of quotes in subjects that have non-ASCII characters
- [21919] fix to Content Filter exclusion may not work when display name contains Japanese characters
- [22576] fix to ActiveSync - Data wipes are triggered for accounts after upgrading to MDaemon 19.5.1
- [22572] fix to MD Configuration Session hang
- [22527] fix to OR clause in Active Directory Monitoring search filter causes non-matching account imports
- [22560] fix to Webmail - When HTML Compose is off, the first dropped attachment in the Compose view does not show up
- [22608] fix to Webmail - Wrong messages may be attached when doing Forward as Attachment from Search Results
- [22629] fix to WorldClient theme - AM/PM are displayed incorrectly in the message list for some languages
- [22630] fix to Dynamic Screening - TrustedIPs.dat created in \MDaemon\Data
- [22518] fix to Dynamic Screening - "0x41504000 Mgmt Logon: Internal" logged repeatedly while Configuration Session is running
- [22597] fix to ActiveSync - Umlauts displayed incorrectly in autoresponses when autoresponder is created via ActiveSync
- [22664] fix to Webmail - PIM attachments fail to upload
- [22677] fix to Antivirus - AV update log viewer shows "No sessions" for ClamAV update logs
- [22676] fix to Mobile theme - When HTML Compose is disabled, messages are still sent in HTML
- [22716] fix to Antivirus - Security|Antivirus|AV Updater shows incorrect ClamAV information
- [22692] fix to ActiveSync - Possible crash while syncing a meeting invite with garbage text
- [22718] fix to Mobile theme - Styles change in the compose view after an auto-save draft occurs
- [22577] fix to ActiveSync - Random AD authentication failures
- [22728] fix to MultiPOP - Previously downloaded messages are being randomly redownloaded
MDaemon 19.5.1 - November 4, 2019
SPECIAL CONSIDERATIONS
[22444] The LetsEncrypt functionality has been updated to use ACME v2. This update is required because LetsEncrypt is
discontinuing support for ACME v1. PowerShell 5.1 and .Net Framework 4.7.2 are now required in order to use LetsEncrypt.
FIXES
- [22433] fix to ActiveSync - clients that required previous approval need to be re-approved
- [22443] fix to ActiveSync - Unable to login when using domain and full email address
- [22446] fix to Mobile theme - Sending plain text emails results in an empty message body
- [22439] fix to Mobile theme - Cannot download attachments in folders other than Inbox
- [22467] fix to Mobile theme - Cannot add inline images to a new message
- [22472] fix to Webmail - Images in the default client signature may not be displayed in Webmail
- [22474] fix to MDRA - When adding an image to a Default Client Signature, the image file is placed on the root of the C drive
- [22486] fix to licensed features may be disabled after renewing an MDaemon registration key that had been switched to trial mode
- [22372] fix to memory leak in DAV server if folder contains over 1000 events or contacts
MDaemon 19.5.0 - October 15, 2019
SPECIAL CONSIDERATIONS
[21908] Some settings, such as the registration keys, have been moved from \MDaemon\App\MDaemon.ini to
\MDaemon\LocalData\LocalData.ini. If you need to revert to a previous version, they will not find the
settings at their new locations, so their installers will ask you to enter a registration key. This can
be avoided by copying the settings back to MDaemon.ini, or restoring a backup of MDaemon.ini, first.
MAJOR NEW FEATURES
[21228] New Webmail Mobile theme
Webmail's Mobile theme has been replaced with a more modern GUI
with more features. Message list features now include personalized categories,
message snooze, sort by flagged/unread/snoozed, sort columns, and message recall.
Calendar features now include Import/Export events as csv or ics files, add external calendars,
private access links, publish calendar, and view multiple calendars at one time.
Compose features now include deferred delivery, multiple signatures, text/html messages, and email templates.
Other features include drag and drop email filters, multiple signatures editor, more folder management options, notifications,
drag and drop column management, drag and drop categories management, and more.
If running Webmail in IIS, additional configuration steps are needed. See KB article 1236 for more information.
[7402] Client signature management
Added the ability to configure a signature that is pushed to supported mail clients (Webmail
and MDaemon Connector). A default client signature can be set at Setup | Server Settings | Client
Signatures or it can be set per domain on the Domain Manager's "Client Signatures" screen.
Use macros such as $CONTACTFULLNAME$, $CONTACTEMAILADDRESS$, to personalize the signature with data
pulled from the user's contact in the domain's Public Contacts folder. Use the $ATTACH_INLINE:filename$
macro for inline images in the HTML signature.
After entering signature text, it will appear in Webmail as the "System" signature, and will become
the user's default signature. It can be enabled/disabled by default at Setup | Web & IM Services |
Webmail | Settings or per domain on the Domain Manager's "Webmail" screen.
For MDaemon Connector, the signature's name and related settings can be configured at Setup | MDaemon
Connector | MC Client Settings | Signature. Requires MDaemon Connector 6.5.0 or newer, and "Push client
settings to MC users" to be enabled.
The $CLIENTSIGNATURE$ macro can be used in other mail clients to have the server add the client signature
to messages.
CHANGES AND NEW FEATURES
-
[21474] MDPGP: The Content Filter's "encrypt message with user's public key" action now works with the
following limitations (it was broken in previous versions): It must be the last action in a multi-action
rule. It must be the last rule in a multi-rule set. Basically, all content filter processing on a
message stops when the first encryption action takes place (so make this action/rule the last in the
processing chain). You want the encryption action to be last anyway so that other actions which might
modify the message can take place first. At present, encryption via content filter will prevent user
signatures and domain signatures from being appended to the encrypted message. This will take more work
to change later. Lastly, the Content Filter's "decrypt message with user's private key" action was not
working properly. When using this action make it the first thing done so that other rules which come
after will have a decrypted version of the message to work on.
-
[21646] MDPGP: Decryption routine will now decrypt PGP blocks in-line. Previously,
PGPMime message format was required. Messages may contain multiple encrypted blocks
and the inline decryption routine will decrypt those it can and skip over those it
can't. Remember that MDPGP decrypts messages as it places them into the user's folder
so decrypted content exists on MDaemon's mail volume(s). Be sure and use OS tools to
secure critical folders from unauthorized access.
-
[21884] LetsEncrypt now includes an option to delete certificates that were issued by
LetsEncrypt, have a subject the same as the FQDN in MDaemon and with an expiration date
over 30 days ago. A checkbox to control this was added to Ctrl+S|SSL & TLS|Let's Encrypt.
This option is enabled by default.
-
[21205] Quota reports no longer include disabled or frozen accounts by default. You can change this with
a new checkbox at Ctrl+U|Other|Quotas.
-
[21968] LetsEncrypt: By default PowerShell only supports SSLv3 and TLS1.0. Code was added to enable TLS1.0, 1.1,
and 1.2 for the active session. PowerShell also honors the operating system settings for client SSL/TLS protocol
support, so if you disable support for TLS 1.0 as a client protocol in the operating sytem, PowerShell will not
attempt to use it.
- [21993] The QUEUERUN SEM file has been deprecated and removed.
- [19812] Added option to enable macro detection in documents and adjust heuristic level for Cyren AV.
- [21649] MDRA - Added Let's Encrypt settings.
- [16961] MDRA - Added more DKIM Signing settings.
- [16945] MDRA - Added the Archive Now option under Logs -> Log Settings -> Maintenance.
- [16944] MDRA - Added the "Compact database now" button under Logs -> Log Settings -> Statistics Log.
- [16943] MDRA - Added the EDNS settings and an MXCache.dat editor under Setup -> Server Settings -> DNS.
- [21362] MDRA - Added ways to request trial keys for AntiVirus, ActiveSync, and MDaemon Connector.
- [16864] MDRA - Added "Remove contact which are missing name or phone data" button to the User Editor.
- [16942] MDRA - Added "Bind to new port values now" button at Setup -> Server Settings -> Ports.
- [16860] MDRA - Added "Edit Attachment Linking settings" to User Editor -> Attachments.
- [16503] MDRA - Added warning for admins that are attempting to freeze or disable their own accounts.
- [21363] MDRA - Added an alert to inform Trial users how many days are remaining in their trial.
- [20963] MDRA - Added feature to prevent admins from deleting their own accounts.
- [20785] MDRA - Added the mailing list subscription type below the mailing list address on the Main -> My Mailing Lists page.
- [21952] MDRA - Added a categories editor at Main -> Webmail Settings -> Categories to allow admins to manage Domain categories and default User personal categories.
- [11500] MDRA - Added buttons to view the file being edited for Security -> Screening -> (Sender Blacklist, Recipient Blacklist, IP Screen, and Host Screen). Added an import file option to the file view.
- [20802] MD GUI will throw a warning when disabling SPF or DKIM while DMARC is enabled.
- [21462] SMTP server will respond with "disabled" rather than "unknown" if account exists but is disabled or frozen.
- [21446] MD GUI will throw warnings and offer fixes on config conflicts between non-reversible encryption and APOP/CRAM-MD5 use.
- [21674] DMARC fo=1 option no longer generates protocol specific failure reports when DMARC itself passes.
- [21414] F2|Server Settings|Pruning has several new options for deleting items based on age.
- [22066] Webmail - Improved autocomplete performance for large address books.
- [22071] Updated MDaemon Connector to version 6.5.0.
- [11615] MDRA - Changed "Viruses Blocked" report title to "Viruses Detected" since the log entries include blocked, quarantined, and accepted viruses.
- [22032] ASMC - Passwords are no longer logged in the ASMC log file.
- [22029] ASMC - When SSL is not being used and a 501.1 error is returned a warning will be logged to indicate that you should retry using SSL.
- [21421] Ctrl+W|Webmail and Remote Administration|Web Server tabs have new options added to enable use of the
X-Forwarded-For header which is sometimes added by proxy servers. This option is disabled by default. Enable
it only if your proxy server inserts this header.
- [5141] Added a Webmail option for whether users are allowed to create email signatures. Set the default at
Setup | Web & IM Services | Webmail | Settings or per domain on the Domain Manager's "Webmail" screen.
- [22195] SMTP server will reply with "550 5.7.0 Authentication rejected" when otherwise valid credentials are unacceptable for policy reasons.
- [22234] Updated Cyren AV engine to version 6.2.2-rc2.
- [22241] Webmail - Stopped using Webmail HTTP.log to log server to server HTTP requests and now logging to Webmail.log.
- [22118] Account editor will throw a warning and disallow switching to other tabs until full name/mailbox data entered.
FIXES
- [21030] fix to SPF record may not be found if the DNS response is truncated
- [21945] fix to MDRA - Using Apply and then Save and Close results in duplicate entry in Minger list
- [21861] fix to LookOut and WorldClient themes - Changing Special Folders in Non-English Webmail profiles causes Webmail to change folder values
- [21933] fix to LookOut and WorldClient themes - New folders are created with non-English names when saving Options | Folders page
- [21946] fix to MDRA - If the setting ExpireTime is missing from WebAdmin.ini, MDRA does not show a default value
- [21677] fix to RAW CC header data possibly truncated in final generated message(s)
- [21564] fix to MultiPOP UI getting confused when password starts with hypen character
- [21976] fix to Minger server does not return "disabled" response for disabled mailing lists
- [21621] fix to MD GUI accepting foreign addresses for public folder submission
- [21994] fix to MD GUI crash when sharing a folder that contains hundreds of subfolders
- [22001] fix to WorldClient theme - When selecting a different calendar in new event, the event is not added to that calendar
- [22017] fix to MDRA - Cannot disconnect Webmail sessions
- [22019] fix to Webmail - Private access links for Shared and Public calendars produce an xml error
- [21882] fix to MDRA - Non-admins can add and edit an alias in their account, but they cannot delete it
- [21648] fix to account signature file not deleted when account is deleted
- [22028] fix to corrupt email address when the MDaemon system account mailbox alias is less than 7 characters long
- [22035] fix to all links to contacts in Outlook are broken when a distribution list is edited in Webmail
- [22037] fix to possible Webmail crash when searching messages
- [22050] fix to MDRA - Attachment Linking "White List" editor does not save changes
- [22060] fix to possible Webmail crash when using message list threading
- [21816] fix to Webmail - When HideBlacklistFolder=Yes exists, the BlackList Sender option is still available
- [21889] fix to SPF policies are truncated after 1024 characters
- [22059] fix to MDRA - admins can remove their own access without a warning
- [22063] fix to users not being able to change passwords when using non-reversible encryption and the ODBC account backend
- [22072] fix to some MSA-specific processing not being done for SSL SMTP connections when SSLSMTPIsMSA=Yes
- [22078] fix to unable to upload/post specifc recurring calendar event via CalDAV
- [22081] fix to MDRA - Registration info screen does not show any values in the Country dropdown
- [22020] fix to messages with improperly formatted categories causing the iOS mail client to crash
- [21553] fix to Outlook using ActiveSync not recognizing changes to Calendar permissions
- [15529] fix to unable to upload calendar using Outlook's "Publish to WebDAV Server" feature
- [22115] fix to MDRA - Crash when accessing account ActiveSync Clients page
- [22119] fix to MDRA - Access denied error when domain admin clicks on ActiveSync Clients or ActiveSync Assigned Policy
- [22123] fix to SPF code returning permerror when it shouldn't
- [21580] fix to mailing list message not being released from quarantine queue properly
- [21901] fix to smart route code sometimes using wrong smart host
- [20883] fix to IP address editbox accepting non-IP address data
- [21188] fix to signed messages not getting attachments stripped out at times
- [22183] fix to Webmail - Remember Me skips the Two Factor Auth validation page when restoring an existing session
- [22122] fix to LookOut and WorldClient themes - Slow loading folders could result in unending loading
- [22188] fix to MDaemon.exe crash when checking recipient blacklist with an invalid entry
- [22193] fix to using CONTACTS:domain in a mailing list causes certain messages to go into the wrong queue
- [22126] fix to MDRA - Form field [loglevel] not found error on Global ActiveSync Client Settings page
- [22143] fix to MDRA - ActiveSync - When AS is disabled on domain level, a domain admin still sees the AS Client Settings tab on a user
- [22194] fix to AutoDiscover does not tell clients to use SSL when the redirect to HTTPS option is enabled
- [22202] fix to incorrect IMAP server handling of the % wildcard for LIST and LSUB commands
- [21929] fix to a possible hang in Cyren AV processing
- [21698] fix to Webmail - When renaming a folder, capitalization is not saved
- [22199] fix to several errors converting and handling bad RAW message files
- [22221] fix to changed occurrences of a meeting created using ActiveSync may be lost when an attendee sends a meeting response
- [22252] fix to Dynamic Screening gateway UI not allowing certain IP addresses to be added
- [22222] fix to AutoDiscover not honoring the MDaemon.ini [Special] FullEmailLogin setting
- [22254] fix to orphaned multi-line message-id header data possibly being included in list mail
- [22250] fix to LookOut and WorldClient themes - Calendar Import from URL broken in IE
- [21186] fix to incorrect info about use of "spf" tag in SPFXcpt.dat file help text
- [21115] fix to releasing a message that isn't spam getting the spam stripping treatment anyway
- [22265] fix to MDRA - ActiveSync - Domains disabled by default still display ActiveSync links in Domain Manager
- [22313] XMLAPI: Deleting or modifying PIM items doesn't account for ensuring updates are sent to MC Clients.
- [22305] ActiveSync: PIM Validation does not correctly fix identical/duplicate iCalUid values.
- [21904] fix to Antivirus - sometimes AV engine does not wait long enough for ClamD to finish loading so it will repeatedly shut down ClamD and restart it
- [22372] fix to memory leak in DAV server if folder contains over 1000 events or contacts
- [22365] fix to DNSBL "Open Resolver"
and "Excessive Queries" response codes are not correctly parsed
MDaemon 19.0.3 - July 16, 2019
FIXES
- [21794] fix to AutoDiscover does not return the SMTP port when the dedicated SSL ports are enabled
- [21810] fix to ActiveSync server may crash when sending a read receipt
- [21856] fix to CALDAV - saving a calendar with a reminder set in eM Client returns an error and the event is not displayed in the calendar
- [21862] fix to ActiveSync - Work around WP8/WP10 <MoreAvailable /> client bug
- [21859] fix to ActiveSync - Creating ActiveSync profiles using alias counts against ActiveSync license
- [21865] fix to XMPPServer - possible crashing problem with BOSH server
- [21881] fix to possible crash in mdautodiscover.dll
- [21889] fix to SPF policies are truncated after 512 characters
- [21904] fix to Antivirus - sometimes AV engine does not wait long enough for ClamD to finish loading so it will repeatedly shut down ClamD and restart it
MDaemon 19.0.2 - June 13, 2019
CHANGES AND NEW FEATURES
- [21694] Updated MDaemon Connector to version 6.0.2.
FIXES
- [21668] fix to CALDAV - Tentative meeting shows as busy in eM Client
- [21679] fix to Webmail - Public Calendar - calendar may not be displayed
- [21657] fix to LookOut and WorldClient themes - Cannot save draft when sending message fails
- [21680] fix to crash in MDASMgmt.dll
- [21683] fix to the ActiveSync Migration Client incorrectly parsing timezone data
- [21662] fix to AutoDiscover not fully supporting Encryption options
- [21692] fix to CARDDAV - A new contact folder created on the client is created as a calendar folder on the server
- [21701] fix to CALDAV/CARDDAV - if rich text formatting is used in item's description field it is not saved by the server and the item's description is lost
- [21693] fix to CalDAV - Propfind response missing a trailing slash for task folders
- [21716] fix to Webmail - Cannot log in using Lite theme when Send Anonymous Usage Data is disabled
- [21775] fix to AntiVirus - A file detected as non-scannable by Cyren AV but clean by ClamAV is not considered non-scannable
MDaemon 19.0.1 - May 14, 2019
SPECIAL CONSIDERATIONS
[21641] To simplify IIS configuration, the ISAPI DLLs MDMgmtWS.dll and MDDP.dll have been moved out of the \MDaemon\App directory and into
\MDaemon\ISAPI\MDMgmtWS and \MDaemon\ISAPI\MDDP. If you had already set up IIS to reference these DLLs you will need to reconfigure IIS
to access them from their new locations.
CHANGES AND NEW FEATURES
- [21460] Updated ClamAV to version 0.101.2.
- [20850] Added support for setting folder ACLs via DAV server using eM Client.
- [19150] MDIM - Added "Send" button when "Set IM 'Enter' key to send message" is turned off.
- [21660] Updated MDaemon Connector to version 6.0.1.
FIXES
- [21030] fix to SPF record may not be found if the DNS response is truncated
- [21604] fix to possible MDaemon.exe crash when AV is enabled
- [21611] fix to LookOut and WorldClient themes - All Unread and All Flagged searches not translated
- [21612] fix to LookOut theme - "Search Results" not being translated
- [19933] fix to AV - Attaching a file in winmail.dat with special characters will cause AV scanner to hang
- [20824] fix to Content Filter - The regex tester in the GUI does case-sensitive search but the rules processing engine does case-insensitive search
- [21617] fix to when synchronizing a contact from the CardBook plugin from Thunderbird, the second work phone number is lost
- [21603] fix to MDRA - Japanese - some translations are not encoded correctly
- [21598] fix to MDRA - In certain circumstances, accounts show a negative value in the Mailbox Size chart
- [21569] fix to LookOut and WorldClient themes - With HTML Compose disabled, clicking Save button does not save a draft of a message
- [21620] fix to MDRA - Creating new public folder removes the first character
- [21545] fix to MDRA - UI not consistent between GUI and MDRA for adding wildcards to sender blacklist
- [21558] fix to MDRA - some text is not translated
- [21542] fix to LookOut theme - HTML markup visible in window title
- [21465] fix to MDRA - Users are not warned about unsupported browsers
- [21455] fix to LookOut theme - Folder share "No Access" string is not being translated
- [20594] fix to LookOut and WorldClient themes - After creating a new folder, the corresponding folder type is blank under Default Folders
- [19940] fix to MDRA - buttons are too large on a 4k monitor
- [21616] fix to AV - fix to the handling of error when scanning RAR files with Cyren AV
- [21626] fix to WorldClient.exe crash at startup when using a particular SSL certificate
- [21637] fix to AutoDiscover sometimes failing because it cannot access MDDP
- [21640] fix to ActiveSync: When renaming a domain, the corresponding accounts in the AirSyncUser.dat are not changed
- [21647] fix to iOS IMAP account does not automatically configure itself to use the server's Sent Items and Deleted Items folders
- [21650] fix to unexpected error while virus scanning TNEF attachments if the ClamAV engine is disabled
- [21638] fix to CalCalDAVErrorDomain; Error: 14 when adding CalDAV account on Mac OS X Calendar application
- [22042] fix to MDRA - Admins can lock themselves out of Remote Admin by setting the session expire time to 0
MDaemon 19.0.0 - April 16, 2019
SPECIAL CONSIDERATIONS
[8811] MDaemon's disk space calculations were being made inconsistently in several
places (for example, sometimes using 1000, sometimes using 1024 bytes for a kilobyte
computation). This has been fixed to use 1024 consistently. As a result your users'
disk space quota values may be slightly different than in previous versions. Please
check and make whatever adjustments (if any) you feel are required.
[20595] The "Start MDaemon" Start Menu shortcut on new installs now defaults to
opening a browser to MDaemon Remote Administration rather than opening an MDaemon
Configuration Session. To change this, edit \MDaemon\App\MDaemon.ini and set [MDLaunch]
OpenConfigSession=Yes/No and OpenRemoteAdmin=Yes/No, or use the "Open MDaemon
Configuration Session" or "Open MDaemon Remote Administration" shortcuts
instead of "Start MDaemon". Set the "Remote Administration
URL" at Setup | Web & IM Services | Remote Administration | Web Server if the
auto-generated URL does not work or if Remote Administration runs in an external web server.
If a working URL cannot be determined, a Configuration Session will be opened instead.
[21263] The option "Only send antivirus update notification on failure" is now enabled by
default, and when updating to MDaemon 19, it will be enabled the first time MDaemon starts up.
[19471] SyncML has been deprecated and removed.
MAJOR NEW FEATURES
[21118] TLS Server Name Indication (SNI) support
SNI allows a different certificate to be used for each of your server's hostnames. MDaemon will
look at the active certificates and choose the one that has the requested hostname in its Subject
Alternative Names field. If the client does not request a hostname, or no matching certificate is
found, then the default certificate is used.
[19427] XML-API for Folder and Item Management
The XML-API has been expanded to include the ability to manage mailbox folders and items in the folders.
Folders can be created, deleted, renamed, and moved using the API. Item operations support email,
calendar, contacts, tasks, and notes. Items can be created, deleted and moved using the API. Full
documentation can be found in the MDaemon\Docs\API\XML-API\ directory.
CHANGES AND NEW FEATURES
- [21008] MD AntiVirus - Added ClamAV to Content Filter's virus scanning instead of it being a separate plugin. When a message or attachment is being scanned it is first scanned by Cyren AV engine and then scanned by ClamAV engine. Either can be enabled/disabled at Security | AntiVirus | Virus Scanning.
- [21303] ActiveSync Migration Client - Changed the Default User Path used by ASMC when migrating data. If ASMC is running on an MDaemon installation, and if the output path is not specified, it will build the output path based on the "New Accounts" template.
- [20848] Autodiscover Service - Support has been added for eM Client, Thunderbird, Outlook, and other clients utilizing the same specification.
- [21222] Webmail - Added a delete icon for removing common contacts from the autocomplete list.
- [20948] MDRA - Added license management options to the Registration page.
- [17057] MDRA - Added AntiVirus Updater and Scheduler dialogs.
- [21214] Webmail - Added a reference to the XMPP BOSH KBA 1210 in the Webmail IM client error message.
- [14277] MDRA - Changed the popout windows save options to Apply, Save and Close, and Cancel.
- [11443] MDRA - Added queue counts, process message counts, other process counts, session statistics, and more process states to the Status page. Added tabs for window sizes over 480px to view information without scrolling.
- [21301] Webmail - Compose, Signatures, and Email Templates - Removed the Paste, Paste Plain Text, and Paste From Word buttons from the HTML editor (since they do not work), and removed the HTML editor context menu, so that users can right click copy/cut/paste.
- [21307] MDRA - Domain Signatures, Signatures, and CFilter append signature - Removed the Paste, Paste Plain Text, and Paste From Word buttons from the HTML editor (since they do not work), and removed the HTML editor context menu, so that users can right click copy/cut/paste.
- [21314] MDRA - Improved data collection system for more accurate analytics.
- [21311] Webmail - Improved data collection system for more accurate analytics.
- [21302] Webmail - Added an option for users to allow Webmail to automatically create an "All Unread" and/or an "All Flagged" saved search. Users are prompted on login only one time, and only if they have Saved Search Folders enabled. If a user chooses "No", the option is still available under Options | Folders. Admins may suppress these prompts by adding DefaultSavedSearchesCheck=Yes to the MDaemon\WorldClient\Domains.ini file under [Default:UserDefaults].
- [21343] Updated MDaemon Connector to version 6.0.0.
- [20819] The options to send authentication failure reports and frozen account reports to end users have been made available in the on-premise version of MDaemon.
- [21354] Webmail - WorldClient theme - attachment list action icons (download, import, delete, etc.) have been darkened and the size increased to make them easier to see.
- [21359] Updated Outbreak Protection engine to version 8.2.0.1.
- [20917] Added an option to revoke user access to ActiveSync when ActiveSync is disabled for the domain.
- [21328] Webmail - Added "(EXPIRED)" to the browser tab title when the session expires, so that if a user is not in the Webmail tab the user will still know that the session expired.
- [21357] Spam Filter - Updated spam filter engine with SpamAssassin 3.4.2.
- [21376] MDRA - Further improved data collection system for more accurate analytics.
- [20962] Added a new "External message warning" rule in the Content Filter that adds a warning to the top of messages from external senders. The rule is disabled by default. Customize and enable it if you wish. It uses a new condition that compares the domains in the Return-Path, Sender, and From headers to the recipient's domain, and a new action that adds warning text to the top of a message.
- [19791] Added options to Security | Spam Filter | Spam Honeypots and Security | Security Settings | Screening | SMTP Screen to enable/disable the Dynamic Screening notification when an IP is blocked.
- [21286] The STARTTLS White List now takes precedence over the STARTTLS Required List and the "SMTP server requires STARTTLS on MSA port" option.
- [13663] LOGIN is preferred over CRAM-MD5 when authenticating to a remote SMTP server over a TLS connection.
FIXES
- [21018] fix to MDRA - Domain Settings - New Clients Must Be Authorized and Log Level options are visible
- [21204] fix to Webmail - Voice Recorder broken in the latest FF and latest Chrome
- [21213] fix to Webmail - Compose - pasting an image into the HTML editor fails in Chrome 49
- [21137] fix to Location Screening Statistics missing from the MD Statistics Report
- [21342] fix to MDRA - Cannot change Webmail Settings option for "Send read confirmations"
- [21365] fix to Webmail - LookOut and WorldClient themes - Users cannot right click on the download link in the attachment list
- [21346] fix to CalDAV - Unable to delete an occurrence of a recurring event using the DAVDroid client
- [21341] fix to MDRA - When setting a mailing list to be moderated, a warning pops up
- [21451] fix to MDRA - Changing the Remote Admin Log File Directory results in WebAdmin-HTTP and WebAdmin-WDaemon log files being inaccessible via Remote Admin
- [21467] fix to incorrect default AV paths to warning files
- [21283] fix to Restricted Attachments - When an ALLOW entry exists, quarantined files overwrite existing files
- [21136] fix to mailing list non-delivery reports not being delivered to bounce address
- [21494] fix to Webmail - the Subject of a particular message is truncated
MDaemon 18.5.3 - March 15, 2019
CHANGES AND NEW FEATURES
- [21424] Updated to MDaemon Connector version 5.6.2
FIXES
- [21312] fix to Webmail - Warn on Missing Attachments always warns in German
- [21278] fix to Webmail - LookOut and WorldClient themes - Using "Add to Contacts" option causes Russian names to be corrupted
- [21337] fix to Webmail - Attached EML files do not open up in a new tab when you click on them
- [21350] fix to ActiveSync - When disabling ActiveSync for a secondary domain via Domain Manager, it disables it for the primary domain instead
MDaemon 18.5.2 - February 12, 2019
CHANGES AND NEW FEATURES
- [20986] Webmail - Removed the "Click here to edit your signature" button by default (which
allows the signature to always be edited). To require the button in order to edit
the signature add ProtectSignature=Yes to the [User] section of the User.ini.
- [21279] Updated to MDaemon Connector version 5.6.1
FIXES
- [21084] fix to Webmail - Missing attachment warning is not displayed when using non-ASCII
characters
- [21105] fix to MDRA - Domain admins cannot create the allowed number of mailing lists
- [21108] fix to WorldClient theme - "New Email" is not translated in the compose
window heading
- [21088] fix to Content Filter "Search and replace within HEADER" does not work
for header values that have leading whitespace
- [21128] fix to MDRA - ActiveSync Assigned Policy screen does not default to
having the currently assigned policy selected
- [21135] fix to Webmail - WebIM (XMPP) client's multi-user chat not working
correctly
- [21156] fix to Webmail displays incorrect sizes for very large attachments
- [21144] fix to Webmail - Accepting a recurring meeting invitation may only place the
first occurrence in the calendar
- [21145] fix to hijack detection account frozen notification says the cause was dynamic
screening
- [21165] fix to CalDAV - iOS devices adding calendar events with no reminder have
a 22467964 minute reminder applied
- [21152] fix to MDaemon's "Maximum simultaneous connections to any single IP"
setting does not work properly
- [21171] fix to MDaemon.exe memory leak on Windows XP and Server 2003
- [21210] fix to LetsEncrypt script may return an error when running under an external
web server
- [21094] fix to read-only iOS ActiveSync user can decline another user's meeting request
within their shared calendar
- [21226] fix to Webmail - XSS vulnerabilities
- [21230] fix to MX lookups performed on smart host name when a route slip is used
- [21240] fix to route slip is not moved along with message file when quarantined
- [21245] fix to MDaemon fails to validate remote SMTP server's certificate when MX
cache file is used
- [21244] fix to Webmail - When removing an event via a cancellation e-mail, the calendar
event is not removed
MDaemon 18.5.1 - November 13, 2018
CHANGES AND NEW FEATURES
- [20982] The AV update schedule now defaults to once every hour. Existing AV schedules
set to update daily will be reset to hourly. Please check your AV schedule at Setup |
Event Scheduling and make whatever changes you feel necessary.
- [20945] The options to refuse messages that are not RFC compliant or incompatible with
DMARC do additional checks for invalid syntax in the From header.
- [18790] Added support for a $COMPANYNAME$ macro that can be used in the MDaemon Connector
pushed settings which returns the value of the CompanyName setting in the section for the
user's domain in \MDaemon\App\Domains.dat. There is no UI for this setting.
- [20944] Settings for the XMPP BOSH server have been added to the UI at Setup | Web & IM
Services | XMPP.
- [20474] Webmail - Changed the view snoozed messages option to display only
snoozed messages, instead of displaying snoozed messages in addition to other
messages.
- [20847] MDRA - Added "Enable password recovery" and "Enable Remember Me" options
to the Webmail domain settings at Main | Domain Manager | %DOMAIN% | Edit |
Webmail Settings, and added "Enable password recovery" to Main | Webmail
Settings | Settings.
- [20854] MDRA - Added the Full Wipe button on the ActiveSync Clients page. The
button is only enabled when the device has agreed to the designated policy.
- [20879] MDRA - Added the Policy Usage page when clicking on the Usage button at
Mobile Devices | ActiveSync | Policy Manager.
- [21036] Webmail - Added a status message when the user clicks "Apply
Changes" on the Signatures page and the request to the server completes.
- [21056] AntiVirus - Updated Cyren AV to version 6.2.0r2. This version
fixes a few reported scanning errors.
FIXES
- [20910] fix to LetsEncrypt error emails not being sent when specific errors occur
- [20918] fix to IMAP server does not return failure when AUTHENTICATE PLAIN authorization
fails
- [20951] fix to MDRA - a global or domain administrator can delete their own account
- [18603] fix to Spam Filter max size setting is disabled in the GUI when using a remote
MDSpamD
- [19957] fix to Webmail - a long "cke_protected" line may be added to messages
when replying in IE and Firefox
- [17950] fix to Webmail Mobile theme - cannot scroll left to right on HTML emails on
iPhones
- [20990] fix to MDRA - unable to add entries to the Spam Filter White and Black
lists
- [20703] fix to MDRA - non ASCII characters in mailing list member names are not displayed
correctly
- [20996] fix to "Authenticated SMTP sessions are exempt from OP processing"
option does not work
- [20999] fix to Webmail - compose toolbar tooltips are not translated
- [20998] fix to HTML markup in account signatures is escaped when inserted into
HTML messages
- [21003] fix to Webmail LookOut theme - hang while loading on IE 8 and IE 9
- [21002] fix to reminder message is still sent after a calendar event's reminder is
turned off
- [21005] fix to ActiveSync XML/WBXML archiving does not function correctly
- [21012] fix to clamd.exe is started even if ClamAV is disabled when MDaemon runs the
first time after installing
- [21014] fix to Webmail - non-ASCII characters in full name of meeting organizer are
corrupted when creating an event in a shared calendar folder
- [21019] fix to ActiveSync RequireAdminApproval not enforced when assigned at User Level
- [21015] fix to Webmail - Autocomplete returns an old distribution list found in
the common contacts list
- [21021] fix to Webmail - meeting organizer is not able to edit attendees when creating
a meeting in a shared calendar folder
- [21022] fix to WorldClient theme - selecting messages and clicking "more"
then "Toggle Flag" does nothing
- [20991] fix to the "credentials must match" white list is not checked for
the return path address
- [20930] fix to MDRA - registration links are hard coded. Added dynamic Pricing,
Purchase, and Upgrade links to each product.
- [20243] fix to DKIM verification fails when using a domain or default signature that
contains an inline image
- [19777] fix to outbound message restrictions may not be enforced when sending from
an alias
- [19935] fix to SPF failure on HELO value can reject the connection before the client
can authenticate
- [21031] fix to ActiveSync MaxClientsPerUser not being enforced correctly at all levels
of inheritance
- [18972] fix to Content Filter "If RETURN-PATH and FROM HEADER differ" condition
only works on inbound email
- [19809] fix to MD GUI's Queues list includes Bayesian Spam and non-Spam folders when
the paths have not been set
- [19533] fix to MD GUI may crash when disabling the Enable XMPP Server option
- [19817] fix to message body may be stripped when using a signature with inline image
and DKIM signing is enabled
- [17689] fix to From Header Modification not always handling parsing correctly
- [2083] fix to MDIM contact list expand/collapse buttons do not work properly
- [9322] fix to Webmail error importing particular calendar CSV file
- [19236] fix to archive copy of a message may be sent to a recipient when using a smart host
- [20674] fix to incorrect MIME parsing causing message to not display in Webmail or
MDaemon Connector
- [21042] fix to signature images added using the $ATTACH_INLINE$ macro may be duplicated
- [18854] fix to MDIM notifies about all online XMPP contacts when logging in
- [14427] fix to MDIM window pops up after switching away from General Preferences
- [18428] fix to MDIM window does not save its size or location
- [18062] fix to corrupted non-ASCII characters in MDPGP public key creation emails
- [20987] fix to Webmail may not show a paperclip for a message with a PDF attachment
- [21045] fix to XMPP server is slow to send the roster presence after login
- [21025] fix to duplicate public contact may be created when changing an account's domain
- [21048] fix to gateway recipient verification is skipped if sender is noreply@domain
- [20950] fix to Webmail - XMPP - client translations are missing for most
languages
- [21058] fix to error when attempting to download an MDPGP public key via HTTP
MDaemon 18.5.0 - September 25, 2018
SPECIAL CONSIDERATIONS
[18211] BlackBerry Internet Service feature integration has been deprecated and removed.
The BIS service (if it still exists) will now interact with MDaemon as it would any other
SMTP/IMAP server.
[20768] WAB functionality has been deprecated and removed from Ctrl+U|Other.
MAJOR NEW FEATURES
[19813] MDaemon Instant Messaging in Webmail
The WorldClient and LookOut themes now feature a browser-based XMPP client that lets users
instant message without needing to run the MDaemon Instant Messenger desktop application or
some other XMPP client application. Users can enable it from Webmail's Options | Personalize
screen, "Enable MDaemon's Instant Messaging feature in browser". Admins can enable or
disable instant messaging per domain using the Domain Manager, per account using the Account
Editor, or per group using the Group Manager. It operates on ports 7070 (HTTP) and 7443 (HTTPS).
[19962] Exempt Webmail from Location Screening
Added a user option in Webmail to exempt Two Factor Authentication logins
from Location Screening. If a user has BypassLocationScreeningTFA=Yes in the
[User] section of their User.ini file, and Two Factor Auth is enabled for the
user, Location Screening is bypassed. This allows users to login to Webmail in
countries that would normally be blocked by Location Screening.
[20395] Improved AD Integration
Users whose accounts are set to use AD authentication can now change their AD
password in Webmail if the "AllowADPasswordChange" setting is enabled in
\MDaemon\WorldClient\Domains.ini. It is disabled by default.
[12576] Signature Macros
MDaemon signatures now support macros that insert contact information from the sender's
contact in its domain's Public Contacts folder. This allows default and domain signatures
to be personalized with the sender's information. $CONTACTFULLNAME$, for example, inserts
the sender's full name, and $CONTACTEMAILADDRESS$ inserts the sender's email address. Use
Webmail, MDaemon Connector, or ActiveSync to edit the public contacts. Blank values are
used if no contact exists for the sender. See the documentation for a full list of
supported macros.
The placement of MDaemon signatures can now also be controlled, if the sender wants them
somewhere other than the bottom of the message. Use $SYSTEMSIGNATURE$ to place the
default/domain signature, and $ACCOUNTSIGNATURE$ to place the account signature.
CHANGES AND NEW FEATURES
- [20550] ActiveSync: Enforcing the EAS spec so that full wipe of clients is only
possible if a policy has been applied.
- [18707] Report Weak Password feature now reports an error if invalid or non-local
recipient is entered.
- [20628] Errant AV definition count removed from UI and auto-generated emails.
This information is no longer available/relevant.
- [20381] Added ActiveSync to the Accounts section in the left pane of the MDaemon GUI.
- [20587] Low disk space calculations updated for large drives and auto generated
warning emails use MB now rather than bytes.
- (MDPC ONLY) [13955] MDRA - Added ability for domain admins to export users
- [8856] MDRA - Added mail list views (except List Administrators) for list
admins.
- [20091] Webmail - Added options in the Compose and Options | Compose views
to toggle the direction of the editor.
- [20083] Webmail - Added ability for remembering the collapsed state between
sessions for Favorite, Saved Search, Personal, Shared, Public, and My Folders.
- (MDPC ONLY) [11594] MDRA - Added ability for Domain admins to give users access
to MDaemon Connector
- [20081] MDRA - Added a completed action notification to the bottom of the page
when the user saves or takes an action on a page
- [9286] MDRA - Added the rest of the Event Scheduling dialog for Mail Scheduling
- [20114] Webmail - Added a plugin to the HTML editor that automatically converts
a pasted URL into a link
- [18829] MDRA - Added options to set custom HTTP response headers for the built
in Webserver that WC and RA run on. Main->Webmail Settings->Web Server and
Main->Remote Admin Settings->Settings. The option to UseHttpStrictTransport
security is migrated when the server starts.
- [13357] Webmail - Added an option to edit a contact after it is added from the
From header in the message preview and external message views
- [17397] Webmail - Added the Days selection checkboxes to the Options |
Autoresponder view
- [18810] Webmail - Added the ability to import an external calendar via URL on
the Calendar Import view. Added External Calendars view to manage added URLs.
- [14994] MDRA - Added MultiPOP-retrieved messages to all inbound charts
- [20250] WorldClient theme - Added an "urgent" indicator in front of the subject
heading on the compose view when a message is marked urgent
- [20394] MDaemon can be configured to not create POP lock files, which prevent multiple
POP3 clients from accessing the same account at the same time, by editing MDaemon.ini
and setting [Special] CreatePOPLockFiles=No.
- [20516] The Account Manager right-click menu has a new "Move Mail" option which
lets you select a new root path for the account folder structure (ie.. this
means you can replace the default C:\MDaemon\Users\ with an alternative).
Selected accounts will have their entire folder structure moved to the new
location. This includes all emails, folders, calendars, and really all
data for the account. Although you select the new root folder MDaemon will
automatically append "$DOMAIN$\$MAILBOX$\" to it so that the resulting filtered
mail folder paths stay properly separated. Keep the number of characters
in the root path as few as possible because there is still a 90 character limit
on the total length of the account mail directory field. The "New
Accounts" template's default mail folder path is also updated with this new
value. This operation can be used to easily migrate user data from one volume to
another either all at once or in blocks of users at different times. Pay
heed to warning screens. This operations moves and deletes your user's critical
data and there is always a potential for a mistake or failure to cause the
entire loss of it. Therefore make a backup of the user data before migrating.
This is easy by copying the existing root mail folder (C:\MDaemon\Users\ by
default) somewhere else manually (Windows Explorer).
- [18444] Webmail - Added the ability to change the categories on a per
occurrence basis for calendar events.
- [20476] Webmail - Added an option that allows a saved search to be cancelled
upon selecting a different message folder.
- [20535] Webmail - Added an HTTP JSON API with full documentation located at
\MDaemon\Docs\API\WorldClient\WorldClientAPI.html
- [18845] Webmail - Signature text in the compose editor now starts out read-only, to
prevent users from accidentally typing message text there and having it erased when
switching the From address.
- [20616] MDRA - Frozen accounts are no longer allowed to login.
- [20446] MDRA - Added Release and Re-Queue buttons to the Quarantine Queue
- [20275] MDRA - Updated FusionCharts to 3.12.2
- [20637] MDRA and Webmail - Updated CKEditor to 4.9.2 and added Speech
Recognition plugin.
- [4976] MDRA - Added "Importing Members" status indicator
- [7889] MDRA - Added "Importing User Accounts" status indicator
- [5665] MDRA - Added button to restrict MD folder access to Admins, Backup
Operators, and SYSTEM accounts at Setup | Preferences | Disk
- [19619] The ATRN password field was moved from the Settings page to the Dequeue page
within the Gateway Editor and the ATRN field will not enable without a password.
- [20491] MDRA - Added more Recommended Settings buttons to the following views:
- Security | Screening | Hijack Detection, Location Screening
- Security | Dynamic Screening | Options / Customize, Dynamic Whitelist,
Protocols, Notifications
- Security | Content Filter | Attachments, Notifications, Recipients, Compression
- Spam Filter | Spam Filter | Spam Daemon (MDSpamD)
- Spam Filter | Spam Honeypots
- Logs | Log Settings | Log Mode, Statistics Log, Windows Event Log, Maintenance,
Settings, Remote Admin Log Settings
- [18846] MDRA - When deleting a message in the Queues the next message is
selected in the list
- [20214] MDRA - When a log is filtered a user can click on a line and it will
open a frame to the page where that line is located, scroll to that line in the
log, and highlight the line.
- [19773] MDRA - Added button in the log viewer to turn on AutoRefresh. The
setting for the auto refresh interval is located at Logs | Log Settings | Remote
Admin Log Settings and the value has a minium of 5 with a maximum of 9999 in
seconds.
- [17841] MDRA - Added sorting to the ActiveSync Devices list under Mobile Devices
| ActiveSync | Domains | Manage Devices. Sorting column and direction persist
between sessions in the same browser (saved to browser storage).
- [18414] MDRA - Added ability to monitor, start, and stop SMTP, IMAP, POP3, and
MultiPOP services to Main | Status
- [8782] MDRA - Added the 'Remove contacts which are missing name or phone data'
button to Spam Filter | Spam Filter | Whitelist (auto) page
- [9331] MDRA - Added the Restore Queues page at Setup | Mail Queues/DSN | Restore
Queues Settings
- [9289] MDRA - Added avupdate.log to the log files list at Logs | Log Files.
- [20763] Changed installer to only overwrite Cyren AV definitions if older or missing
- [20513] Webmail - Added the ability to remove a contact from the common contacts
list when selecting a contact from the autocomplete list by using the "Delete"
key (in Windows) on the selected contact.
- [20261] WorldClient theme - Made MDaemon PGP encryption options more visible to
the user
- [16956] MDRA - Added ability to assign/edit policy settings per account at
Mobile Devices | Active Sync | Account Management
- [16955] MDRA - Added "Revoke All Accounts" button at Mobile Devices | Active
Sync | Account Management
- [16954] MDRA - Added the Client Management page at Mobile Devices | Active Sync
| Client Management
- [16953] MDRA - Added option to "Enable all domains unless explicitly disabled"
at Mobile Devices | Active Sync | Domain Management
- [16952] MDRA - Added "Day of month reset bandwidth statistics" option at Mobile
Devices | Active Sync | Client Management | Select a client and click "Client
Settings"
- [16951] MDRA - Added "Enforce protocol restrictions" option at Mobile Devices |
Active Sync | Client Settings | Edit an item in the list to view the client
settings.
- [12309] MDRA - Added more options to the Mobile Devices | Active Sync |
Diagnostics page
- [10850] MDRA - Added the "Create Tasks/Reminders for Flagged Mail Items" option
at Mobile Devices | Active Sync | Client Settings | Edit an item in the list to
view the client settings.
- [20837] Updated to MDaemon Connector version 5.6.0
- [11468] MDRA - Added a session cookie to increase the session security
- [20849] CalDAV and WebDAV now support the creation and deletion of calendar,
task, and contact folders from clients that support the MKCalendar and MKCol
commands.
- [20877] CalDAV server now stores the calendar color property and returns it to
other CalDAV clients. At this time CalDAV calendar colors are not synchronized
with Webmail.
- [19472] Added support for the SASL-IR IMAP extension (RFC 4959).
- [19470] Added IPv6 support to the XMPP server. Requires Vista/Server 2008 or newer.
FIXES
- [17185] fix to Webmail - Folder ACL editor corrupts non-ASCII characters in Hiwater.mrk
and AclShLookup.dat
- [16925] fix to MDRA - When you create a new mailing list with a group as a
member, a notification is sent to the actual "GROUP" entry
- [20203] fix to LookOut theme - User Permissions for shared folder not displayed
- [20228] fix to Mobile theme - Events are not loaded in the calendar view when
switching months or years
- [20542] fix to MDRA - "To address is missing" appears in "send note"
content filter rules created by MDRA
- [20575] fix to Webmail - In certain instances, a recipient's Display Name will
be sent in punycode
- [20618] fix to MDRA - Unable to add Dynamic Screening blacklist entry to an
empty list
- [20643] fix to whitelist@ and blacklist@ message parser ignoring \"From\" data when
split to multiple lines
- [20639] fix to pfdata.dat file not updating when renaming a public folder via the GUI
- [20574] fix to mail folders are not moved during domain rename operation
- [20520] fix to errant data in email sent when accounts are frozen by hijack detection
- [20227] fix to possible crash when closing Mailing List Manager
- [20661] fix to MDRA - Up/Down arrows don't move content filter rules
- [20663] fix to MDRA - Domain Admins cannot apply the password options in an
account
- [9842] fix to MDRA - Added the De-list button to the Account Manager page
- [20662] fix to Webmail - When the Edit IMAP Filters option is disabled, the Add
Filter option is available
- [20524] fix to Webmail - Forwarding mail in the Edge browser causes message body
to disappear
- [19660] fix to MDRA - excess whitespace on DS White and BlackList dialogs in Firefox
- [19784] fix to MDRA - DS notification address can be saved without entering an
email address
- [19364] fix to MDRA - DS system options visible on Protocols dialog
- [20678] fix to MDRA - Dynamic Screening Options lists an "Always" log level
- [15210] fix to MDRA - When moving a user from one domain to another, MDaemon
Connector permissions don't migrate
- [15211] fix to MDRA - IMAP public folder extension is case sensitive
- [16113] fix to MDRA - Going from ActiveSync Client Settings to Mailing Lists in
the pop-out account editor results in mailing lists without a side menu
- [16988] fix to MDRA - Alias selection does not remain highlighted when moving
up/down
- [18732] fix to MDRA - Cannot select default DKIM selector without selecting
another first
- [18735] fix to MDRA - Have to select No and then Yes to be able to save in
Remove Attachments
- [18738] fix to MDRA - Exit Code condition in Content Filter allows non-number
entry, saves as NaN
- [19781] fix to MDRA - The 'default notification address' field in the Dynamic
Screen feature does not support external addresses
- [20061] fix to MDRA - German account creation error is partial in English
- [19398] fix to MDRA - the Log Parser is only parsing the Routing log file for
English servers
- [20702] fix to MD_VerifyUserInfo() not returning MDDLLERR_INVALIDFWD when
account forwarding address field is not a valid email address
- [20669] fix to Minger server refusing "noreply@" as invalid address when it
shouldn't
- [20701] fix to Webmail may truncate To header when sending a message to many addresses
- [20747] fix to Webmail - Opening non-ASCII attachment on the Compose window in IE causes a
404 error
- [20413] fix to LookOut and WorldClient themes - opening Webmail using MDIM by
clicking on a folder other than Inbox, results in the clicked folder missing
from the list
- [20630] fix to Webmail - Pasting print screen image when composing message in
Firefox using print screen button displays image twice
- [8289] fix to MDRA - DomainPOP rules do not show up translated
- [20762] fix to MDaemon Statistics Database fails to upgrade from version 17 to 18 and
causes a hang
- [20761] fix to possible MDaemon crash when archiving is enabled
- [20792] fix to MD does not fully evaluate SPF records with deeply nested includes
- [20808] fix to WorldClient theme - Other Headers prompt is missing the OK button
- [20800] fix to MDRA - A message forwarded to a local account is routed to Remote
queue when released
- [16974] fix to MDRA - Unable to click the "Client Blacklisted/Whitelisted" boxes
- [16967] fix to MDRA -"Replicate aliases to LDAP" in Alias settings is not
disabled when LDAP is not being used
- [16819] fix to MDRA - Shared Folders page doesn't refresh after adding new
folder from Account Editor page
- [20836] fix to MDRA - LAN Domains and LAN IPs are not listed
- [19823] fix to MDRA - Invalid email address allowed at Main->Webmail
Settings->RelayFax
- [20838] fix to MDRA - missing string for Bandwidth chart
- [19739] fix to MDRA - Alert does not work when Accessing Subscriptions page
- [13619] fix to MDRA - Creation of user doesn't auto populate in list
- [20786] fix to Webmail - Meeting request attendee is able to add additional
attendees to the event
- [20840] fix to LookOut and WorldClient themes - Compose attachments screen may
not list all documents
- [20844] fix to several MDaemon whitelists do not support IPv6 addresses
- [20826] fix to Webmail - Meeting invite attachments that are included in the
message instead of the ics file are not added to the meeting when accepted
- [20841] fix to MDaemon Configuration Session is not updated with changes made in
Remote Administration to LAN Domains, LAN IPs, IP Shield, and Domain Sharing
- [20843] fix to MDRA - The Webmail Settings screen in Remote Admin's Domain
Manager doesn't show the default values for most settings
- [20860] fix to possible WorldClient.exe crash
- [20874] fix to MDRA - Always allow connections from IP doesn't accept IPv6
address at Setup | Server Settings | Servers
- [20873] fix to MDRA - Refuse messages larger than field can be set to negative
values at Setup | Server Settings | Servers
- [20803] fix to recipient blacklist is not checked when a null reverse path is used
- [2339] fix to non-ASCII characters in signatures may not appear in received messages
- [20835] fix to accounts are able to access ActiveSync even though ActiveSync is
disabled for the domain if auto-provisioning is enabled. Note: You must also un-authorize
any existing users from the domain that have already been granted access.
- [20905] fix to MDaemon Connector release notes are sent to admins even when it's not
licensed
MDaemon 18.0.2 - June 12, 2018
CHANGES AND NEW FEATURES
- [20572] MDaemon Connector has been updated to version 5.5.2.
- [19480] The MDaemon GUI does not display the toolbar at startup after it has been
closed. Select Windows | Reset Toolbar to get it back.
- [20223] Webmail - Added address validation to the default reply-to address field
in Options | Compose
FIXES
- [20421] fix to LookOut and WorldClient themes - Cannot use dot (.) in folder names
- [20415] fix to MDaemon-Statistics database grows boundlessly due to Message Log
parsing feature and causes high processor usage in Remote Admin
- [20440] fix to MDRA - Dropbox - Using this dialog to add the App Key and App
Secret saves the data with a different salt each time
- [20439] fix to Webmail - Dropbox - Cannot save email attachments to Dropbox
- [20441] fix to MD UI issues with the Start Time column on the Sessions pane
- [18789] fix to Active Webmail Sessions performance counter is not always updated
- [18131] fix to truncated DNS response when doing reverse lookup may cause mail to be
refused
- [20435] fix to MDRA - Webmail sessions listed as "WorldClient" instead of
"Webmail"
- [20433] fix to Webmail - "permanently delete" notification not translated
- [20355] fix to Webmail - Creating an event from a message changes & to &
- [20289] fix to Webmail - Creating an event from an HTML message results in
styles showing up in the notes
- [20349] fix to MDRA - Unable to edit a mailing list with a name that starts with
"Everyone"
- [20288] fix to LookOut theme - Long subject causes unexpected behavior when
forwarding as attachment
- [20125] fix to LookOut theme - Vertical scroll bar is not reset when switching
to the next page of messages
- [20463] fix to possible Webmail crash
- [19554] fix to MDRA - Some default list outputs are not translated
- [20492] fix to MDaemon server may hang while upgrading the statistics database
- [20494] fix to Webmail - X-Mailer header in sent messages is "WorldClient"
- [20450] fix to ActiveSync sessions not displaying in MD Configuration Session
- [20499] fix to Webmail - PIM item attachments are not copied with the PIM item when it
is moved or copied to another folder
- [20504] fix to Webmail - Cannot upload a picture to a contact
- [20501] fix to MDRA - Multiple submission addresses can be added to the same
public folder
- [20507] fix to Webmail - When common_contacts.json file contains null values,
autocomplete stops returning queries
- [20510] fix to MDPGP --pgpk not always honoring disable checkbox and also fixing
a case-sensitivity issue
- [20512] fix to Webmail - After setting a category on a message, sort order is
changed to category
- [20511] fix to Webmail - Import EML with no subject results in an error message
but the message is still imported
- [20509] fix to MDRA - possible high CPU usage
- [20521] fix to Webmail - Removing the snooze from a categorized message also
removes the category, and adding a category to a message might cause the message
to be snoozed.
- [20538] fix to MDRA - "Limit Simultaneous connections by IP to" can only be set
to zero or 1
- [19790] fix to Dynamic Screening does not honor the setting "Ignore authentication
attempts using identical passwords"
- [20540] fix to Content Filter may duplicate attachments extracted from winmail.dat
- [20544] fix to missing client information on the ActiveSync wipe confirmation dialog
- [20545] fix to calendar notes created on iPhone will not sync to server
- [20547] fix to LookOut and WorldClient themes - the day view does not auto
scroll to 7 am in non side by side view
- [20542] fix to "To address is missing" appears in "send note" content
filter rules created by MDRA
- [20548] fix to meeting requests generated by MDaemon Webmail are not automatically
accepted by Exchange servers
- [20562] fix to MDaemon adding Kaspersky URLs to \MDaemon\SecurityPlus\antivirus.ini
on a clean install
- [20529] fix to Dynamic Screening may re-freeze an unfrozen account after a single
authentication failure
- [20525] fix to ActiveSync changes to tasks are not synced to MDaemon Connector
- [20569] fix to a user may be able to post to a mailing list when they do not have
rights to post
- [20570] fix to old TarpitConnect.dat entries are not removed
- [20561] fix to possible crash in MDAirSync.dll
- [20586] fix to possible CFEngine.exe crash
MDaemon 18.0.1 - May 15, 2018
CHANGES AND NEW FEATURES
- [20483] MDaemon Connector has been updated to version 5.5.1. Please see what changed in MDaemon Connector 5.5.1 here:
http://archive.altn.com/outlookconnector/Archive/5.5.1/RelNotes_en.html
- [20005] The "Registration Information" screens have been removed from the MDaemon
installer. The MDaemon GUI now asks for this information when it starts up for
the first time and whenever the registration key or major version number changes.
FIXES
- [20426] fix to possible Webmail crash when deleting meeting occurrences
- [20443] fix to AntiVirus error message is logged at MDaemon startup on systems that
have never used AV
- [20445] fix to SMTP MSA port may require STARTTLS even when STARTTLS is disabled
- [20478] fix to Remote Administration text editor removes the first 3 characters of
signatures and administrator notes
- [20480] fix to some MDaemon Connector features are not disabled when using an expired
MDaemon Connector registration key
- [20508] fix to PGP related vulnerability as described at https://efail.de/
MDaemon 18.0.0 - April 17, 2018
SPECIAL CONSIDERATIONS
[20008] Alt-N Technologies has changed its name to MDaemon Technologies. WorldClient
is now MDaemon Webmail, WorldClient Instant Messenger is now MDaemon Instant Messenger,
SecurityPlus is now MDaemon Antivirus, and Outlook Connector is now MDaemon Connector.
[19546] The MDaemon installer now includes MDaemon AntiVirus and MDaemon Connector, which
are licensed separately.
[19512] The "From Header Modification" feature has changed. It operates as before
however the format of the final modified From data has changed from this format:
"Email -- Name" <Email> to this format: "Name (Email)" <Email>. This new
format is more readable/usable/sortable etc. If you would rather keep the
old format (your users may be used to it already) you can check a box at Ctrl+S|Screening|Hijack Detection|From Header Modification.
[19577] A past installer reset the option "Ctrl+S|Sender Authentication|SMTP
Authentication|Authentication is always required when mail is sent from local
IPs" to disabled for upgraders. The installer has been changed to ignore
this setting. You must manually check that this option is set to your
desire. The default is for it to be checked (enabled) but you should check
to be sure it is set how you want.
[19703] The following settings have had default values changed. Existing
installations should check to be sure the following settings are as desired:
Ctrl+S|Security Settings|SSL & TLS|MDaemon: Enable the dedicated SSL
ports... and SMTP server requires STARTTLS... options have had defaults changed
from disabled to enabled. Ctrl+S|Security Settings|Sender Authentication|DMARC
verification|Honor p=reject... has changed from disabled to enabled. Ctrl+S|
Security Settings|Sender Authentication|SPF Verification|User local address
in SMTP envelope...has changed from disabled to enabled. Ctrl+S|Security Settings|
Screening|IP Screen|Apply IP Screen to MSA connections has changed from disabled
to enabled. Ctrl+S|Security Settings|Screening|Host Screen|Drop connection after
EHLO has changed from disabled to enabled.
[19612] Catalog functionality has been deprecated and removed from the UI.
[20220] All Virtru related support has been removed from MDaemon Webmail. Old
encrypted messages can still be viewed in the Virtru Secure Reader.
[20339] Previously when a message was sent to an alias, MDPGP would encrypt it using the
key for the actual email address. Now that same message won't be encrypted. To encrypt
it now requires a key for the alias.
MAJOR NEW FEATURES
[19571] DNSSEC
Ctrl+S|SSL&TLS|DNSSEC allows you to request DNSSEC service from your DNS server(s).
When enabled, MDaemon sets the AD bit when making DNS queries and checks for it in
the answers. This may not work with all DNS server(s) (not sure) so you'll have to
try with yours. DNSSEC service is only applied to messages that meet your
selection
criteria. DNSSEC service can be "requested" or "required" on a per-message basis. If "required" and DNS
results fail to include authenticated data then the message is bounced back to sender.
If "requested" then DNSSEC service is attempted but nothing happens if it fails.
Mail session logs will include a line at the top if DNSSEC service was used
and "DNSSEC" will appear next to secure data in the logs.
IMPORTANT: MDaemon is a non-validating stub-resolver. This means that it will request
authenticated data from DNS server(s) but it has no way to independently verify that
the data it gets from them is secure. However, if you know/trust your connection to
your DNS server(s) (for example, it runs on localhost or within a secure LAN or workplace) then you should use this as it will boost security.
DNSSEC lookups take more time and resource and I think less then 7% of domains have
currently deployed it. That is why this is not configured to apply to every
message delivery by
default. However, if you want that, you can force every email sent to use DNSSEC by adding
one line like "To *" into the configuration file (see Ctrl+S|SSL&TLS|DNSSEC).
[15288] Email Snooze
MDaemon Webmail was updated to allow a user to snooze an email. When a message is snoozed
it will be hidden from the user for a designated period of time. To snooze a message,
right click on it and choose the "Snooze for..." option in the context menu.
Then choose how long you wish to snooze the message for. The "Choose a date and time"
option is only available for browsers that support the date and time inputs. Hidden messages
can be viewed in LookOut theme by clicking the "View Snoozed Messages" icon in
the toolbar and WorldClient theme by choosing "view snoozed" from the view drop
down menu in the toolbar. This feature is on by default. To turn off the feature, go to
Options | Personalize, and find the Inbox Settings. Uncheck the "Enable Message Snooze" box.
There are no snooze controls in Lite and Mobile theme, but snoozed messages are
still hidden.
[1520] Public Calendars
In MDaemon Webmail users can publish a calendar to a publicly accessible link. Users have the
option to password protect the calendar. To disable this globally, change the value of
[Default:Settings] EnablePublicCalendars to No. To disable it on a per user basis, add
CanPublishCalendars=No to a user's User.ini file. To publish a calendar, in LookOut or
WorldClient theme, go to Options | Folders and click the "Share Folder" button next
to the calendar you wish to publish. In the dialog, open the Public Access tab and if desired,
fill in the display name or require a password, then click the "Publish Calendar" button.
A confirm dialog will show up to tell the user what is about to happen. After clicking OK,
an alert will display the new URL where the calendar is available. There will also be a link
displayed on the page once the calendar has been published. To unpublish the calendar, click the
"Unpublish Calendar" button. To change the password or the display name, click the
"Update" button.
[10886] Remember Me
A "Remember Me" option has been added to the logon page of MDaemon Webmail.
This feature is disabled by default. The default expiration is 30 days, and the
maximum expiration setting is 365 days. It can be enabled in the MDRA GUI under Main->Webmail Settings->Settings. Users can
check the "Remember Me" option on the logon page to be remembered on a specific
device. Then if they have a bookmark with any of three View URL variables set (View=Main,
View=Logon, or View=List) (or no View URL variable set), the user will be automatically logged
in. Two Factor Authentication (2FA) is separate and will still be required when the 2FA remember
me token expires.
[19865] "Remember Me" was also added to the Remote Administration logon page.
This feature is disabled by default. The default expiration is 30 days, and the
maximum expiration setting is 365 days. It can be enabled in the MDRA GUI under
Main->Remote Admin Settings->Settings. Users can check the "Remember Me" option
on the logon page to be remembered on a specific device. Two Factor
Authentication (2FA) is separate and will still be required when the 2FA remember me token expires.
[19738] Exempt Known ActiveSync Devices from Location Screening
An option has been added to allow a previously known ActiveSync device to bypass location screening.
Administrators can enable this option to allow users to continue to access their account via ActiveSync from
a location that is configured to block authentication attempts. In order to exempt the device it
must have connected and authenticated using ActiveSync within the time frame configured to remove
inactive clients. To exempt a device go to Setup / Mobile Device Management / Clients, select the client
and click Settings, then check the box for Exempt from Location Screening.
You can also choose to Whitelist the address the client is connecting from. This can be used to allow other clients
that might be connecting from the same IP address to also bypass location screening.
CHANGES AND NEW FEATURES
- [19372] Added ability to specify which protocols use Location Screening.
- [19507] LookOut and WorldClient themes - Added PIM attachments for Contacts, Tasks, and Notes
- [19575] IP and Host Screening UI previously shared controls at the bottom of
their configuration screens but now the items related to IP Screening will be on
the IP Screening screen and the Host Screening on the Host Screening screen (can
I say screen one more time).
- [13359] MD Webmail - Added options to decide how to handle the original message when replying
or forwarding on the Options | Compose page under "Replying and Forwarding". The options are as follows: Do not include, Attach, Include,
Include and Indent, Prefix. The option "Do not include" is unavailabe when
forwarding a message. For plain text messages the user can configure their own
prefix up to 4 characters long. A space will be included after the 4 characters.
- [5652] MD Webmail- Added the ability to customize the attribution of original
messages in replies and forwards on the Options | Compose page under "Replying
and Forwarding". The options are as follows: None, Include From, Date, To, and
Subject lines from original message, Custom format (plain-text only). Custom
format has two required macros, %SENTDATEANDTIME% and %SENDER%. If either macro
is not used, then MD Webmail will default to the second option.
- [19558] MD Webmail- increased the length of the private ical feed token found
in the Folder Share and Calendar Export views. The token will only increase in
length if it has yet to be created, or the user resets it.
- [19547] MDRA - Made the "No Results" box in Message Search grey so that it does
not look like a button
- [19462] MDRA - Moved the "Edit Mailing List Admins" button to the "Mailing List
Subscription Manager Options" section under Main -> Remote Admin Settings
- [19460] MDRA - Increased the height of the Gateway Manager Settings window
- [19499] MD Webmail - Added an option to include a Terms of Use acknowledgment
on the logon page. When Terms of Use is required, user's will not be able to
login without clicking the checkbox.
- [19568] A new screen exists at Ctrl+W|Terms of Use which allows you to configure a Terms of Use
message that will appear to Webmail and Remote Admin users which they must agree to
before the services can be used.
- [19500] MDRA - Added an option to include a Terms of Use acknowledgment
on the logon page. When Terms of Use is required, user's will not be able to
login without clicking the checkbox.
- [18868] MDRA - Added button to set the settings on a page to the "Recommended"
settings. So far, only some security related pages have this button.
- [19657] MD Webmail - Added an option to increase/decrease the spacing between
lines in the Compose view's HTML editor
- [19444] MDRA - Added ability for Message Search to return messages that were not
accepted after the DATA command by searching the From and/or Recipients fields.
- [19688] MD Webmail - Added better logging information for session failures when
debug level logging is enabled
- [15557] MD Webmail - Added MDaemon PGP options to the Compose view for
WorldClient and LookOut themes
- [19022] MD Webmail - Added the Country to Login History in Options | Security
- [19702] MDRA - Added a Last Accessed column under the Main | Accounts settings
- [19737] MD Webmail - The "UserCategories.js file has malformed data" message
will only be displayed when the data returned from the server is not in an array
format.
- [19744] MDRA - Added SSL & HTTPS views for RA and Webmail under Main | Webmail
Settings and Main | Remote Admin Settings.
- [4368] MDRA - Added the SSL & TLS views from the MDaemon GUI under Security |
Security Settings | SSL & TLS. STARTTLS White List and STARTTLS List are buttons
located under the Security | SSL & TLS | MDaemon link.
- [12548] MDRA - Added more filtering options to the Account list. Added the
Groups column to the filter column options. Display ActiveSync, Outlook
Connector, IMAP Access, POP Access, Over Quota, Near Quota, Frozen, Disabled,
and/or Active accounts.
- [14013] MDRA - Improved filter ability. If no wildcards are included by the user,
the filter term is treated as though it were surrounded by wildcards. So "test"
would be treated as "*test*".
- [13358] MD Webmail - Added an automatic feature to the auto complete
functionality that will display the three most commonly used contacts related to
the search string at the top of the list. Auto complete is used in multiple
views, and the feature is active wherever auto complete is used.
- [4636] MDPC/MDRA - Added the Web Services tab for domain administrators when
editing user accounts other than their own. The "...edit quota settings" option
is disabled for domain administrators.
- [9361] MDPC/MDRA - Added the Security->Screening->Sender
Blacklist and Recipient Blacklist views for domain admins. Additional options,
"Check message headers for blacklisted addresses", and "Notify blacklisted
senders that their message was refused" on the Sender Blacklist view are not
available for domain admins because they are not domain specific options.
- [19937] MDRA - Users are now prevented from setting the Webmail List Refresh
Time to anything less than 1
- [19943] MD Webmail - Added workaround to a bogus vulnerability detected by PCI
compliance scan
- [19971] MD Webmail - Added an option for signed messages with p7s and p7b
attachments to import the S/MIME public certificate to the sender's contact
data.
- [14141] LookOut and WorldClient themes - Added an option to include a custom
image/icon with each custom link. After the CustomButtonLink1 entry, add
CustomButtonImage1=filename.extension. Place filename.extension in the
MDaemon\WorldClient\HTML\All\Images directory in order for it to be used. The
expected image size is 32x32. It will be automatically resized, so the original
image should also be 32x32 for the sake of aesthetics.
- [19939] MD Webmail - changed the autocomplete feature to include domain name
matches with contact email addresses
- [19931] MD Webmail - Added autocomplete="off" to the "Verify Pairing" field for
the Two Factor Authentication setup
- [19973] MD Webmail - Updated the Voice Recorder error message for the cases
where microphone permission is off or the user is not using HTTPS
- [20021] LookOut, WorldClient, and Mobile themes - Added speech synthesis to the
message views. Users can click the "Read Message" button to listen to the
message. Only supported in the latest Chrome and Firefox.
- [16747] MDRA - Added the options to Allow or Require Two Factor Authentication
to the user Web Services page
- [19867] MD Webmail - Added phone number links to all themes in the contact list
view to allow users to click on the phone number to make a call
- [16806] MDRA - Added Learn Spam and Learn Non-Spam buttons to all Queues. The
buttons copy the selected messages into the Bayesian Spam and Non-Spam folders
respectively.
- [14268] MDRA - Added the Max Records field to Reports that are using bar graphs.
Maximum is no greater than 100 records for the views in question. Inbound
Email->Top Recipients, Top Recipients by Size; Outbound Email->Top
Senders, Top Senders by Size; Anti-Spam->Top Spam Scores, Top Recipients;
Anti-Virus->By Name
- [19268] MDRA - Message Search - Added a message for the case that the user
either does not have permission to view the logs or the statistics database is
not enabled. If the statistics database is not enabled, a button will be present
that will take the user to the Logs->Log Settings->Statistics Log view.
- [19473] Added a counter to show connections refused by location screening.
- [19579] Changed dynamic screening notifications to go to global administrators by default
instead of the postmaster, to avoid problems when the postmaster alias is not set up.
- [20085] MDLaunch /stop will try to forcibly terminate the MDaemon.exe process if it
has not stopped after two minutes.
- [4270] The Content Filter can now extract files from inside of winmail.dat and turn
them into standard MIME message attachments. Enable this at Security | Content Filter
| Compression.
- [20023] ActiveSync - Selected client Settings over-rides can now be applied to specific
device types and security groups. For example, one could ensure that all ActiveSync
connections with Outlook for Windows virtully merge their domain's Public Contacts into
the user's default contact folder, or enable location screening exemptions for ActiveSync
connections from members of a specific group.
- [19958] ActiveSync does not encode the name in the From header if it contains only ASCII
characters.
- [19513] Ctrl+S|SSL & TLS has a new screen called Let's Encrypt where you can
configure automation of a PowerShell script that requests and sets up free TLS
certificates from Let's Encrypt.
- [20216] Updated ClamAV to version 0.99.4, and the 64-bit version of MDaemon now
uses 64-bit ClamAV.
- [20235] LetsEncrypt will now clean up files older than 180 days from the Acme-Challenge
and MDaemon\PEM directories. Only .PFX files that have a file name beginning with the FQDN
configured in MDaemon are removed. The names of the files that are removed are logged in the
LetsEncrypt Log file.
- [20253] The right click menu commands to white list and black list from the Queues screen
have been removed. Also, the Spam Filter White List and Black List screens now open in
read only mode until an "Advanced" button is clicked.
- [20311] Added Antivirus mailbox scanning. Under Security->AntiVirus select
'Scan all mailboxes every n day(s)'. This allows for detecting of any
infected messages that may have passed through before virus definition updates
could be updated to detect them. Infected messages will be moved to the
quarantine folder with 'X-MDBadQueue-Reason' header added so that there will be
an explanation when viewed with MDaemon configuration screen. Messages that cannot be
scanned will not be quarantined.
FIXES
- [19567] fix to host name sometimes missing from SSL related logging
- [19210] fix to DMARC contact email not accepting aliases to a subaddressed
account
- [19683] fix to MD Webmail Compose page may take a very long time to load when
doing reply or forward on a large HTML message
- [19621] fix to API not saving gateway configuration data in some cases
- [19662] fix to MDRA - Public Folder Editor has old Alert message
- [19663] fix to MDRA - Public Folders Access Control alert typo
- [19747] fix to LookOut and WorldClient themes - PDF Viewer - If there are
non-breaking spaces ( ) in the name of the file, it will not load
- [19761] fix to WorldClient theme - filters are not saved after being reordered
- [19877] fix to WorldClient theme - Reply and forward flags are not updated
immediately after sending the message
- [10595] fix to MD Webmail - Documents - Drag and drop of multiple files into
Documents folder results in only 1 file uploaded, no error message
- [15747] fix to MD Webmail - French - When creating a folder called "Courrier" in
the root, the Inbox no longer displays messages
- [16050] fix to MDRA - Active Sessions not showing MDaemon Webmail sessions
- [18351] fix to CALDAV client may not display the last occurrence of recurring
event that occurs until a specific date
- [17112] fix to if an attendee's email address is an alias, the attendee's
response status will not be recorded in the event
- [19961] fix to potential crash in CalDAV server
- [15184] fix to LookOut and WorldClient themes - Default Contacts View does not
apply to address book opened from the Compose view
- [19978] fix to LookOut and WorldClient themes - When changing a category in a
shared folder, others do not see the change immediately
- [19928] fix to MD Webmail - A meeting request attached to a message thread
displays the meeting information but not the message body
- [19916] fix to MDRA - Deleting entry from ACL closes the dialog
- [19946] fix to MDRA - German - When deleting an account, the confirmation box
cuts off the buttons
- [17625] fix to WorldClient theme - Searching between two dates with more recent
date first gives results after more recent date
- [19984] fix to MDRA - the Start / End Time field overlaps the Start / End Date drop-down box on the Autoresponder view
- [19990] fix to WorldClient theme - Calendar View - The add folder icon is
displayed below on languages where the name is too long
- [19992] Fix to MD Webmail - the message list may show spoofed FROM headers unless
View Sender is set to All
- [19669] fix to Lite and Mobile themes - Carriage returns are missing in the body
when viewing a message
- [19996] fix to MDRA - Invalid forwarding address reported when attempting to set
account to forward to multiple addresses
- [20031] fix to WorldClient theme - The + to add a folder does not show a tooltip
when hovered over
- [20032] fix to WorldClient theme - Some of the background color is not being
hidden when printing a calendar
- [20027] fix to MD Health Check - if you click Analyze again after copying an
entry to the clipboard the application crashes
- [20052] fix to possible MDaemon crash when processing messages from the local
queue
- [20059] fix to Webmail - When downloading a zip of files from a message with
multiple files of the same name, only the first file is included
- [20082] fix to Webmail - Desktop Notifications are received, even though they
are disabled
- [20074] fix to WorldClient and LookOut themes - An extra message may be selected
after copying messages
- [20109] fix to MD Webmail - might incorrectly display a sender is DKIM verified
- [20136] fix to CalDAV - Unable to change date of single occurrence of recurring
event
- [20137] fix to CalDAV - In Thunderbird/Lightning an all day recurring event
where a specific occurrence has been changed to occur on a different date is
not displayed correctly. The event is displayed on both the date the
occurrence has been changed to and the original date of the occurrence.
- [20159] fix to Webmail - Slideshow - if an image is taller than the height of
the screen, the width will be set to the screen width
- [20113] fix to corrupt text in translated Dynamic Screening emails
- [20000] fix to ActiveSync - various changed occurrence entries cause Outlook to stop syncing the calendar
- [20128] fix to IPs are still blocked by Dynamic Screening when Enable Authentication Failure Tracking is disabled
- [20101] fix to possible MDaemon crash when generating a Dynamic Screening notifcation email
- [20084] fix to possible MDaemon hang during shutdown
- [19995] fix to ActiveSync - creating top-level folders in Outlook will also create same folder name under Inbox
- [19981] fix to possible ActiveSync server crash when a client replies to a message
- [19969] fix to ACL editor GUI may show extra character in Name field for anyone@domain entry
- [19967] fix to ActiveSync - last occurrence of recurring event may be missing on iOS
- [19960] fix to possible WorldClient.exe crash related to Dynamic Screening
- [19941] fix to Chinese ActiveSync policy names are corrupt
- [20177] fix to DAV server not properly enforcing dynamic and location screening
- [20178] fix to XMPP server not using location screening
- [20200] fix to Webmail - Cannot share a folder to a group
- [20184] fix to Mobile theme - When sending to unknown user, no pop-up is
displayed
- [2032] fix to LookOut theme - message preview does not block remote images
except in the Inbox
- [20240] fix to Mobile theme - French - Unable to delete a calendar appointment
- [20265] fix to specific messages locking the local queue with high CPU usage
- [20229] fix to CALDAV: Report command with no date filter may not return all
calendar events
- [20268] fix to List-Unsubscribe header is not automatically added to mailing
list messages when "Honor '<List>-subscribe' and '<List>-unsubscribe' addresses"
is enabled
- [20273] fix to Webmail - Advanced Search - Searching for any text string in the
message body returns all messages in all folders in the user account in the
search results
- [20271] fix to CALDAV: Specific data in calendar XML database file causes
Thunderbird/Lightning to hang when synchronizing calendar
- [20278] fix to $CALTXT$ macro is not replaced in calendar reminder email
messages if the length of the comments/body field of the event exceeds 1000
characters
- [20270] fix to Dynamic Blacklist GUI may not display all DSBlackList.dat entries
- [20310] fix to recurring events from specific CalDAV clients are always saved as
all day events
- [20320] fix to ActiveSync: Time of recurring events may shift on Android devices
by one hour after the start or end of daylight saving time
- [20319] fix to MDRA - Any changes made to a global admin's ActiveSync Client
Settings are applied globally
- [20092] fix to meeting responses may be sent from the wrong account
- [20339] fix to MDPGP not properly using keys assigned to aliases
- [20360] fix to when a 'GET' command is used with CalDAV, "private details" of
private calendar events are not filtered out
- [20358] fix to possible MDaemon hang when the MDPGP option "Trade public keys
during SMTP mail sessions (MDaemon)" is enabled
- [20352] fix to MDPGP not signing some messages when configured to do so
- [20378] fix to CalDAV: Free/Busy lookups from Mac iCal calendar application
return no results
- [20387] fix to MDaemon may send messages to the wrong smart host
MDaemon 17.5.3 - March 20, 2018
FIXES
- [20265] fix to specific messages locking the local queue with high CPU usage
- [19996] fix to MDRA - Invalid forwarding address reported when attempting to set account to forward to multiple addresses
- [19997] fix to Two Factor Authentication data may be stored in the wrong location
- [19995] fix to ActiveSync - creating top-level folders in Outlook will also create same folder name under Inbox
- [20000] fix to ActiveSync - various changed occurrence entries cause Outlook to stop syncing the calendar
- [19961] fix to potential crash in CalDAV server
- [20052] fix to possible MDaemon crash when processing messages from the local queue
- [19981] fix to possible ActiveSync server crash when a client replies to a message
- [20027] fix to MD Health Check - if you click Analyze again after copying an entry to the clipboard the application crashes
- [20084] fix to possible MDaemon hang during shutdown
- [20113] fix to corrupt text in translated Dynamic Screening emails
MDaemon 17.5.2 - December 19, 2017
CHANGES AND NEW FEATURES
- [19833] WorldClient - Reconfigured method of storing Dropbox client information
- [19832] WorldClient - Reconfigured OAuth implementation to make use of AES
encryption
- [19834] WorldClient - Reconfigured Two Factor Authentication to make use of AES
encryption for user secret storage
FIXES
- [19757] fix to DynamicScreenUpd.sem not working
- [19816] fix to incorrect IP blocking penalty tool tips on dynamic screening dialog
- [19811] fix to dynamic screening notifications being incorrectly sent when an IP is
expired from the blacklist
- [19790] fix to the 'Ignore authentication attempts using idential passwords' option
not being honored
- [19785] fix to dynamic screening not being able to send notifications to an alias
- [19808] fix to dynamic screening notifications being sent using the wrong time zone
- [19775] fix to possible MDaemon.exe crash when the IMAP server is busy with a very
large number of connections
- [19800] fix to possible WorldClient.exe crash with specifically formatted
iCalendar attachment data
- [19683] fix to WorldClient Compose page may take a very long time to load when doing
reply or forward on a large HTML message
- [19804] fix to LookOut and WorldClient themes - Browser notifications are not
received in MDaemon 17.5.1
- [19805] fix to LookOut theme - WorldClient - After searching for a message, the
search field is cleared when switching folders
- [19803] fix to MDRA - Unable to change the log summary frequency
- [19795] fix to LookOut theme - IE - Cannot add filter
- [19819] fix to LookOut theme - When sorting messages by date in right preview pane
it will sometimes not sort ascending or descending
- [19814] fix to MDHealthCheck crash in whitelist regex
- [19827] fix to WorldClient missing translations
- [19849] fix to WorldClient theme - When setting View Sender By to Show All, the
sender is displayed incorrectly
- [19845] fix to LookOut and WorldClient themes - Unsubscribed calendars still
show up in the calendar list
- [19787] fix to LookOut - Unable to rename a folder due to the Save And Close
button not responding
- [19856] fix to WorldClient.exe may crash when moving or copying calendar events
in WorldClient
- [17113] fix to when an email response is sent to the meeting planner, the from
address is always the user's primary email address even if the request was to an
alias
- [19847] fix to MDRA - Error switching from Settings to another mailing list
option in German language
- [19859] fix to MDRA - Unable To Open File error when clicking White List button
under Tarpitting. Button removed.
- [19883] fix to CardDAV - eM Client - Receiving Failed To Upload Item error when
adding a contact
- [19875] fix to exporting a calendar sub-folder in iCal format results in error
or blank file
- [19876] fix to CFilter.exe where compression file exclusion screen has no 'OK'
or 'Cancel' button
- [19893] fix to importing ICS file removes the "dot" character in the UID
- [19866] fix to WCIM - chat room name with special characters does not display
correctly on chat room search screen and chat room invite screens
- [19903] fix to specific calendar events may not be synchronized via CalDAV
- [19920] fix to LookOut and WorldClient themes - Notification sound is not played
when a new message is received
- [19921] fix to LookOut theme - After setting a sound for a new mail notification,
the sound is still showing: None
- [19930] fix to Spam Filter options to not filter mail from local, trusted, or
authenticated sources do not work if SMTP scanning is disabled
- [19821] fix to the ActiveSync client authorization messages sent to administrators
appear garbled for some languages
- [19850] fix to Dynamic Screening notification messages may appear garbled
- [19925] fix to WCIM crashing issue at start up
- [19944] fix to iOS ActiveSync clients will not sync calendars that contain a
recurring event with multiple attendees
- [19836] fix to ActiveSync clients may resync repeatedly due to an invalid FolderSync key
- [19985] fix to Mailsploit address spoofing issues
MDaemon 17.5.1 - October 24, 2017
SPECIAL CONSIDERATIONS
[19710] The Dynamic Screening option to freeze accounts after a number of authentication
failures is now off by default. It will be turned off when updating to version 17.5.1.
If you want to turn it back on, go to Security | Dynamic Screening | Auth Failure Tracking.
CHANGES AND NEW FEATURES
- [19538] LetsEncrypt logging will now include additional details that will make it
easier to troubleshoot. The log will include a URL to LetsEncrypt.com that will help
explain why challenges fail.
- [19654] Defaults for the Dynamic Screening settings have been changed. Account freeze
is off by default and fewer notifications are enabled. If you have the defaults from
17.5.0, please review your settings and adjust them to your liking.
- [19432] In WCIM more info is shown about chat room participants, to help
expose/prevent spoofing.
- [18831] LookOut and WorldClient themes - Added a Saved Searches folder to the
folder list under Favorites and before Personal folders. This is off by default.
To enable it go to Options | Folders and check the box next to Show Saved Search
Folders. To search a saved search, click on the folder in the Saved Search list.
To open the advanced search dialog and create a new search click the "New Saved
Search" folder at the bottom of the Saved Search folder list.
- [19391] WorldClient - Added minimum and maximum password length information when
strong passwords are not required.
- [17551] The XMPP server log is now displayed in the MDaemon GUI on the WorldClient
tab.
- [19509] MDRA - Updated the MimeTypes.cfg file.
- [19508] WorldClient - Updated the MimeTypes.cfg file.
- [19550] MDaemon no longer reports CRAM-MD5 authentication failures for accounts using
AD authentication or non-reversible passwords to the Dynamic Screening system.
- [19607] The number of characters allowed in the Mailing List AD Search Filter setting
has been doubled.
- [19719] The Location Screening option to only block authentication for SMTP
connections is now enabled by default, and the wording of the option has been
clarified.
FIXES
- [19079] fix to MDRA - IMAP Filters do not support multiple conditions
- [19555] LetsEncrypt: fix to arguments being passed to CertUtil not allowing a space in
the path and a fix to the error handling not detecting when this occurs.
- [19633] LetsEncrypt: fix to the script trying to start MDaemon Remote Administration
when it is disabled.
- [19488] fix to WCIM crash
- [19520] fix to MDaemon may allow active connections to attempt logins after their
IPs have been blacklisted by Dynamic Screening
- [19524] fix to minor syntax error in generated Authentication-Results headers
- [18751] fix to WorldClient - Adding calendar entries to public calendar in
Lookout theme with the private calendar disabled causes entry to be added to
private calendar
- [19528] fix to WorldClient theme - When "Folder" column is included for wide
screens the message list is displayed with columns on top of each other
- [19525] fix to WorldClient theme - Cannot reverse the sort order in Contacts,
Tasks, Notes, and Documents
- [19502] fix to WorldClient theme - Send/Save buttons in Compose view are ugly in
FireFox
- [18930] fix to LookOut and WorldClient themes - Month View - If adding more than
18 events in a day, the 19th event replaces the first event
- [19456] fix to MDRA - Time picker drop down button in Autoresponder screen
breaks to the next line
- [19457] fix to MDRA - Domain Manager has wrong Header text
- [19458] fix to MDRA - strings not being translated
- [19461] fix to MDRA - Gateway Manager "Delete" button does not work
- [19548] fix to MDRA - No alert for blank New Black List Entry
- [19549] fix to MDRA - AS Client Wipe buttons not giving alert
- [19551] fix to MDRA - Buttons not working on New Catalog dialog
- [19553] fix to MDRA - Stray closing bracket at top of Copy to Folder dialog
- [19561] fix to WorldClient - Reminder causing WorldClient to crash
- [19564] fix to Content Filter "Add to Windows event log" action does not
work properly
- [19563] fix to specific CalDAV request may cause the WorldClient process to
terminate
- [19565] fix to a recurring calendar event without "Start" element in the
"Recurrence" node of the calendar.mrk crashes the Mac iCal application when
synchronizing via CalDAV
- [19557] fix to MDRA - Jump to rule dropdown shows rules before the one you are
creating
- [19576] fix to RKEY 5xx error handling incorrect in some cases
- [19497] fix to WorldClient - WC shows message is both signed & encrypted with
one key instead of two
- [15286] fix to Content filter PGP screen showing incorrectly parsed key ID
- [19597] fix to possible MDaemon hang during shutdown
- [19605] fix to LookOut and WorldClient themes - Users cannot change passwords
when Password Recovery is disabled
- [19617] fix to LookOut and WorldClient themes - error message occurs whenever
attempting to attach a document to a calendar event when using http
- [19624] fix to LookOut and WorldClient themes - No search results when searching
for non-English characters
- [19623] fix to WorldClient - Compose - attachments section hides when you add CC
or BCC fields
- [19515] fix to WorldClient - Missing spaces between recipients in To and CC
fields
- [19634] fix to MDRA - Bayesian Learn button is not working
- [19632] fix to MDRA - Mailing List Notification alerts prompts are incorrect
- [19631] fix to MDRA - Unable to click OK on IP Cache alert for Max entries
exceeded
- [19630] fix to MDRA - Alert for importing member does not prompt
- [19629] fix to MDRA - Unable to delete members of a Mailing Lists
- [19627] fix to MDRA - Mailing List Headers allows blank email address
- [19626] fix to MDRA - Gateway Manager Creating new Gateway Alerts are mixed up
- [19620] fix to MDRA - Gateway Manager Options appears to turn off even when it
doesn't
- [19614] fix to possible ActiveSync server crash when setting out of office message
- [19635] fix to possible ActiveSync server crash during a FolderSync operation
- [19639] fix to non-ASCII country names are corrupted in MDaemon's Location Screening
logging
- [19640] fix to LookOut and WorldClient themes - When marking a message as read
using a 5-second delay, it will revert to unread
- [19649] fix to LookOut and WorldClient themes - ampersand (&) is encoded as
& in the contact list
- [19644] fix to MDRA - Unable to save an entry to the dynamic screening white
list or black list
- [19650] fix to LookOut theme - Voice icon does not have tooltip
- [19651] fix to MDRA - "Return to Defaults" button does not work in Server
Settings->Ports Screen
- [19613] fix to Bayesian items on the MD queue window right-click menu are enabled
when Bayesian is disabled
- [19653] fix to RCPT sometimes accepting odd or incomplete domain form
- [19658] fix to WorldClient - Display Name is received encoded in Reply-To when
entered in the Default Reply-To Address
- [19648] fix to CardDAV server may not synchronize all contacts
- [19664] fix to LookOut and WorldClient themes - when using German WC and two
Drafts folders exist on the server, one named "Drafts" and one named "Entwürfe",
only the German named folder shows up
- [19672] fix to LookOut and WorldClient themes - If the ListRefreshTime is set to
0, the theme will lock up, because it is constantly refreshing the message list
upon login
- [19690] fix to WorldClient session cookie check fails if the browser sends cookie data
that is too long
- [19687] fix to tentative placeholder events are created for meeting requests in
messages that are flagged as spam
- [19696] fix to LookOut theme - Public Documents folder not showing contents when
given only Lookup and Read rights
- [19708] fix to disabling Dynamic Screening IP aggregation results in global /0 or /1
IP blocking
- [19697] fix to Dynamic Screening notification emails may have corrupted text for some
languages
- [19724] fix to LookOut and WorldClient themes - IE does not handle opening
attachments in a way that is easy for users
- [19734] fix to WCIM user rejoins chat room with wrong nickname after XMPP server
restart
- [19751] fix to possible MDaemon.exe crash if using bandwidth throttling
- [19765] fix to IMAP server account access issue
MDaemon 17.5.0 - September 26, 2017
SPECIAL CONSIDERATIONS
[18481] BlackBerry Enterprise Server (BES) for MDaemon is not compatible with MDaemon
17.5 or newer. There will not be a new version of BES for MDaemon that is compatible.
MDaemon's installer will disable BES if it is detected. Uninstall BES to not be
prompted about it. Screens about BES have been removed from the MDaemon UI.
[10327] Added quarantine exclusion lists to allow password-protected files from or to
configured senders and recipients. At Security | AntiVirus, enable "Allow password-protected
files in exclusion list..." and click the "Configure Exclusions" button.
Note that as of SecurityPlus 5.1.0, the ClamAV Plugin may quarantine password-protected
files before the main AV engine can scan them. An option is to disable the ClamAV Plugin.
MAJOR NEW FEATURES
[11481] LOCATION SCREENING
A geographically based blocking system has been developed which allows you to block
incoming SMTP, POP, IMAP, WorldClient, ActiveSync, AutoDiscovery, XML API, Remote Administration,
CalDAV/CardDAV, XMPP, and Minger connections being attempted from unauthorized regions
of the world. A new screen has been added at Ctrl+S|Screening|Location Screening
to configure this.
When the connecting IP is from a blocked country an entry can be logged in the Dyanmic Screening Log.
[18722] DYNAMIC SCREENING FOR ALL PROTOCOLS/SERVICES
MDaemon's dynamic screening has been expanded to operate with SMTP, POP, IMAP,
WorldClient, ActiveSync, AutoDiscovery, XML API, Remote Administration, CalDAV/CardDAV,
XMPP, and Minger. Authentication failures are tracked across all of these services and
IPs can be blocked for all of them. Settings are in the UI at Security | Dynamic
Screening. The log is on the Plug-ins | Dynamic Screen tab. WorldClient's separate
Dynamic Screening system has been removed.
[5801] PIM ATTACHMENTS
PIM (calendar, contact, tasks, notes) items now support attachments.
Attachments may be added to a PIM item via WorldClient, Outlook Connector, or
CalDAV/CardDAV. When scheduling a meeting, any attachments will be sent to
the meeting attendees.
LookOut and WorldClient themes - Implemented PIM attachments for
Calendars. A new tab was added in the Calendar Edit view that allows users to
add file attachments to an event/meeting. As long as a user has read access to
an event, the attached files can be downloaded by the user. Only users with edit
access can upload or remove attachments from a given event/meeting. Other themes
will not be able to edit the attachments, but the attachments will not be lost
when an event/meeting is edited.
[15733] PGP KEY-EXCHANGE DURING SMTP
A new checkbox on the MDPGP GUI enables/disables automatic transaction of
public keys as part of the SMTP message delivery process. If enabled,
MDaemon's SMTP server will honor an SMTP command called RKEY.
When sending an email to a server that supports RKEY MDaemon will offer to transmit
the sender's then current and preferred public-key to the other host. That host
will respond indicating that it either already has that key and thus no further
work need be done ("250 2.7.0 Key already known") or that it needs that key in which
case the key is immediately transferred in ASCII armored form right then and there
("354 Enter key, end with CRLF.CRLF") just like an email message. Keys that are
expired or revoked are never transmitted. If MDaemon has multiple keys for the sender
it will always offer up the key that is currently marked as preferred. If no key
is preferred then the first one found is offered. If no valid keys are available
then no work is done. Only public-keys that belong to local users are offered.
Public-key transfers take place as part of the SMTP mail session that delivers the
message from the user. In order for the public-keys transmitted in this way to be
accepted the public-key must arrive along with a message that has been DKIM signed
by the domain of the key owner with the i= set to the address of the key owner which
also must exactly match the From: header address of which there can be only one.
The "key owner" is taken from within the key itself. Also, the message must arrive
from a host in the sender's SPF path. Finally, the key owner (or his entire domain
via use of wildcards) must be authorized for RKEY by adding an appropriate entry
to the MDPGP rules file (instructions are in the rules file for this) indicating
that the domain can be trusted for key exchange. All this checking is done automatically
for you but you must have DKIM and SPF verification enabled or no work can be done.
The MDPGP log will show the results and details of all keys imported or deleted
and the SMTP session log will also track this activity. When it works right your
SMTP session logs will show details of key transactions and the MDPGP log file will
fill with details.
This process tracks the deletion of existing keys and the selection of new preferred
keys and updates all participating servers it sends mail to when these things change.
CHANGES AND NEW FEATURES
- [18877] Added a new option to Ctrl+S|Sender Authentication|SPF Verification which allows
you to apply SPF processing to the HELO/EHLO value. This option is enabled by default.
- [19080] The \MDaemon\Data\ folder is now included in the config file backup system.
- [18881] The LetsEncrypt script no longer needs to shut down MDaemon and its associated
programs prior to writing content out to INI files. This reduces the potential
down time, but you are still required to restart MDaemon in order for the changes
to be recognized.
- [18862] The LetsEncrypt script no longer writes out the certificate information
to the INI files and restarts MDaemon even if nothing has been changed.
- [19067] As part of the new Dynamic Screening work, the option "Limit simultaneous
connections by IP to (0 = no limit)" has been moved from Ctrl+S|Screening|
SMTP Screen to F2|Server Settings|Sessions. Also, the SMTP Screening UI has been
adjusted. The settings here apply only to SMTP screening and use the Dynamic Screening
system so some explanatory text was added.
- [8274] LookOut and WorldClient themes - Added the option to export and import Groups/Distribution
Lists from and to a contact folder in WorldClient. The format is WorldClient specific,
since Outlook does not support exporting and importing Groups. The format is as
follows:
columns - Group GUID, Group Name, GUID, Full Name, Email
Each line that contains either a Group Name or a Group GUID is
considered the beginning of a new group. Any GUID, Full Name or Email on that line
is considered the first member of the group/list. An Example from Excel follows:
Group GUID
|
Group Name
|
GUID
|
Full Name
|
Email
|
|
The Jedis
|
|
Anakin Skywalker
|
ani@jedi.mail
|
|
|
|
Leia Organa
|
leia.organa@jedi.mail
|
|
|
|
Luke Skywalker
|
luke.skywalker@jedi.mail
|
|
|
|
Yoda
|
yoda@jedi.mail
|
|
The Siths
|
|
Darth Maul
|
darth.maul@sith.mail
|
|
|
|
Darth Vader
|
darth.vader@sith.mail
|
|
|
|
Emperor Palpatine
|
emperor.palpatine@sith.mail
|
When importing, the Group GUID is replaced with a freshly generated GUID. If no
Group Name is included, the name will be displayed without translation as "ImportedFromCSV_%GUID%",
where %GUID% is replaced with the first five characters of the GUID. Leaving the
cells to the right of a group name empty will result in the next line being the
first member of the group/list. The Email field is required for a member to be added.
- [15783] LookOut and WorldClient themes - Added Voice Recording feature. This feature
requires a microphone and is only available in certain browsers. It can be disabled
by the admin on a per user basis by adding EnableVoiceRecorder=No to the User.ini.
Users are limited to five tracks of five minutes each. Attempting to record more than
5 tracks will result in either the selected track, or the first track, being replaced
by the new recording (the user will be prompted). After recording is stopped (either
automatically or by the user), the track is converted to an mp3 and uploaded to the
server. Users have four options regarding each track:
- Save to the desktop
- Save to default WorldClient documents folder
- Send in an email using a quick dialog that only includes To, CC, BCC, Subject,
and a plain/text Message Body
- Only the To is required. There are canned Subject and Message Body
phrases used when no Subject or Message Body is input by the user.
- Open a new Compose view with the track attached
Users can only act on one track at a time. For example, only one track can be attached
to a message. If a user wants to attach multiple tracks to a message, the user will
need to save each track to the default documents, and do the attaching from there.
- [13361] LookOut and WorldClient themes - Users can now reorder favorite folders
by dragging and dropping them in the favorites list.
- [14784] LookOut and WorldClient themes - New folder management features in the Options
| Folders view and in the main folder list view.
In the folder list view (left pane):
- Users can drag and drop to move folders from one parent to another
- Users can rename folders and give favorites nicknames by clicking on them a second
time (shortly after folder selection)
- Show Folders by Type is now available in the LookOut theme
- If there is already at least one favorite folder (because favorites are hidden until
one is added), users can drag and drop a folder to favorites in order to add it
(dragging a folder out of the favorites does nothing).
- The new folder and rename folder dialogs were added to the LookOut theme
In the Options | Folders view, the folder tree is now collapsible, and the New Folder
dialog has been moved to an external window like in the WorldClient theme.
- [8360] Lite, LookOut and WorldClient themes - Added an option to choose the font
size for plain text Compose under Options | Compose. The option (Compose Font Size)
is always visible in Lite theme, and only visible in LookOut and WorldClient themes
when HTML Compose is turned off.
- [8937] WorldClient - The paperclip is no longer displayed in the message list for
new messages that only include inline images, unless the "List All Attachments"
option is turned on under Options | Personalize. This only affects new messages,
so old messages will continue to show the paperclip in the case that only inline
images are attached to the message.
- [18526] LookOut and WorldClient themes - Users can now open file attachments in
the browser (if the browser supports it) by clicking on the name of the file in
the message preview or external message window. To download the attachment, click
the download icon next to the name.
- [5494] LookOut and WorldClient themes - Added options to Export a contact in vCard
4.0 format. The "Export vCard" button will download the vCard. The "Send
vCard" will open a new Compose window with the vCard(s) attached.
- [18345] LookOut and WorldClient themes - Added a "None" option in the
Compose view Signatures select dropdown
- [18397] LookOut and WorldClient themes - Added a setting in Options | Personalize
to close the message window when the user deletes the message (external window only),
which also preempts the opening of the next message in the list.
- [18312] WorldClient theme - Updated the look of Notes, and added an option to change
the color of the note by clicking on the note icon in the top left corner of the
note.
- [18728] LookOut and WorldClient themes - Added settings in the Options | Compose
view to allow users to choose a signature for replying and forwarding respectively.
- [17255] LookOut and WorldClient themes - Added an option to not include signatures
in replies or forwards. Under the same settings for 18728 the user can choose "No
Signature" for replies and/or forwards.
- [18179] All Themes - the User cookie is now set to the current value of the User
field on login form submission
- [9343] LookOut and WorldClient themes - Added the ability to search for attachment
names in the advanced search
- [18479] All Themes - Added indexed data search for message bodies and attachment
names
- [12349] All Themes - WorldClient now includes the ability to choose between downloading
the 32 bit and 64 bit OC Plugin Installers.
- [9644] Removed MSXML 4 from the installer.
- [18768] Added support for password protected chat rooms to XMPP server.
- [18769] Added support for password-protected chat rooms to WCIM client.
- [18805] WorldClient theme - Simplified the look of the Compose view. Advanced options
can be displayed by clicking one button. Save (without closing) option added. Clicking
the X in the top right corner will discard a draft, instead of just closing the
window. The subject is displayed in the header as the user types it. Moved the Send,
Save, and Save and Close options to the footer. The entire attachments section is
the drag and drop area. Moved the paragraph justification buttons down to
the second level in the HTML editor options.
- [8769] LookOut and WorldClient themes - Added message list context menu options
to "Whitelist Sender" and "Blacklist Sender". If clicked, the
sender of the selected message(s) will be added to the Whitelist or Blacklist contact
folder. These options can be hidden by adding HideEmailAddressHoverMenus=Yes in
the Domains.ini under [Default:UserDefaults], or adding the same to a user's User.ini
file. When using these options, users can select multiple messages to Whitelist/Blacklist.
- [18696] LookOut and WorldClient themes - Added an option under Options | Compose
to allow users to use the Dropbox Preview Link. The default is the Dropbox Direct
Link.
- [18209] Turned off EditBISInboxMapping in MDaemon\WorldClient\Domains.ini under
[Default:UserDefaults]. This hides the "Push to Blackberry" column in
WorldClient's Options | Folders view. This can be enabled for all by changing
it back to Yes in the MDaemon\WorldClient\Domains.ini or per user by adding it to
the [User] section of a user's User.ini file.
- [16847] Increased the number of custom buttons allowed in WorldClient to eight.
- [18194] WorldClient theme - Date now displayed when printing a calendar in Calendar
View mode.
- [18861] A new screen at Setup | Outlook Connector | OC Client Settings | Add-ins
lets the admin configure Outlook add-ins for Outlook Connector to disable. Requires
Outlook Connector 5.0 or newer. Select a default action, Allow or Disable, which
applies to new or unlisted add-ins. Individual add-ins and their actions (whether
to Allow, Disable, or use the default action), are displayed in a list box. OC
clients will populate the list, or admins can add them from the UI.
- [13179] WorldClient - Added ability for users to view their last ten successful
logins on the Options | Security page. This is enabled by default. To disable this
option, set DisplayLoginHistory to No in MDaemon\WorldClient\Domains.ini under [Default:UserDefaults].
- [3548] WorldClient - Added Internationalized Domain Name support, so that IDNs will
not be displayed in punycode, but instead in UTF-8.
- [18897] LookOut and WorldClient themes - under Options | Compose, the Compose Height
and Compose Width options have been removed when HTML Compose is unchecked, because
the height and width of the text area in the compose view is auto resized to fit
the window.
- [12412] LookOut theme - Added a delete button to the appointment editor that works
like the one in the WorldClient theme.
- [18936] Added ability to disable SSL in XMPP Server by adding in \MDaemon\XMPPServer\settings.ini...
[Server]
EnableSSL=No
- [9987] Added support for account IMAP filters with multiple conditions that can be
combined using AND or OR. The filter rule creation UI has links that let you edit
each part of the rule. Click the "[+]" link to add a condition and the
"[x]" link to remove a condition.
- [15967] When MDaemon 17.5+ first starts up, if MDaemon has never been configured
to use SSL it will automatically generate a default self-signed certificate and
enable SSL for MDaemon, WorldClient, and Remote Administration.
- [19042] POP3, IMAP, and SMTP server authentication changes to make them more
consistent, improve logging, and not give as much information about failures to
clients. When a username is sent to MDaemon in an encoded form, MDaemon logs
it in plain text. When authentication is successful MDaemon logs the account's
email address. When authentication fails MDaemon logs the reason but the error
message sent to the client is generic. Authentication failures due to invalid
username or password are reported to Dynamic Screening, but not those due to the
account being frozen, set to do not disturb, expired password, etc.
- [17773] MDRA - Added a "Message Search" page under "Messages & Queues" for
Global Admins. This view allows the admin to search a single user's message
folders. The maximum number of messages returned is 10,000. After getting a list
of messages, the admin can view the message, and related log entries from the
Routing, SMTP(in and out), DomainPOP, and MultiPOP logs. Logs will only be
displayed if the Statistics Database is enabled under Setup | Server Settings |
Logging | Statistics Log.
- [10679] Content Filter - Added ability to block attachments in nested ZIP files
up to 5 levels deep.
- [19226] WorldClient theme - Increased the email address input length to 76
characters, which is the maximum length of an MDaemon email address.
- [19212] The files NoTarpit.dat, DynamicScreen.dat, and AuthErrors.dat in the
\MDaemon\App directory are no longer used.
- [19078] Added complex Filters to WorldClient. Unsupported themes will not be
able to save changes to existing filters.
- [19160] WorldClient theme - Deferred Delivery - Added an alert that tells the
user when the message will be sent
- [19316] MDaemon creates registry entries for Windows Error Reporting to save memory
dumps if MDaemon.exe, CFengine.exe, WorldClient.exe, WebAdmin.exe, or WCXMPPServer.exe
crash. This functionality requires Windows Server 2008/Windows Vista or later. Dump
files will be saved to the \MDaemon\Dumps folder. This location may be changed by
editing \MDaemon\App\MDaemon.ini and setting [Directories] CrashDumps.
- [17570] Added performance counters for the number of connections refused by IP Screen,
Dynamic Screen, Host Screen, and Location Screen.
- [18939] Added performance counters for whether a new version of a product is available
and the number of days left in the license for each product.
- [9989] WCIM - Added buddy grouping. The default group is "Buddies".
- [13293] Added an account settings option (enabled by default) to automatically
place new meeting requests on the receiving user's default calendar, marked
Tentative.
- [19340] MDRA - Added Location Screening view
- [19247] WorldClient - Improved the error message when entering an invalid
password on the change password page (when forced to change password by admin).
- [19359] WorldClient - Improved the error message when a user uses an old
password.
- [19385] WorldClient and MDRA - Updated CKEditor to version 4.7.1
FIXES
- [18882] fix to LetsEncrypt generating a new certificate each time the script runs.
- [1995] fix to WorldClient - HTML messages with embedded CSS render poorly
- [10334] fix to WorldClient - Message Preview - Malformed messages may have malformed
signatures
- [10449] fix to WorldClient - extra space is shown between lines in an HTML message
that was composed using Outlook
- [18746] fix to Mobile theme - Going back or using the refresh button in the list
view results in a mostly blank page
- [18136] fix to MDPGP GUI showing aliases with macros in dropdown when creating keys
for specific users
- [18745] fix to MSA connections not honoring local sources spam filter exemption
- [10273] fix to WorldClient - Alert.sem file not currently working
- [15343] fix to CalDAV: response is not sent to meeting organizer when accepting
a meeting request in Thunderbird/Lightning
- [18639] fix to WebDAV log file created with name of ".log" if MDaemon
logging is disabled
- [18706] fix to Remote Administration not forcing the recipient of the Weak Password
Report to be a local user
- [18739] fix to able to enter non-numbers for max users per domain in Remote Administration
- [18740] fix to Remote Administration does not force entry of a Smart Host when needed
in Domain Manager
- [18741] fix to some options not enabled on Remote Administration's Domain Manager
| Calendar screen
- [18761] fix to Remote Administration needlessly forcing a policy description in
ActiveSync Policy Editor
- [18788] fix to Remote Administration forcing entry of a Dequeue String when it should
be optional
- [18791] fix to Remote Administration not checking for a positive integer for time
to live in IP Cache
- [18797] fix to Remote Administration missing some of the necessary new mailbox name
validation
- [18759] fix to Remote Administration not hiding "WC Documents Folder"
as an option when editing Account Templates
- [18821] fix to LookOut and WorldClient themes - Cannot see new category added on
the Options | Categories view when adding by right clicking message | Categories
- [18811] fix to LookOut and WorldClient themes - Current folder on server changing
if you right click and perform action on a non-selected folder
- [18808] fix to LookOut and WorldClient themes - Applying changes to a signature
with more than one font-size results in all fonts changing back to the default
- [18866] fix to WorldClient theme - After a search, if you click the X on the search
bar, only the message subjects are displayed
- [18898] fix to Lookout theme Add button is not grayed out when editing a single occurrence
of a recurring event
- [18907] fix to encoding issue when AV warning message text is added to HTML messages
- [18908] fix to MDRA - When Free/Busy service for a domain has a password, the field
appears blank
- [18911] fix to MDRA - Passwords available in plain text on various pages
- [18933] fix to LookOut and WorldClient themes - WorldClient does not display the
email address in the "Recipient unknown" error message
- [19091] fix to WCIM client stripping CR/LF when sending multi-line messages
- [19092] fix to WCIM client not sending status changes to server for 5 minutes
- [19110] fix to remote IP not included in Received headers in some configurations
- [18874] fix to DNSBL lookups on Received header IPs not honoring white list
- [18902] fix to Mail List sending copy to sender errantly in some configurations
- [19138] fix to invalid regular expression in bad passwords file causes problems
for the MDaemon GUI and Remote Administration
- [19019] fix to MDRA - Content Filter shows "Process Exit Code" instead of
"SpamAssasin Score" popup when selecting a SpamAssasin Score entry
- [19131] fix to MDRA - Subfolders are not always created correctly
- [19175] fix to WorldClient - When composing a signature, then when using an
underline, it is not saved
- [19188] fix to LookOut and WorldClient themes - Deferred Delivery sets year to
1601 when sent from the Spell-Check view
- [18820] Fix to LetsEncrypt script not restarting MDaemon when WorldClient or MDaemon
Remote Administration are running under IIS and the WebScripting tools are not installed
- [18702] fix to various problems with the Group Editor in Remote Administration
- [18800] fix to JavaScript error on ActiveSync Clients page in Remote Administration
- [18701] fix to various excessive whitespace on certain popup windows in Remote
Administration
- [18712] fix to some text not being translated on Remote Administration's DomainPOP
page, User's Forwarding page, and Dropbox page
- [18724] fix to incorrect prompt in Content Filter "Event Log" actions
in Remote Administration
- [18792] fix to IP Shielding screen in Remote Administration not forcing entry of
an IP address
- [18819] fix to Event Logging screen in Remote Administration not disabling some
options when it should
- [17689] fix to From Header Modification not always handling parsing correctly
- [19114] fix Mobile theme - Calendar months and days are displayed in English
when any other language is selected
- [19300] WCIM client - fix to account not added to drop list on 'Add Contact'
screen
- [19149] WCIM client - fix to "Invisible" status change not working. It
will act as "Do not disturb" to other XMPP client.
- [19302] fix to MDRA - Cannot edit or create new domain
- [19303] fix to WorldClient theme - not able to sort messages by ascending date
when changing the sort order on the Options | Personalize page
- [19304] fix to WorldClient - error message popup goes away too quickly before it
can be read
- [18693] fix to LookOut and WorldClient themes - Unable to send faxes with no
attachments
- [19265] fix to IPF.IMAP type folders being created when moving folders
from an IMAP PST to an Outlook Connector account
- [19351] fix to LookOut theme - when switching messages the scroll bar is not
reset in the message preview
- [19367] fix to Possible memory leak in the Thread Pool if Message Log Parser
fails
- [18844] fix to WCIM - if user changes status with multiple XMPP clients, WCIM
should only report offline if all instances go offline
- [19113] fix to Mobile theme - First Day of week setting is not applied to the
calendar
- [19151] fix to WCIM - when global status is set to "Online" WCIM should log
account back in
- [19002] fix to contact notes changed on an ActiveSync client are not saved to the
server
- [18927] fix to ACL entry in an account's root Hiwater.mrk is not added to
AclShLookup.dat during the ACL cleanup event
- [19173] fix to a single instance of a recurring appointment deleted using an
ActiveSync client is not deleted on the server
- [19321] fix to messages sent using ActiveSync may display incorrect date in
ActiveSync clients
- [18932] fix to Sent Items copy of message sent using ActiveSync is unread
- [19452] fix to MD GUI crashes immediately when selecting the Use Small Display Font
option
MDaemon 17.0.3 - August 29, 2017
FIXES
- [18804] fix to data corruption when moving an event from one calendar to another using
ActiveSync
- [18826] fix to possible XMPP server crash when using TLS
- [18931] fix to LookOut and WorldClient themes - Cannot reach the second page for
non-default Tasks, Notes, and Documents folders
- [18441] fix to XMPP server crash
- [18806] fix to non-ASCII characters not showing correctly in WCIM buddy list
- [19187] fix to possible WCIM crash when adding buddies from buddy search screen
- [18872] fix to WCIM buddy search results columns are mislabeled
MDaemon 17.0.2 - May 19, 2017
FIXES
- [18848] fix to MultiPOP and DomainPOP when configured to leave mail on the server will
download new messages repeatedly
MDaemon 17.0.1 - May 16, 2017
CHANGES AND NEW FEATURES
- [4378] Added the Delete Selector button to Remote Administration's DKIM Signing page
- [15397] Added the edit box to Account Editor | Settings in Remote Administration
to specify a list of email addresses for automatic processing of meeting
requests
- [18245] Added Central Management of OC Local Cache and Attachment Folder to
Remote Administration
- [18476] Added text to the Remote Administration logon page to indicate when a
new version of MDaemon is available. To disable the text, change UpdateCheck=Yes
to UpdateCheck=No in the [Special] section of \MDaemon\WebAdmin\Webadmin.ini
- [16608] Added Mail Archive access to the Queue/Stats Manager
- [18398] Added WorldClient logging information to help identify which message was deleted
- [18559] Added instruction on how to add accounts immediately after creating a
domain in Domain Manager
- [18563] WorldClient - browser native alert, confirm, and prompt dialogs have
been replaced with non-native dialogs in most cases. If the browser has an issue
supporting the new dialogs, the browser dialogs will be displayed.
- [18475] Added text to the WorldClient logon page to indicate when a new version
of MDaemon is available. To disable the text, change UpdateCheck=Yes to
UpdateCheck=No in MDaemon\WorldClient\Domains.ini
- [18558] Worked around WorldClient being unable to authenticate SMTP connections
to MDaemon when both "Enable APOP & CRAM-MD5" and "Allow plain
text passwords" are disabled by making an exception for local machine SMTP
connections. This can be disabled by setting MDaemon.ini [Special]
AllowPlainTextOnLocalhost=No (default is Yes).
- [18506] Renamed the HealthCheck log folder and file from SecurityAnalyzer to
MDHealthCheck and changed from GMT to local time.
- [18515] Health Check - Set Recommended now triggers MDaemon to reload settings
after the operation is completed.
- [18519] Health Check - No longer displays errors for settings that are
not found.
- [18640] Health Check - User is now warned to back up settings prior to setting
recommended settings when the Set To Recommended button is clicked.
- [18584] Health Check - Added a warning when IP shield is enabled, but no
Domain/IP pairs are listed
- [18580] WorldClient theme - darkened the plus button/icon in the folders view to
heighten its contrast with the background
- [18675] WorldClient - Added HTTP log for OAuth setup when there is an authorization
failure caused by an HTTP error
- [18510] LookOut and WorldClient themes - Dropbox - changed the Dropbox link in
the Compose view to the direct download instead of the Dropbox preview
- [18564] Remote Administration - browser native alert, confirm, and prompt
dialogs have been replaced with non-native dialogs in most cases.
FIXES
- [16996] fix to Spam Filter Updates page not always allowing a "Save" in Remote
Administration
- [18429] fix to various problems with saving a List Description in Remote
Administration
- [18511] fix to LookOut and WorldClient themes - Adding or removing folders to or
from the favorites does not reload the folder list
- [14126] fix to Outlook .msg files attached in WorldClient may be corrupted
- [18434] fix to message is not archived when it is re-queued from the quarantine
after setting up an AV exclusion
- [18502] fix to WorldClient theme - the left pane and bottom preview pane sizes
change between logins
- [18513] fix to WorldClient - When switching to the LookOut theme from Options |
Personalize, the folder list is blank
- [18518] fix to LookOut and WorldClient themes - search term is removed when
switching between folders of the same type
- [18463] fix to WorldClient theme - In Side by Side view, calendar looks corrupt
when enabling additional calendars in Week view
- [18523] fix to MDHealthCheck crash when analyzing if there are many domains
- [17862] fix to IMAP server incorrectly parsing messages with header lines that
are too long
- [17151] fix to WorldClient - email address autocomplete - hitting tab twice too
quickly results in the address being added twice
- [18466] fix to WorldClient - When downloading files named with Japanese
characters they are corrupt when saved using MS Edge
- [18527] fix to WCIM XMPP Client Non-ASCII characters are not encoded correctly
- [18536] fix to WorldClient - some languages that use apostrophes (') - Unable to choose or enter any addresses
when sharing a folder
- [18493] fix to garbage characters on MD UI's Browse for Folder dialog
- [18267] fix to attachments may be corrupted in the archive copy of a message
- [18038] fix to bad archive folders are created when incoming emails do not have an
address in the From header
- [18532] fix to possible ActiveSync server crash
- [18525] fix to ActiveSync GetAttachment command not being allowed
- [18507] fix to times of messages received using ActiveSync may be off by 1 hour
- [18546] fix to PROPFIND request for CalDAV or CardDAV using .well-known path
fails if the path ends with a slash
- [17965] fix to aliases that point to a subaddress folder for an account do not show
up under account's aliases
- [18337] fix to account export options including disabled accounts in the export
operation
- [18548] fix to AD monitoring creating welcome messages when importing disabled
accounts
- [18395] fix to AD monitoring not freezing disabled accounts when so configured
(just disabling them)
- [18282] fix to max msg sent per day & spambot detection not recognizing aliases properly
- [18427] fix to list reminders not recognizing aliases properly
- [18557] fix to all groups are unchecked on the MD UI's account templates Groups screen
and Account Editor's Mail Folder & Groups screen
- [18456] fix to Account Editor may not have the correct domain selected when opening
it from the Domain Manager
- [18561] fix to WorldClient theme - Searches in non-ASCII languages fail to
return the expected results
- [18078] fix to MD UI may suggest Dropbox Redirect URI that does not use HTTPS
- [17797] fix to groups from the New Accounts template are not assigned to new
accounts imported from a CSV file that does not have a Groups field
- [18566] fix to WorldClient theme - When clicking a favorite folder, no messages
are displayed when Collapse Nested Folders is enabled
- [18579] fix to WCIM client not being able to connect when specifying a different
XMPP port than the default
- [17236] fix to corrupted Japanese characters in attachment linking filenames
- [17591] fix to all recipients of a message may not be sent in the same outbound
session to a smart host
- [16063] fix to mailing list footer may be added to text file attachments
- [15681] fix to WorldClient's Lite and Mobile themes do not display past the first
page of contacts in folders whose name contains non-ASCII characters
- [15445] fix to WCIM chat window may strip the character following an emoticon
- [18037] fix to the Aliases screen on the MD UI's Account Editor is not updated
after changing the account's email address
- [16228] fix to $USERFIRSTINITIALLC$ macro is not translated when creating a new
account in Remote Administration
- [14731] fix to $USERFIRSTNAMELC$ and $USERLASTNAMELC$ macros are not translated
when creating accounts using ImportNT
- [18641] fix to the MDaemon service may take too long to stop, causing the service
control manager to report an error
- [18642] fix to restarting MDaemon from a Configuration Session UI restarts the
MDaemon service but not the UI
- [18587] fix to a variety of Health Check issues
- [18458] fix to XMPP server and WCIM client not correctly handling when chat room
nick name already exists
- [18437] fix to "Enable instant messaging" does not work for XMPP
- [18630] fix to LookOut and WorldClient themes - Message body removed when
replying to email once alias is changed
- [17956] fix to the dynamic screening "...but not when they use the same password
every time" option does not work for SMTP sessions
- [18578] fix to LookOut and WorldClient themes - When HTML Compose is disabled
changes are not saved to the signature
- [18671] fix to content filter "Match case" option for regex header and
body search and replace does not work
- [18674] fix to ActiveSync GAL search may not work for iOS devices
- [18661] fix to "Authorize all accounts upon first access via ActiveSync
protocol" option not working properly
- [18628] fix to two acceptance notifications are generated when a meeting is accepted
using an ActiveSync client
- [18492] fix to ActiveSync client resyncs due to "Setting Status Collection 16
Retry"
- [18684] fix to outdated country list on MD UI's Create SSL Certificate dialog
- [18694] fix to MDPGP-Results header may contain non-ASCII characters
- [18623] fix to changing the color of a CalDAV calendar in BusyCal prevents
further synchronization
- [18699] fix to WorldClient - HTML is not working in Login failure help text
field
- [18682] fix to unresolved macros in ActiveSync-generated read receipts
- [18672] fix to ActiveSync Client Settings dialog does not correctly preview inherited
Domain level settings when editing User or Client
- [18711] fix to MDaemon does not set a subjectAltName value in self-signed
certificates that it generates when given a single host name
MDaemon 17.0.0 - March 21, 2017
SPECIAL CONSIDERATIONS
[17978] The option "Enable APOP & CRAM-MD5" found at F2|Server Settings|Servers
has changed to disabled by default for security and technical reasons. Using TLS
is the preferred way to avoid transmission of passwords in the clear.
[17977] The "Global AUTH Password" setting at Ctrl+S|Sender Authentication|SMTP
Authentication has been deprecated and removed.
[18067] All settings related to ADSP found at Ctrl+S|Sender Authentication|DKIM
Verification and a single option related to the use of the RS= tag found at Ctrl+S|Sender
Authentication|DKIM Settings have been deprecated and removed.
[17337] In-browser WorldClient Instant Messenger (WCIM) has been removed from the
LookOut and WorldClient themes due to incompatibility with the new XMPP WCIM server.
[8314] The option "Store mailbox passwords using non-reversible encryption"
(see below) is disabled by default for existing installs to avoid breaking anything
for anyone who depends on incompatible features, but for security reasons we recommend
enabling it if you can.
[17122] WorldClient Instant Messenger (WCIM) now uses the XMPP protocol for instant
messaging, which is not compatible with the old chat protocol. Users who do not
update to the new version will not be able to instant message with users who have
updated. Address book synchronization with Outlook has been removed from WCIM.
MAJOR NEW FEATURES
[17122] XMPP support for WorldClient Instant Messenger (WCIM)
WCIM now uses the XMPP protocol for instant messaging instead of WorldClient's proprietary
protocol. This allows the WCIM desktop client to communicate not only with other
WCIM clients, but any third-party XMPP clients (including mobile clients) connected
to your MDaemon's XMPP server.
WCIM now has two types of connections, "WCMailCheck" which connects to
WorldClient for new mail notifications and message counts, and "WCIMXMPP"
which connects to the XMPP server for instant messaging. When updating to version
17, WCIM will automatically migrate IM contacts from the old system to XMPP and
create a WCIMXMPP account.
[10808] WORLDCLIENT DROPBOX INTEGRATION
A new screen has been added to Ctrl+W|WorldClient (web mail)|Dropbox. Here you will
find controls where you can enter your Dropbox "app key", "app secret",
and privacy policy text. All are needed in order to enable the integrated service
and they are all obtained when you register your WorldClientas a Dropbox "app"
by visiting the Dropbox website. We cannot do this for you but it only needsdoing
once. Please see
Knowledge Base article 1166 for complete instructions on how to register
your WorldClient as an app with Dropbox.
Once the "app key" and "app secret" are configured WorldClient
will be able to connect their accounts to a Dropbox account. The first time a user
logs into WorldClient theme or LookOut theme, the user will be presented with a
dropdown at the top of the page. The user has three options, view the dropdown on
next login, never show it again, or go to the new Options | Cloud Apps view. On
the Options | Cloud Apps view, the user can click the Setup Dropbox button. Doing
so will open an OAuth 2.0 popup. The popup details what the user is connecting to,
and what authorizations WorldClient is requesting. There is also a link to the privacy
policy, and "Connect to Dropbox" button. Once the user clicks the "Connect
to Dropbox" button, the page will navigate to Dropbox. If the user is not logged
into Dropbox, Dropbox will present a site for them to either login or create an
account. Once this step is completed, the user will be presented with another Dropbox
page that asks if the user would like to allow WorldClient to have full access to
his/her account. Clicking "Allow", will take the user back to WorldClient
and tell the user whether or not the authorization was a success. This authorization
is good for one week after which time the same screen is presented again and another
access token is obtained and used for a subsequent week. Once authorization is completed,
the user will be presented with a Dropbox icon next to each message attachment.
Clicking the icon will result in the attachment being saved to the user's Dropbox
account under the /WorldClient_Attachments folder.
In the Compose view for WorldClient and LookOut themes, users will be able to choose
files from their Dropbox accounts by clicking the Dropbox icon in the HTML editor's
toolbar (top left). This feature does not require the users to setup access to their
accounts via the Options | Cloud Apps view and OAuth 2.0. It only requires the "app
key" and "app secret".
Dropbox integration is disabled by default. The "Enable Dropbox Integration"
checkbox will enable it for all users, or the admin can enable access on a per-user basis
by adding "DropboxAccessEnabled=Yes" to the User.ini.
CHANGES AND NEW FEATURES
- [8314] Option to store mailbox passwords using non-reversible encryption
Added a checkbox at Ctrl+U|Other|Passwords to store mailbox passwords using non-
reversible encryption. This protects the passwords from being decrypted by MDaemon,
the admin, or a possible attacker. When enabled, MDaemon uses the bcrypt password
hashing function. It allows for longer passwords (up to 72 characters), and for
passwords to be preserved yet not revealed when exporting and importing accounts.
Some features such as APOP & CRAM-MD5 authentication and weak password detection
depend on MDaemon being able to decrypt passwords, so they are not compatible.
This option is enabled by default for new installs and disabled by default for existing
installs.
As part of this change, the Account Editor's "Mailbox password" fields
are no longer populated when editing an account in the UI. Enter a new password
(twice) to change the password or leave them blank to keep the current password.
- [17875] Integration with Let's Encrypt via PowerShell script
Let's Encrypt is a certificate authority that provides free certificates for
Transport Layer Security (TLS) encryption via an automated process designed to eliminate
the current complex process of manual creation, validation, signing, installation,
and renewal of certificates for secure websites.
A PowerShell script that supports LetsEncrypt is now installed to the MDaemon\LetsEncrypt
directory. A dependency of the script, the ACMESharp module,
requires PowerShell 3.0 . This means this script will not work on Windows
2003.
WorldClient must be listening on port 80 or the HTTP challenge cannot be completed
and the script will not work. You will need to correctly set the execution policy
for PowerShell before it will allow you to run this script. Running the script will
set everything up for LetsEncrypt, including putting the necessary files in the
WorldClient HTTP directory to complete the http-01 challenge. It uses the SMTP host
name of the default domain as the domain for the certificate, retrieves the certificate,
imports it into Windows, and configures MDaemon to use the certificate.
The script creates a log file in the MDaemon\Logs\ directory called LetsEncrypt.log.
This log file is removed and recreated each time the script runs. The log includes
the starting date/time of the script but it does not include a date/time stamp for
each action. Notification emails can be sent when an error occurs. This is done
using the $error variable which is automatically created and set by PowerShell.
If you have an FQDN setup for your default domain that does not point to the MDaemon
server, this script will not work. If you want to setup alternate host names in
the certificate you can do so. You need to pass the alternate host names on the
command line.
Example usage: ..\LetsEncrypt.ps1 -AlternateHostNames mail.domain.com,imap.domain.com,wc.domain.com
-IISSiteName MySite -To "admin@yourdomain.com"
You do not need to include the FQDN for the default domain in the AlternateHostNames
list. For example, our default domain, altn.com, is configured with an FQDN of mail1.altn.com.
We use an alternate host name of mail.altn.com. When I run the script, I only pass
mail.altn.com as an alternate host name. If you pass alternate host names, an HTTP
challenge will need to be completed for each them. If the challenges are not all
completed the process will not complete correctly.
If you do not need to pass in alternate host names then do not include the –AlternateHostNames
parameter in the command line. If you do not want to have email notifications sent
when an error occurs do not include the –To parameter in the command line.
If you are running WorldClient via IIS, you will need to pass this script the name
of your site using the -IISSiteName parameter. You must have Microsoft's Web Scripting
tools installed in order for the certificate to be automatically setup in IIS.
- [18218] Added a new troubleshooting utility called MDaemon Health Check located
at MDaemon\App\MDHealthCheck.exe. Running it will check MDaemon security related
settings (AV, SPAM, SSL, etc.) for settings that are not recommended. It allows
the user to change any settings that are not recommended to the recommended setting.
It also creates a log file of the process in MDaemon\Logs which also includes any
errors (errors about missing settings are not a concern) or warnings found. The
user can open the most recent log from the utility. It can be launched from the
MDaemon UI using the new toolbar button or menu item in the Help menu.
- [11002] Added Content Filter option to quarantine the entire message when it contains
a restricted attachment.
- [16587] Added means to "authorize/approve" new devices that are allowed
to use ActiveSync.
To require approval of any new client that connects, simply set the checkbox in
the client settings dialog for the level at which you wish to enforce it, either
global, domain or user.
A new Filter combobox is preset on the client list dialog, which allows the admin
to look at all clients or clients awaiting approval.
To Authorize a client that requires approval... one can right click on the client
in the list of clients and choose "Authorize client..."
- [14383] LookOut and WorldClient themes - Added Desktop Notifications for event reminders
and task reminders.
- [17982] Ctrl+Q|Mail Queues|Retry Queue has a new checkbox which enables sending
of a "successful delivery" DSN any time a message is delivered which has
previously been delayed and placed in the retry queue for whatever reason.
- [17990] Ctrl+S|Preferences|Headers option to create optional "For" clause
in Received headers has been deprecated and removed. MDaemon no longer generates
this optional clause when creating Received headers.
- [17552] First time access to SMTP/IMAP/POP server from any IP having previously
provided incorrect credentials will result in a warning added to the Screening log
along the lines of "<Protocol> access granted to <IP> using <email
address>'s credentials after having FAILED previous on <Date>"
or similar.
- [5861] WorldClient - Added an option under Options | Personalize to allow inline
images in messages from Whitelisted senders and contacts from the user's default
contacts folder
- [3253] LookOut and WorldClient themes - Added an option next to attachments in the
attachment list to remove attachments from a message
- [2069] LookOut and WorldClient themes - Added the ability to create multiple signatures,
and assign them on a per email address basis. Users can create, edit, and
delete signatures in the Options | Compose view. In the Compose view, changing
the from address will change the signature, and there is also a list of signatures
to choose from in the advanced options. Each time a user opens a Compose view,
all the signatures are loaded. The number of signatures per user is limited
to 30 in order to prevent slow load times.
- [7152] LookOut and WorldClient themes - Added ability to import vCards (.vcf files)
into WorldClient default contacts folder. There will be an icon next to any
vcf file in the message attachment list.
- [9646] LookOut and WorldClient themes - Added an option in the compose view for
users to send a message at a future date and time. Users can set the date
and time fields which will set the Deferred-Delivery message header for the email
when saved as a draft or when sent. Deferred Delivery must be enabled in MDaemon
at F2|Server Settings|Message Recall.
- [17747] Dynamic Authentication was renamed to Active Directory or AD Authentication
which is what is it and I'm trying to use the correct terms. This caused a change
to UI verbiage at Account Settings|Account Details screen and Ctrl+U|Active Directory|Monitoring.
As part of this work the Account Settings|Account Details screen was also changed
to remove the "Optional sync password" field (UI change only) and add
a field to specifying an optional AD account name to be used with authentication
(UI change only).
- [17423] Several problems were fixed related to mail folder relocation when an account
changes email address or mail folder. The option at Ctrl+O|Preferences|System which
controlled whether mail folders were relocated has been deprecated and removed.
MDaemon will always attempt to move mail folders when necessary.
- [17993] A new checkbox was added to Ctrl+O|Preferences|Headers which toggles whether
host names & IPs are included when "Received:" and potentially other
message headers are constructed. This option is disabled by default.
- [17713] A new checkbox was added to Ctrl+P|DNS-BL|Settings which allows you to ignore
DNS-BL results that are outside the range of 127.0.0.1 to 127.255.255.255.
This option is disabled by default.
- [14144] Remote Administration can now edit per-user or global permissions for the
WorldClient Documents folder.
- [16866] Added missing Domain Manager screens to Remote Administration.
- [3110] Remote Administration now allows certain edits to more than one list member
at a time.
- [17926] The UI status bar up-time indicator has a changed layout for easier reading.
- [17948] MDPGP: improved logging of certain error conditions
- [15279] SMTP Mailbox Invalid error response will now include the value that was
determined to be invalid
- [18027] Reworked the Global Mailing List Subscriptions Options in Remote Administration.
These settings are now in the Remote Admin settings rather than on their own page
under "My Mailing Lists."
- [6391] LookOut and WorldClient themes - Added ability to search all folders or sub
folders of the selected folder. To use this feature open the Advanced Search options
and select the Search All Folders or Search Sub Folders radio button. If a message
in the search results is from a folder with limited permissions, the message will
have a redish-orange color to it, and most actions a user would normally be able
to perform on the message will not be permitted. If a user has very large folders,
Search All is NOT recommended due to the long wait for the request. However, canceling
a search no longer leaves the user waiting, but instead cancels any search on the
server and returns the client to a normal folder view without search results.
- [17995] WorldClient theme - increased the effective area for clicking a checkbox
in the list views (Email, Contacts, Tasks, Notes, Documents)
- [17928] WorldClient will no longer display DKIM validated icon after 7 days from
the Date header value of a message
- [13288] LookOut and WorldClient themes - Added the ability for users to import to
the Inbox or download (instead of only view) a .eml message attachment.
- [18026] LookOut and WorldClient themes - added ability to quick search for a folder
when moving/copying messages
- [17963] LookOut theme - Changed the calendar events in LookOut to use the calendar
color for the entire border instead of only the left border
- [18090] WorldClient - Compose view - Updated the HTML editor to CKEditor version
4.6.1. The new version now includes a Copy Formatting feature.
- [17150] LookOut and WorldClient themes - Added an option to Edit a meeting after
accepting an invitation in the Invitation Dialog. After the user clicks the "Accept"
or "Accept Tentatively" box, the Invitation Dialog opens. If the
user wishes to edit the meeting after accepting the invite, the user can click the
"Edit the meeting" checkbox. After the user clicks OK, the Calendar
Event editor will open to the meeting in question. If the user chose to edit
the response, the Calendar Event editor will open after the response is sent.
- [18096] LookOut and WorldClient themes - Added an option under Options | Personalize
to Display New Messages Count in the page title. This setting is enabled by default.
- [14230] WorldClient theme - Added the message count to the hover title/tooltip for
mail folders
- [4279] WorldClient - Added city and state to fields searched when searching contacts
- [18032] Ctrl+Q|Mail Queues|Retry Queue has a new option to toggle sending of delivery
delay DSNs.
- [17842] The ActiveSync log level can now be set at a per user/domain basis.
- [17933] The GetVersionInfo XMLAPI command now reports PRO/Cloud information.
- [17787] Added the ability to alter/control log entries that use a 0x######## status
code in ActiveSync, AutoDiscover, XMLAPI modules.
Log Entry modification flags include:
- [Logs:IgnoreSession] Aborts the logging if the Session ID specified is to be ignored...
(ie. 00000012=1)
- [Logs:InfoToWarning] Elevates an Info level log entry to a warning level (ie. 0x########=1)
- [Logs:DebugToWarning] Elevates a Debug level log entry to a warning level (ie. 0x########=1)
- [Logs:WarningToInfo] Deprecates an Error or Warning level level log entry to an
Info level (ie. 0x########=1)
- [Logs:IgnoreEntry] Aborts logging that event id (ie. 0x########=1)
- [18277] ActiveSync Sync Rollback Notifications
The ActiveSync Service can now notify the administrators if a client is repeatedly/frequently
sending expired Sync Keys in Sync operations.
These merely inform the admin that the server issued a rollback for a given collection
because a client made a sync request with the most recently expired Sync Key. The
subject states "ActiveSync Client Using expired Sync Key". This could
occur because of a network issue or something about the content previously sent
to the client in that collection. In some cases, the item id will be there, it merely
depends upon whether or not the previous sync on that collection sent any items.
Rollback warnings do not mean the client is out of Sync, it means that the client
has the potential to go out of Sync and our internal system detected it. Rollback
warnings are issued for a collection no more than once per 24 hour period.
- [System] SendRollbackNotifications=[0|1|Yes|No|True|False]
- [System] RollbackNotificationThreshhold=[1-254] : The number of rollbacks that must
occur on a given collection prior to a notification being sent to the admin. We
recommend a value of at least 5 here, since Network hiccups play a part in this.
- [System] RollbackNotificationCCUser=[0|1|Yes|No|True|False] : Whether or not to
CC the user whose client sent that expired Sync Key.
- [18141] ActiveSync Corrupt Message Notifications
The ActiveSync Service can now notify the administrators if a particular message
cannot be processed. These are sent in real time to inform the admin of a mail item
that could not be parsed and that further action on this item is not possible. The
subject states "Corrupt message notification". These items, in previous
versions, could lead to a crash. In most cases, the content of the msg file will
not be MIME data, however, if it is MIME data, it is likely corrupt. You can choose
to CC the affected user of these notifications with the CMNCCUser key so that they
are aware that an email has arrived in their mailbox that is un-readable. The appropriate
action for these is to move the designated msg file from the user's mailbox and
analyze it to determine both why it is not able to be parsed and how it came to
exist in the state that it is in.
- [System] CMNCCUser==[0|1|Yes|No|True|False]
- [14244] An option to allow file transfers in WCIM has been added at
Ctrl+W|WorldClient (web mail)|WCIM.
- [18187] The ActiveSync Service now cleans up old archived Xml and WbXml archives
during its nightly maintenance processing. The number of days for retention can
be specified from the Service Diagnostics Page. This assists you in maintaining
a fixed window of archival data for diagnostic purposes without having to monitor
and remove them manually. Also, ActiveSync Xml and WbXml archives can be configured
to go to the Logs\AirSync directory has it has done historically, or to go to a
Debug directory under the User's _ActiveSync/Client directory.
- [17784] Updated MDSpamD to include Encode module for charset conversion and normalization.
- [18206] Screens about BlackBerry Enterprise Server (BES) have been removed from
the 64-bit MDaemon's UI, since BES is only compatible with the 32-bit MDaemon.
- [18203] The ActiveSync Client Information dialog now displays complete IP address
history.
- [3469] Added a simple searching function to Remote Administration's Queue Management.
The "*" wildcard can be used when the exact search text is not known.
- [18120] Remote Administration will now validate email addresses added as List or
Domain Administrators.
- [18258] Added 32-bit/64-bit info to MDaemon.ini and MDStats Configuration Report.
- [17458] Added XMPP configuration screen to Remote Administration.
- [9735] Added the Weak Password Report functionality to Remote Administration
- [14216] Added button to Remote Administration's Password Options that goes through
all accounts and flags any of them with a weak password to require a password change.
Note that this could result in accounts being locked out, so there are warnings
in place. Passwords can be changed using the UI, WorldClient or MDaemon Remote
Administration.
- [18226] Added the ability to disable logging of messages in XMPP Server logs
- [16664] Added missing Gateway Verification options to Remote Administration
- [18279] Added case-insensitive search option to ActiveSync Log Viewer
- [11969] Added the ability to download a read-only copy of a calendar in iCalendar/webcal
format. This allows for a calendar to be viewed and subscribed to in Outlook, Google
Calendar, Mac iCal, and other applications. A read-only private URL, which contains
a unique access token, allows for access without requiring an account’s login details.
To view or reset the private URL for a calendar, select "Share Folder"
from the calendar's context menu in WorldClient using the WorldClient or Lookout
theme. Viewing or resetting the private URL requires "Administer / Full Control"
access.
- [15529] Added support for Outlook 2007 and later's
"Publish your calendar on a WebDAV server" feature. Only the
"Limited details" and "Full details" options are supported,
as WorldClient does not support events without a subject. The URL must be
the CalDAV path of a existing WorldClient calendar. The CalDAV path for a
folder can be found from the "Share Folder" dialog for the calendar in
WorldClient. The calendar's CalDAV path is its "private iCalendar feed
URL" before "calendar.ics", i.e. https://company.test:3000/webdav/calendars/company.test/user1/.
Please note that any existing events in the WorldClient calendar will not be deleted,
however these will not be visible in Outlook.
- [15397] An edit box was added to Account Editor|Account Settings|Settings which
lets you enter a short list of email addresses for use with the automatic
processing of calendar requests.
- [18290] ASMC logging has been improved and is more readable for diagnostic purposes.
- [18245] Added options to the Outlook Connector centralized management for local
cache filename and attachments directory. By default they are not pushed to OC
clients. Enable the option to tell OC clients to move their data to the default
or custom locations. Requires OC plugin version 4.5.0 or newer. An example
custom local cache filename is "%APPDATA%\Alt-N\Outlook Connector
2.0\Accounts\%OUTLOOKPROFILE%\%OUTLOOKEMAIL%\LocalCache.db".
- [18410] Management Service (XMLAPI) now supports SetQueueState operation.
- [18099] ASMC: Added the ability to select which folder types to migrate. Run ASMC /?
to see new /FolderTypes flags.
- [18424] MDaemon starts warning about impending license deactivation 7 days in
advance (up from 5 days).
- [18430] Removed obsolete settings from Ctrl+W|WorldClient (web mail)|WCIM.
FIXES
- [18102] XMLAPI: UpdateDomain/Parameters/Details/Disabled does not work. FIXED.
- [18093] XMLAPI: UpdateUser operation does not enforce strong password requirement.
FIXED.
- [15016] fix to incorrect tab order when adding a new List Member in Remote Administration
- [16861] fix to options missing from Remote Administration's MultiPOP settings
- [17689] fix to from header modification not happening when from header data split
to multiple lines
- [16939] fix to Remote Administration defaults for Greylisting don't match MDaemon's
- [16938] fix to Remote Administration defaults for DMARC Settings don't match
MDaemon's
- [16937] fix to Remote Administration defaults for IPv6 don't match MDaemon's
- [17772] fix to Remote Administration's ActiveSync Device Details dialog will
not show details for anything but first listed device
- [17505] fix to Remote Administration's Content Filter "rule jump"
action not showing all available rules
- [17757] fix to incorrect wording of Strong Passwords error in Remote Administration
- [17903] fix to Remote Administration allowing admin to attempt to modify several
accounts at once
- [17949] fix to MDPGP decrypt/verify operations too strict with auth credentials
- [17819] fix to inconsistent application of SMTP and queue-based spam scans in some
configurations
- [17945] fix to Mailing Lists Administrators and Outlook Connector Authorized Users
not being saved properly in Remote Administration
- [17957] fix to mailing list editor allowing lists called "noreply" to
be created
- [17823] fix to F3 not auto-selecting the full name field for typing once the dialog
created
- [17838] fix to tab order not working properly in MDPGP UI, Domain Manager UI, and
Mailing List Manager UI
- [17588] fix to disabled/frozen accounts sometimes improperly re-enabled in the UI
- [17970] fix to Remote Administration's mailbox size reports tooltip not showing
correct value for very large mailboxes with quotas
- [17961] fix to Unknown Error when attempting to re-use an old password in Remote
Administration
- [17742] fix to slight error with IP Validating function in Remote Administration
- [16299] fix to adding inline images to an email message breaks Domain Signatures
with image
- [18017] fix to LookOut theme - "Remote images were blocked" not being
translated in external message window
- [18025] fix to WorldClient theme - When printing a calendar, the print dialog window
does not launch
- [18027] fix to Remote Administration's Mailing List Subscription Manager not
usable for non-local users
- [17993] fix to IPv6 addresses not processed properly when computing Received headers
- [17960] fix to LookOut theme - some languages - When selecting categories, the last
option is cut off at the bottom
- [17950] fix to Mobile theme - no scroll bars on HTML emails
- [17910] fix to WorldClient - When removing an attachment, browser ask if you want
to leave the page
- [17904] fix to WorldClient theme - Search retains settings between switching folders
in Contacts but does not show search term
- [17964] fix to WorldClient theme - Subject header text is truncated when viewed
with a right preview pane
- [18091] fix to LookOut theme - Unable to create Contacts, Calendar, Tasks, or Notes
sub-folders in succession
- [18092] fix to WorldClient - Japanese - When clicking Group By Company uncategorized
contacts are not displayed
- [17932] fix to LookOut and WorldClient themes - Slideshow feature not working in
IE11 when message preview is enabled
- [15184] fix to LookOut and WorldClient themes - The Default Contacts View setting
is not applied when clicking "To" in a composed message
- [18016] fix to Remote Administration allowed non-local addresses to be added as
List or Domain Administrators
- [17858] fix to XMPP Server sending Task/Calendar reminders with missing CR/LF
- [18124] fix to MDPGP logging message init errors even when debug logging disabled
- [18125] fix to confusing text in two MDPGP debug log strings
- [18128] fix to unable to enable an account in Remote Admin that has an existing
weak password
- [18121] fix to certain changes to DKIM Signing Settings in Remote Admin not seen
by MDaemon until server restart
- [18035] fix to Account Editor items in Remote Admin out of order
- [17735] fix to ActiveSync crash in mdmbsrch.dll when a search reads a corrupt .msg
file
- [18028] fix to Winsock errors when using Outlook 2013 with ActiveSync
- [18063] fix to possible MDASMgmt.dll crash when corrupt data is present in AirSync.ini
files
- [18064] fix to non-ASCII characters are corrupt in read receipts generated by the
ActiveSync server
- [17905] fix to no results when doing an ActiveSync DeepTraversal search on a virtual
shared folder
- [18159] fix to CalDAV/CardDAV GET responses do not contain a required ETag HTTP
header. This results in errors when attempting to synchronize a single item
with the "DAVdroid" client.
- [18145] fix to incorrect label on the IPv6 screen in Remote Administration
- [18171] fix to ActiveSync "Virtually merge public contacts into default contacts"
option not working
- [17898] fix to LookOut theme - IE8 - the 'Delete' button on the button bar
above the message list does not delete messages when they contain attachments
- [18106] fix to WorldClient - When exporting a calendar, the first Required Attendee
is duplicated
- [18228] fix to possible WorldClient server crash
- [18195] fix to possible CFEngine.exe crash
- [18286] fix to CalDAV-Sync Android client unable to synchronize annual recurring
events
- [17645] fix to LookOut and WorldClient themes - archive instances of recurring tasks
should include recurrence information
- [18305] fix to iOS clients may not be sent all mail when doing an initial sync after
changing the filter type to "All"
- [18301] fix to incorrect error response when an ActiveSync client requests to search
using an invalid collection ID
- [18300] fix to invalid folder ID in Ping request may cause BlackBerry ActiveSync
client to resync
- [18327] fix to MDaemon may hang for 10-30 seconds while attempting to validate a
remote SSL certificate if it cannot download certificate or revocation data from
the internet. Set MDaemon.ini [SSL] OfflineCertificateValidation=Yes to prevent
MDaemon from trying to download such data.
- [18329] fix to Remote Administration allowing non-numeric characters on the Ports
configuration screen
- [18332] fix for Outlook Connector, if the first instance of a recurring appointment
is changed outside of Outlook, the occurrence may no longer appear in Outlook
- [18341] fix to ActiveSync recipient cache not retaining as many objects as it should
- [18352] fix to LookOut and WorldClient themes - unread counts do not get updated
after deleting messages in a folder
- [18085] fix to plugins log not archiving, not rolling-over by size, not updating
file name, etc.
- [18359] fix to WorldClient - Safari 10 - LookOut and WC themes do not always
load
- [18386] fix to absolute paths in some localized configuration files
- [7176] fix to incorrect minger query results in some cases
- [18322] fix to AccountPrune.log and ListPrune.log do not have file size limits
- [18180] fix to Domain Sharing buttons disabled in Remote Administration
- [17583] fix to minor formatting issue on Accounts page in Remote Administration
- [18387] fix to meeting request notes are not read from iCalendar COMMENT field
- [18389] fix to Outlook may crash after downloading an event with a start or end
date before 1900 using ActiveSync
- [18416] fix to rare but potential crash when opening the Updates screen in
Remote Administration
- [18291] fix to memory leak in MDaemon UI while displaying ActiveSync sessions
- [18396] fix to WorldClient memory leak
- [18477] fix to possible memory corruption when sending DMARC aggregate reports
MDaemon 16.5.2 - November 29, 2016
CHANGES
- [17827] If AccountPrune is taking too long to delete old messages since [4884] was
implemented in 16.5.0 to determine a message's age from its Date: header, edit \MDaemon\App\MDaemon.ini
and set [AccountPrune] UseDateHeader=No to return to the previous behavior of using
the message file's last modified timestamp.
- [17861] MDaemon may report the version of the OS version that it is running on when
it requests an updated license file from Alt-N. This information is helpful as we
make decisions about which OSes to support. To not report such information, edit
\MDaemon\App\MDaemon.ini and set [Special] ReportOptionalData=No.
FIXES
- [17793] fix to long SPF DNS records are not processed correctly
- [17772] fix to Remote Administration's ActiveSync Device Details dialog will
not show details for anything but first listed device
- [17795] fix to LookOut theme - calendar tooltips do not show up
- [17804] fix to WorldClient theme - Tasks list does not show up in IE11 on Windows
8.1
- [17505] fix to Remote Administration's Content Filter "rule jump" action
not showing all available rules
- [17770] fix to meeting attendees are corrupted if an attendee's name contains an
accented character and a comma
- [17817] fix to a message larger than the SMTP spam filter scan limit may cause the
scans of subsequent messages in the SMTP session to be skipped
- [17811] fix to CFEngine crash due to system rule conflict with rule hit counter
- [17824] fix to 64-bit installer does not register MDAutoDiscover.dll
- [17828] fix to WorldClient - Translated categories are converted to English after
saving the calendar event
- [17835] fix to Minger authentication fails if sender's email address contains "d="
- [17847] fix to not being able to set up a CalDAV or CardDAV account on an iOS device.
Existing CalDAV or CardDAV accounts on iOS devices may also stop synchronizing.
- [17851] fix to Active Directory Monitoring "Page size" and "Verbose
AD logging" settings are broken in the MD GUI
- [17853] fix to a "<template_undefined>" alias is created when Active
Directory Monitoring creates an account
- [17826] fix to malformed Trusted IPs and Trusted Hosts when editing with Remote
Administration
- [17859] fix to WorldClient theme - The Sort Messages By option does not save
- [17833] fix to ActiveSync Ping requests from iOS devices do not work since 16.5
- [17852] fix to ActiveSync FolderSync response may be missing Delete elements for
shared folders that no longer exist
- [17821] fix to CalDAV unable to edit the notes/comments for a single occurrence
of a recurring calendar event or task
- [17902] fix to MD GUI's Mobile Device Management | ActiveSync | Accounts screen
does not save changes
- [17864] fix to possible ActiveSync server hang
- [17913] fix to CIDR notation not working in SMTP AUTH Credentials Matching White List
- [17919] fix to possible XMPP server crash
MDaemon 16.5.1 - October 11, 2016
CHANGES
- [16981] Updated Remote Administration's Host and IP Screening pages to match updates
in MDaemon.
- [16853] Updated Remote Administration's RA Options page.
- [16638] MDPGP: Changed overall system default to disabled.
- [16698] Ctrl+S|Sender Authentication|SMTP Authentication now has a white list for
the 'Credentials mustmatch...' options found there. A button was added to edit the
white list.
- [17712] Ctrl+S|Screening|HiJack Detection|From Header Modification now has a white
list button.
- [13077] Added proxy server support for license requests. If the installer is unable
to download a license file it now prompts for a proxy server address and credentials
which it will use to retry the HTTPS request.
- [17721] Urgent Update system has been deprecated and removed (redundant these days).
FIXES
- [17055] fix to defaults for Outbreak Protection inconsistent between MDaemon and
Remote Administration
- [16840] fix to Mail List Member Edit screen remaining open after user clicks Cancel
in Remote Administration
- [17592] fix to Outlook Connector Client Settings pages remain open after user clicks
Cancel in Remote Administration
- [16997] fix to small GUI inconsistency on DNS-BL Settings page in Remote Administration
- [16995] fix to small GUI issue on Spam Filter Updates tab in Remote Administration
- [16972] fix to ActiveSync MaxPublicFolders setting not saving correctly in Remote
Administration
- [16982] fix to DKIM option on the wrong dialog in Remote Administration
- [17635] fix to encoded body text of calendar items created by Outlook 2016 with
OC is not decoded
- [17665] fix to WorldClient may crash when importing an .ics attachment
- [17671] fix to WorldClient's Lite theme - Issue changing password
- [17679] fix to non-ASCII characters in a calendar item created by Outlook 2016 with
Outlook Connector are corrupted after editing the item in WorldClient
- [17682] fix to WorldClient and LookOut themes - if Virtru is disabled on the Domain
level, the Compose view does not finish loading
- [17684] fix to potential crash processing certain oddly formed messages
- [17685] fix to disabled XMPP server starts back up when Windows is restarted
- [17673] fix to account editor preventing disabling an account with a weak password
- [17478] fix to MD GUI log windows needlessly display internal color code for each
line
- [17634] fix to incorrect verbiage describing an option at Ctrl+S|SSL&TLS
- [17693] fix to Outlook 2016 using ActiveSync may crash when marking a recurring
task as complete
- [17710] fix to LookOut theme - IE8 - cannot send emails when Warn On Missing Attachments
is enabled
- [17719] fix to LookOut and WorldClient theme - When right-clicking to perform copy
or move to another calendar nothing happens
- [17666] fix to possible MDaemon hang when MultiPOP downloads put an account over
quota
- [16374] fix to one more issue with Public Folder rights not matching up between
MDaemon and Remote Administration
- [16465] fix to session timeout not always redirecting properly in Remote Administration
- [16804] fix to Mailbox Reports view in Remote Administration not handling a session
timeout properly
- [17741] fix to some pages not redirecting properly upon session timeout in Remote
Administration
- [17728] fix to unable to use Group Membership as Content Filter Rule criteria in
Remote Administration
- [17744] fix to accepting a TNEF (Winmail.dat) formatted meeting cancellation in
WorldClient for a single occurrence of a recurring meeting will remove all occurrences
of the meeting
- [17701] fix to formatting problem in an error when saving an account in Remote Administration
with a weak password
- [17642] fix to WorldClient's web server directs all "/.well-known" requests
to MDWebDAV
- [17667] fix to ActiveSync policies set at the account level are not applied
MDaemon 16.5.0 - September 13, 2016
SPECIAL CONSIDERATIONS
[17268] F2|Server Settings|IPv6 has changed default to "off" (unchecked)
for the option to use IPv6 with outbound hosts for new installs. This option
can cause delivery issues for those who are not prepared for IPv6.
[11436] F2|Logging|Log Mode option to "log by day of the week" (ie, Monday.log,
Tuesday.log, etc) has been deprecated and removed. If you were using this option
you are now using "log by date" (ie, MDaemon-2016-02-22-X.log, etc). As
a result, the F2|Logging|Maintenance checkbox to overwrite log files is no longer
necessary and has been removed. Also, there is a new setting added to F2|Logging|Maintenance
which lets you set the number of .OLD backups that are created once the max log
file size is reached (previously only one was possible). These backups are numbered
(the number is part of the file name) with the newest data always first (for example,
SMTP(out).log.01.old has newer data than SMTP(out).log.02.old, etc. Finally, added
hyphens into the file name to make the date easier to read.
[17076] Ctrl+S|Sender Authentication|SMTP Authentication has a new checkbox which
requires all incoming messages arriving from local IPs to use authentication and
be rejected if lacking. Trusted IPs are exempt. This setting is enabled by default
for first time new installs. However, it is disabled by default for upgraders to
avoid delivery issues from clients or other services that don't authenticate and
aren't currently listed as a trusted IP. Please enable this option if you can as
it is a good security practice.
[16797] In previous versions, gateway address verification never verified senders
(only recipients). A new checkbox at Ctrl+G|Gateway Manager|Global Gateway
Settings can toggle this behavior. It is enabled by default which means this
is a change from previous behavior. It is now possible that messages sent
from addresses which can not be verified will be refused whereas they may have been
accepted before. If this is not to your liking disable this option.
[4884] The logic behind the AccountPrune tool's message pruning operation has
been changed. This tool is called when MDaemon needs to delete old messages from
user and public mail folders. In the past this tool used the "last modified"
date from the message file on disk. MDaemon now looks first at the Date: header
within the message itself. If the Date: header is present and complies with standards
then that date is used to determine message age instead of the file's "last
modified" date. This represents a change from previous behavior.
[17099] F2|Logging|Maintenance has a new setting which governs the maximum number
of days the SecurityPlus update log will keep data (MDaemon\SecurityPlus\avupdate.log).
The new default setting is to keep data going back 30 days. At midnight each night,
and the first time MDaemon starts up after upgrading, MDaemon will delete older
data from this file.
[16924] As part of the work related to task 16924 (see below) some bugs preventing
the immediate sending of "urgent" priority remote mail were found and
fixed. Urgent priority messages are defined as message files who's name matches
the pattern: "<root>\Queues\Remote\p?10*.msg". Messages found
with that file name pattern will now be properly detected and will trigger a remote
queue processing event within 5 seconds regardless of scheduled remote queue processing
timers (this was broken). Also, RAW messages were always expanded out to queue
as MD_PRECEDENCE_LOW (the lowest priority value) even when created with higher values.
As a reminder, "urgent" priority messages will trigger a queue run where
"high" priority messages merely sort to the top of the queue and wait
for the next scheduled queue run. As a reminder, you can use F2|Server Settings|Priority
Mail to define your own criteria for important mail that should trigger immediate
queue runs. Finally, IMAP logon failures due to bad credentials were not being
written to the event log when so configured (only SMTP and POP failures were). This
has been fixed.
[11777] Mailing list digest messages are supposed to be UTF-8 but several bugs were
preventing this from working. As a result of fixing these problems it is no longer
possible to trigger digest delivery based on the number of lines in the digest data
file. So the option to do so has been removed from Alt+G|<list-name>|Digest.
Also, the API function MD_ListMaxLineCount has been changed to always return ZERO
(meaning disabled). Next, the need for the DIGEST.MBF file is no longer present
and so that file has been removed. The MD_ListInfo structure and API functions related
to its DigestMBF member have been left in place however changes made to this member
are not saved and always contain DIGEST as the value. Finally, the $BODY-DIGEST$
macro is no longer needed and has been removed.
[16664] LDAP: added checkbox to Ctrl+G|Verification and Ctrl+U|Active Directory|LDAP
screens which lets you elect to chase referrals. MDaemon now explicitly disables
referrals for every LDAP connection it makes unless this checkbox is set. This represents
a change from previous behavior which defaulted to always enabling referrals. That
seemed to cause issues for people so it is now disabled always UNLESS you set these
options to enable it.
[16698] Ctrl+S|Sender Authentication|SMTP Authentication has a new setting which
requires the credentials used for AUTH to match those of the address in the FROM
header. This prevents cases in which one person authenticates as user X while
claiming to be user Y within the message. This is similar to the existing
setting we've always had which compares against the return-path value. The wording
of that option was also slightly changed. This switch is enabled by default and
handles aliases as if they were the real account email.
[17465] Ctrl+S|Sender Authentication|SMTP Authentication screen has two options
related to forcing authentication credentials to match something else about the
message (either the return-path or the From: header address). Both of these options
can potentially cause issues for gateway mail storage/forwarding. Therefore a third
option has been added to Ctrl+G|Gateway Manager|Global Gateway Settings which exempts
gateway mail from them both. This option is enabled by default.
[16638] MDPGP: Several default settings related to MDPGP use have been changed.
If you are installing for the first time or have never accessed the UI to view these
settings then these are your settings now so please check them carefully. If you
are updating a previous installation and have accessed the MDPGP UI in the past
then your existing settings are untouched however you may wish to check and change
your settings as follows:
- "Enable MDPGP" (enabled by default)
- "Authorize all local MDaemon users for all services" (enabled by
default) (previously called: "All MDaemon users on this server can use MDPGP")
- "Sign mail automatically when sender private-key is known" (disabled
by default)
- "Encrypt/Sign mail sent to self" (enabled by default)
- "Email public-key when requests are made (--pgpk command)" (enabled
by default)
- "Email details of encryption failures (--pgpe command)" (enabled
by default)
- "Expires in 0 days" (changed to 365 by default)
All these options can be found within the MDPGP GUI which is accessible from the
Security top-level menu. Even though several of these settings are now enabled
by default (including the entire MDPGP server itself) no work will be or can be
done until keys are known and have been added to the key-ring. With this version
of MDaemon there are a lot more ways to automate getting that done. Yet this may
not be desired in all cases. Please check and change settings to meet your needs.
[17263] When MX record lookups during message delivery result in a DNS server failure
result then the message will be left in the queue for attempted delivery during
the next processing cycle. This change is in conformity with RFC guidelines. Previously,
MDaemon would attempt direct delivery and, failing that, immediately bounce the
message in some configurations.
[17522] This version of MDaemon is not compatible with old versions of BlackBerry
Enterprise Server (BES) for MDaemon. BES will be disabled when MDaemon is installed.
To continue running BES, update to BES for MDaemon version 2.0.3 after updating
MDaemon.
MAJOR NEW FEATURES
[15733] WORLDCLIENT/PKA1 PUBLIC-KEY SERVERS (MDaemon PRO only)
WorldClient: WorldClient has been taught to be a very basic public-key server.
A new checkbox on the MDPGP GUI enables/disables this. If enabled, WorldClient will
honor requests for your users' public-keys. The format of the URL to make the
request looks like this: "http://<WorldClient-URL>/WorldClient.dll?View=MDPGP&k=<Key-ID>".
Where <WorldClient-URL> is the path to your WorldClient server (for example,
"http://wc.altn.com") and <Key-ID> is the sixteen character key-id
of the key you want (for example, "0A1B3C4D5E6F7G8H"). The key-id
is constructed from the last 8 bytes of the key fingerprint - 16 characters in total.
DNS (PKA1): MDPGP now supports collection of public-keys over DNS using PKA1.
A new checkbox on the MDPGP GUI enables/disables this. If enabled, PKA1 queries
are made and any key URI found is immediately collected, validated, and added
to the key-ring. To publish your own public-keys to your domain's DNS you must
create special TXT records. An example of how to do this is as follows:
Suppose user arvel@altn.com has key-id 0A2B3C4D5E6F7G8H. Then, in the DNS
for domain "altn.com" create a TXT record at "arvel._pka.altn.com"
(replace the @ in the email address with the string "._pka."). The
data for the TXT record would look something like this: "v=pka1; fpr=<key's
full fingerprint>; uri=<WorldClient-URL>/WorldClient.dll?view=mdpgp&k=0A2B3C4D5E6F7G8H"
where <key's full fingerprint> is the full fingerprint of the key (40
characters long representing the full 20 byte fingerprint value). You can
see a key's full fingerprint value by double clicking on the key in the MDPGP
GUI. Keys successfully collected and imported to the key-ring using this method
are tracked in a new file called fetchedkeys.txt. Keys will auto-expire and be forgotten
according to the TTL value of the PKA1 record which referred them -or- when X hours
have passed (a value which you can configure using a new control on the MDPGP GUI)
- whichever is GREATER. So, this means that the value you configure here can
be thought of as a minimum length of time (in hours) that a key will be cached.
The default value is 12 hours and the lowest acceptable value is 1 hour.
For more discussion and examples on using the pka1 method do a google search for
"pka1 keys in dns" and you will find it.
Tracking Keys: As part of this work some internal changes were made such
that MDPGP tracks keys by their primary key-ids always and everywhere now rather
than a combination of sometimes the key-id and other times the sub-key-id which
was messy. The UI was cleaned up to remove two unnecessary columns in the list box
related to superfluous (for display purposes anyways) key-ids. Also, this work required
me to more strictly control the content of MDPGP's "exports" folder.
As a result you will always find exported copies of local user keys there.
Please use OS tools to protect this folder (and indeed the entire PEM folder structure)
from unauthorized access because, although they are themselves encrypted, the private
keys of users are stored here.
Preferred Keys: Some problems arose as part of this work when multiple different
keys for the same email address are on the key-ring. In past versions MDPGP
would simply use the first one that it found. You can now right-click on any key
and set it as preferred. When a preferred key is found then that key will be used
whenever there are more than one to choose from. When there is only one key for
an email address then that key is preferred automatically even if not selected as
preferred (but you can still select it as preferred if you want). When multiple
keys for the same address are present and none are selected as preferred then the
first one found is used. When a key is selected as preferred an asterisk is set
in the first column of the UI. Preferred.txt stores the preferred key selections.
Disabled Keys: As part of this work it was necessary to change how disabled
keys are tracked. Previous versions tracked disabled keys by placing their key-ids
into the plugins.dat file. This version migrates those settings out of plugins.dat
and into a new file called oldkeys.txt. Deleted keys are now tracked there.
[2214] XMPP INSTANT MESSAGING SERVER (MDaemon PRO only)
An XMPP server is now included that allows MDaemon users to instant message using
third-party XMPP clients. Clients are available for most OSes and mobile devices.
For a complete list please refer to
http://xmpp.org/xmpp-software/clients/. XMPP instant messaging is completely
independent of MDaemon's current chat system (WorldClient Instant Messenger).
The server is installed as a Windows service and a configuration screen for it can
be found in the MDaemon UI at Ctrl+W|XMPP. The default XMPP server ports are 5222
(SSL via STARTTLS) and 5223 (dedicated SSL). The XMPP server will use MDaemon's
SSL configuration if enabled in MDaemon.
For multi-user chat service, when asked the default is "conference.(your-domain)".
For user search service, if asked the default is "search.(your-domain)". Often this
will be pre-filled in or assumed by clients. The search fields are 'Name' and 'Email'.
The % symbol may be used as a wildcard. Some XMPP clients use DNS SRV record for
auto-discover of host names. Please refer to
http://wiki.xmpp.org/web/SRV_Records. For more info on XMPP please refer
to http://xmpp.org.
[16575] FROM HEADER PROTECTION/MODIFICATION
The purists out there are going to hate this but users who have been tricked in
the past will love it. Sometimes users are fooled into thinking an email comes from
one person when it is actually from an attacker. This happens because email clients
often display only the sender's name and not his email address. This new option
defeats such an attack at the cost of altering the From: header value. If enabled,
the From: header is modified. For example: From: "Spartacus" <crixus@capua.com>
would become From: "crixus@capua.com -- Spartacus" <crixus@capua.com>.
This only happens to messages arriving for local users. This option is disabled
by default and can be found at Ctrl+S|Screening|Hijack Detection screen. Enable
with care as users are not expecting the From: header to be altered in this way
even in order to help recognize an attacker.
[8526] CENTRALIZED MANAGEMENT OF OC CLIENT SETTINGS (MDaemon PRO only)
MDaemon has been taught how to push client settings to Outlook Connector users.
Setup|Outlook Connector (or Alt+O|OC Client Settings) opens up a set of screens
where you can configure default client settings for all OC users of all domains.
On the MDaemon Private Cloud version, the same screens appear within the Domain
Manager for each of your individual domains. All these screens mirror those found
within the OC client and are intended to allow you to create a set of values which
are pushed out to OC users the next time they connect. This feature is disabled
by default. Settings are only sent when they are new or have changed since the last
time the OC client connected and received them.
Obviously, several of these client settings (like "Your Name" for example)
can not be configured with a single value that works for all OC users. Therefore
macros are used such as $USERNAME$ which expands to the correct value for the individual
user when the settings are sent to the OC client. Take care not to place hard-coded
values (like "Arvel Hathcock") in the "Your Name" field or every
OC client will get "Arvel Hathcock" after the settings are received and
applied. The UI will help police this but it is a point you should keep in
mind. A button in the UI will remind and serve as a reference for MDaemon's
macro system. A checkbox on the OC Client Settings screen controls whether OC users
are allowed to override these settings or not. If you don't want them to be
able to change these settings then set the checkbox accordingly and the controls
within their OC client will be disabled.
None of this works unless the OC user is using Outlook Connector v4.0.0 or higher.
As part of this work the Outlook Connector screens were moved from Accounts|Account
Settings to Setup|Outlook Connector.
[16758] IMPROVED IP SCREENING
Ctrl+S|Screening|IP Screen has a new Import button. MDaemon has been partially taught
how to import APF (typically used by firewalls) and .htaccess format files (typically
used by web servers). MDaemon understands only a sub-set of this file format (for
now). For example, "deny from" and "allow from" are understood but other verbs may
not be. Only IP values are imported (not domain names). CIDR notation is OK but
partial IP addresses are not. Each line can contain any number of space (or comma)
separated IPs. For example, "deny from 1.1.1.1 2.2.2.2/16" is OK. So is "3.3.3.3,
4.4.4.4, 5.5.5.5". These files are designed to control access to services so
they are really IP deny/allow lists. You can find these files online to download
and can (for example) block all IPs from a certain region or nation and there are
even files online that contain lists of compromised IPs. For example, google search
for "List of all IPs from <country>". Lines starting with # are
ignored. Lines can contain things other than IP addresses and that should
not stop the IP addresses from importing properly. I hope to improve this in future
versions so if you have a specific example of a file that you need MDaemon to import
properly (but it won't) you can send it to me and I will look into it (arvel@altn.com).
[10239] AUTOMATIC INSTALLATION OF PRODUCT UPDATES
Ctrl+O|Preferences|Updates is a new screen with several controls that allow you
to configure whether and when unattended installation of automatically downloaded
product updates will be performed (or not). When enabled, MDaemon can automatically
update itself, SecurityPlus (if you have it), and Outlook Connector (if you have
it). The Outlook Connector update covers just the server piece. Updating Outlook
Connector client plugins is covered elsewhere.
When MDaemon detects new versions of these products it will download and queue the
update for installation at an hour configured by you (2 AM is the default). Queued
updates are remembered across server restarts so they will be performed eventually
(even if the server is periodically switched off for whatever reason). Queued updates
are listed in a new file called "QueuedUpdates.dat" so you can always
delete all pending updates by deleting this file. The update installers themselves
are kept in a new folder called "Updates" off the MDaemon root. If there
are multiple products to update they are done one at a time and each one absolutely
requires a system reboot when it finishes. If you don't like that then do not enable
these settings (they are all disabled by default).
When automatic updates are performed the email to postmaster/admins about an update
that they can go and download manually is not generated. Instead, these people receive
the post-installation "Special Considerations" email normally sent as
well as a separate email stating that the update was performed. Also, the System
log tracks all installation activity. For example: "Installing update: <path
to installer>" and "MDaemon will be stopped by the installation process"
and "Server will be rebooted after installation completes" etc can all
be seen there. Lastly, the process can take a long time (many minutes) so the time
between the start of the update and the unavoidable server reboot is to be expected.
Did I mention that there will be a server reboot? Get over yourself - its
gonna happen :)
As part of this work "MDLaunch /stop" no longer causes MDaemon to prompt for confirmation.
As part of this work the option to inform the postmaster about updates has been
moved from Ctrl+O|Preferences|Miscellaneous to the new screen mentioned above.
[16810] IMPROVED WORLDCLIENT
[7937] WorldClient now supports categories for email in the LookOut and WorldClient
themes. Users can add the Categories column to the message list by going to Options
| Columns and checking "Categories" in the Message List section.
To select categories for one or multiple messages, select the message(s) in question
and right click on one of the messages. In the context menu there is a "Categories
>" option. Click the option and a list of all the available categories
will be displayed. If there are more than 27 category options, an up arrow
and a down arrow will be displayed at either end of the list. To view more
options click the down arrow, and to go back up the list click the up arrow. If
a user has permissions to edit categories, the user can choose the "Edit Categories"
option in the toolbar in the LookOut theme or the "more" drop down menu
in the WorldClient theme. If a single message is selected in the list, any saved
changes will be applied to the message in question. Users can also use the Set Categories
option in the external message view to choose/edit categories. Users can also sort
and search by Categories.
[15829] WorldClient now allows admins to create custom categories. There are two
files for this purpose; DomainCategories.json and PersonalCategories.json.
Domain Categories are enabled globally by default. To disable it, change the
value of DomainCategoriesEnabled in MDaemon\WorldClient\Domains.ini [Default:Settings]
to "No". Users are able to add and edit their own categories by
default. To disable this either per user (in the user's User.ini under
[User]) or globally (in MDaemon\WorldClient\Domains.ini [Default:UserDefaults])
change the value of CanEditPersonalCategories to "No". If Domain
Categories is enabled, and a user is not allowed to edit personal categories, the
user will only see the categories listed in DomainCategories.json. However,
if Domain Categories is disabled, and a user is not allwed to edit personal categories,
the user will see the categories listed in PersonalCategories.json. Users
that already have a UserCategories.js file will not lose any changes they have made
upon upgrade to MD 16.5, but with Domain Categories enabled, any category in their
UserCategories.js file that matches the DomainCategories.json categories will become
read only. There are also two translation files that have been added in order
to attempt to handle multi-lingual users on the same server; DefaultCategoriesTranslations.js
and CustomCategoriesTranslations.json. The DefaultCategoriesTranslations.js file
will be overridden each time MDaemon is upgraded, but the CustomCategoriesTranslations.json
file will not be, so add any necessary custom category translations to the CustomCategoriesTranslations.json
file. These files make it possible for WorldClient to recognize a category
saved to an event/note/task in one WC supported language as the equivalent category
in any other WC supported language. For more detailed information relating
to the files mentioned here, see the MDaemon\WorldClient\CustomCategories.txt file.
[16497] LookOut and WorldClient themes - Added option to check a composed message
for attachments prior to sending, when attachments are mentioned in the subject
or body of the message
[5304] Admins can now hide the WhiteList and BlackList folders for WorldClient users.
To do so, HideWhiteListFolder=Yes and/or HideBlackListFolder=Yes in the MDaemon\WorldClient\Domains.ini
file under the [Default:UserDefaults] section. Individual users can continue to
see the WhiteList and/or BlackList folders if the their User.ini has HideWhiteListFolder=No
and/or HideBlackListFolder=No in the [User] section.
[16545] [16729] [16728] Account Editor|Web Services and Ctrl+T|Template Manager|New
Accounts|Web Services have each had two new checkboxes added which control whether
an account is allowed or required to use WorldClient's Two-Factor Authentication
(2FA) system. When the checkbox to allow 2FA is enabled then users decide whether
to use 2FA or not (see users manual for details on setting up 2FA). However, if
both the allow and require 2FA checkboxes are enabled then users who have not setup
2FA will be given a session and redirected to a page to setup 2FA the next time
they login to WorldClient. To force 2FA use immediately you must restart the WorldClient
server to force all users to login anew. Once a user's authentication application's
pairing has been verified with WorldClient, the user will be redirected to the normal
WorldClient view. When 2FA is required then it cannot be disabled from within
WorldClient's Options|Security page. However, the same users can still use the
Get A New Shared Secret and Show My Shared Secret buttons.
[16293] MDPGP SIGNATURE VERIFICATION (MDaemon PRO only)
MDPGP can now verify embedded signatures found within messages. Previously it was
not able to do this unless the message was also encrypted and signed. With this
change signatures appearing without encryption can now be verified. You will see
appropriate logging in the MDPGP log when this happens along with new icon and/or
text which WorldClient will show when it displays a verified message. As a result
of this change a new check-box has been added to the MDPGP GUI which enables signature
verification for all non-local users (enabled by default) or you can specify exactly
which email addresses can and can not use the service if you need (click the "Configure
exactly who can and can not use MDPGP services" button for that).
CHANGES AND NEW FEATURES
- [17372] MDaemon will refuse MAIL and RCPT parms that are missing their "@domain.com"
component. In the past, MDaemon tried to "fix" things by making assumptions
and appending any missing pieces. MDaemon now insists these parms comply with RFC
specifications which require the "@domain.com" part. The only exception
to this allowed by MDaemon and RFC rules is the reserved mailbox "postmaster"
which must be accepted as a valid RCPT parm even when no "@domain.com"
is given.
- [16884] MDaemon's SMTP and POP clients now validate SSL certificates presented
to them by remote hosts. However, no action other than a line added to the log is
taken at this time pending further work in the IETF regarding the various competing
STS-like proposals. So for now you will only see a line in the log indicating whether
the remote host's name is a match for the certificate it presents (or not) and
whether that certificate chains to a valid certificate authority recognized by Windows
(or not). Don't panic if you see a lot of "invalid" SSL certificates
presented. Such certificates are perfectly fine for encrypting data transmission.
They are "invalid" because they are either self-signed or do not match
the host name expected (or both). In such cases you can be sure encryption is happening.
Various weaknesses in TLS (of which its opportunistic nature and acceptance of nearly
all certificates are major examples) are being worked on by industry experts and
will make their way into products and services once that work has completed.
- [16585] MDaemon UI changes: Items have been added to the Servers list on the Stats
pane for Auto-Discovery Service and XML API Service. The right click menu for the
ActiveSync server has additional commands. "Enable ActiveSync Server"
has been removed from the File menu. The ActiveSync server log is now a sub-tab
of Plug-ins instead of WorldClient, and logs for the Auto-Discovery Service and
XML API Service are there as well.
- [16924] F2|Logging|Windows Event Log has several new checkboxes added and an edit
control. These allow you to specify the email address to your phone carrier's
email-to-SMS (text message) gateway. For example, with Verizon, the address is PhoneNumber@vtext.com
(ex: 8175551212@vtext.com). When a value is specified here you can then enable individual
checkboxes next to the various events. When these events occur a message will be
sent to the SMS gateway address you specify. I was not able at this time to have
shutdown notifications sent immediately because MDaemon needs to do it and it has
shut down. Until I can figure this out shutdown notifications are not sent. Also,
any event which triggers this feature will cause instant remote queue processing
(notifications are treated as "urgent" mail).
- [17049] Ctrl+S|Sender Authentication|SPF Verification now allows domains in the
white list file to be included in SPF lookups. See descriptive text on that screen
for how it works. Often you need to white list your backup MX provider(s)
from SPF lookups but you do not know or can not configure all of their IPs.
To safely solve this problem you can now specify your backup MX provider(s) by using
a new "spf" tag to white list them and MDaemon will do the required lookups
in real-time. MDaemon does this by adding its own "wlinclude:" tag to
the actual SPF results for a queried domain. Although this "wlinclude"
data is logged it is important to realize that "wlinclude" tags are your
white-listed entries and are not actually part of the queried domain's SPF data
taken from DNS.
- [12377] Ctrl+P|DNS-BL|White List now permits white-listing FROM values. See
descriptive text on that screen for how it works.
- [16517] Ctrl+S|Screening|Dynamic Screening has a new option which omits accounts
from being frozen due to multiple authentication failures when the same password
is used every time. This option is useful to prevent lockouts when users change
passwords legitimately. This option is enabled by default.
- [16518] Authentications over POP, IMAP, or SMTP servers will add a line to the Screening
log showing the IP that was granted access if that IP has never been seen before.
This aids in debugging access problem.
- [16567] Ctrl+S|Screening|Hijack Detection has a new setting that includes LAN IPs
when limiting Local IPs. This setting is enabled by default.
- [16563] Ctrl+S|Screening|Hijack Detection has a new setting that controls whether
connections are refused with a 5XX or a 4XX reply code.
- [15869] Ctrl+U|Other|Quotas - slightly changed wording on first checkbox option
to make more clear what it does.
- [10055] Content Filter will track and log the total number of times a rule was used.
This is tracked as HitCount=XX in CFRules.dat for each rule.
- [16595] MDPGP: The results header better calculates the FQDN value used within the
header data.
- [16474] When deleting a domain the confirmation dialog will only mention deleting
public folders if the option to delete public folders is enabled at F2|Server Settings|Public
& Shared Folders.
- [16634] Several screens had bad tab-order or no tab-order at all and you could never
tab from the left-hand tree-view through to the selected right-hand dialog box nor
to the OK/Cancel/Help buttons. These matters have been fixed. As part of this work
the controls on the F2|Logging|Log Mode had to be reorganized.
- [13601] Ctrl+A, Ctrl+C, Ctrl+V should now work where appropriate throughout the
UI.
- [16644] The top-level Windows|Composite Log View and the "Activate Composite
Log" button within the logging UI will now activate and bring to the top any
existing composite log window or create a new one if there isn't one.
- [16645] Changed composite log window caption to include the names of the items being
included in the log. Note: if you change the items you wish to include in
the composite log you will need to close and restart any already running composite
log to update the window caption.
- [16649] Added some descriptive text to New List Member dialog to explain how to
use path to arbitrary addrbook.mrk file as list member.
- [16647] LDAP: ldapcache.dat was caching the sender value needlessly for LDAP lookups.
Since this value is ignored when checking the cache during LDAP processing its presence
there served no purpose. Future items added to cache will not include this piece
and existing items will eventually expire out that currently include it.
- [16648] LDAP: added checkbox to enable/disable LDAP cache to LDAP options screen
and also moved this screen and the LDaemon settings screen out of F2|Server Settings
and into Ctrl+U|Active Directory. This is where I want LDAP related settings to
live.
- [16654] LDAP: logging was improved and fixed in a few places. First, the system
log gets nothing now. All goes to the LDAP log tab like it should. Errors
are simplified and properly logged. The composite log was not being used properly.
Now it is.
- [16653] LDAP: exporting speed improved and just general improvement to address several
things that would just bore you and are internal to my programming style.
Anyway, its better trust me.
- [16652] LDAP: added checkbox to Ctrl+U|Active Directory|LDAP which lets you use
protocol version 3 servers correctly.
- [16655] LDAP: added checkbox to Ctrl+G|Verification which lets you use protocol
version 3 servers correctly.
- [16661] The SyncML log tab has been removed and replaced with a WebDAV log tab.
SyncML functionality has not been removed and its log file can be viewed from disk
with Notepad.
- [16679] ActiveSync log file contains data on day-of-week and milliseconds already
but GUI was not showing it. Now it does.
- [5000] LDAP: Normally when MDaemon exports aliases to an LDAP address book it puts
the accounts' actual email address in the CN field (not ideal but a long standing
practice). However, non-alias exports place the accounts' full name value
there (more correct). A new checkbox was added to Ctrl+U|Active Directory|LDAP which
causes the export process to always put the accounts' full name value in CN
(if known). This option is disabled by default to preserve existing behavior.
- [16705] SMTP server responds with "500 5.0.0 Unrecognized command" (correct)
rather than "501 5.0.1 Missing or errant parameters" (technically incorrect)
when encountering an unrecognized command.
- [16732] Moved call to AV update function from MDaemon to SecurityPlus code-base.
- [16704] Added link and text reminding about free support to "Help|Register
your Alt-N products".
- [16790] Archiving tool uses MDaemon's temp folder now rather then Windows temp
folder to solve some access permissions problems.
- [16795] Work was done to prevent the UI from needlessly refreshing itself when nothing
was changed. This was visible as a "flashing" of the tool window pane
(especially noticible over remote connections). The items in this window will now
only update if something has actually changed.
- [16579] Added "apply to all accounts" button to New Accounts template
Quotas page.
- [3267] Alt+F2|Domain Manager|Settings has a new control that allows you to specify
the maximum number of messages per hour that a domain can send (zero means no limit).
Once this limit is reached further messages are left in queue and a line is logged
about it to the System log. All counts are reset hourly or on a server restart.
This option is only available in MDaemon Private Cloud version.
- [15148] Alt+F2|Domain Manager|Settings has a new control that allows you to specify
the maximum disk space quota for a domain's accounts. This option is only available
in MDaemon Private Cloud version.
- [4442] Alt+F2|Domain Manager|Host Name & IP has a new control that allows you
to enable/disable a domain. When domains are disabled users can no longer
send or retrieve their mail and all new messages sent to the domain are rejected
with "User Unknown". This option is only available in MDaemon Private
Cloud version.
- [16814] MDaemon no longer accepts MAIL <forward-path> or RCPT <reverse-path>
values which are enclosed in tick marks ( ' chars) or quote marks ( " chars).
These forms are not in accord with the standards and although MDaemon accepted and
tried to "fix" them in the past they end up causing problems for down-stream
modules so they are now refused during the SMTP session.
- [16833] WorldClient - Added "Verified with key-id <key-id>" information
to the message header in the message previews and external message views when the
message contained a verified PGP signature.
- [16836] The version node on the status bar at bottom of UI will show 32-bit or 64-bit.
- [17086] UI nodes in toolwnd text changed from using "active/inactive"
to using "enabled/disabled"
- [3279] WorldClient - Added support for recurring tasks in the LookOut and WorldClient
themes. The behavior matches that of Outlook.
- [17100] Added icons for messages with valid DKIM signatures, messages decrypted
by MDPGP, and messages signed with an MDPGP key
- [16297] LookOut and WorldClient themes - Added the ability to accept, accept tentatively,
or decline a meeting from the event editor
- [17125] MDPGP: libraries and binaries updated to latest versions.
- [17130] Moved cleanup event strings to resources for translations.
- [6011] WorldClient - Added option to turn off display of the "Share Folder"
button in the Options | Folders view and in the folders context menu. Use
HideShareFolderOption=Yes in Domains.ini [Defaults:UserDefaults] to hide for all
users. Setting HideShareFolderOption in the User.ini will override the setting
from the Domains.ini
- [6795] LookOut and WorldClient themes - Added context menu and shortcut key options
to delete messages permanently without sending them to the Deleted Items folder.
In the message list context menu (right click menu) choose "Delete Permanently"
from the drop down or use "Shift + Del" to permanently delete selected
messages.
- [17203] WorldClient theme - Removed the "Click to add to contacts" in
the message preview and external message window, because the user can simply hover
and get the "Add to Contacts" option.
- [17106] LookOut and WorldClient themes - Added an Options | Categories view for
editing user categories. View is available as long as the user setting CanEditPersonalCategories
equals Yes
- [17295] Reversed order of operations to now check IP Screen before Dynamic Screen
in order to reduce needless waste of CPU and logging.
- [17293] Ctrl+U|Autoresponders has a new screen called Attachments. Only paths listed
here are eligible to be used within autoresponder scripts.
- [9291] WorldClient - Added option to turn off display of email address hover context
menus in the message preview frame and the external message view. Use HideEmailAddressHoverMenus=Yes
in Domains.ini [Defaults:UserDefaults] to hide for all users. Setting HideEmailAddressHoverMenus
in the User.ini will override the setting from the Domains.ini
- [17361] Changed message queue right-click menu text from "White List 'To'" to "White
List Recipient", "White List 'From'" to "White List Sender" etc. Also message queue
tab column header labels were changed from "From" and "To" to "Sender" and "Recipient".
- [17363] Ctrl+P|Spam Filter|Settings had an option to configure spam score on a DNS-BL
match. This option was removed as it's a duplicate of the same option
which appears just a few tabs down on the same screen at Ctrl+P|DNS-BL|Settings.
It also did not store state correctly at times.
- [17192] MDPGP no longer logs data about messages when MDPGP is completely disabled
(this was just wasting disk space).
- [12944] LookOut theme - added ability to select multiple contacts from the Contacts
folder and then send a message to all of them
- [13360] WorldClient theme - changed the X that saves notes to a floppy disk (save
icon)
- [7722] Added the ability in WorldClient to modify the notes field of a single occurrence
of a recurring appointment
- [17374] Updated to new version of the HTML editor used by WorldClient and Remote
Admin (CKEditor 4.5.10).
- [17504] MDaemon will email the Outlook Connector release notes to the postmaster
and global admins when a new version (4.0.0 or newer) is installed on the server.
- [16807] An ActiveSync client setting has been added that allows iOS clients to be
able to send mail using an alias, by returning the logon alias as the user's primary
SMTP address.
FIXES
- [16520] fix to log file archives sometimes having incorrect files included
- [16536] fix to MDPGP minor issues and processing bottle-necks
- [16577] fix to spam filter "no filtering" white list not working for some
queue based scans
- [11768] fix to spam filter "no filtering" white list (and others) not
always working properly with encoded header data
- [15461] fix to MDPGP not reloading domain settings when they change
- [16634] fix to left-hand tree-view in UI dialogs not accessible via tab key
- [15223] fix to main menu not immediately available for key-board focus on startup
- [16639] fix to MDPGP GUI options related to encrypting mail not disabled when services
disabled
- [13217] fix to encoded From and Subject header data lost by CF "copy to"
action when destination is a mailing list
- [16675] fix to X-MDArchive-Copy: header not inserted into messages archived to folder
- [4926] fix to CF failing to detect and extract attachments in certain emails; also
fixed lack of logging of these facts on success or failure
- [11777] UTF-8: fix to list digests not in proper charset and thus unreadable for
some; also simplified and updated logging of results
- [14380] fix to X-MDAV-Infected header not always listing file names correctly
- [14382] UTF-8: fix to calendar reminder data not encoding properly
- [14755] fix to install process errors when moving from older 32-bit versions (<
13.5) to newer 64-bit versions
- [4503] LDAP: fix to ldap export not automatically happening when enabling/disabling
options to do so on Alt+G|Mailing List Settings; also the wording of this option
was slightly improved
- [14855] fix to content filter compressing inbound attachments when not configured
to do so; also simplified logging related to compression
- [16690] UTF-8: fix to incorrect full name sometimes added to contacts when forwarding
mails to the special "add to whitelist/blacklist" address
- [16689] fix to WorldClient - 2FA if a user cancels a new secret request the old
secret is deleted, but 2FA remains enabled
- [16759] fix to Screening log not getting "----------" lines added; wasteful
but without this the search function fails to work correctly
- [16789] fix to LookOut theme - Disable New Email Sound does not stay checked after
saving
- [16779] fix to config session needlessly writing/updating counts within the UI
- [16796] Minger: fix to gateway "test" button returning "Success -
these settings don't work" ROFL (should be "Success - look like it's
working")
- [7176] Minger: fix to minger not properly honoring options to allow over-quota accounts
to send mail
- [16835] fix to status bar at bottom of UI not showing IPv6 address in config session
- [16785] fix to WorldClient - When setting up 2FA with long user names and long domain
names, the bar code will not display
- [16831] fix to WorldClient theme - When the Company field in a contact contains
an apostrophe, the Edit button no loger works
- [16715] fix to WorldClient theme - Comment field called Note when viewing contact
- [16714] fix to WorldClient theme - Tab order off/confusing when creating new contact
- [16856] fix to SPF processing not showing any error text when SPF records setup
as errantly recursive
- [16858] fix to DMARC white list not honoring DKIM/SPF Approved domains list
- [16869] fix to WorldClient theme - Hitting enter in the text input of the New Folder
dialog does nothing
- [16868] fix to LookOut theme - Options | Folders - Notify checkbox is displayed
for non-email type folders
- [16090] fix to LookOut and WorldClient themes - the date on the day view and week
view is incorrect for the Print a list view of calendar events printing format
- [16668] fix to LookOut theme - Categories - In the Calendary Day View, all day events
with a dark gray have the wrong font color
- [16880] fix to LookOut and WorldClient themes - shortcut key to send email results
in the "Are you sure you want to leave this page" alert
- [16887] fix to LookOut theme - FF 45.0.2 German version forces refresh when clicking
on Calendar in folder list
- [16994] fix to Remote Administration not allowing enough digits for Bayesian Database
Tokens field
- [16971] fix to unable to toggle "Always log to screen" in Remote Administration
- [16959] fix to unable to select IPv6 addresses for Host or IP Screening in Remote
Administration
- [17039] fix to "Undefined IPs should be..." value always blank on IP Screening
page in Remote Administration
- [17046] fix to forwarded messages not processing by CF rules when configured to
do so
- [17036] fix to creation of mail folders with trailing spaces being allowed
- [16432] fix to queue status not written to system log when toggled via tool window
controls
- [16912] AD: fix to problems processing user data fields with a single % char in
them
- [17093] fix to errant "save changes first" box when canceling out of public
folder manager with no changes made
- [16849] fix to unable to set "Hide List from Global Address Book" in Remote
Administration
- [16854] fix to Domain Admin gets blank Attachments page in User Editor in Remote
Administration
- [16850] fix to Gateway Editor in Remote Administration not always showing the right
value for certain options
- [16855] fix to labeling error for a page in User Editor for Domain Admins in Remote
Administration
- [17134] fix to LookOut and WorldClient themes - Unable to edit an appointment in
Day View due to the inability to select it
- [16339] fix to LookOut and WorldClient themes - When setting the default contacts
view to an alternate folder and then saving it twice, it changes to All Contacts
- [16998] fix to Remote Administration allows non-local addresses to be added as Spam
Honeypots
- [17198] fix to Remote Administration unable to edit domains with certain special
characters in them
- [17056] fix to some windows display in the wrong size in Remote Administration
- [17275] fix to LookOut theme - When there are several addresses in the CC field,
the CC field will not wrap in the window frame
- [17349] fix to LookOut and WorldClient themes - If a pdf attachment has spaces before
.pdf in the filename the pdf viewer does not work
- [17312] fix to WorldClient - AutoComplete - When an ampersand is used in a contact
that is added as a recipient it shows the HTML encoding
- [16605] fix to WorldClient theme - Unread view shows read messages after resizing
window
- [17319] fix to various spelling errors found within the product
- [17316] fix to contacts with mobile numbers being removed incorrectly when UI button
used in Account Editor|White List
- [17180] fix to MDaemon alias sometimes lost or unchanged when primary domain changed
(also fixes potential extra MDaemon account created)
- [17413] fix to Content Filter GUI checkbox for "If the X-MDaemon-Deliver-To
HEADER contains" is not checked when editing a rule using that condition
- [17438] fix to MDaemon account not properly handling some multipart messages sent
for learning/addressbook
- [17442] fix to IP Syntax checker in Remote Administration not accounting for IPv6
addresses
- [17439] fix to Remote Administration not saving the new default Host Screen entries
properly
- [17453] fix to Remote Administration not saving authorized Outlook Connector accounts
properly
- [17471] fix to CalDAV server does not honor SCHEDULE-AGENT=CLIENT ATTENDEE parameter
- [17489] fix to possible crash when MDaemon is configured to send mail to a smart
host and the smart host address is invalid
- [17484] fix to unable to save changes to certain actions in the CF Rules in Remote
Administration
- [10012] fix to WorldClient tasks - In the Estimated Work and Actual Work fields,
an entered decimal point is not saved
- [16197] fix to WorldClient - Cannot replace signature image with new image of same
name
- [17461] fix to inconsistencies in MaxPingFolders configuration between MDaemon and
Remote Administration
- [17515] fix to ActiveSync may remove the flag on a message when it is replied to
or forwarded
- [17425] fix to domain specific smart hosts not being used in some situations
- [17558] fix to accountprune sometimes making empty ZIP archive files; when this
happens file will be deleted
- [17563] fix to when removing a start date from a task in WorldClient the change
may not be saved
- [17540] fix to certain strings not showing up translated in Remote Administration
- [17292] fix to "Access Denied" error when viewing certain MDAS pages in
Remote Administration as a Domain Admin
- [17586] fix to Remote Administration not showing the correct per-device AS Client
Settings values
- [17468] fix to Cancel button on Support Files Editor in Remote Administration does
not close window
- [17581] fix to Cancel button on Outlook Connector Users page in Remote Administration
does not close window
- [17585] fix to Ctrl+S|Other|BATV two checkboxes in UI not always working properly
- [16267] fix to ActiveSync clients are sent attachments even when their device policy
does not allow attachments if they request message bodies in MIME format
- [17313] fix to accented characters in the From header of messages sent using iOS
ActiveSync clients may be converted to ASCII
- [17613] fix to hijack detection not always working correctly (allowing too many
connections sometimes)
- [17620] fix to DMARC report recipients may mistakenly be discarded
- [17619] fix to MDaemon Account Editor truncates an account's smart host password
to 15 characters
- [17627] fix to Help links not working on some pages in Remote Administration
- [17616] fix to calendar event recurrence end dates are not synced to ActiveSync
clients
MDaemon 16.0.4 - July 6, 2016
FIXES
- [17293] fix to potential security vulnerability
- [17285] fix to possible ActiveSync server crash when handling SmartReply request
MDaemon 16.0.3 - June 21, 2016
FIXES
- [17065] fix to corrupt attachments when using the 64-bit ActiveSync server
- [17105] fix to CalDAV/CardDAV parsing error that prevents folders with certain
names from being opened
- [17107] fix to unable to save CF rule in Remote Administration when adding a new
search term to an existing rule
- [17031] fix to Remote Administration hiding Quarantine from Queue Management if
SecurityPlus was not installed
- [17120] fix to max size tag for DMARC RUF report URIs is not removed from
receipient email address, which results in a delivery failure
- [17140] fix to CalDAV service not honoring end date filter in calendar-query
request
- [17018] fix to CalDAV: Meeting invite may not be sent for attendee added to an
existing event
- [16984] fix to LookOut and WorldClient themes - conditions exist to prevent
desktop notifications for new email
- [16851] fix to MD GUI does not allow the "Authorize all accounts upon first
access via ActiveSync protocol" option to be turned off
- [17019] fix to XML API does not save change to user forwarding enabled/disabled
- [17141] fix to MDMgmtWS.dll fails to load on Windows XP/Server 2003
- [17090] fix to XML API fails to add user if name contains non-ASCII characters
- [17178] fix to possible Forward.dat file truncation
- [16523] fix to smart host port value (if provided) being ignored at times
- [16476] fix to subfolders of Inbox may show up incorrectly on ActiveSync clients
- [17073] fix to ACL cleanup routine may erroneously remove group permissions if a
group name contains non-ASCII characters
- [17197] fix to possible ActiveSync server crash when syncing a meeting
- [17156] fix to Remote Administration not showing the right value for "leave copy
on server" in MultiPOP settings
- [17238] fix to non-ASCII characters in a meeting event are corrupted when it is
accepted using an ActiveSync client
- [16894] fix to non-ASCII characters in meeting attendee names appear corrupt on
ActiveSync clients
MDaemon 16.0.2 - May 3, 2016
CHANGES AND NEW FEATURES
- [16479] WorldClient - Added a "Remember Me" option to Two Factor Authentication
that remembers the user on the device, so that the user does not have to enter a
verification code again for an admin designated period of time on that device.
Admins can designate the time till "Remember Me" expiration in the Domains.ini
file under TwoFactorAuthRememberUserExpiration. The default value is 30 days.
- [16273] Added "Requeue" button to the Spam Trap Queue in Remote Administration
- [6781] Global Administrators may now set the Mail Archive path in Remote
Administration.
- [16144] Added some text to UI to explain how to use addrbook.mrk as list
member. This appears when you click the ADD button to add a new list member.
- [16615] Autoresponder/DND schedules require a start and end date in order to
function yet the UI allowed otherwise in previous versions. This UI bug has been
fixed. To configure a schedule you have to set these dates. In future perhaps
this will be redesigned such that no start date is required (which would mean
"the remote past") and no end date is required (which would mean "forever into
future") but such changes can not be made at present.
- [8044] Remote Administration's Group editor now supports Do Not Disturb
scheduling.
- [15566] Remote Administration now hides ActiveSync options from the Domain
Manager if AS is globally disabled.
- [16356] Added ability to sort the Active Sessions list in Remote Administration.
- [16302] Remote Administration now warns if a local domain is added to Trusted
Hosts.
- [16367] Global Administrators may now disable Two-Factor Authentication for
users in Remote Administration.
- [16805] The ActiveSync server no longer creates duplicate messages when a
message is sent to duplicate recipients
FIXES
- [16495] fix to WorldClient theme - in IE filter edit can only be used once,
after that the user cannot enter text into the input field
- [16482] fix to LookOut and WorldClient themes - the beginning/end time for All
Day Multi-Day events are being shown
- [16501] fix to All themes - IE9 - nothing happens when you try to upload a
document
- [16510] fix to WorldClient theme - the flagged count is sometimes missing in the
message list "view" drop down
- [16552] fix to CalDAV: Meeting organizer may also receive meeting invite/update
message
- [16555] fix to meeting invitation/update message sent to attendees when a
"non-substantial" change is made to an occurrence of a recurring event
- [16144] fix to CONTACTS:<path>addrbook.mrk not working when space in file path
- [16617] fix to small GUI issues with Remote Administration's Event Scheduling
window
- [16640] fix to LookOut theme - When adding an invitee by clicking Add From
Contacts, the address is displayed incorrectly
- [16670] fix to LookOut and WorldClient themes - When adding address to Contacts,
BlackList or WhiteList an error is generated
- [16673] fix to unable to add outbound user restrictions in Remote Administration
- [16680] fix to All Themes - When printing an event, the print preview shows the
month value increased by one
- [16598] fix to defaults and text in Remote Administration's Host and IP Screen
pages did not match MDaemon
- [16709] fix to unable to create Account Templates in Remote Administration
- [16686] fix to unable to add an image to a signature in Remote Administration
- [16635] fix to text mismatch between MDaemon and Remote Administration on the AS
Clients page
- [16753] fix to Trusted IPs page always appears to be blank in Remote
Administration
- [16755] fix to Remote Administration throwing an incorrect error after saving a
new account
- [16757] fix to Remote Administration incorrect label on DKIM Settings page
- [16355] fix to Remote Administration: Sorting by file name is not accurate from
Logs | Config Files view
- [16772] fix to Remote Administration: incorrect ordering of buttons on Copy/Move
window in Queue Management
- [16784] fix to WorldClient - 2FA - Password recovery loop when trying to recover
password when 2FA is enabled
- [16756] fix to MDPGP not reading back into memory rules file changes made via
the UI button
- [16744] fix to subaddressing system not working for folders with _ chars in the
folder name
- [16706] fix to Non-ASCII characters entered in tasks synced via CalDAV are
encoded incorrectly
- [16671] fix to missing dynamic toolbar buttons on Remote Administration's
Mailing List Members page
- [16820] fix to unable to create or edit Shared Folders in Remote Admin
- [16821] fix to unable to edit "IP Shield Honors Aliases" option in Alias
Settings in Remote Admin
- [16802] fix to LookOut and WorldClient themes - When using the Catalan language,
the Personalize settings default to English and Lite
- [16773] fix to some minor issues with DMARC report generation
- [14770] fix to MDaemon starts multiple MDSpamD.exe processes on Server 2012 when
running as a service with network access credentials entered
- [16823] fix to WorldClient cross-site scripting vulnerability
- [16828] fix to possible WorldClient crash when using Two Factor Authentication
- [16741] fix to certain groups not being recognized as list members
- [16829] fix to errors with real names of list members who are groups
- [16838] fix to minor issues on Remote Administration's WC Settings page
- [16841] fix to Remote Admin unable to add Groups to list membership when Group
name includes a space
- [16867] fix to LookOut theme - Creating a new folder in the Options | Folders
view causes an error when Desktop Notifications uses selected folders
- [16848] fix to unable to add users to groups in Remote Administration
- [16882] fix to unable to save changes to ACLs in Remote Administration
- [16883] fix to some Remote Administration options' default values don't match
MDaemon
- [16885] fix to some Remote Administration dequeue settings not matching up with
MDaemon
- [16886] fix to newly created accounts may have the "must change password" option
enabled even though it is disabled in the New Accounts template
- [16890] fix to possible WorldClient.exe crash when a client syncs using CardDAV
- [16895] fix to unable to remove ActiveSync policies in Remote Administration
- [16892] fix to possible crash when viewing ActiveSync policies in Remote
Administration
- [16908] fix to crash in MDWebDav.dll when using certain log rotation settings
- [16909] fix to possible CalDAV server crash when a meeting is changed
- [16931] fix to unable to synchronize a domain's public calendar or contacts
folder via CalDAV/CardDAV with a non-English version of MDaemon
MDaemon 16.0.1 - March 23, 2016
SPECIAL CONSIDERATIONS
[6781] Instructions below regarding item [6781] advise you to remove the Mail
Archive public folder to improve server performance. Doing so however can cause
Outlook users who previously had access to the Mail Archive public folder to
start sending "Not Read" notifications errantly. To avoid this problem Outlook
users with access to the Mail Archive public folder must disable creation of
these notifications FIRST - before the Mail Archive public folder is removed -
and keep it disabled until AFTER the Mail Archive public folder is removed and
Outlook is restarted and/or re-syncs the mail folders. How to disable these
notifications probably depends on the version of Outlook being used. For
example, in Outlook 2013 the setting is at "Tools|Options|Preferences|E-Mail
Options|Tracking Options - Never send a response". So, the process is (1)
disable the notifications in Outlook for those users who had access to the Mail
Archive public folder then (2) delete (or move) the old Mail Archive public
folder structure as you like then (3) restart Outlook or cause Outlook to
re-check for new mail (4) reenable the notification settings in Outlook as you
desire. This only need be done for Outlook users with access to the Mail Archive
public folder. Moving forward, MDaemon will detect and strip out the header(s)
which trigger Outlook to behave this way (but only from archived copies of
messages).
FIXES
- [16621] fix to Content Filter - Attachment Settings page not saving properly in
Remote Administration
- [16643] fix to DMARC "only log when data is found" option being ignored
- [16646] fix to LDAP/Minger cache file not always returning correct results
- [16659] fix to archive system not stripping out problematic headers
- [16660] fix to unable to export accounts or mailing list members via Remote
Administration
- [16662] fix to MDaemon hangs at startup when using an ODBC-connected Access
account database
- [16681] fix to CardDAV server may incorrectly parse telephone and address data
submitted by clients
- [16693] fix to contacts edited by WC or OC since installing MD 16.0.0 are not
sent to CardDAV clients
- [16694] fix to Special Considerations email subject text is not encoded properly
- [16695] fix to CardDAV is unable to synchronize contacts with line breaks in the
FileAs property
MDaemon 16.0.0 - March 8, 2016
SPECIAL CONSIDERATIONS
[6781] The "Archive to Public Folders" feature has been reworked as it was the
cause of a lot of slow performance. No real functionality has been lost but it
has been re-designed. You can no longer archive to public folders. Instead, you
can now archive to an arbitrary folder of your choice anywhere (as long as
MDaemon can access it). To browse the archive folder use one of your mail
accounts (or create a new one) and point its mail folder to the same folder used
for the archive (C:\MDaemon\Archives\Email\ is the default). If multiple people
need access to the archive then either log into the account and share them with
other users or just give the other users the logon/password to the account you
used. All the old archive settings still work but have been simplified.
The "Inbound to" and "Outbound from" sub-folders have been shortened to "In" and
"Out". MDaemon only archives messages sent /to/ your local users or sent /from/
your local users (or both). Messages just relaying through are not archived by
this simple system. Virus and mailing list messages are not archived. The
messages that are archived are the ones going into a local user's mail folder
and the ones sent by local users but not until each message is in "ready to be
delivered" condition. Note that this means what appears in the archive is
what the users see and not necessarily the message as it was when it first
arrived at the server. For example, if a content filter rule adds a header
to the message then the archived version has the header. The old "Mail
Archive" public folder is now no longer updated. However, it was left in place
so that you can decide what to do with that folder. For example, copy it
somewhere else and then delete it - get it OUT of MDaemon's Public Folders
directory (please do this as it greatly improves performance of the server for
all users). The installation and update process will not do this for you because
(a) it would cause the installation process to take too long and (b) it would
lead to a wave of "WHERE'S MY ARCHIVE!! I'M GONNA KILL ARVEL!"
heart-attacks for lots of people. Some changes to the UI at F2|Server
Settings|Archiving were required.
[15733] MDPGP: There are numerous draw-backs and much confusion when sharing the
same encryption keys across one or more aliases. Aliases should have their own
set of keys so that various identities are safely kept separate. Therefore, the
option to use or not use aliases has been removed from the UI. If you have
special circumstances where you need to preserve previous behavior please add
"Aliases=Yes" (without the quotes) to the [MDPGP] section of \App\Plugins.dat
and restart MDaemon. Use of aliases creates many problems so this is NOT
recommended.
[16324] MDaemon no longer leaves Everyone@, MasterEveryone@, and DomainAdmins@
mailing list .GRP files in the APP folder when the options to use those features
are disabled. Previously, these list files were left in the APP folder
even when the features were disabled. This can cause issues because the API
assumes the lists are valid if the file exists. So, with this version these
files are removed if the features associated with their use are disabled. If you
(for some unknown reason) do NOT want these files updated or deleted you can
ATTRIB them read-only from the Windows command shell (not recommended). A better
approach in such cases would be to create your own lists which can use the same
"Send to everyone" macros that these system maintained lists can.
[5044] MDaemon was not honoring the mailing list setting which hides the mailing
list from the domain's public contacts folder. This has been fixed.
When this version of MDaemon starts for the first time any errors in the contact
folders related to mailing lists will be corrected. If a contact is found
when it should not be the contact is removed and any missing mailing list
contacts are created. This will trigger re-sync of the contact folder for
all devices that are linked to it.
[2524] A fix to a long standing content filter parsing bug could potentially
(rarely) lead to the following issue: In the past, content filter rules
which compare the value of a message header would fail to work if the test
string being looked for started with a space character. For example,
testing whether a header contained the string ' test ' (note the spaces) would
sometimes fail. This problem has been fixed but it could mean that rules
which previously did not match, now might. Just FYI.
[16214] The "Account can modify the public address book" setting has been
removed from Account Editor|Settings and Template Manager|Settings. Access
to any public address book is now managed only through the ACL editor for the
specific address book folder in question (including any defaults which will
apply to newly created accounts). As a result of these changes the
MD_SetCanModifyGAB() function in the API has been deprecated and changed to do
no work (but left in place for backward compatibility). Also, the
CanModifyGAB member of MD_UserInfo structure is now read-only. Any changes
you make to this member will not be saved. Changes to ACLs are strictly a
function of the ACL editor from here forward.
[16230] MDaemon's list engine no longer uses the message-id value of the
original list message at all. Each list message will get the same, single,
newly generated message-id. The mailing list engine makes many changes to
the original list message. Thus it must take ownership and issue a new
message-id. However, the old option to generate a unique message-id per
recipient still works but has been disabled by default for new lists and should
not be used unless special circumstances require.
[16044] Experimentation has revealed several host screen values which are
effective in blocking unwanted connections. These have been added as
defaults to HostScreen.dat for new installs. Existing installations can
rename or remove HostScreen.dat and restart MDaemon (I don't want to overwrite
your file myself) to get this new version.
[16274] The default "low disk space value" (the value below which MDaemon
believes the disk is running low and starts complaining about it) was changed
from 100MB to 1000MB. Likewise, the "auto-shutoff value" (the value below
which MDaemon will disable mail services due to critically low disk space) was
changed from 10MB to 100MB. Please check and change the values at
Ctrl+O|Preferences|Disk if they present a problem for you.
[16404] Minger queries now include the email address (sender) making the
request. This allows personal blacklists to be checked. If the sender is on the
minger recipient' s personal blacklist then a result of "user unknown" will be
returned to the minger client. This change is backward compatible with older
minger servers. As a result of this change the LDAPCache.dat file format had to
be changed. Your old LDAPCache.dat file has been renamed LDAPCache.dat.old.
MAJOR NEW FEATURES
[15918] MDaemon Remote Administration (MDRA) GUI Update
The GUI for MDRA no longer uses frames and has been updated to use a mobile
first responsive design. Browser supported is limited to IE10+, the latest
Chrome, the latest Firefox, and the latest Safari on Mac and iOS. Android
stock browsers have been known to have issues with scrolling, but Chrome on
Android devices works well.
This design is based entirely on the size of the window being used.
Whether the user is on a phone, tablet, or PC, the appearance is the same for
the same window size. The most important change here is the menu.
From 1024 pixels width on down the menu is hidden on the left side of the
browser. There are two methods that can be used to display the menu.
If a touch device is in use, swiping to the right will show the secondary menu.
Whether or not the device is in use, there is also a "menu" button in the top
left corner that will display the secondary menu. Tapping or clicking the
menu title with the left arrow next to it at the top of the menu will display
the primary menu. The help, about, and sign out menu in the top right
corner changes based on the width of the screen as well. From 768 pixels
up shows the words Help, About, and Sign Out, from 481 pixels to 767 pixels only
displays the icons, and 480 pixels or less displays a "gear" icon which when
clicked or tapped will display a drop down menu with the Help, About, Sign Out
options. List views with more than one column have column on/off buttons
that are accessed by clicking or tapping the gray right arrow button on the far
right of the toolbar container. The settings pages are no longer designed
to be exact copies of the MDaemon GUI, but are instead designed to reposition
and resize based on the width/height of the browser.
[16095] SPAMBOT DETECTION (MDaemon PRO only)
A new feature called Spambot Detection has been added to Ctrl+S|Screening. This
feature tracks the IP addresses that every SMTP MAIL (return-path) value uses
over a given period of time. The idea is that if the same return-path is used by
multiple IP addresses (more than can be expected from typical user device
switching) and all within a short time frame this may indicate a spambot network
at play. Of course, it may also indicate totally legitimate use of the mail
system (there are no rules against what this feature detects). Nevertheless,
experimentation has shown that this can be effective in limited cases at
detecting a distributed spambot network as long as the same return-path is
utilized throughout. If a spambot is detected the current connection
talking to it is immediately dropped and the return-path value is optionally
blacklisted for a length of time you specify. You can also optionally
blacklist all the spambot IPs then known for a user-defined period. This
feature can be enabled at Ctrl+S|Screening.
[10729] CARDDAV (MDaemon PRO only)
Support for synchronizing contacts via the CardDAV protocol has been added.
Notable CardDAV clients are Apple Contacts (included with Mac OS X), Apple iOS
(iPhone), and Mozilla Thunderbird via the
SOGO plugin.
Note: As of OS X 10.11 (EL Capitan), the Apple Contacts application
only supports a single
collection/folder. When the CardDAV server detects the Apple Contacts
application, it will only return the authenticated user's default contacts
folder. In addition, OS X 10.11 (EL Capitan) has a
known issue that
prevents a CardDAV account from being added using the "Advanced" view of the
dialog.
To configure clients that support
RFC 6764 (Locating Services for Calendaring Extensions to WebDAV (CalDAV) and
vCard Extensions to WebDAV (CardDAV)), only the server address, username,
and password should be required. Apple Address Book and iOS support this
standard. DNS records can be setup that point to the client to the correct
URL. When a DNS record has not been configured, clients query a
"well-known URL", which in the case of CardDAV is /.well-known/carddav.
WorldClient's built-in web server has been updated to support this well-known
URL.
Clients that do not support automatically locating the CardDAV service will
require a full URL.
- A user can access any of their own addressbooks.
- The "addressbook" directory is a shortcut to the user's own default addressbook.
- http://{server host name}/webdav/addressbook - logged in user's default contacts
folder
- http://{server host name}/webdav/addressbook/friends - the logged in user's
"friends" contacts folder
- http://{server host name}/webdav/addressbook/folder/personal - the logged in
user's "personal" contacts folder that's in a "folder" subfolder
- A user can access shared folders of another user which they have access to.
- The "contacts" path is a shortcut to shared contact folders.
- http://{server host name}/webdav/contacts/company.test/user2 -
user2@company.test's default contact folder
- http://{server host name}/webdav/contacts/company.test/user2/test -
user2@company.test's "test" contact folder
- A user can access public folders, that they have access to.
- The "public-contacts" path is a shortcut to public contact folders.
- http://{server host name}/webdav/public-contacts/company.test - domain's default
contact folder
- http://{server host name}/webdav/public-contacts/test - "test" contact folder in
the root of the public folder hierarchy
Note: When an item is submitted from a CardDAV client, the full vCard data
submitted is saved. The data is saved as .vcf files in a "_DAV" subfolder.
When the item is later sent to an CardDAV client, this data is merged in with
the data that the server generates. This allows the server to persist
unsupported and custom properties. A new "PersistentData\DAVDataFile" node
was added to the addressbook.mrk file. The API has been updated to delete
these files when an item is deleted.
Before reporting issues, please enable debug logging and the option to log HTTP
messages and reproduce the issue. This can be done via the configuration
dialog, or by adding the following to the WorldClient.ini file.
[WebDAV]
LogLevel=1
LogMessages=Yes
Warning: Special care should be taken if testing the OutlookDAV
client. OutlookDAV only supports the default MAPI profile. If multiple MAPI
profiles exist, the client may issue delete commands to the server for all of
the items that were returned by the server.
[5715] TWO FACTOR AUTHENTICATION FOR WORLDCLIENT AND REMOTE ADMINISTRATION
WorldClient users who enable Two Factor Authentication will be required to enter
a verification code before they can log into WorldClient or Remote
Administration. This feature is designed for any client that supports Google
Authenticator.
For users to setup 2FA, they need to go to Options | Authentication in any
theme. They must enter their current password in order to make any changes
to 2FA.
If a user loses his/her 2FA device or is otherwise unable to obtain a
verification code, the user can click the "I do not have a code." link below the
"Verify" button. This will do one of two things. If the user has a
password recovery email address setup, it will take the user to a page to
request an email to be sent to his/her password recovery email address with a
link to disable 2FA. Otherwise, it will send an email to the address of
SendLostTwoFactorAuthNotificationTo in MDaemoWorldClient\Domains.ini
[Default:Settings] with the same link. Admins should do their best to confirm
that a user has lost their 2FA or is otherwise unable to obtain a verification
code prior to clicking the link provided.
There is also a button located in the MDaemon GUI's Account Editor under Web
Services that can be used to disable a single user's 2FA upon request.
To prevent users from using 2FA, change the value of TwoFactorAuthDisabled from
No to Yes in MDaemon\WorldClient\Domains.ini [Default:Settings]
Do not change TwoFactorAuthEnabled=No to Yes in MDaemon\WorldClient\Domains.ini
[Default:UserDefaults], because this will prevents users from logging into their
accounts if they do not already have 2FA enabled for their accounts. Changes to
this functionality are already planned for a future version of MDaemon.
[13411] XML API FOR MANAGEMENT TASKS
MDaemon now ships with an XML over http(s) based API. The result of this is that
MDaemon Management clients can be written using any language on any platform
that can make http(s):// post requests to the server. In MDaemon Pro, this is
only available to authenticated Global Admins, while in MDaemon Private Cloud, a
subset of the available operations are accessible to authenticated domain admins
as well. The API also produces a website with documentation on the API
specification. The installation default is to have it installed at
http://servername:RemoteAdminPort/MdMgmtWS/, however, this can be set to any url
for the sake of additional security.
The available operations include ...
- Help
- CreateDomain
- DeleteDomain
- GetDomainInfo
- UpdateDomain
- CreateUser
- DeleteUser
- GetUserInfo
- UpdateUser
- CreateList
- DeleteList
- GetListInfo
- UpdateList
- AddDomainAdministrator
- DeleteDomainUsers
- GetDomainList
- GetVersionInfo
- GetQueueState
- GetServiceState
- SetAddressRestriction
- GetAddressRestriction
At this time, command line management clients have been written/tested in
Javascript, Powershell, VBScript, C, C++ and Visual Basic. A simple HTML and
Javascript test site has been used as a proof of concept for a web based
management console that operates within several popular browsers. While not
tested yet, it is fully expected that this API should work fine from web servers
using PHP, Perl, and other development platforms.
[14651] ACTIVESYNC PROTOCOL MIGRATION CLIENT
MDaemon now ships with an ActiveSync protocol based Migration Client (ASMC.exe).
It supports migrating mail, calendars, tasks, notes, and contacts from
ActiveSync servers that support protocol version 14.1. Documentation for it can
be found in \MDaemon\Docs.
CHANGES AND NEW FEATURES
- [16135] Installer will default country field to United States [US].
- [16236] UI will strip leading and trailing white-space when entering
registration keys.
- [13099] F2|Server Settings|DNS has a new option that reloads DNS settings
hourly.
- [14046] All references to "company.mail" have been changed to "company.test" to
comply with RFC 6761
- [16172] If Ctrl+U|Active Directory|Authentication has the Verbose AD Logging
switch enabled MDaemon will now log any AD error messages to the Active
Directory tab/log.
- [16191] Ctrl+S|Sender Authentication|SMTP Authentication screen has been
slightly reworked. The option to exempt authenticated sessions from the IP
Shield was a duplicate of the same option found on the IP Shield screen and this
duplication was causing a UI bug so it was removed (it is still present on the
IP Shield screen). Also, some warning text around certain options was added to
this screen.
- [15582] The New Accounts template within the Template Manager has an "Account
must change password" option which is disabled by default. You can enable this
behavior using a new checkbox in the Template Manager.
- [16166] The Account Manager has a filter to show only accounts with
autoresponders enabled. This filter's logic has been changed to show only
accounts with (a) ACTIVE autoresponders working right now and (b) autoresponders
scheduled to become active some time in the future (autoresponders scheduled to
END in the past are not shown).
- [16158] The Authentication failure notification had its Subject shortened to
"Authentication Failures: ..." and now includes a column showing the actual
logon value used (which may be different from the account's email address) and
also a Notes column which shows (a) any comment about the IP from Trusted IPs
list (b) EHLO, PTR, and MAIL lookup results as they would appear in
Authentication-Results (if any - sometimes these features are turned off or
bypassed).
- [16144] Mailing lists may now include the public contacts of any of your domains
(or any addrbook.mrk anywhere really) as members. When you use the UI to add a
member you will be shown a dialog box with the syntax to use. Basically, this
type of member looks likes this in the list's .grp file: CONTACTS:altn.com. This
example means that when someone sends a message to the list then all members of
altn.com's public contacts will receive a copy (unless CONTACTS:altn.com is
flagged READ-ONLY of course). Also, contacts which are themselves mailing lists
are ignored.
- [15952] Added a new condition to the content filter which does a comparison of
the "return-path" email address to the email address within the "from" header
and returns TRUE if they are different. NULL return-paths and messages with
List-ID headers always return FALSE. Take care with any action you take based on
this test because there is no requirement that these values match and they very
often will not match.
- [7611] Increased the length allowed for mailing list names when creating or
renaming them.
- [5472] CF conditions which search text files for words or match against headers
etc will log the matching (or missing) items.
- [15620] Ctrl+F|Content Filter|Recipients has a new checkbox which restricts ALL
notifications sent by the CF to local domains only.
- [10843] Ctrl+T|Template Manager|New Accounts|Mail Services has a button to apply
settings to all accounts (such a button is needed lots of other places too but
isn't there yet). Also, this screen was slightly rearranged to work and look
better.
- [16143] Alt+G|Mailing List Settings has a new checkbox which controls whether
the 'Everyone' lists are included in the Accounts|Exporting operations.
- [16139] F2|Server Settings|Sessions has a checkbox for smart spooling (its not
new, just this checkbox is) and a white list for smart spooling.
- [16129] Improved internal startup procedure (should startup safer).
- [16122] The over quota SMTP response strings now includes the email address in
question.
- [16134] Ctrl+S|Sender Authentication|DMARC Reporting has a new edit control
where you can specify additional email addresses to which copies of all DMARC
aggregate and DMARC failure reports are sent (fo=0 or fo=1 only).
- [16059] MDPGP: numerous strings were set up for translation.
- [16152] MDPGP: you can now specify keysize and expiration for keys which MDPGP
generates using controls added to the MDPGP UI. Keysize is either 1024, 2048,
or 4096 and expiration is given in number of days from creation date (0 = never
expires). Defaults are 2048 bit keys that never expire.
- [16107] MDPGP: text/calendar messages will have MDPGP commands (--pgps for
example) stripped from the SUMMARY field within the message body. But, this
can't be done until after MDPGP is able to process the message. This leads to a
sort of chicken-and-egg issue resulting in the following: It is not possible to
remove the commands from YOUR (the requesters) calendar because this is put on
your calendar out-of-band. However, your invitees will not see it on their
calendars. I hope this isn't a problem.
- [16153] Within DELUSER.SEM, if you end the line with a ^ char the account's mail
directory will NOT be removed (so arvel@altn.com^ for example).
- [16114] Some changes were made to speed up the Mailing List Manager load times.
- [9551] Added whitelist to F2|Server Settings|Archiving so you can exempt certain
senders and receivers from being archived.
- [16043] The IP Screen statistics node in the UI was previously the sum of IP
Screen and Host Screen refusals. Host Screen now has its own statistics node.
- [16066] Content filter logging now shows any actions taken by the rule.
- [15993] WorldClient will display some results of MDPGP operations. This required
slight changes to MDPGP-Results header.
- [16026] Added warning when trying to add local domains to Trusted Hosts as this
potentially circumvents authentication requirements.
- [11499] Updated FileList.dat (for Remote Admin) with several new data file
entries (RcptBlackList.dat, SenderBlackList.dat, HostScreen.dat, and
PFData.dat). Also removed RFC822.MBF from FileList.dat. Users are not able to
change that file.
- [14779] Changed DMARC UI reference of "Junk E-Mail" to "spam" folders to be
consistent with other places in UI.
- [15691] Alt+G|Mailing List Settings has new option to not send copy of list
posts to the original poster.
- [10613] Ctrl+U|Other|Quotas has two new controls that let you configure the
subject header text used in over and near quota email warnings sent to users.
- [15712] Improved readability of MDPGP error/exception details.
- [5291] BIS, Free/Busy, and WCIM services all require WorldClient so UI will
attempt to start WorldClient if appropriate.
- [15201] Added "-p <portnumber>" to MDSpamD startup process for reliability (the
port used is the one configured in MDSpamD settings)
- [7208] Added Groups to the Account Templates. Please do not add a group to a
template when the group has itself specified a template.
- [15731] MDPGP: updated to latest encryption library version which incorporated
many small under-the-hood type fixes
- [15735] MDPGP: dll now uses MDaemon's version rather than its own
- [15833] Remote Administration - updated the charts to use the latest
FusionCharts version.
- [15832] Remote Administration - updated the login page to a responsive design
- [15898] LookOut and WorldClient themes - Increased the clickable area to expand
and collapse the attachments list to include the %Number% Attachment(s)
- [15907] MDPGP: added option to allow foreign users to request public-keys via
email. If enabled, others can send an email to your "MDaemon@<mydomain.com>"
with the usual "--pgpk<email address>" as the subject. If a public-key for
<email address> exists it will be emailed back to the requester. This option is
disabled by default.
- [15736] MDPGP: Library version will be logged to the plugins log on startup
- [15991] Improved status indication when renaming a domain
- [10674] Added the ability to import ics files to the default calendar in
WorldClient and LookOut themes
- [15900] Quota reports are now processed by the content filter if the option to
send system messages through the content filter is enabled.
- [16093] Ctrl+O|Preferences|Miscellaneous has new option (disabled by default) to
send forwarded messages through the content filter (or not).
- [16047] Ctrl+S|Screening|HiJack Detection has a new option which limits the
number of devices (unique IP addresses) that can connect within X minutes.
- [16094] Frozen accounts are no longer needlessly added to dynamic screen due to
failed AUTH attempts.
- [15990] Domain sharing host names are treated as host names for delivery
purposes (no MX lookups).
- [15690] Wildcards and CIDR notation are now allowed in DynamicScreen.dat
entries.
- [3676] MDaemon will no longer ignore list subscription requests which arrive
while MDaemon is waiting for confirmation from a previous subscription request.
- [15993] Added MDPGP-Results header string to Lite, LookOut, and WC themes.
Expanded header only for LookOut and WC themes.
- [15746] F2|Server Settings|Binding had an option called "Enable outbound IP
binding for domains using inbound IP binding". It has been renamed to simply
"Enable outbound IP binding" to reflect how it's used. If outbound IP binding
is enabled, outbound connections are bound to the domain's inbound binding IP if
inbound binding is enabled, otherwise they are bound to the default outbound IP
if it has been set.
- [16200] Added HTTP Strict Transport Security (HSTS) support to WDaemon. In
order to enable it add UseHttpStrictTransportSecurity=Yes in the [SSL]
section of WorldClient.ini and/or WebAdmin.ini.
- [16220] RAW system increased header line length to RFC max (1000 chars).
- [16231] Added warning text when enabling the DMARC failure reporting option as a
reminder that headers are included in the reports that option generates.
- [16268] Changed logging of details when CF signs a message with DKIM to make
consistent with rest of MDaemon.
- [16289] and [15603] IP/Host/Dynamic screening log entries will now include some
additional information for debugging purposes.
- [16290] Several additional SMTP strings were updated to include more information
for debugging purposes.
- [16296] MDPGP: replaced "Hide local" checkbox with two checkboxes that show keys
for local and/or remote users.
- [16269] Reworked virtually all Shared Folder code in Remote Administration to
improve support for nested folders and ACL management
- [15933] MDPGP: When using the --pgpe to send encrypted mail and encryption fails
for some reason (for eample, no encryption key found) then a notice of this can
be emailed back to the sender. This behavior is disabled by default but can be
enabled using a new checkbox in the MDPGP UI.
- [16357] Added X-Frame-Options: SAMEORIGIN header to MDaemon's built-in web
server
- [15450] Reduced the height of WorldClient theme list view items for window
widths of 1024px and greater
- [16109] Added message for user when user attempts to go to the password recovery
page without entering their user name
- [16217] LookOut and WorldClient themes - AddressBook - Added green color to any
previously selected email or fax, so that the user does not have to remember
which emails or faxes they have already chosen
- [15709] LookOut and WorldClient themes - desktop notifications - added the
ability to choose which folders to receive new email notifications about, as
well as an option to disable the sound, and the ability to choose a sound from a
list of options.
- [10782] Minger: server better validates input email address form and returns
invalid result for invalid email address forms
- [16406] Minger: better logging will now detail outbound requests as well as
inbound requests
- [12440] WorldClient - Added the ability to download an attachment that has been
attached to a message in the Compose or Compose Attach view. Simply click the
file name.
- [16287] LookOut and WorldClient themes - Added context menu options to
Import/Export Contacts/Events for users' contact and calendar folders in the
folder menu.
- [6758] WorldClient - Added additional fields to be searched for the contacts
view, Business Phone, Home Phone, Mobile Phone, Department, and Title.
- [16422] Added X-XSS-Protection: 1 header to MDaemon's built-in web server
- [15441] The name of the WorldClient compose page button that saves a draft is
now "Save" instead of "Send Later".
- [16286] WorldClient's calendar import page is able to import iCalendar (ICS)
files in addition to CSV files.
- [15834] LookOut theme - moved Empty Trash, Delete All, and Mark All Read to the
bottom of the folder context menu to match up with WorldClient theme.
- [6009] LookOut and WorldClient themes - added a "leave this page" confirmation
for the compose view
- [5972] Lite and LookOut themes - added an icon to indicate that an event is a
recurring event in the Event Details view (CalendarAdd view)
- [5632] LookOut and WorldClient themes - added display of start and end time for
multi-day events in Day, Week, and Month views.
- [9701] Lite, LookOut, and WorldClient themes - added the ability to cancel an
attachment upload in the Compose and Compose-Attach views
- [15827] LookOut and WorldClient themes - added the contact picker for use with
the email forwarding field under Options | Personalize
- [7669] LookOut theme - added onhover indicators for the buttons
- [15494] LookOut and WorldClient themes - added an 'Add to Contacts' option to
the contact hover popup menu in the message preview pane and the external
message window. Clicking this will add the contact to a user's default contacts
folder.
- [15612] LookOut and WorldClient themes - added ability to collapse and expand
folders in the Copy/Move dialog
- [16401] After installation, MDaemon will send an email to the postmaster and all
global admins which contains the Special Considerations sections from the
release notes file (for all versions present in that file).
- [16457] Updated to the latest version of the HTML editor used by WorldClient.
- [8780] Added Mailing List Support Files editor to Remote Administration
ACTIVESYNC PROTOCOL RELATED CHANGES
- The background maintenance for MDAS is now fully encapsulated into MDASMgmt and
the code is no longer in MDaemon.exe. It runs once daily at midnight local time.
If you are not running ActiveSync and wish to disable all ActiveSync Mgmt Module
code in the MDaemon UI, you can run "regsvr32 /u MDASMgmt.dll" from the MDaemon
App directory.
- Enforce Protocol Restrictions is now an inheritable setting
(Global/Domain/User/Client). This is so particular problem clients can be
restricted without restricting an entire class of clients.
[*]::EnforceProtocolRestrictions
- Bandwidth Reset Day is now an inheritable setting. This is so it can be set to
coincide with a user/client's Wireless Carrier billing reset date.
[*]::BandwidthResetDOM
- The global setting to enable ActiveSync on all domains by default is migrated to
AirSync.ini as [System]::EnableDomainsByDefault
- The flag to automatically provision ActiveSync users has been migrated to
AirSync.ini as [System]::AutoProvisionUsers
- The specific setting to archive WbXml now prompts with a message box to make the
admin aware that it is not needed unless specifically requested by ALT-N, since
any wbxml that cannot be decoded is automatically archived if Auto-diagnostics
is enabled (the default).
- The Domain Mgmt and Client Mgmt dialogs now support resizing so that if you wish
to view list data with more available space, it can be viewed more completely
- Help has been implemented in all ActiveSync dialogs.
- [11852] ActiveSync clients can now send mail to WorldClient-based Personal
Distribution Lists. The list must be maintained in WorldClient and cannot be
edited on the client. Upon sending mail to the PDL, the ActiveSync server will
automatically re-address the mail to the list members prior to queue submission.
FIXES
- [2122] fix to ODBC list error when member lacks '@domain' in email address
- [16224] fix to $MAILBOXFIRSTCHARS(x)$ only expanding to x-1 characters
- [16148] fix to UI crash when pressing ESC key in various places
- [16155] fix to bug allowing disabled users to receive list posts if list used
macro to expand members
- [11960] fix to groups not being honored by mailing lists if underscore character
used in group name
- [2324] fix to CF not seeing all addresses in TO header for certain conditional
tests
- [14731] fix to AD monitoring system computing improper mailbox values for newly
imported accounts at times
- [15572] fix to disk space checking system not working for drives over 2TB
- [15722] fix to inconsistent key-id logging during encrypting/decrypting
operations in rare cases
- [16142] fix to MDPGP emailing wrong key after key creation when user has
multiple keys on keyring
- [16141] fix to MDPGP results header not having consistently correct values for
key-id
- [15972] fix to MDPGP errant exception logged when sending mail to self for
signing
- [16010] fix to subject for changed occurrence read from iCalendar data may be
blank
- [15935] fix to WorldClient theme - when clicking "Add to Blacklist" without the
header expanded, the address is not added to the blacklist correctly
- [16039] fix to empty root mail folder left behind on domain rename at times
- [16037] fix to domain rename + apply not updating listbox with correct domain
name
- [15847] fix to "New Accounts" errantly written to accounttemplates.dat file for
non-English installers
- [15886] fix to some account settings not immediately being saved when accounts
created via the UI
- [16116] fix to MDPGP key expiration date in UI not correctly displayed in some
cases
- [16140] fix to MDPGP fails to decrypt certain oddly formed GnuPG messages
- [16136] fix to account settings not returning to New Account Defaults template
settings when removed from group control
- [16175] fix to potential crash issue in API
- [16097] fix to several places where domain names were not updated when changing
domain names
- [16208] fix to LookOut and WorldClient themes - wrong email address being placed
in address field from address book
- [16227] fix to LookOut and WorldClient themes - PDF browser preview link missing
for pdf files that do not have a content-type of "application/pdf"
- [14593] fix to CF action that assigns a DKIM selector not working properly in
all cases
- [16265] fix to main window caption not updated with new IP value when it is
changed in UI
- [16254] fix to CFEngine hang when processing multi-part RAR files
- [16292] fix to MDPGP UI saying key creation for specific user failed when it
didn't
- [12274] fix to System log not showing results of stats DB compact at times
- [16306] fix to enabling "Everyone" mailing lists not always working properly
from config session
- [16350] fix to CardDAV: Unable to upload new contact from Android using
"CardDAV-Sync" client
- [16168] fix to LookOut theme - the Japanese word for "Documents" is displayed
vertically on the add attachment view
- [16211] fix to "ComAgent" written to startup group rather than "WorldClient
Instant Messenger"
- [16187] fix to LookOut and WorldClient themes - email format is not preserved
when creating a task from an email message
- [10306] fix to Domain Sharing not sending mail to other domain sharing host if
that same host value configured as the domain's smart host in some
configurations
- [16426] fix to meeting attendee names may be corrupted in Outlook Connector
after MDaemon processes a meeting response
- [16448] fix to Remote Admin - Cannot enter CIDR notation with 16 characters in
IP Shield
- [16387] fix to non-ASCII text in UTF-8 messages may not display correctly in
ActiveSync clients
- [16312] fix to attachments of certain messages may not appear in ActiveSync
clients
- [16394] fix to recurring appointments created in WorldClient may appear to have
an extra occurrence in ActiveSync clients
- [16272] fix to calendar items created on Windows Phone may not be synced to the
server if the ActiveSync account is not set to use push
- [16480] fix to possible high CPU usage MDaemon hang when processing local queue
- [16493] fix to Remote Admin not using HTTPS for Google Analytics when it was
loaded using HTTPS
- [16374] fix to Remote Admin not showing correct default Public Folder rights in
all cases
- [16502] fix to end users shouldn't be able to set their own account state in
Remote Administration
- [16485] fix to WorldClient Instant Messenger's installer might start it up at
the wrong time, possibly causing a prompt to reboot after an auto-update.
- [16288] fix to CalDAV: Unable to create meeting requests in Mac OS X Calendar
application
- [16499] fix to ActiveSync error when attempting to open an attachment on a
message that has an HTML body but no plain text body
- [16507] fix to ActiveSync server does not honor the setting to refuse messages
sent from over quota accounts
- [16508] fix to certain message attachments might be missing on Android
ActiveSync clients
- [16477] fix to subfolders of Inbox created on an ActiveSync client may not sync
to the server
- [16466] fix to ActiveSync menu options are checked on but do not work after
install
- [16527] fix to possible ActiveSync server crash when a client tries to create a
subfolder of a public folder without having permission
- [16534] fix to WorldClient log tab in config session UI does not refresh without
clicking away and back
MDaemon 15.5.4 - July 6, 2016
FIXES
- [17293] fix to potential security vulnerability
- [16387] fix to non-ASCII text in UTF-8 messages may not display correctly in ActiveSync clients
- [16312] fix to attachments of certain messages may not appear in ActiveSync clients
- [16272] fix to calendar items created on Windows Phone may not be synced to the server if the ActiveSync account is not set to use push
- [16508] fix to certain message attachments might be missing on Android ActiveSync clients
- [16173] fix to ActiveSync remote wipe not working
- [15814] fix to ActiveSync server may not recognize certain meeting invitations
- [16247] fix to Android ActiveSync clients not able to open certain PDF attachments
MDaemon 15.5.3 - December 15, 2015
SPECIAL CONSIDERATIONS
[16132] Ctrl+S|Sender Authentication|DMARC Reporting GUI allowed invalid/incomplete
email address values for the Contact Email field. You must use a complete
email address here. If you currently do not have a valid full email address
then no DMARC reports will be generated until you fix it.
CHANGES AND NEW FEATURES
- [3408] The content filter can now check for restricted files inside of RAR attachments
in addition to ZIP attachments.
FIXES
- [16048] fix to WorldClient and LookOut themes - Calendar - When clicking Move without
selecting a folder, the event is removed
- [16049] fix to JavaScript error in Remote Administration's Mailing List Editor
- [16054] fix to Lite theme - Unable to add a contact to the To, CC, or BCC
fields when composing a message
- [16058] fix to Virtru - WorldClient and LookOut themes - files that are dragged
and dropped in the compose view are corrupted if Virtru is enabled
- [16065] fix to Mobile and Lite themes - Messages with Invalid HTML break the Message
view
- [16064] fix to Content-Type of message attachments uploaded to WorldClient may be
truncated
- [16057] fix to STARTTLS Required List does not work for incoming connections
- [16012] fix to LookOut and WorldClient themes - advanced search for unread messages
with "All" selected as date range returns no results
- [15381] fix to formatting inconsistency when displaying disk usage in Remote Administration
- [16073] fix to WorldClient login failure message when Do Not Disturb is active
- [16028] fix to LookOut and WorldClient themes - When you re-order columns from within
the message list, the change reverts back to the previous setting
- [15750] fix to LookOut and WorldClient themes - issue with displaying details section
within an event created in OL 2013
- [15953] fix to possible error when accepting meeting request using ActiveSync
- [16018] fix to messages sent via ActiveSync from an alias may have From address
changed to account's actual email address
- [16076] fix to BlackBerry 10 ActiveSync client may stop syncing Inbox
- [16083] fix to possible cause of Outlook using ActiveSync needing to re-sync
- [16013] fix to Outlook using ActiveSync may not be able to open PDF attachment
- [14929] fix to rights inconsistency between IMAP Rules and Edit Forward permissions
in Remote Administration
- [16089] fix to LookOut theme - MS Edge does not support showModalDialog, so dialogs
do not load
- [16038] fix to option that centers MDaemon UI dialogs not working
- [16105] fix to LookOut theme - inline message preview unable to delete more than
one message
- [16092] fix to categories on PIM items are not removed from ActiveSync clients when
all are removed using WorldClient
- [14372] fix to notes created in WorldClient have blank subjects on iOS ActiveSync
clients
- [15157] fix to Remote Administration allowed ACLs to be set up for accounts that
did not exist
- [16056] fix to problems when certain special characters are used in Public Folder
names in Remote Administration
- [16118] fix to confusing behavior of "New" button in Remote Administration's
Shared Folder view
- [16126] fix to DMARC envelope_from not being domain only (was whole email address)
- [16127] fix to DMARC aggregate report having wrong start/end dates
- [16133] fix to wrong SPF domain reported in some cases within DMARC reports, logs,
and header
- [16137] fix to WorldClient SSL dialog in the MDaemon GUI does not open with the
correct certificate selected
- [16124] fix to error sending message using ActiveSync if a recipient's name contains
Japanese characters
- [16173] fix to ActiveSync server unable to perform a full wipe on an iOS device
- [13058] fix to Remote Administration misreporting free space on disks larger than
10TB
- [16202] fix to enabling/disabling ActiveSync for a domain may not take effect until
the web server is restarted
MDaemon 15.5.2 - November 3, 2015
SPECIAL CONSIDERATIONS
[15968] The ActiveSync server now denies access to accounts whose mail directory
is inside of the public folder directory.
CHANGES AND NEW FEATURES
- [15761] MDPGP: --pgpx mode will now bounce if no key on key-ring found for encryption
and log a failure message if encryption cannot be performed.
- [15895] Info about ActiveSync port requirements has been moved from a popup to the
ActiveSync server configuration dialog.
FIXES
- [14407] fix to WorldClient and LookOut themes - not displaying message with attachment
of Content-Type: \"application/pdf\"
- [15856] fix to WorldClient theme - creating a folder with the "plus" button
always results in an email folder
- [15878] fix to All Themes - if an admin has language selection turned off, the "Forgot
Password" link on the logon page does not work
- [15887] fix to error message pops up when creating the first WorldClient SSL certificate
in the MDaemon GUI
- [15896] fix to update checker may not tell users of beta versions that an update
is available once it has been publicly released
- [15906] fix to CalDAV: private calendar event details are not hidden when a shared
calendar is viewed
- [15870] fix to MDPGP affixing signature to encrypted messages needlessly
- [15689] fix to unable to access certain Active Sync pages in Remote Administration
as a Domain Administrator
- [15909] fix to broken link for Active Sync page for end users in Remote Administration
- [15868] fix to MDPGP not decoding subject text before checking it for commands
- [15720] fix to [trash] macro not working with advanced forwarding options
- [15876] fix to contact categories are not synced to ActiveSync clients
- [15894] fix to ActiveSync server crash when parsing certain recipient addresses
- [15901] fix to ActiveSync server does not support UNC paths
- [15902] fix to ActiveSync client may not be able to download message attachments
- [15905] fix to non-ASCII characters in the subjects of messages downloaded via ActiveSync
may display as question marks
- [15914] fix to invalid Birthday or Anniversary dates may cause issues with certain
ActiveSync clients
- [15955] fix to Outlook 2013 may hang after downloading a message that does not contain
a Date header using ActiveSync
- [15942] fix to Outlook 2013 may hang after downloading TNEF meeting requests using
ActiveSync
- [15957] fix ActiveSync message Preview element may not contain proper UTF-8
- [15944] fix to possible ActiveSync server crash
- [15930] fix to non-ASCII characters in messages sent using ActiveSync may be replaced
by question marks
- [15926] fix to meeting attendees that do not have valid email addresses are not
synced to ActiveSync clients
- [15922] fix to ActiveSync PIM searches may return incorrect results
- [15903] fix to ActiveSync performance issue on extremely busy servers
- [15953] fix to possible error sending meeting response using ActiveSync
- [15977] fix to calendar items may be created without start or end times using ActiveSync
- [15962] fix to meeting planner does not receive a response for a meeting created
in WorldClient after the invitation is accepted in Outlook
- [16027] fix to message attachment filename containing non-ASCII characters may cause
Outlook 2013 to hang when downloaded using ActiveSync
MDaemon 15.5.1 - October 6, 2015
CHANGES
- [15771] The LookOut theme's Advanced Search date option "All" is enabled
by default, to match the WorldClient theme.
- [15786] Moved CalDAV configuration menu item to root on the Web & IM Services dialog.
FIXES
- [15623] fix to some task properties are lost when a task created in WC is edited
via CalDAV
- [15730] fix to PIM items created on certain ActiveSync devices may be duplicated
on the device
- [15598] fix to LookOut and WorldClient themes - IE - When copying a message it is
slow to load the destination folder list
- [15664] fix to LookOut theme - advanced search may fail after doing a quick search
that returns no results
- [15613] fix to LookOut and WorldClient themes - Long folder names are not wrapped
properly in the copy/move folder selection window
- [15740] fix to LookOut theme - IE8 - Unable to use the Send Now button in the compose
view
- [15708] fix to Mobile theme - Windows Phone 8.1 requesting attachments results in
invalid session cookie
- [15744] fix to Minger lookups in SMTP sessions from WorldClient may fail if outbound
socket binding option is enabled
- [15160] fix to LookOut and WorldClient themes - filters containing non-ASCII characters
do not appear correctly
- [15748] fix to ActiveSync server crash when public folder syncing is enabled but
public folders are not enabled in MDaemon
- [15749] fix to possible ActiveSync server crash when client sends invalid data in
sync request
- [15724] fix to sign out link missing in MDaemon Remote Administration web UI when
using the Microsoft Edge browser included in Windows 10
- [15725] fix to reports are not displayed in MDaemon Remote Administration web UI
when using the Microsoft Edge browser included in Windows 10
- [15757] fix to CalDAV: Timezone names in iCalendar data are not properly UTF-8 encoded.
This may cause events from the server to not appear on the client.
- [15758] fix to CalDAV server does not honor "Enable Public Folder" and
"Enable Shared Folder" switches
- [15764] fix to LookOut and WorldClient themes - Searching based on same beginning
and end date results in end date being ignored
- [15762] fix to high memory and CPU usage when large messages are downloaded via
ActiveSync
- [15774] fix to LookOut and WorldClient themes - When creating new task, note, or
event from a message, accented characters are displayed incorrectly
- [15778] fix to MD GUI does not save CalDAV log level setting correctly
- [15781] fix to ActiveSync Last Logon Time not being read properly
- [15785] fix to enabling XML archiving in the ActiveSync Log Viewer not working
- [15790] fix to CalDAV: MDaemon account full name that contains non-ASCII characters
is not properly UTF-8 encoded. This may prevent the account from being able
to synchronize.
- [14996] fix to Remote Administration's IP Syntax checker not allowing for CIDR
notation on screens like IP Screening
- [15801] fix to iCalUID for calendar event exported from an Outlook Connector
TNEF message file may contain invalid data in the calendar.mrk file. This
may prevent the event from syncronizing with a CalDAV client.
- [15810] fix to CalDAV: multiget report performance is poor as it loads the calendar.mrk
file too often. If a client issues multiple multiget requests, an error may
occur because the calendar database file cannot be locked. Thunderbird/Lightning
request items via the multiget report.
- [15773] fix to non-ASCII characters in particular HTML messages may not display
correctly in WorldClient
- [15751] fix to ActiveSync server may fail to start up on Windows Server 2008/Vista
- [15756] fix to ActiveSync device list may contain duplicates
- [15759] fix to ActiveSync Archive WBXML setting at user level is broken
- [15782] fix to possible crash during midnight processing when removing inactive
ActiveSync devices
- [15793] fix to possible crash when processing ActiveSync search requests
- [15799] fix to ActiveSync policy editor saves "Minutes of inactivity before
device locks" setting incorrectly
- [15803] fix to certain HTML messages may cause sync errors when an ActiveSync client
requests the body in plain text
- [15813] fix to mailing list members may be removed when adding members with the
account picker
- [15816] fix to MDaemon GUI dialogs may not be centered on screen properly
- [15808] fix to attachments of messages forwarded to a mailing list may be corrupted
- [15768] fix to Content Filter not computing correct DKIM signature for signed or
encrypted messages
- [15814] fix to ActiveSync server not always detecting meeting invitations as such
when emitting message properties
- [15818] fix to possible ActiveSync server crash when a client deletes a folder
- [15830] fix to possible crash when an existing gateway is used as a pattern for
automatic gateway creation
MDaemon 15.5.0 - September 15, 2015
SPECIAL CONSIDERATIONS
[14502] The daily quota report now includes a column showing the last date and time
the account was accessed (via IMAP, POP, WorldClient, etc). This required a change
to the QuotaReport.dat template file. Your old file was saved as QuotaReport.dat.old
in case you have customized it. If so, you may want to similarly customize the new
template file.
[15058] The default setting for using color logs has been changed from disabled
to enabled. If you don't like this you can change the setting at Ctrl+O|Preferences|UI.
MAJOR NEW FEATURES
[2399] CALDAV (MDaemon PRO only)
Support for synchronizing calendars and task lists via the CalDAV protocol has been
added. Notable CalDAV clients are Apple iCal (Included with Mac OS X), Apple
iOS (iPhone), Mozilla Thunderbird via the Lightning calendar plugin. A configuration
dialog has been added under Setup | Web & IM Services | WorldClient (web mail)
| CalDAV.
To configure clients that support RFC
6764 (Locating Services for Calendaring Extensions to WebDAV (CalDAV)),
only the server address, username, and password should be required. Apple
iCal and iOS support this standard. DNS records can be setup that point to
the client to the correct URL. When a DNS record has not been configured,
clients query a "well-known URL", which in the case of CalDAV is /.well-known/caldav.
WorldClient's built-in web server has been updated to support this well-known
URL.
Clients that do not support automatically locating the CalDAV service, such as Mozilla
Thunderbird via the Lightning plugin will require a full URL.
- A user can access any of their own calendar or tasks folders.
- The "calendar" directory is a shortcut to the user's own default calendar
folder.
- http://{server host name}/webdav/calendar - logged in user's default calendar
- http://{server host name}/webdav/calendar/releases - the logged in user's "releases"
calendar
- http://{server host name}/webdav/calendar/folder/personal - the logged in user's
"personal" calendar that's in a "folder" subfolder
- The "tasklist" path is a shortcut to the user's own default tasks
folder.
- http://{server host name}/webdav/tasklist - logged in user's default task list
- http://{server host name}/webdav/tasklist/todo - the logged in user's "todo"
tasklist
- http://{server host name}/webdav/tasklist/folder/personal - the logged in user's
"personal" tasklist that's in a "folder" subfolder
- A user can access shared folders of another user which they have access to.
- The "calendars" path is a shortcut to shared calendar folders.
- http://{server host name}/webdav/calendars/company.test/user2 - user2@company.test's
default calendar folder
- http://{server host name}/webdav/calendars/company.test/user2/test - user2@company.test's
"test" calendar folder
- The "tasks" path is a shortcut to shared task folders.
- http://{server host name}/webdav/tasks/company.test/user2 - user2@company.test's
default tasks folder
- http://{server host name}/webdav/tasks/company.test/user2/test - user2@company.test's
"test" tasks folder
- A user can access public folders, that they have access to.
- The "public-calendars" path is a shortcut to public calendar folders.
- http://{server host name}/webdav/public-calendars/company.test - domain's default
calendar folder
- http://{server host name}/webdav/public-calendars/test - "test" calendar
folder in the root of the public folder hierarchy
- The "public-tasks" path is a shortcut to public task folders.
- http://{server host name}/webdav/public-tasks/company.test - domain's default
task folder
- http://{server host name}/webdav/public-tasks/test - "test" task folder
in the root of the public folder hierarchy
Free-busy availability queries are supported, however at the time of this writing
the latest version of Lightning (4.0.2) has a defect where it won't query a
CalDAV server for free-busy information. Please use version 4.0.1.2, available
for download from https://addons.mozilla.org/en-US/thunderbird/addon/lightning/versions/",
until this issue has been resolved.
Note: When an item is submitted from a CalDAV client, the full iCalendar data submitted
is saved. The data is saved as .ics files in a "_DAV" subfolder.
When the item is later sent to an iCalendar client, this data is merged in with
the data that the server generates. This allows the server to persist unsupported
and custom properties. A new "PersistentData\DAVDataFile" node was
added to the calendar.mrk file. The API has been updated to delete these files
when an item is deleted.
Before reporting issues, please enable debug logging and the option to log HTTP
messages and reproduce the issue. This can be done via the configuration dialog,
or by adding the following to the WorldClient.ini file.
[WebDAV]
LogLevel=1
LogMessages=Yes
Warning: Special care should be taken if testing the OutlookDAV client. If
multiple MAPI profiles exist we've seen the client issue delete commands to
the server for all of the calendar items returned by the server. OutlookDAV
only supports the default MAPI profile.
[9651] OPENPGP SUPPORT (MDaemon PRO only)
Support for running MDPGP has been integrated. MDPGP provides OpenPGP support for
MDaemon by providing encryption, decryption, and basic key management capabilites.
It is a great introduction to secure encrypted email. A new tab called "MDPGP"
was added to the Security root tab. Here you will see all MDPGP processing
activity. You can also configure MDPGP by accessing a new option within the
Security top-level menu. The Content Filter now contains actions to encrypt
and decrypt messages. See MDPGP-Quick-Start.html in the DOCS folder for more information
on how to setup and configure MDPGP. Due to licensing restrictions beyond
our control this functionality is not available (or even included) in builds of
MDaemon intended for the Russian market.
[8044] DO NOT DISTURB
The Ctrl+T Group Manager now supports a Do Not Disturb feature that lets you set
a time frame during which an account may not be accessed by its user(s). Access
during a Do Not Disturb time period is not allowed and returns an appropriate error
response to IMAP, POP, SMTP, ActiveSync, and WorldClient access requests. Accounts
in this state may receive incoming mail but may not originate mail or be accessed
by mail clients. To apply Do Not Disturb to one or more accounts first create a
group with the Do Not Disturb settings you desire. Next, use the Account Editor
and add the group to the account(s) as you wish.
[15243] UI IMPROVEMENTS
- [14507] The ActiveSync for MDaemon configuration screens in Mobile Device Management,
Domain Manager, and Account Editor have been redesigned.
- [15243] Added an Accounts page to the Domain Manager with access to common account
functions.
- [15244] Added right-click menu to Account Manager/Domain Manager with common account
functions.
- [14330] The tool window now has counter nodes for connections blocked by IP and
Dynamic Screening.
- [14479] Added "Start Time" column to Session pane in the main UI.
- [14374] Added Up and Down buttons to the Host and IP Screen editors.
- [14557] F2 | Server Settings | DNS has been redesigned.
- [14745] Added option to Ctrl+O|Preferences|UI which causes UI dialogs to be centered
rather than overlapped in style.
- [15087] Sort arrows were added to columns within the UI's session windows.
- [15057] Added option to Ctrl+O|Preferences|UI which lets you split the session window
to its own pane in the main UI window. Changing this setting requires a restart
and when active the option to swap panes will not work.
- [14780] Moved setting which adds to spam score from Ctrl+S|Sender Authentication|DKIM
Verification to Ctrl+S|Sender Authentication|DKIM Settings.
- [14106] Improved usability of account picker when selecting members for a mailing
list.
- [14484] UI was updated in connection with generation of self signed certificates
using SHA2.
- [15281] Added option to Ctrl+O|Preferencs|UI to include system generated lists (like
Everyone@ and MasterEveryone@) when using the List Manager. System generated lists
have limited items available for user configuration.
- [15293] Config session will immediately load relevant log data upon startup without
an initial pause.
- [14099] MDaemon Remote Administration now displays the various public folder views
in a tree-style list rather than a flat list.
CHANGES AND NEW FEATURES
- [12598] WorldClient supports adding inline images to a user's signature.
- [15170] SpamAssassin has been updated to version 3.4.1 and built with a newer, more
stable version of Perl.
- [14774] The ActiveSync server has an option to include a user's public contacts
with their default contacts. This allows users of clients such as Outlook 2013,
which does not support multiple contacts folders or global address list searching,
to access public contacts. The public contacts are read-only and tagged with "Public"
and "Read-Only" categories.
- [15279] SMTP "Recipient Unknown" response will include the unknown address.
- [15241] When an account is deleted the autoresponder script that account used will
also be deleted from disk if it is named the same as the accounts email address.
For example, arvel@altn.com.rsp will be removed if it is the script that arvel@altn.com
is using at the time his account is deleted.
- [2240] Added "X-MDaemon-Deliver-To" as a default header to search when
creating rules in the content filter.
- [15231] Changed color of DMARC logging from red to something else since elsewhere
red color indicates possible processing errors.
- [14481] Changed shades of green and red used in DMARCReporter for better readability.
- [14630] Added option to Ctrl+Q | Mail Queues | Holding Queue which sends the postmaster
a summary of quarantine queue content.
- [12831] The Quarantine and Holding queue tabs in the UI have been changed to be
like the Bad queue tab and show the reason a message is in the queue. The information
for this column is taken from the X-MDBad-Queue header. MDaemon now inserts
this header for messages destined for these queues. The column that displays
this data has been renamed from "Bad queue reason" to "Explanation."
- [14111] The Quarantine queue now supports the right-click Release and Re-Queue options.
Also as part of this change the Quarantine queue now appears in the list of queues
when using the copy/move functions.
- [14497] Attachment Linking now makes better use of long file names pulled from MIME
headers. These file names are no longer truncated at 50 characters. However, the
file name will still be truncated should its use result in a total file path length
greater than the OS allows. File names displayed within Attachment Linking emails
show the first 70 characters of the file name + "..." to indicate if the
file name has been shortened for display purposes. If you would like to include
the full file name in the emails set the following in MDaemon.ini with notepad:
[AttachmentLinking] FileNameDisplayLength=0 then restart MDaemon.
- [14420] Configuration Session UI will detect if the underlying MDaemon service has
crashed or been task killed and inform the user according.
- [14639] MDaemon no longer sets/deletes the MDisRunning key in MDaemon.ini.
This is not a reliable way to tell if MDaemon is running. To check that, look
to the Task Manager or Windows services control panel.
- [14505] DMARC query domains which do not exist or which do not publish DMARC data
will be negatively cached for (by default) one day. This is to avoid needless
processing overhead. If you wish to change the number of days cached set the
following in MDaemon.ini: [DMARC] NoAnswersTTL=1440 (number of minutes in a day,
2880 is two days, etc).
- [5998] WorldClient - Added ability for users to sort distribution lists in all themes.
- [13479] WorldClient - Merged Categories and Labels into just Categories. Users can
now add, edit, and delete categories from a predefined list based on the old labels
and categories. Each category has a color associated with it. More than one category
can be associated with a given color, but only one category with a specific name
may exist. There are 26 colors to choose from (including white) which match Outlook
category color options. If an event, task, note, or contact already has categories
associated with it, but they don't match the predefined categories, their colors
will be white until the user adds them to the predefined list of categories. If
there is already a label associated with an event, the user can choose to remove
the label and add a category, or leave the label. Old labels are not lost on upgrade.
- [5570] WorldClient and LookOut themes - Desktop notifications are now available.
When LookOut or WorldClient loads, the browser will prompt the user on whether or
not they wish to allow desktop notifications. If the user chooses to allow
them, then the user will receive notifications of new email messages, new instant
messages (in the case that the corresponding chat is not in focus), and any change
in status of a chat buddy. Desktop notifications are not supported by Internet Explorer.
- [14876] WorldClient and LookOut themes - Added ability to view pdf files in the
browser (not supported in IE8). This is available in any document folder and
any message that has a pdf file.
- [8095] The Help link on WorldClient's logon page now opens in a new tab/window.
- [8311] Added password recovery feature to WorldClient. This feature is disabled
by default. It may be enabled from CTRL+W|WorldClient|Settings or by editing
\MDaemon\WorldClient\Domains.ini and adding [Default:UserDefaults]
EnablePasswordRecovery=Yes. It can be enabled or disabled on a per-user basis by
editing a user's User.ini file. If enabled, users who have permission to edit their
password will be able to enter an alternate email address that will be sent a link
to reset their password in case they forget it. The password recovery email address
is configured on the Options | Personalize page. Users must enter their current
password in order to change it. Once set, if the user attempts to log in with an
incorrect password a "forgot password?" link will appear. This link takes
them to a page that asks them to confirm their password recovery email address.
If entered correctly, a message containing a link to a page that allows them to
change their password is sent.
- [13799] WorldClient theme - added message preview buttons for Next/Previous instead
of them being in the "more" dropdown menu.
- [14614] Removed Cache related options from Ctrl+S|Sender Authentication|DKIM Verification.
They applied to DomainKeys, which was removed in version 14.5.0.
- [8927] LookOut and WorldClient themes - added buttons and context menu items for
users to create a new event, task, or note using an email. In both themes there
are three places where these functions can be found: 1. The message list context
menu. 2. The message preview buttons (LookOut) or "more" dropdown
menu (WorldClient). 3. The external message view buttons (LookOut) or "more"
dropdown menu (WorldClient).
- [14976] The mailing list Description field was moved from the Settings page to the
Moderation page. This field is used in the List-ID header so it is not a private
description of the list. A new field was added to the Settings page which
allows you to enter a short description of the mailing list for private use.
- [14889] Several SMTP response strings have been changed to not disclose information
that might help an attacker work around a refusal.
- [15050] LookOut and WorldClient themes - when there is only one attachment with
a message, the attachments container auto-expands when the message is opened.
- [4691] The connection failure cache now stores IP:PORT combinations to avoid potential
false positives.
- [12654] LookOut and WorldClient themes - external windows open in the center of
the screen instead of the top left if they fit
- [14170] Lite, LookOut, and WorldClient themes - Logon page attempts to detect and
use the browser language being used before using the domain default for new users.
- [11680] LookOut and WorldClient themes - users can now use the browser's back
and forward buttons to navigate in the main window
- [14702] LookOut and WorldClient themes - Virtru can now be disabled by the admin
on a per user basis by adding VirtruDisabled=Yes to the [User] section of the user's
WC\User.ini file.
- [7668] LookOut theme - Inline Message Preview - Next/Previous buttons are now disabled
when the extremities of the message list are reached by the user
- [15060] WorldClient theme - added a "Today" button to the calendar view
buttons which has the same behavior as the "Today" button in the LookOut
theme
- [14280] LookOut and WorldClient themes - added ability for users to sort by the
Description, Location, Start, and End columns in the Calendar List view
- [14487] Lite, LookOut, and WorldClient themes - Added <ROOT> as top most option
when creating or editing a folder. Creating a folder from the "plus" icon
in the WC theme folder list defaults to <ROOT>.
- [9958] LookOut and WorldClient themes - added button to send a message to all attendees
of a meeting in the event editor
- [10163] Lite theme - Mark Unread/Read option now available in the Message view.
Clicking it will mark the message unread and take the user back to the List view.
- [14484] MDaemon can generate self-signed certificates using SHA2. Requires Vista
/ Server 2008 or newer.
- [6019] Lite, LookOut, and WorldClient themes - added the ability to print the details
of a single event. Users can do so from the Event Editor or, in the case of
LookOut and WorldClient themes, by right clicking on an event and clicking "Print"
- [15203] LookOut and WorldClient themes - added a link to the Virtru Dashboard in
the the help/logout dropdown context menu
- [15214] LookOut and WorldClient themes - added the "custom intro" feature
to the compose window for Virtru encrypted messages
- [14995] LookOut theme - Updated the theme appearance. Added a new style (Gray)
and changed the default style to a blue (similar to pastel_blue). Added a
drop down menu for the main navigation menu when the navigation buttons will no
longer fit in the space provided. Moved the "New" button, to where
the user's email address was previously located. Moved the user's
email address to the top navigation bar, and moved the help and signout options
to a drop down on the user's name (like the WorldClient theme). Moved
the options dropdown button to the far right in the navigation bar.
- [15267] LookOut and WorldClient themes - the message header expansion setting in
the external message view is now independent of the message header expansion setting
in the message preview frame.
- [15310] The LookOut theme's "pastel_blue" style has been removed.
- [15243] [14848] Settings found at Ctrl+W|WorldClient|Dynamic Screening have been
copied to Ctrl+S|Screening|Dynamic Screening. The settings can be accessed from
either place.
- [14740] F2|Server Settings|Delivery and Alt+F2|Smart Host screens have a new setting
that let you tell MDaemon to lookup MX records for smart host values.
- [15481] Added additional logging when connections refused during SMTP session
- [10421] Added Shared Folder ACL Management via Remote Administration. Global administrators
may manage ACLs for all users. Users may administer their own ACLs for shared folders.
- [14490] Added Virtru Pro options to the LookOut and WorldClient themes. In the Compose
view a drop down button was added that gives users the ability to set an expiration
for access to their encrypted message and/or prevent the receiver from forwarding
the encrypted message. In the message preview and the external message window any
encrypted message that a user has sent may be "revoked" in real time.
Revoking the message will prevent the recipients from continuing to access the message.
The user may also retroactively disable forwarding of a message or set an expiration
for the message. The Virtru Pro options are available for a two week trial period
to all new Virtru users and to users that have set up a "Pro" account
with Virtru. The options are always visible, but are disabled after the trial period
if the user has not set up a "Pro" account with Virtru.
FIXES
- [13807] fix to errant batv header added to some messages
- [14593] fix to d= and i= tags passed to DKIM signer not always being honored
- [14613] fix to SPF logging empty results when configured not to do so
- [14472] fix to bad queue messages remaining in queue for up to one day longer than
configured
- [14647] fix to attachment extraction process not properly handling PGP armored attachments
- [14722] fix to MDMigrator migration from Microsoft Exchange may fail if multiple
"Exchange Adminstrator Groups" exist in Active Directory
- [14788] fix to WorldClient theme - Using "+" plus symbol for public IMAP
folder prefix string causes login to hang with "Loading..." message
- [14925] fix to WorldClient - if a user has a filter that forwards or redirects a
message and the admin removes forwarding permissions the filter may become corrupted
- [15011] fix to incoming DMARC aggregate reports triggering errant outbound aggregate
report
- [14592] fix to WorldClient and LookOut themes - when in the "Sent Items"
folder, the option exists to sort by the sender instead of by the recipient
- [14686] fix to LookOut and Lite themes - Additional Phone Numbers drop down menu
is grayed out if user does not have LRWICD ACL Access Rights
- [4382] fix to WorldClient - Problem sending message to too many contacts
- [14908] fix to errant text on some mailing list related UI popup dialogs
- [14934] fix to new domain name UI entry box not enforcing size limits
- [15042] fix to inconsistent router logging related to message forwarding
- [15039] fix to account editor not properly showing account name in window caption
- [14939] fix to domain rename operation permitting improper values
- [15061] fix to LookOut and WorldClient themes - Ampersand in friendly name breaks
"Compose Email" feature
- [15071] fix to LookOut and WorldClient themes - column widths not preserved on per
theme basis
- [15019] fix to LookOut and WorldClient themes - When you have 15-minute events occurring
at the same time as another, they are not displayed correctly
- [14723] fix to session window not staying in sorted order when viewed over time
- [15092] fix to LookOut and WorldClient themes - Addresses are not visible in distribution
lists whose names have an apostrophe
- [13935] fix to LookOut and WorldClient themes - In Day View, All day events are
not visible unless you scroll up to 12 am
- [15132] fix to Lite and WorldClient themes - In a shared calendar, the "<private
appointment>" text is not displayed correctly in certain views
- [15133] fix to Mobile theme - When viewing a shared calendar without the "write"
permission, the calendar never loads
- [15150] fix to Account Editor not remembering previously selected domain
- [15183] fix to WorldClient theme - Default Contact View setting is not honored -
Contacts folder is always displayed
- [15184] fix to All themes - Default Contact View setting is not applied to the address
book lookup view which is accessed through the compose view when clicking on 'To'
- [14989] fix to WorldClient Style setting is reset when switching to the Mobile theme
and back
- [15247] fix to progress bar visual indication not working in various parts of UI
- [15245] fix to WorldClient theme - In messages sent at 12:00am, the folder list
shows the message is sent at 12:00pm
- [15306] fix to LookOut theme - Unable to autocomplete contacts when composing a
message in IE8
- [15373] fix to account template autoresponder scheduled days not saving
- [15377] fix to LookOut and WorldClient themes - incorrect dates displayed when printing
calendar
- [15338] fix to All themes - When typing a letter in the "To" field and
then backspacing, autocomplete no longer works
- [7851] fix to WorldClient Reply does not support multiple addresses in the Reply-To
or From headers
- [15400] fix to Virtru-encrypted messages created by WorldClient may contain lines
that exceed the Internet Message Format line length limit
- [15221] fix to new gateway button disabled improperly
- [15117] fix to anon-usage data button disabled improperly
- [15389] fix to FQDN of primary domain not being used when other domains fail to
specify their own FQDN
- [15447] fix to certain messages with large header blocks not forwarding to list
properly
- [15449] fix to crash caused by recursively called list members in some cases
- [15502] fix to LookOut and WorldClient themes - AddrLookup may have trouble displaying
contacts under right conditions
- [15541] fix to the ACL cleanup routine may remove AclShLookup.dat entries due to
case sensitivity
- [15542] fix to CSV file produced when exporting accounts to CSV has the "ExemptFromAuthMatch"
and "ApplyDomainSignature" values swapped
- [15232] fix to some list settings not being honored after changes made (enable/disable
LIST)
- [15077] fix to DNS-BL spam filter score not being honored after changes made
- [15550] fix to OP screen in Remote Administration not enabling Save and Cancel buttons
on change
- [15656] fix to accented characters in attendee names may be corrupted when creating
meeting invitations via ActiveSync
MDaemon 15.0.4 - July 6, 2016
FIXES
- [17293] fix to potential security vulnerability
- [15541] fix to the ACL cleanup routine may remove AclShLookup.dat entries due to case sensitivity
MDaemon 15.0.3 - June 19, 2015
FIXES
- [15229] fix to security vulnerability in content filter
MDaemon 15.0.2 - June 16, 2015
CHANGES
- [15135] MDaemon passes " -r spamd.pid" on the command line when starting MDSpamD.
- [7220] Added a "Save in Sent Items" option to WorldClient's compose page.
- [15101] Ctrl+W|WorldClient|Web Server and Ctrl+W|WebAdmin|Web Server now have options
to enable/disable anonymous usage data.
- [15081] Remote Administration now has options to enable/disable anonymous usage
data.
FIXES
- [14924] fix to Remote Administration lacking a default location for the Quarantine
queue if it doesn't exist in the Cfilter.ini file
- [14493] fix to Remote Administration is unable to edit mailing lists
with a "#" in their name
- [14829] fix to Remote Administration allowing illegal characters in list names and
giving a misleading error message
- [14899] fix to Remote Administration missing the 'CC' header in Content Filter's
search and replace actions
- [14954] fix to possible MDaemon.exe crash in the "AclShlFx.dll_unloaded" module
- [14961] fix to possible MDAirSync.dll crash when public folders are enabled in ActiveSync
- [14988] fix to ActiveSync contact sync issue with iOS
- [15067] fix to MDaemon nightly maintenance leaves accounts' "Inbox.IMAP" folders open,
preventing them from being able to be deleted
- [14849] fix to WorldClient may not include all image attachments when forwarding a message
- [15038] fix to ACL editor GUI may not apply permissions to child folders correctly
- [14998] fix to plugin preprocess function may be called repeatedly when message recall
is enabled
- [14814] fix to WorldClient and LookOut themes - When clicking "Reply" or
"Forward", the compose view shows the previous message info
- [14966] fix to MDaemon may detect duplicate DNS server addresses from Windows
- [14226] fix to Resend in WorldClient may open the compose page with the wrong From
alias selected
- [14466] fix to Mobile theme - Adding event to public calendar will add the event
to private calendar
- [14953] fix to SMTP RSET not resetting inline spam scan state
- [14056] fix to contacts saved in Outlook Connector may have their birthday and
anniversary dates removed on the server
- [15046] fix to Lite and Mobile themes - Messages with spelling errors are not
saved to designated Sent folder when "spell check before sending" is enabled
- [14940] fix to messages forwarded to unknown local users not honoring the advanced
settings at F2|Server Settings|Unknown Mail
- [14638] fix to list digest archive option not sticking
- [14624] fix to undeliverable archive message triggering DSN; such messages now go to bad queue
- [14495] fix to outbound attachment linking not working with aliases properly
- [15036] fix to Remote Administration not always showing the proper value for
Spam Filter Bayesian Learning Schedule
- [15044] fix to Remote Administration not saving public folder "type" value
properly for certain values
- [15090] fix to MDaemon may crash or stop processing the local queue after releasing
a message from the holding queue
- [15074] fix to SPF White list on a fresh install of MD 15 is missing IPv4 addresses
- [15075] fix to Mailing List Manager does not allow wildcard addresses such as
"*@domain.com" to be added as a list member
- [14949] fix to tooltips needed in Remote Administration's left-hand menu
- [13103] fix to WorldClient adds garbage to the User.ini files of LookOut theme users
running IE8, which may eventually cause high CPU usage on the server
- [14963] fix to WorldClient does not list any contacts when clicking "To" while
composing a message using the LookOut theme with IE8
- [12557] fix to LookOut and WorldClient themes round appointment start and end times to
the nearest quarter hour
- [15105] fix to LookOut theme - Calendar toolbar is not loading in IE8
- [14960] fix to WorldClient theme - Cancel search takes multiple attempts to cancel
- [15161] fix to iOS device may stop syncing calendar via ActiveSync when an event it's
trying to delete has already been deleted from the server
- [15168] fix to original mailing list may be recreated after adding members to a
mailing list that has been renamed
- [15166] fix to some ActiveSync clients cannot unflag messages
MDaemon 15.0.1 - April 21, 2015
CHANGES AND NEW FEATURES
- [13733] Added enhanced hijack detection options from MDaemon to Remote Administration
- [14196] Added option to delete autoresponders that are undeliverable to Remote
Administration
- [14350] Added Quota Settings | Whitelist to Remote Administration
- [14378] Added "Insert Bulk Header" option from DMARC settings to Remote
Administration
- [14390] Added "Refuse Multiple From" option from DMARC settings to Remote
Administration
- [14324] Added option to send DSN messages through Spam/Content Filtering to
Remote Administration
- [14501] WorldClient theme - changed multi-day event background color to be the
same as the type of event instead of the same as the related calendar
- [14488] WorldClient and LookOut themes - a successful password change hides the
"strong password requirements" text after an unsuccessful attempt
- [14673] WorldClient - Virtru - when replying to or forwarding an encrypted
message the compose view turns Virtru on.
- [14205] Remote Administration Domain and Global Admins can now edit users that
are using an insecure password without being forced to change that password on
the user's behalf.
- [14200] Added a couple SecurityPlus options that were missing in Remote
Administration
- [14312] Changed Remote Administration's left-hand menu to be acted on by
clicking rather than hovering
- [14685] Updated Remote Administration's IP Syntax checking function to support
IPv6 addresses
- [14653] Updated SPF results header per best current practice
- [14662] MDaemon trial keys are now sent via email and must be entered into the
installer to continue. The trial period is 30 days.
- [14747] Newer versions of the ActiveSync protocol may now be used with Windows
Phone devices. Remove any existing protocol restrictions for them, then recreate
the accounts on the devices.
- [5999] LookOut and WorldClient themes - added group by company option in the
address lookup view that can be accessed from the Compose view by clicking on
To, CC, or BCC
- [10859] LookOut and WorldClient themes - changed the contact picker and address
lookup views to show all contact email addresses instead of just the primary
email address
FIXES
- [14700] fix to localized versions of the folder ACL editor are unable to add ACL
entries
- [14500] fix to WorldClient and LookOut themes - sidebar calendar not selecting
correct month
- [11171] fix to LookOut theme - calendar event details dialog may be clipped for
events near the bottom of the window
- [14602] fix to Remote Administration not saving hiwater.mrk properly under
certain circumstances
- [13846] fix to WorldClient - going from a mobile device back to a PC causes the
user to go to the Mobile theme automatically instead of the previous theme they
were using on the desktop
- [14641] fix to List Digest page not linked anywhere in Remote Admin navigation
structure
- [14695] fix to WorldClient LookOut theme - IMAP filters not displaying in IE8
- [14064] fix to inconsistency in links on Remote Administration's registration
page
- [14703] fix to Russian, Japanese, and Chinese versions of MDStats and other GUI
programs possibly displaying wrong characters
- [14712] fix to MD GUI does not allow wildcard IP Shield entries to be added
- [14711] fix to host screen entries not always being immediately honored after
being added
- [13976] fix to incorrect ActiveSync max window size allowable range listed in UI
- [14715] fix to IP Shield conversion for IPv6 leading to connection problems in
some configurations
- [14709] fix to WorldClient theme - unreadable white text for multi-day all day events in
month view
- [14724] fix to smart host being used when gateway forwarded mail specified other host
- [14708] fix to broken gateway option "ETRN dequeuing requires authentication"
- [14743] fix to bracket characters missing from Received headers around IPs
- [14741] fix to MD GUI does not open the autoresponder editor when double clicking
an account at Accounts | Account Settings | Autoresponders
- [14737] fix to ActiveDS page in list editor not always saving settings properly
- [14192] fix to MDaemon Remote Administration report graph labels that contain non-ASCII
characters are corrupted after choosing to update/view the report after changing
a report option
- [14744] fix to LookOut theme - 'Add Address to contacts' button doesn't work in
the external message view
- [14748] fix to LookOut theme - When viewing notes for an appointment via the
popup <BR>s are shown
- [14756] fix to group members GUI does not check the checkboxes of existing members
when opening
- [14764] fix to WorldClient theme - Message headers not being translated in the
external message view
- [14728] fix to WorldClient - Unable to view any filters when one rule contains a
field with over 76 characters
- [14393] Fix to message body possibly being stripped if content-type was "text"
instead of "text/html" or "text/plain".
- [14790] fix to Remote Administration allowing selection of multiple sessions in the Active Sessions dialog
- [14808] fix to UI permitting improper characters when list is renamed or created
- [14816] fix to Auth-results header sometimes having incorrect data for SPF
section (wrong smtp.mailfrom=)
- [14817] fix to SPF approved domains not always being honored (broken by include directives)
- [14801] fix to newly created or renamed mailing lists not honored until a
restart or grplist.sem file created
- [14799] fix to old list name referenced in grp file when list renamed
MDaemon 15.0.0 - March 10, 2015
SPECIAL CONSIDERATIONS
[14366] Account hijack detection is now enabled by default. You can change hijack detection
settings at Ctrl+S | Screening | Hijack Detection.
[14431] The options at Ctrl+S | Screening | Dynamic Screening have been changed.
First, the "Watch accounts" checkbox was redundant and has been removed. The
option to "freeze accounts" has been made into its own separate checkbox.
Similarly the option to "Email postmaster" has been made into a separate checkbox
and you now have some control over what's included in the email. As in
previous versions, this email is not sent when the account in question is
already frozen. Dynamic screening settings have been reverted to installation
defaults which could change the existing behavior you are expecting. Please check and
configure these settings how you want them. Lastly, the options related to WorldClient
have been removed and placed at Ctrl+W | WorldClient (web mail) | Dynamic Screen.
MAJOR NEW FEATURES
[4758] IPV6 SUPPORT (MDaemon PRO only)
Support for IPv6 has been added. MDaemon will detect the level of IPv6
capability that your OS supports and dual-stack where possible; otherwise,
MDaemon will monitor both networks independently. Outbound SMTP, POP, and
IMAP connections will prefer IPv6 over IPv4 whenever possible.
When MDaemon
connects to an IPv6 host it must use an IPv6 local address of its own. Therefore the Alt+F2 |
Domain Manager | Host Name & IP screen now contains a separate edit control where you can
specify an IPv6 address for the domain to use. If this IPv6 address is missing MDaemon
will try to automatically detect a suitable address for use but please check it.
Buttons to manually detect IP addresses have been added to the same screen.
A few options related to use of IPv6 can be found at F2 | Server Settings | IPv6.
Also, $PRIMARYIP6$ and $DOMAINIP6$ macros can be used to retrieve IPv6
addresses. These macros can be used anywhere that the $PRIMARYIP$ and
$DOMAINIP$ macros can and they retrieve IPv6 addresses.
SPF processing now supports the "IP6" mechanism and expands the "a",
"mx", and "ptr" mechanisms to
include AAAA records.
Several configuration files that store reserved IP address ranges will be updated to include their IPv6
network equivalents.
[6319] 64-BIT VERSION
A 64-bit version of MDaemon is now available. The 64-bit version can
handle a higher number of active sessions before running out of memory. Please
note that the 64-bit MDaemon is not compatible with 32-bit plugins. When
switching to the 64-bit MDaemon, you must also switch to 64-bit versions of all
software that uses the MDaemon API. A 64-bit version of SecurityPlus is
available. We do not have a 64-bit version of BES, so stay on the 32-bit MDaemon
if you need it. If you run WorldClient, Remote Administration, or ActiveSync in
IIS, you will need to configure or recreate the application pools to be 64-bit.
The server side component of Outlook Connector is built in to MDaemon so we do
not have or need separate 32/64-bit server side Outlook Connector installers.
[14284] IMPROVED UI
The user interface was improved in several ways including:
[14052] The UI has an updated ACL editor.
[14284] Changed the root page in multi-page dialogs to summarize the section rather
than duplicate all the controls from the first page
Moved Ctrl+S | Security Settings | IP Shield to Ctrl+S | Sender Authentication | IP Shield
Numerous minor changes including: (a) the Gateways and Event Scheduling UIs have been slightly reorganized
(b) Domain and List Managers auto-expand sub-nodes when accessed via
double-click (c) updated warnings displayed when enabling ActiveSync for the
first time (d) some places throughout UI used "Settings" while others used
"Options"; I picked "Settings" and updated the UI everywhere (e) all occurrences
of "don't" within UI control labels have been changed to "do not" (in English
version) (e) several tiny memory leaks related to gateway use cleaned up (f) The
button to set default values was removed from the LAN IP editor as part of IPv6
work (g) Updated the Alt+M | ActiveSync | Domains screen.
The "WorldClient IM" page found at Ctrl+W and within the Domain Manager has been re-organized
slightly and re-labeled as "WCIM"
The F2 | Server Settings | Servers screen was re-orged somewhat and the option to
require missing Date headers was removed. It can be changed at MDaemon.ini
[Special] DateComplianceCheck=Yes (default No).
Removed the "Lists" top-level menu. All mailing list configuration is done
with the new Mailing List Manager found at Setup | Mailing List Manager. This change required reorganizing controls on
several list editor screens. By default the left-hand tree does not
auto-expand the nodes but if you want to change that you can with a checkbox at
Ctrl+O | Preferences | UI.
Removed the "Gateways" top-level menu. All gateway domain configuration is
done with the new Gateway Domain Manager found at Setup | Gateway Manager.
This change required reorganizing controls on several of the gateway editor
screens. The "Accounts" screen has been deprecated and removed. The
controls there allowed you to create an account through which you could access
the gateway domain's mailbox via POP. This is easily done by configuring
any of your existing accounts (or the gateway itself) to share the same mailbox
folder.
[13806] All the mailing list related options found at
Ctrl+O | Preferences | Miscellaneous have been moved to the new mailing list
manager. The option related to spam in mailing list public folders was
removed from the UI.
The "...sends 552 when account is over quota" option was removed from F2 | Server
Settings | Servers because its a duplicate of the same option found at Ctrl+U |
Other | Quotas.
Several options related to inbound and outbound socket binding were removed from Ctrl+O | Preferences | System
and placed on a new screen at F2 | Server Settings | Binding. The new screen also contains separate edit
controls for IPv4 and IPv6 addresses.
The option to add a Sender: header to all mailing list messages and the option to
add a custom header+value to all mailing list messages have been removed from
Ctrl+O | Preferences | Headers and placed within the new Mailing List Manager at Alt+G | Mailing
List Settings. Also, the options to configure the digest message subject
and to screen incoming list mail for non-list content were removed from
Ctrl+O | Preferences | System and moved to Alt+G | Mailing List Settings.
[14266] Some visual oddities with the red/green background color of password
fields within the Account Editor were fixed
[13746] Added some new conditions to the account manager including showing only
accounts which are forwarding, which are over-quota, or which have
autoresponders configured.
The IP Screen editor has been reorganized.
[12475] The Subject column is displayed when viewing the Bad Queue.
[13733] IMPROVED HIJACK DETECTION (MDaemon PRO only)
Added several new options to Ctrl+S | Screening | Hijack Detection which let you set
different message and timing thresholds depending on the source IP of the incoming
connection. You can set separate limits for connections from reserved IPs, local
domain IPs, and all other IPs.
MDaemon's reserved IPs are mostly as defined
by RFCs (127.0.0.*, 192.168.*.*, 10.*.*.*, 172.16.0.0/12, ::1, FD00::/8, FEC0::/10,
and FE80::/64). Local domain IPs are all the IPs configured for any MDaemon domain.
To preserve existing behavior, the defaults treat all types the same.
CHANGES AND NEW FEATURES
- [12639] Updated to SpamAssassin version 3.4.0. The Bayesian database will be migrated
to its new format during install.
- [14174] By default, the Attachment Linking feature currently places the text "MDaemon replaced the following
files with these links:" into certain emails. If you want to change that text add the following key to your
MDaemon.ini then restart MDaemon: [AttachmentLinking] HeaderText=This Is My Text.
- [14196] Added option to Ctrl+U | Autoresponders | Settings which lets you configure MDaemon to simply delete
autoresponse emails that remain undeliverable after their time in the remote queue has expired. This switch
is disabled by default to preserve existing behavior.
- [13735] Added option to Ctrl+S | Screening | Dynamic Screen which lets you
prevent IPs from being blocked due to multiple POP or IMAP authentication failures if each of
the failures uses the same password. This prevents a situation in which
unattended devices get their IPs blocked due to not yet being configured with
the new password.
- [14205] If you (a) require secure passwords (b) press OK when editing an account
with an insecure password (c) have the option enabled requiring the account to
change the password then (d) you will get a popup box saying "are you sure you
want to temporarily store an insecure password yes/no". In the past you were
not allowed to even temporarily store insecure passwords.
- [14216] Added button to Ctrl+U | Other | Passwords that goes through all accounts and
flags any of them with a weak password to require a password change. Note
that this could result in accounts being locked out so there are warnings in
place. Passwords can be changed using the UI, WorldClient or MDaemon
Remote Administration.
- [6016] Added the ability to print individual contacts in Lite, LookOut, and
WorldClient themes.
- [14262] Changed the distribution list editor in the LookOut theme to be like
that of the WorldClient theme.
- [4806] Added more column options for the contact list in the LookOut theme
- [14064] Added a Registration dialog to Remote Administration that will allow
Global Administrators to view their keys, the time remaining, and extend trial
keys (if applicable).
- [12382] Added options to disable and set the timer for the contact info preview
in the LookOut theme contact list view
- [14292] MDaemon responds with a 4xx temporary error to delivery attempts to
disabled or frozen accounts (see [14010]). If you would prefer to have a
5xx response instead you can add this setting in MDaemon.ini [Special]
DisabledAccountsSend550=Yes (default is No).
- [14229] Remote Administration now includes the Bad Queue Reason column when
viewing Bad Message Queue
- [14321] Removed loading of hashcash module from Spam Filter (MDaemon.pre file)
- [14332] The daily ActiveSync device cleanup event now runs in its own background
thread.
- [14296] Mail routing was made more consistent between the various types (direct,
smart host, or direct->smart host). When sending to smart host MDaemon
always expects this to be a host (not a domain) name value. No MX lookups
are performed on the smart host value. In the past, sometimes MDaemon
would do MX lookups of the smart host, and other times not. Now it always
will not. Also fixed a routing problem where direct+smart host
configurations were not sending DSNs out in some cases.
- [13743] Optimized shut-down routine generally and fixed errant prompt when doing
some shut-downs.
- [14350] Added white list button to Ctrl+U | Other | Quotas which lets you white list
accounts which should not be disabled even if inactive
- [14351] The "human-readable" portion of a delivery delay or failure DSN message
can now be customized as follows: Create a file in the \MDaemon\App\
folder called DSNDelay.dat and/or DSNFail.dat. Edit those files with
notepad and enter the text you want to use. The following macros can be
used in your custom text:
- $SESSIONID$ - expands to the delivery session's ID string
- $QUEUEID$ - expands to the message's mail queue ID string
- $MESSAGEID$ - expands to the message-id header value
- $RETRYDAYS$ - length of time allowed in queue (in days)
- $RETRYHOURS$ - length of time allowed in queue (in hours)
MDaemon must be restarted before changes to these files are loaded.
- [14378] Added option to Ctrl+S | Sender Authentication | DMARC Settings that
toggles inserting the bulk mail header into DMARC report emails. This
setting is enabled by default.
- [9735] Ctrl+U | Other | Passwords now has a button which will generate and email a
weak password report.
- [13881] Added the Categories column to the Contact list in the LookOut theme
- [13968] Contact edit question for saving a contact without an email address has
changed to "This Contact has no email address, save it anyway?" so that the "OK"
and "Cancel" options make more sense.
- [14271] Added a link to open Tasks and Notes in a new window in the WorldClient
theme
- [14390] Added option to Ctrl+S | Sender Authentication | DMARC Settings which tells
the SMTP server to refuse messages that are incompatible with DMARC requirements
regarding 'From' header construction.
These are messages with (a) multiple 'From' headers (b) multiple email addresses
in a single 'From' header. Such messages are currently exempt from
DMARC processing. Messages with multiple 'From' headers are illegal anyway and
should not be accepted. However, multiple addresses in a single 'From' header
are
technically legal and may be in legitimate use.
This setting is disabled by default for that reason. However, to maximize
DMARC protection, this setting should be enabled. This setting is only
applied when DMARC verification is enabled.
- [10736] A list of active sessions
may now be viewed via Remote Administration (Global Admins only). A session can
be selected and disconnected. The page will automatically refresh if a session
is not selected.
- [14324] Added new option to Ctrl+Q | Mail Queues | DSN Settings which lets you control
whether DSNs are sent through the spam and content filters or not (default is No).
The same setting also appears at Ctrl+M | Preferences | Miscellaneous.
- [9711] Added option to F2 | Server Settings | Servers which allows you to
temporarily white list host IPs which encounter an SSL error during an outbound
SMTP session. The white list is reset every hour.
- [13348] WorldClient's WAP WML theme has been deprecated and removed.
- WorldClient theme - added end to end email and attachment encryption using
Virtru. To use this functionality a user must "Enable Virtru" on the Options |
Compose page. To prevent users from using Virtru encryption add
VirtruDisabled=Yes to \MDaemon\WorldClient\Domains.ini.
- [13862] MDaemon Remote Administration now utilizes Google Analytics to help identify
usage statistics. This data will be used to improve future versions of MDaemon Remote
Administration. We do not receive any company or user-specific data. This feature may
be disabled by setting the following key in the WebAdmin.ini:
[General]
DoNotAnalyze=Yes
- [14475] The RPost option in WorldClient is now disabled and hidden by default.
- [14489] Added maximum password length requirement to list of strong password requirements
in WorldClient password change dialog.
- [14552] MDMigrator now supports Exchange 2010.
FIXES
- [14165] fix to DSN message using FQDN rather than domain value in postmaster email address
- [14166] fix to using 550 rather than 530 in SMTP response when missing required authentication
- [14156] fix to ill-formed mail looking odd in UI and queue summary emails; now uses "N/A" when data missing
- [14186] fix to certain types of sorting not working properly in some of Remote
Administration's queue views
- [14194] fix to LookOut and Lite themes - some contact fields in Contact Edit
view go out of the box in some languages
- [14213] fix to public folder manager allowing ACL changes to be made when root
folder selected in tree
- [12347] fix to DSN messages sometimes lacking useful logging data (reverses
previous change)
- [11344] fix to LookOut theme - External preview pane and internal preview panes
get out of sync
- [9740] fix to LookOut theme - when deleting a message from a search list the
next message in the search is not opened
- [14306] fix to WorldClient theme - Cannot display any filters if any rule has a
folder name containing a plus sign
- [14297] fix to incoming messages sent to an MDaemon system alias being rejected
as unknown user
- [14285] fix to gateway AUTH password being field too large
- [14336] fix to list welcome file being sent to errant group related address and
ending up in bad queue
- [14342] fix to ActiveSync policy dropdown containing actual assigned policy
names rather than just policy template names
- [14319] fix to LookOut theme - new appointment window not opening in IE 8 with
multiple calendars selected
- [14303] fix to WorldClient theme - In some languages, fields in the "New Folder"
dialogue are pushed below the footer
- [14294] fix to WorldClient theme - when selecting a calendar during appointment
creation, the shared folders do not show the owner's name
- [14215] fix to All Themes - Compose HTML Editor - carriage return sends cursor
to beginning of existing line instead of new line in Safari 8
- [11897] fix to LookOut theme - Contact search results may not be displayed when
business web address is entered
- [14245] fix to LookOut theme - When viewing the calendar in Italian, the tool
bar disappears while in 1024x768
- [14129] fix to text in some system generated messages is not properly encoded
- [14435] fix to blank note subjects in iOS for notes created by WC or OC
- [14579] fix to display problem with certain SMTP Auth settings in
Remote Administration
- [14572] fix to particular message recall emails are not processed immediately
- [14495] fix to outbound attachment linking not working with aliases properly
- [14624] fix to undeliverable archive message triggering DSN; such messages now go
to bad queue
MDaemon 14.5.5 - July 6, 2016
FIXES
- [17293] fix to potential security vulnerability
MDaemon 14.5.4 - June 19, 2015
FIXES
- [15229] fix to security vulnerability in content filter
MDaemon 14.5.3 - January 20, 2015
CHANGES AND NEW FEATURES
- [6319] A 64-bit version of MDaemon is now available. The 64-bit version can
handle a higher number of active sessions before running out of memory. Please
note that the 64-bit MDaemon is not compatible with 32-bit plugins. When
switching to the 64-bit MDaemon, you must also switch to 64-bit versions of all
software that uses the MDaemon API. A 64-bit version of SecurityPlus is
available. We do not have a 64-bit version of BES, so stay on the 32-bit MDaemon
if you need it. If you run WorldClient, Remote Administration, or ActiveSync in
IIS, you will need to configure or recreate the application pools to be 64-bit.
- [14292] MDaemon responds with a 4xx temporary error to delivery attempts to
disabled or frozen accounts (see [14010]). If you would prefer to have a 5xx
response instead you can add this setting in MDaemon.ini [Special]
DisabledAccountsSend550=Yes (default is No).
FIXES
- [14286] fix to javascript error on Remote Admin's account editor page
- [14264] fix to Save and Cancel buttons not enabled for certain options on Spam
Filter in Remote Admin
- [14281] fix to incorrect logic when setting an account to Frozen via Remote
Administration
- [14225] fix to ActiveSync provision issue with newer iOS versions
- [14278] fix to ActiveSync error searching the global address list
- [14279] fix to ActiveSync device protocol version may be reported as 0.0
- [14168] fix to iOS 8 ActiveSync Automatic Reply end date not syncing properly
- [14322] fix to DMARC sometimes reporting "too many recipients" errantly and
ignoring them
- [14289] fix to MDaemon is unresponsive during the daily ACL cleanup processing
- [14343] fix to SPF record macros might not be expanded properly
- [14285] fix to long Gateway AUTH passwords are truncated to 14 characters
- [14325] fix to ActiveSync policies may not be enforced correctly
- [14306] fix to WorldClient does not display any filters if a filter rule has a
folder name containing a plus sign
- [13971] fix to iOS 8 Settings app crashes when trying to set an ActiveSync
Automatic Reply end date
- [14338] fix to ActiveSync policy templates are removed when updating from MD
14.0 to 14.5
- [14342] fix to ActiveSync policy dropdown errantly containing auto-generated
policy names
- [14162] fix to display problems in Content Filter Rule Editor in Remote
Administration when using certain actions
- [13786] fix to corrupt data in SPFCache.dat file, requiring the cache file to be
deleted
- [14358] fix to WorldClient Lookout theme: Cannot delete attendee from new or
existing event
- [14368] fix to MDRA help does not open if MDRA is running under IIS as a
sub-directory
- [12527] fix to reminder emails are not generated for tasks created in public
folders
MDaemon 14.5.2 - November 20, 2014
FIXES
- [14261] fix to certain shared folder permissions may be inadvertently removed by
MDaemon's daily maintenance processing
- [14222] fix to autocomplete in WorldClient does not work with IE 11
- [14250] fix to invitations may not be sent to meeting attendees added using
WorldClient's LookOut theme
- [14241] fix to not being able to save ActiveSync 14.1 and 12.1 restrictions for
a device
MDaemon 14.5.1 - November 11, 2014
CHANGES AND NEW FEATURES
- [13776] DMARCReporter now supports a /o= option where you can specify the output
folder where DMARCReport.html will be created. When this option is used a
date-stamp will be appended to the output report file name something like this:
DMARCReport_2014-10-24_16-10-28.html.
- [13963] The following headers are not included in DKIM signatures in order to
conform with current best practice: 1) any header starting with "X-", 2)
Authentication-Results 3) Return-Path 4) DKIM-Signature 5) Received 6) Bcc &
Resent-Bcc 7) Comments and Keywords. In previous versions only the first three
were excluded.
- [13772] Added a new setting to Ctrl+S|IP Screen which lets you apply IP
Screening to connections made to the server's MSA port. Normally this is not
necessary. This setting is disabled by default.
- [13830] Added a new setting to Ctrl+S|Host Screen which lets you apply Host
Screening to connections made to the server's MSA port. Normally this is not
necessary. This setting is disabled by default.
- [13415] Added a new setting to Ctrl+S|Host Screen which lets you drop offending
connections immediately following EHLO/HELO. Normally you would wait for
authentication. This setting is disabled by default.
- [10245] Added a new setting to the mailing list editor which allows you to
temporarily disable a mailing list. When a mailing list is disabled any message
arriving via SMTP either from or to that list will generate a 451 temporary
error and be refused.
- [14010] When an account is disabled or frozen the SMTP server will respond with
a 450 temporary error now rather than a 550 error as in previous versions.
- [13972] The $WORLDCLIENTURL$ macro now expands to include "http://" or
"https://" depending on whether you have WorldClient configured to use SSL or
not.
- [14031] DSNs now include the X-MDaemon-Deliver-To header for consistency in
delivery.
- [14032] When DSNs are created some logging about that will be added to the SMTP
session log.
- [13789] The option to force STARTTLS for all incoming SMTP connections has been
removed from Ctrl+S | SSL & TLS | MDaemon.
- [13829] Added option to Ctrl+S | SSL & TLS | MDaemon which lets you require SSL
on MSA port connections.
- [14005] Changed the WorldClient theme IMAP filters sentence structure to use "If
$HEADER$ $CONDITION$ $MATCHTEXT$ then $ACTION$"
- [14037] Changed the color of the TO, CC, and BCC links in the Compose view so
that they stand out as links.
- [6717] Lite theme - Tasks - User is warned when attempting to set the due date
before the start date of a Task
- [13813] WorldClient theme - added option to "Add Filter" in message preview
"more" drop down menu
- [14074] WorldClient theme - added back the ability for users to reorder their
message list columns
- [13790] The option to require auth for all SMTP sessions has been removed from
the UI. To enable it, edit MDaemon.ini and set [Special] ForceAUTHFromAll=Yes.
FIXES
- [13969] fix to DMARC "Send Reports Now" button not behaving properly in some
cases
- [14002] fix to no days selected by default when configuring an autoresponder via
Remote Administration
- [13807] fix to batv header being included errantly in some cases
- [13978] fix to subject column in bad message summary email not decoded
- [14039] fix to list subscribe confirmations not working when subject data
encoded
- [14038] fix to list subscribe command sometimes parsed errantly from message
body
- [12431] fix to MDaemon crash triggered by delivery error in some configurations
- [14042] fix to time left not sorting properly when minutes left > 99
- [13983] fix to inconsistent naming of some options in Account menu in Remote
Administration
- [8809] fix to LookOut theme - Summary - Calendar view does not show dates of
events, only time
- [11581] fix to LookOut theme - with pastel blue style selected, the autocomplete
background color is the same as the highlight color
- [14058] fix to LookOut and WorldClient themes - If you add line breaks (hit
enter) in the notes of an event they will show up as <BR> on the event in the
week and day views
- [14072] fix to WorldClient theme - When deleting a single instance of an event
from the event editor view all instances of the event are deleted
- [13845] fix to Mobile theme - When the folders list is opened, the options list
will appear behind the folder list when opened
- [13844] fix to Mobile theme - message view cannot be scrolled right to left, so
some messages cannot be fully viewed
- [12494] fix to LookOut and WorldClient themes - cannot use arrow keys to change
selection in message list after changing focus to the message preview in Firefox
- [14085] fix to Remote Administration's "DNS Servers" field too short
- [14109] fix to UI referencing AS devices after account is deleted
- [14127] fix to WorldClient theme - the new event view breaks the theme when
using the French language
- [14133] fix to Mobile theme - If a user account cannot edit forwarding the
Options | Personalize page breaks for that user
- [14118] fix to Remote Administration unable to save changes to Spam Filter
Whitelist and Blacklist files
- [13749] fix to XML error when viewing certain messages in Remote
Administration's Queue Management
- [14139] fix to wildcard & CIDR notation not working in Trusted IP UI
- [14100] fix to DMARC filter option sometimes creating duplicate filter rules
- [14079] fix to ActiveSync blacklist/whitelist entries reappear after deleting
them in the MD GUI
- [14142] fix to messages duplicate when moving them to another folder using OL
2013 with ActiveSync
- [14153] fix to MDAirSync high CPU usage
- [14128] fix to public and shared folder prefixes may be quoted in ActiveSync
clients
- [7421] fix to WorldClient IM may errantly detect that away users have returned
- [14093] fix to Remote Administration not assigning correct message prefix when
moving messages out of the Quarantine queue
- [14152] fix to possible MDaemon server crash after sending to an invalid address
using ActiveSync
- [14160] fix to MD GUI mailing list member import from CSV file does not work
- [14162] fix to Remote Administration GUI issue with Content Filter actions
- [14166] fix to SMTP server returns 550 error instead of 530 when authentication
is required
MDaemon 14.5.0 - October 21, 2014
SPECIAL CONSIDERATIONS
[13265] The two options to hide local IP addresses and local LAN IP addresses
when processing message headers have been deprecated and removed from Ctrl+O |
Preferences | Headers. They have now been replaced by a single option which
hides reserved IP addresses. That was always the intent of the older two options
anyway. This new option is enabled by default and prevents use of reserved IPs
from appearing in certain MDaemon created message headers. Reserved IPs are as
defined by various RFCs and include: (a) 127.0.0.* (b) 192.168.*.* (c) 10.*.*.*
and (d) 172.16.0.0/12. If you want or need to do the same for your domain
IPs (including LAN domains) then you can set this switch in MDaemon.ini
manually: [Special] HideMyIPs=Yes (default is No).
[13332] The option "POP3, IMAP, and WorldClient passwords are case sensitive"
has been deprecated and removed from Ctrl+O | Preferences | Miscellaneous.
Passwords are now always case-sensitive. Allowing otherwise breaks
security best practices and is incompatible with hash-based authentication
mechanisms (APOP, CRAM-MD5) and secure (hash-based) password storage. As a
result of this some of your users may need to update their password in their
mail client.
[13786] The SPF cache file now caches a domain's actual SPF policy record taken
from DNS rather than the final result of SPF processing. Your old SPFCache.dat
file can not be migrated and so was renamed SPFCache.dat.old in case there are
settings in there you need to refer to. You can delete SPFCache.dat.old at any
time.
[13121] DomainKeys has been deprecated (see below). As a result the content
filter action to sign messages with DomainKeys will be ignored. If you were
using this action in any of your rules you may want to either change them to
sign with DKIM instead or delete them if they are no longer needed.
MAJOR NEW FEATURES
[11196] DMARC (Requires MDaemon PRO)
Support for DMARC (Domain-based Message Authentication, Reporting, and
Conformance) has been added. DMARC defines a scalable mechanism by which a mail
sending organization can express, using the Domain Name System, domain level
policies and preferences for message validation, disposition, and reporting, and
a mail receiving organization can use those policies and preferences to improve
mail handling. The DMARC specification and full details about what it does and
how it works can be found here: http://www.dmarc.org/.
DMARC allows domain owners to express their wishes concerning the handling of
messages purporting to be from their domain(s) but which were not sent by them.
Possible message handling policy options are "none" in which case MDaemon takes
no action, "reject" in which case MDaemon refuses to accept the message during
the SMTP session itself, and "quarantine" in which case MDaemon places the
following header into each message for easy filtering into your user's Junk
E-mail folder: "X-MDDMARC-Fail-policy: quarantine". This header is
only added when the result of the DMARC check is "fail" and the resulting DMARC
policy is something other than "none." It is possible to configure MDaemon
to accept messages even though DMARC requests that they be rejected. In
fact, this is the default operational mode. In these cases MDaemon will
place an "X-MDDMARC-Fail-policy: reject" header into the message in case you
want to filter more seriously on that.
DMARC supersedes ADSP and the message disposition features of SPF.
However, you can still use all of them together with DMARC. ADSP and
SPF message rejection now takes place after DMARC processing if DMARC
verification is enabled.
DMARC depends in part upon the use of a "Public Suffix List." A "Public Suffix"
is one under which Internet users can directly register names. Some examples of
public suffixes are .com, .co.uk and pvt.k12.ma.us. A "Public Suffix List" is a
list of all known public suffixes. MDaemon uses the one maintained for the
community by the Mozilla Foundation that is found here:
https://publicsuffix.org/. A copy of this list is installed into your \App\
folder as effective_tld_names.dat. There is currently no comprehensive or single
authoritative source for such a list which is an issue the Internet community
should address. Over time this file will grow obsolete and must be replaced by
downloading it afresh from https://publicsuffix.org/list/effective_tld_names.dat
and saving it to your \App\ folder. MDaemon will periodically and automatically
download and install this file as part of the daily maintenance event
approximately once every two weeks. Various controls to govern this can be
found on the new DMARC configuration screens. The DMARC log and the new
DMARC window within the Security tab inside the main UI will contain the results
of the update and all other DMARC processing operations. You can set a
different file download URL if needed but the data downloaded must conform to
the format specified by Mozilla for their file. You can read about this at the
URL mentioned above. MDaemon strictly follows the parsing algorithm
specified by Mozilla. Create a (possibly empty) file called "PUBLICSUFFIX.SEM"
and place it in MDaemon's \App\ folder if you replace or edit the
effective_tld_names.dat file yourself and need MDaemon to reload it without a
reboot.
To use DMARC as a mail sender you must publish a DMARC TXT record within your
domain's DNS setup. Information on how this record is defined and
structured can be found at http://www.dmarc.org.
When you publish a DMARC record to your DNS you may begin receiving DMARC
reports from many different sources via email. These reports are provided as a
compressed XML file whose format is governed by the DMARC specification.
Consuming these reports is outside the scope of MDaemon's DMARC implementation.
However, the data within these reports can provide important insight into a
domain's mail flow, improper domain use, DKIM signing integrity, and SPF message
path accuracy/completeness. The addresses to which these reports are sent is
configured by you when you create your DMARC record.
When setting up a DMARC record for one or more of your domains take care with
use of p=reject. Take particular care if your domain provides email
accounts for general use by human users. If such users have signed up for
any mailing lists, make use of a mail forwarding service, or expect to use
common things like "share this article with a friend" you should know now that a
DMARC p=reject policy could make those things entirely impossible and if so
you'll hear about it. DMARC p=reject is perfectly appropriate and useful
but only when it is applied to domains that control how their email accounts are
used (for example, transactional mail, automated (i.e. non-human) accounts, or
to enforce corporate policies against use of the account outside organizational
boundaries).
DMARC p=reject is especially bad for mailing lists and if careful steps are not
taken this can result in list members being automatically removed from your
mailing lists. To mitigate this, the following steps should be taken:
(I) For mail receivers: (a) do not allow anyone to post to any of your mailing
lists if they are from a domain that publishes restrictive DMARC policy (ie..
any policy other than "none") or (b) failing that, configure all your lists to
alter the From: header within messages from such posters. MDaemon 14.5 has
new configuration options within the Mailing List Editor that can do all that
work for you. If you don't want to do either of those things then at least
make sure you disable the mailing list feature that automatically removes
members who refuse to accept mailing list traffic. Otherwise, a message
sent through your list by (for example) user@yahoo.com will result in the
instant removal of every aol.com list member along with any and all other list
members whose mail systems are DMARC compliant. MDaemon 14.5 automatically
configures all your lists to be DMARC safe so that none of your list members
will be removed by enabling the From: header mitigation described above for all
your lists. (II) For mail senders: by all means publish a DMARC
record for your domains and specify an email address to receive reports but take
care not to use p=reject unless you are sure its appropriate (which it very well
may be).
In order to support DMARC aggregate reporting MDaemon will store data which it
will need later in order to generate aggregate reports according to the DMARC
specification. MDaemon ignores the DMARC "ri="; tag and only produces DMARC
aggregate reports that cover from 00:00:00 UTC to 23:59:59 UTC for a given day.
At midnight UTC (which is not necessarily midnight local time) MDaemon consumes
this stored data to generate the reports. MDaemon needs to be running at this
time or the stored data could grow and grow and never be consumed. Therefore, if
you do not run your MDaemon 24/7 you should not enable DMARC aggregate
reporting. DMARC aggregate reporting is disabled by default.
In order to support DMARC failure reporting RFC 5965 "An Extensible Format for
Email Feedback Reports", RFC 6591 "Authentication Failure Reporting Using the
Abuse Reporting Format", RFC 6652 "Sender Policy Framework (SPF) Authentication
Failure Reporting Using the Abuse Reporting Format", RFC 6651 "Extensions to
DomainKeys Identified Mail (DKIM) for Failure Reporting", and RFC 6692 "Source
Ports in Abuse Reporting Format (ARF) Reports" have been fully implemented.
Failure reports are created in real-time as the incidents which trigger them
occur. MDaemon implements DMARC AFRF type failure reports and not IODEF
type reports. Therefore, only values of "afrf" in the DMARC "rf=" tag are
honored. See the DMARC specification for complete details. Multiple
failure reports can be generated from a single message depending upon the number
of recipients in the DMARC record's "ruf=" tag and upon the value of the "fo="
tag times the number of independent authentication failures which were
encountered by the message during processing. When the DMARC "fo=" tag
requests reporting of SPF related failures MDaemon sends SPF failure reports
according to RFC 6522. Therefore, that specification's extensions must be
present in the domain's SPF record. SPF failure reports are not sent
independent of DMARC processing or in the absence of RFC 6522 extensions.
When the DMARC "fo=" tag requests reporting of DKIM related failures MDaemon
sends DKIM and ADSP failure reports according to RFC 6651. Therefore, that
specification's extensions must be present in the DKIM-Signature header field
and the domain must publish a valid DKIM reporting TXT record in DNS and/or
valid ADSP extensions in the ADSP TXT record. DKIM and ADSP failure
reports are not sent independent of DMARC processing or in the absence of RFC
6651 extensions. See the various specifications referenced herein for
complete details. DMARC failure reporting is disabled by default.
Important Note: A DMARC record can specify that reports should be sent to
an intermediary operating on behalf of the domain owner. This is done when the
domain owner contracts with an entity to monitor mail streams for abuse and
performance issues. Receipt by third parties of such data may or may not be
permitted by your privacy policy, terms of use, or other similar governing
document. You should review and understand if your own internal policies
constrain the use and transmission of DMARC reporting and if so you should
disable DMARC reporting as appropriate.
DMARC requires use of STARTTLS whenever it is offered by report receivers
however there's no way to predict or police this. However, you should
enable STARTTLS if you haven't already (see Ctrl+S | SSL & TLS | MDaemon).
There is a white list for use with DMARC verification. This white list is
for IPs only. A match to this white list causes DMARC processing to be
skipped. DMARC also interacts with the SPF and DKIM white lists. If they
cause SPF or DKIM processing to be skipped then DMARC processing will also be
skipped. Naturally, when both SPF and DKIM are entirely disabled then DMARC
processing will be skipped.
DMARC also honors the Approved List which can white list based on verified DKIM
identifiers and/or SPF paths from sources you trust. So, for example, if a
message arrives that fails the DMARC check but has a valid DKIM signature from a
domain on the Approved List the message is not subject to punitive DMARC policy
(i.e..the message is treated as if the policy were p=none). The same
happens if SPF path verification matches a domain on the Approved List.
So, take note that your existing Approved List is now also a DMARC white list.
Finally, DMARC has been integrated with MDaemon's VBR system and a new option
has been added to Ctrl+S | Sender Authentication | VBR Certification which
allows you to ignore punitive DMARC policy on messages that fail a DMARC check
but otherwise have a verified identify vouched for by at least one of your
trusted VBR service providers. This option is enabled by default.
For more information on VBR see
https://www.altn.com/email-certification/. Congratulations on VBR (RFC
5518) achieving Standards-Track status!
The Authentication-Results header has been extended to include DMARC processing
results. Note that Authentication-Results includes some data in comments for
debugging purposes including the DMARC policy requested by the domain owner
which is not necessarily the action taken on the message. For example, when the
result of a DMARC check is "pass" it does not matter what the DMARC policy
states as policy is only applied to DMARC checks which "fail". Similarly, when
the result of a DMARC check is "fail" and the policy is "reject" the message may
be accepted anyway for local policy reasons. Use of this header for filtering
should take all this into account. Alternatively, filter for
"X-MDDMARC-Fail-policy: quarantine" or "X-MDDMARC-Fail-policy: reject" to filter
these messages into spam folders or whatever you want to do. MDaemon
strips out the "X-MDDMARC-Fail-policy:" header from every incoming message.
Messages must conform to DMARC section 15.1 with respect to the RFC 5322 From
header or they are not processed which basically means that the absence of a
single (one and only one) properly formed (according to RFC specifications)
RFC5322 From field renders the message invalid generally and therefore invalid
for DMARC processing.
Several new screens have been added at Ctrl+S | Sender Authentication where you
can set various options related to DMARC use.
DMARC requires SPF and/or DKIM verification to be enabled as it is based upon
the verified identities that those two mechanisms provide. You can't make
productive use of DMARC for inbound mail without one or both of those
technologies enabled. The UI will try to enforce this.
DMARCReporter is a tool that reads DMARC XML reports and transforms them into
easier to read HTML. This tool has been installed into your \MDaemon\App\
folder. See DMARCReporterReadMe.txt for instructions on use.
[9843] NEW LOOK FOR MDAEMON REMOTE ADMINISTRATION
Massive updates were done to the Remote Administration interface. "Mobile Device
Management" is now a top-level menu item for easier access. Some other menus
were relocated to align Remote Administration more closely with MDaemon's
layout. Accordingly, menus have been utilized where appropriate.
Context-sensitive help has also been added.
[10279] ACTIVESYNC SERVER NOW SUPPORTS SERVER-SIDE MAIL SEARCHING (Requires
MDaemon PRO and active ActiveSync Software License Renewal Coverage)
MDaemon's ActiveSync server now supports searching messages on the server.
Please refer to your ActiveSync client's documentation to find out if it
supports this feature and how to use it. The search indexes are stored on the
server in the folders being searched in files named SrchData.mrk and
SrchIndex.mrk.
[13231] IMPROVED MAILING LIST ENGINE
The mailing list engine has had several improvements.
[13196] The mailing list editor has been slightly reworked. All the header
manipulation related settings have been removed from the Settings page and put
on their own new Headers page. Also, the option to set the list's
precedence value has been deprecated and removed. Similarly the option to
insert the list's name into the 'To:' header 'Display Name' has been removed as
an unnecessary duplicate of the radio button option on the same screen that does
the same thing.
[13198] Added a new option to the mail list editor which will allow you to
reject messages sent to the list from authors whose domain publishes a
restrictive DMARC policy ("p=reject" or "p=quarantine"). This option is
enabled by default. By publishing restrictive policy these domain owners
are effectively making it impossible for their users to participate in any
mailing list or forwarding service or "mail this article" type of service.
That may well be what they intend. However, allowing the mailing list
engine to accept such messages can lead to unrelated members being automatically
unsubscribed. You wouldn't need to enable this option if you use the new
From: header alteration option but better safe than sorry (see [13160]).
Also, you wouldn't need to do this as long as your list does NOTHING to
invalidate a valid DKIM signature (if there is one) but lists do that all the
time and for perfectly good reasons (like adding a label to the Subject:, adding
footers to the message body, etc).
[13160] Added a new option to the Mailing List Editor Headers screen which
allows you to alter the From: header value on incoming posts from authors whose
domain publishes restrictive DMARC policy. This option is enabled by default and
should stay enabled. As much of the previous From: header data is preserved as
possible. This should help with the recent issues mailing list administrators
have experienced due to the DMARC "p=reject" policies at Yahoo, AOL, and some
others. FYI, as it depends on DMARC data being available this option
doesn't really do anything when DMARC processing is disabled. Any time the
From: header is changed by this feature the original From: header data will be
moved into the Reply-To: header but only if (1) the message has no Reply-To:
header to begin with and (2) only if the mailing list configuration itself does
not specify a custom Reply-To: for all list messages.
[5102] Support for List-ID (RFC 2919) has been added. List-ID allows you
to enter a short description for your mailing list which is included in the
List-ID message header. This description is optional and if not provided the
List-ID header will contain just the list identifier by itself. An example
header with a description looks like this: List-ID: "Discussion of the
current MDaemon Beta" <md-beta.altn.com>. An example without a description looks
like this: List-ID: <md-beta.altn.com>. The email address of the
mailing list itself is used as the list's unique identifier (note that the "@"
is changed to a "." character to safely comply with the specification).
The List-ID header is stripped from incoming messages sent to local mailing
lists but not from incoming messages sent to local users from outside mailing
lists.
[13201] Support for List-Post, List-Subscribe, List-Unsubscribe, List-Help,
List-Owner, and List-Archive mailing list headers (RFC 2369) has been added.
These headers are added to list messages if URLs for each are specified in the
new controls found within the mailing list editor on the Moderation tab (because
that's where there was room for them). These must be URLs as specified in
RFC 2369 (for example: mailto:arvel@altn.com). See that document for
examples. Whatever you put into these controls will be inserted into all
mailing list messages. If the data is improperly formed it won't achieve
any results. When a List-Unsubscribe value is provided MDaemon will use it
rather than other possible auto-generated values.
[13230] Support for sending mailing list monthly subscription reminders has been
added. When enabled, MDaemon will send the text of a reminder message to
each list member on the first day of each month. You can control the content of
the reminder message using some new controls on the Mailing List editor
Reminders page. The following macros are available for use within the reminder
message:
- $LISTADDRESS$ which expands to the mailing list's email address
- $LISTNAME$ which expands to the local-part of the mailing list's email address
- $UNSUBADDRESS$ which expands the list's unsubscribe address (the MDaemon system
address basically)
- $MEMBERADDRESS$ which expands to the email address of the list member receiving
the reminder
You can copy and paste whatever HTML you want from your favorite HTML editor
into the control. If you'd rather send the reminders on a different day of the
month, change it by editing MDaemon.ini and setting [Special] ListReminderDay=X
(default is 1).
[13242] The option to configure a list's Reply-To value has been enhanced in the
UI with radio buttons to allow you to more easily select (1) Leave any Reply-To
unchanged (2) Put list's name in Reply-To (3) Put arbitrary email address in
Reply-To.
[13263] IMPROVED SMTP SERVER
MDaemon's SMTP server has had some improvements
[13243] Support for RFC 3463 (Enhanced Mail System Status Codes) has been added.
These codes allow for much finer grained reporting and automation. As a result
of this, nearly all of MDaemon's SMTP server protocol strings have been changed
to include the enhanced codes. Also, support for RFC 2034 (SMTP Service
Extension for Returning Enhanced Error Codes) has been added. The ESMTP
capability ENHANCEDSTATUSCODES will be advertised to other servers during the
SMTP transaction.
[13264] Support for RFC 3464 (An Extensible Message Format for Delivery Status
Notifications) and RFC 6522 (The Multipart/Report Media Type for the Reporting
of Mail System Administrative Messages) has been added. This completely
overhauls MDaemon's DSN reporting. All of the old code and behavior related to
this has been removed and replaced. With these changes, MDaemon's DSN system now
fully complies with industry standards and will properly interoperate with
automation tools and other MTAs. The format of the DSN has radically changed and
now rigidly complies with the specifications. This means that delivery warning
messages and delivery failure messages now fall under the control of these RFCs
and are no longer accessible to administrators for customization. They can be
localized but not customized. The "Subject" data for these messages can
still be changed but this is not recommended. The data contained in these DSNs
is now in MIME multipart/report format and no longer includes the original
message as an attachment. Instead, only the headers of the original
message are included in a text/rfc822-headers MIME section of the
multipart/report message as the specifications recommend. Nearly all the
optional components of these reports have been implemented including taking
advantage of enhanced status codes if the receiving MTA supports them.
DeliveryWarning.dat and DeliveryError.dat have been deprecated and removed.
Ctrl+Q | DSN Options screen has been updated to remove the edit buttons and also
the old option "Don't generate DSN for undeliverable list mail." This option is
also deprecated and removed. MDaemon never generates DSNs for undeliverable list
posts. Please review the RFCs if you want the full details on what the
meaning of the various elements within these mails mean. MDaemon adds a
Session-ID and a Queue-ID to each DSN. The Session-ID is a functionally
unique value that identifies the actual mail session or transaction event that
attempted delivery (this is not new; it has just never been used for anything
until now). The Queue-ID is a functionally unique value that identifies
the message file inside the queue (it's the file's name). "Functionally
unique" means unique enough to identify the data it points to for all practical
purposes but not guaranteed to never repeat over the long term.
[13475] Support for RFC 3848 (SMTP and LMTP Transmission Type Registration) has
been added. This governs the value of the "WITH" clause in Received
headers. This means you'll see "ESMTP" for unauthenticated non-SSL
sessions, "ESMTPA" for authenticated sessions, "ESMTPS" for SSL sessions, or
"ESMTPSA" for authenticated & SSL sessions. Values of "MULTIPOP" and
"DOMAINPOP" are MDaemon specific and will continue to be used even though they
don't appear in the IANA registry.
[13312] IMPROVED SENDER AUTHENTICATION
[13292] Updated MDaemon's SPF implementation to the latest specification (RFC
7208):
Section 4.6.4: Imposed a limit on the number of SPF terms that cause DNS
queries. The following terms cause DNS queries: the "include", "a", "mx", "ptr",
and "exists" mechanisms and the "redirect" modifier. The total allowed for such
terms is now fixed at 10 and cannot be changed as per the specification. Also,
each 'A' record lookup performed while processing an "mx" mechanism count toward
the 10 term limit. When the 10 term limit is reached further SPF
processing stops, any SPF results are dropped, and a permanent error is recorded
as the result as per the specification. Section 4.6.4: "ptr" resource records
count toward the 10 term limit as well however any extras over and above 10 are
simply ignored and no permanent error is generated as per the specification.
Section 4.6.4: Imposed a limit on the number of "void" lookups. These are
defined in the specification as lookups that result in either (a) domain does
not exist or (b) no answers exist. When this limit is reached SPF
processing generates a permanent error as per the specification. You can
configure the number of allowable void lookups via a new control in Ctrl+S |
Sender Authentication | SPF Verification. It cannot be less than 2.
Section 9.1: The ABNF was updated for the Received-SPF header so it required a
few changes. Also, I added the "mechanism" key so you can see which mechanism
matched. Note that the spec calls for using the string "default" when no
mechanism matches so that may appear from time-to-time. Also, 9.2 provides
guidance on the use of the Authentication-Results header (RFC 7001) so this
resulted in a few updates to that header as well.
As a result of the improvements made to Authentication-Results, MDaemon no
longer creates the X-MDPtrLookup-Result, X-MDMailLookup-Result, or
X-MDHeloLookup-Result headers. These headers will continue to be stripped
from incoming messages but they are no longer created or used by MDaemon itself.
[13313] Updated MDaemon's implementation of "Message Header Field for Indicating
Message Authentication Status (RFC 7001)." This is the latest specification
governing the Authentication-Results header. This caused several changes to the
format of the Authentication-Results header and it looks much different now.
PTR, HELO, and MAIL reverse lookups now use the ABNF from RFC 7001 (i.e.. iprev
and policy.iprev for PTR, HELO, and MAIL with comment text as the
differentiator). Also, corrected improper use of ptypes and their values
in several places. Also, found and fixed some bugs in the inconsistent
text put out in this header and in what happens if a DNS failure occurs during a
lookup.
[13314] Implemented "Authentication-Results Registration for Vouch By Reference
Results (RFC 6212)." I (Arvel) am one of the authors of VBR but didn't notice
that my friend Murray had created RFC 6212 to document VBR results in an
industry standard way using his Authentication-Results header. That's what
I get for falling into a corporate black hole for 3 years :) MDaemon will
now follow this RFC and when multiple VBR hosts are used there will be multiple
VBR sections in Authentication-Results.
[13316] Implemented "Authentication-Results Registration for Differentiating
among Cryptographic Results (RFC 6008)." This included documenting the results
of each DKIM signature in an industry standard way. Previously, MDaemon did not
document all signature results and what it did document was not in industry
standard form. MDaemon will now follow this RFC and when multiple DKIM
signatures are used there will be multiple DKIM sections in
Authentication-Results.
[13315] Added new option to Ctrl+S | Sender Authentication | VBR Certification
which will force VBR checks even for incoming messages that lack the VBR-Info
header. Normally this header is necessary but VBR works fine without it.
When the header is missing MDaemon will query your trusted VBR certifiers using
the "all" mail type. This option existed in the previous version but was
not exposed in the UI. Also, in previous versions it was enabled by
default but I changed that to be disabled by default to save on queries.
You can enable it if you want. Also, in previous versions only the default
certifier was used in this situation (which is Alt-N's service -
vbr.emailcertification.org) but now MDaemon will query each of your trusted VBR
certifiers. Note that spamhaus has adopted VBR now with their DWL list.
See
http://www.spamhauswhitelist.com/en/usage.html for information and usage.
To use this list within MDaemon just add it to the list of trusted certifiers at
Ctrl+S | Sender Authentication | VBR Certification after checking with Spamhaus
for any compliance requirements they may have.
[13139] Updated MDaemon's DKIM implementation to the latest specification (RFC
6376). Also, added separate storage of header and body canonicalized data
for optional use with DMARC failure reporting. Also, the
Authentication-Results header now includes the results of ADSP processing where
relevant as per RFC 5617. Finally, RFC 6651 required updates to libdkim.
Added a new option to Ctrl+S | Sender Authentication | DKIM Options which adds
RFC 6651 "r=y" tag to outbound signatures. This enables DKIM failure
reporting should outside verifiers choose to honor it. You must also
configure a DKIM reporting TXT record in your domain's DNS and/or update your
ADSP TXT record if you want to receive these reports. See RFC 6651 for
syntax and instructions on how to do that. When set up correctly you may
begin receiving AFRF failure reports from external sources when they encounter
messages purporting to be from your domain which fail DKIM verification.
Since it requires DNS setup this option is disabled by default. Also, I
added another option to Ctrl+S | Sender Authentication | DKIM Options which
toggles whether the RFC 6651 "rs=" tag is honored. This tag allows outside
domain owners to customize the SMTP rejection string that your MDaemon will
display when DKIM processing results in a rejection related to their domain.
These strings cannot start with a space or number or include \r, \n, or \t. If
they do, MDaemon ignores them. Otherwise, they're fine. This switch
is enabled by default. You can disable it if you are uncomfortable with
outsiders determining what your MDaemon says in a DKIM related SMTP rejection.
Normally, this is just "550 5.7.0 Message rejected per DKIM policy". The
"550 5.7.0" bit will be prepended to whatever custom string is used (if any).
CHANGES AND NEW FEATURES
- [12535] MDaemon now supports TLS 1.1 and 1.2. Requires Windows 7 / Server 2008
R2 or newer.
- [13040] Ctrl+U | Passwords now has a new control which lets you configure the
minimum password length when requiring strong passwords. The absolute minimum is
6 characters but higher values are strongly recommended. Changing this setting
does not automatically trigger a required password change for those with
passwords shorter than the new minimum however when those users next change
their password this setting will be enforced.
- [13197] Message Recall improved slightly with a better indication of success in
the Subject: text of result notification email. Also, you can specify the full
header+value in the recall request now so "RECALL Message-ID: <message-id>" will
work which makes it slightly easier to cut-and-paste.
- [12308] You can now enable logging of ActiveSync WBXML and XML data globally
with new checkboxes at Alt+M | ActiveSync | Options, for specific domains at
Alt+F2 | Options, and for individual devices used by individual users from
within the Account Editor | ActiveSync Devices page. It is also possible to
turn on logging for all devices for a particular user but I didn't expose this
as there's no room anywhere and you can enable/disable the user's device(s)
which does the same thing. Each of these controls has the standard Yes, No, or
Inherit options. Inherit means do whatever the next level up says to do - so
user's devices do whatever the domain's setting is which will default to
whatever the global setting is. This logging is switched off by default but is
useful for debugging purposes.
- [12762] You can now set the maximum number of ActiveSync devices allowed per
user globally with a new control at Alt+M | ActiveSync | Options, for specific
domains at Alt+F2 | Options, and for individual users from within the Account
Editor | ActiveSync Devices page. Setting the global value to zero means no
limit. Setting the domain value to zero means use the global setting. Setting
the user-level value to zero means use the domain default. All values are set
to zero by default.
- [12982] The ActiveSync white and black lists can trigger off of Device ID,
Device Type, and User Agent strings but not Device OS. This was a UI mislabel
only and has been corrected.
- [12981] The "Size" column header in the message queue pane within the main UI
was changed to read "Size (Bytes)".
- [12454] Ctrl+Q | Holding Queue has been reorganized such that the bad queue
summary email can be sent even if the holding queue is disabled. It was a
mistake to make these options which are unrelated dependent on each other in the
UI.
- [12374] Moved option to configure the daily quota report subject text from
Ctrl+O | System to Ctrl+U | Quotas. Also this configuration was being ignored
in some cases. That was fixed.
- [13108] Improved SMTP error message upon authentication failure when using MSA
port.
- [9642] Updated UI to display fact that a Documents folder may also be created
for domains/users when configured to do so.
- [8619] Added the following new account template macros which return lower case
versions of the data they represent: $USERFIRSTNAMELC$, $USERLASTNAMELC$,
$USERFIRSTINITIALLC$, and $USERLASTINITIALLC$. Also the installation default for
the new account mailbox template was changed to use these new macros. This may
or may not change your configuration depending upon whether you are still using
installation defaults or not. To double check and use the macros you want see
Ctrl+T | Template Manager | New Accounts and you will see the macros used to
create a new account's value.
- [6172] The way window positions and layouts for the UI are saved has been
changed. First, the config session and main UI no longer share or overwrite
each other's window positions, item selections, or layouts. Second, if you are
running on one of the newer versions of Windows which does not permit any
service interaction then MDaemon will no longer bother keeping up with window
positions or layouts at all (who cares?). This saves time reading and writing
values to disk for something that nobody can ever even look at.
- [13121] All support for the original DomainKeys message authentication system
has been removed. DomainKeys is obsolete and has been replaced by the
acceptance and adoption of DKIM which MDaemon continues to support. Some UI
dialogs related to DomainKeys and DKIM found within Ctrl+S | Sender
Authentication have been reorganized as a result and options related to
DomainKeys removed and the remaining options better consolidated. Some .DAT
files may continue to refer to DomainKeys in their various comment text but this
will not be the case for fresh new installs nor does it hurt to leave this
comment text in place. The install process will remove DomainKeys.dll and
update the MDaemon spam filter scores file.
- [13124] All support for HashCash has been removed. This technology never caught
on. The install process will remove HashCash.dll and HCMint.dat and clean
things up.
- [13125] All support for Sender-ID has been removed. This technology never
caught on and is obsolete.
- [9728] MDaemon Remote Administration now has reports showing the top message
senders by message count and total size.
- [9546] Users are now prompted to decide whether or not to upload a file to their
documents list that has the same name as another file in their list in the
WorldClient and LookOut themes.
- [9696] Added a checkbox next to the filename in the LookOut theme so that
selection is easier for the user.
- [13110] The Settings views have been updated in the WorldClient theme to better
match the simplicity of the theme. From the Settings view there is now a
"Return to Inbox" button in order to leave the settings view. The filters list
has been altered to display the information for what each filter does in a more
user friendly manner. The process for creating and editing filters has been
removed from the main page to a modal window. Each time a user moves a filter
the server will update the order of the filters. New folder creation has also
been removed from the main page to a modal window. The share folder dialog has
been changed to only allow email addresses to be added and removed, but not
edited. The access level is now editable only after the user has been added. All
other views look different but continue to function in the same fashion.
- [9675] In the LookOut theme, only the type of folder that an item is being
copied/moved from is displayed in the destination dialog.
- [9673] In the WorldClient and LookOut themes, users now have the ability to drag
and drop a file from a documents folder to their local machine. However, only
Chrome supports this functionality. Other browsers will either do nothing, or
create a shortcut to the desktop.
- [9693] In the WorldClient and LookOut themes, when users compose an email and
click the "attach" button users are now able to attach documents from a sortable
and searchable list of all documents that user has access to through
WorldClient.
- [12352] SPF processing will no longer abort due to IP6 mechanisms.
- [13192] In the WorldClient theme the folder pane now maintains the width set by
the user in the previous session.
- [7222] In all themes there is now a button or link that saves the source of the
selected message as an .eml file to the user's local machine
- [10607] EXPN and LIST commands (do people still use these?) now return results
in alphabetical order. EXPN no longer attempts to send the real name or "n/a".
- [13199] Sub-addressing should work with aliases for the mailbox part now.
- [9854] Some MDaemon Remote Administration reports are hidden from view if the
specified feature isn't being used
- [12291] The routing log now displays the actual complete header values for To:
and From: (within reason)
- [10366] It is now possible to save searches for the message list in the LookOut
and WorldClient themes by going to the Advanced Search.
- [5825] Added new control at Ctrl+O | Preferences | UI which allows you to
configure the text editor you like rather than always having the UI use
notepad.exe. However, notepad.exe is the default and will always be used if you
don't specify something different.
- [13161] When the bad queue is processed messages to remote recipients will be
moved back into the remote queue for delivery. Also, the routing log will now
show LOCAL or BAD QUEUE when processing each type of message and bad queue will
have its own color. Also, messages released from the bad queue will honor any
newly created aliases to local users that might have been created since the
message was placed in the bad queue.
- [12488] The checkbox to delete files from the bad queue as part of daily
maintenance was removed from Ctrl+O | Preferences | Disk and has been replaced
by an edit control that allows you to set the number of days old a file has to
be before it gets deleted. So now rather than delete all files it deletes files
older than X days. The default is 0 (zero) which means to never delete any
files. If you previously had the old option enabled then the new option has
been set to 1 day to preserve previous behavior.
- [13188] Raised length of forwarding address fields from 256 to 512 characters.
- [13273] Updated several places in MDaemon which create auto-generated emails to
use a proper and consistent From: and Reply-To:. Also updated several internal
references to sales@ and support@ addresses that were out of date.
- [5142] Added new setting to Ctrl+O | Preferences | Miscellaneous which will
instruct MDaemon to skip the sending of forwarded messages to the smart host if
there was an error delivering the forwarded mail to a specifically configured
external host. When enabled, such messages will be placed in the retry queue.
When disabled, such messages are sent to the bad queue. This switch is disabled
by default to preserve previous behavior.
- [9407] Added a new setting to Ctrl+O | Preferences | Miscellaneous which will
cause MDaemon to delete messages from senders who are in the recipient's
personal black list (assuming the options to use black lists are enabled).
Previously these messages went into the bad queue. Now you can enable this
switch to just delete them. This option is disabled by default to preserve
previous behavior.
- [13219] The Quota.msg file will now be updated if MultiPOP tries to pull a
messages which would exceed the accounts quota limitations.
- [12862] MDaemon will try to detect and use the correct FQDN domain value far
more often now than it used to.
- [7270] Due to frequent requests :) Added a new setting to Ctrl+O | Preferences
| Miscellaneous which will cause MDaemon to remove duplicate recipients when a
single message is submitted to multiple mailing lists. It only removes
duplicate list members when a single message is delivered to multiple lists
which contain that same member. For example, if list-a@domain.com and
list-b@domain.com both have arvel@altn.com as a member then a single message
delivered in the same SMTP session would result in one message (not two) being
delivered to arvel@altn.com. The problem with this (and why YOU SHOULD NEVER
USE IT or any similar de-duplication schemes) is that there is no way to know
which copy from which list the individual member prefers to receive and you
CANNOT safely assume that it makes no difference. Lists vary widely in their
configuration and use by end users. Therefore, by enabling this option you are
certain to break something for somebody. There is also no relationship
what-so-ever between two different mailing lists except the fact that they
happen to be (completely by happenstance) managed by the same MDaemon instance -
but so what? That means nothing. This "feature" does not operate upon list
messages with identical content that are delivered multiple individual times.
This "feature" does not operate upon RCPT values that are not mailing lists.
So, if a single message arrives in the same SMTP session for list-a@domain.com
and list-b@domain.com and arvel@altn.com then arvel@altn.com would receive two
copies if he's a member of list-a and/or list-b.
- [13290] The Account Editor and Template Manager have been updated as follows: a
new tab called "White List" has been added and the white list related options
have been moved from the Options tab and placed onto this new tab. This gives
me more UI space to work with. Also, the options moved to the new White List
tab are still subject to over-riding spam filter and autoresponder settings as
the revised help text on the tab explains however they are no longer greyed out
as a result of those settings. This lets you configure them without having to
worry about the state of other options on other screens.
- [10816] Added right-click menu option to the bad queue which adds the deliver-to
address to the spam honeypot. The address must be to a local domain and if it
belongs to an existing account a warning popup will occur.
- [3432] Autoresponder scheduling has been improved with the addition of
checkboxes for each day of the week. When you set an autoresponder start and
end time you can now select one or more days of the week that the autoresponder
will operate on. All existing autoresponders will operate on every day of the
week to preserve existing behavior, however they can be changed as needed.
- [13294] Mobile theme - Mail Forwarding options have been added
- [13297] Alt+M | ActiveSync | Devices will now present data by domain and then
sorted by email address within each domain. Also a "please wait" popup box was
added so that you know the data is being processed and the server hasn't locked
up.
- [12950] In the LookOut and WorldClient themes "Documents" has been added as a
default view option.
- [12528] In WorldClient it is now possible to set shared permissions to a folder
and all of its sub folders by checking the box "Apply to sub folders" in the
FolderShare view.
- [12842] Added support for displaying custom buttons in the WorldClient UI. Edit
\MDaemon\WorldClient\Domains.ini and set [Default:Settings]
CustomButtonText1=the text to display on the button (up to 12 characters) and
CustomButtonLink1=the URL to open when the button is clicked. Up to 5 buttons
may be added.
- [13006] Mailing list messages sent to disabled local accounts are simply ignored
rather than moved to bad queue.
- [9697] Added ability to restrict the size of individual files that can be
uploaded to WorldClient's documents folders. Edit
\MDaemon\WorldClient\Domains.ini and set [Default:Settings]
MaxAttachmentSize=<value in KB>. The default is 0 which means there is no limit.
- [9695] Added ability to restrict the types of files that can be uploaded to
WorldClient's documents folders. In \MDaemon\WorldClient\Domains.ini enter (for
example) "BlockFileTypes=exe dll js", or "AllowFileTypes=jpg png doc docx xls
xlsx". The priority is BlockFileTypes. In other words if an extension is in
both lists, the content will be blocked. If a list is empty, there is no check.
The extensions can be separated by spaces or commas. Leading "."s on the
extensions are optional.
- [2095] Added size limit for attachments that can be uploaded to WorldClient's
Compose view. Edit \MDaemon\WorldClient\Domains.ini and set
MaxComposeAttachSize=<value in KB>.
- [2687] WorldClient displays the size of the attachments in the Compose window.
The value is in KB.
- [13441] LookOut and WorldClient themes - Added ability to drag and drop
attachments from a message to the desktop. Only supported by Chrome.
- [11345] WorldClient - Added ability to set a default Reply-To address in the
Options | Compose view. Once set, the Compose view will default to show the
advanced options in Lite, Mobile, and LookOut, and will display the Reply-To
input in the WorldClient theme.
- [12886] WorldClient - Added option in Options | Personalize to print message
attachments "Always", "Never", or "Decide on print"
- [4758] The trusted hosts and trusted IPs editor have been split apart and placed
on two separate screens at Ctrl+S | Security Settings and the ability to add
comment text to each entry has been added. First time installation of 14.50
will process the old Relay.dat file into TrustedHosts.dat and TrustedIPs.dat.
Relay.dat file is deprecated and will be removed. This change and several
others like it have been made to allow for longer IP addresses within the UI
necessary to support IPv6 address forms in future.
- [9075] WorldClient's time zone option now defaults to the server's time zone
rather than a blank value when no time zone has been set.
- [6004] WorldClient now includes the names of distribution groups in the Compose
view's recipient field autocomplete choices.
- [6445] WorldClient's autoresponder editor now adjusts the start and end times to
be in the user's time zone instead of the server's time zone.
- [12335] LookOut and WorldClient themes - added a calendar view which shows
events in a list format
- [8204] WorldClient - added a default reminder option under Options | Calendar
- [12162] LookOut theme - Added ability to collapse and expand the favorite folder
list
- [6724] WorldClient - Added drop down list of strong password requirements.
Viewable by clicking on the icon next to the "Password" information, and shows
up when a user's password change does not meet the requirements.
- [13528] WorldClient - Added autocomplete with distribution lists to the add
attendee controls for event creation/editing in all themes but Mobile.
- [13520] Added ACL file cleanup routine to daily maintenance event. Also you can
create ACLFIX.SEM in the \App\ folder to trigger just this cleanup routine.
- [13544] Account exports (Accounts.csv file) no longer includes passwords by
default. If this is not to your liking you can set the following key in
MDaemon.ini using Notepad, but this is not recommended: [Special]
ExportPasswords=Yes.
- [13283] WorldClient - Added option to set a default event length for new
calendar events
- [13594] The date/time stamp within logs now include a millisecond value (from
000 to 999) for added precision.
- [13604] The Authentication-Results and X-Authenticated-Sender headers that
MDaemon sometimes inserts into messages will now use the actual email address
passed to the SMTP server for authentication (which could be an alias to an
actual account) rather than always exposing the actual email address. This
protects against potential address harvesting.
- [12298] The message that WorldClient sends to the postmaster when dynamic
screening bans an IP now mentions the username attempted.
- [13367] WorldClient supports sending secure/private encrypted messages via
RPost. Enable this feature on the Compose options page.
- [13618] Mobile theme - Added ability to attach documents to messages in the
compose view
- [13655] MDaemon's active sessions list now displays SSL/TLS use.
- [6022] WorldClient - Added contact pictures for Lite, LookOut, and WorldClient
themes.
- [13533] WorldClient theme - Copy/Move dialog only displays folders of the
correct type.
- [12435] The disk space values found at Ctrl+O | Preferences | Disk have been
converted and migrated from KB to MB. New defaults are 100MB for the warning
email and 10MB for the auto-shutdown. Your migrated values could be less than
that which is fine and will preserve previous behavior.
- [5592] Over-quota message refusals will no longer happen after DATA when
multiple RCPTs were provided. Instead, the message is delivered possibly
placing an account into a slightly over quota state. However, any subsequent
delivery attempts to the over quota account will be refused. This change was
necessary in order to (a) maximize the use of an accounts quota value (b) avoid
a problem wherein a single message delivered to multiple recipients is refused
for all recipients if accepting the message would put even one of the recipients
over quota. Also, the quota check has been moved up the processing chain so
that it is the first thing which happens after DATA is completed rather than
last in the list.
- [13780] Double clicking a list member in the List Editor will load the member's
settings into the edit controls so you can change a specific entry without
having to remove it. This process converts the "Remove" button into a "Replace"
button which will save your edits. Clicking any other button on the screen
switches back to "Replace" mode.
- [13775] "Post only/nomail" label was changed to "Toggle post only" on Mailing
List editor button.
- [13790] Added a new option to Ctrl+S | Sender Authentication | SMTP
Authentication which forces AUTH for all SMTP sessions. This is useful in
certain configurations in which all incoming connections can be expected to
conform. When enabled, MDaemon will respond to DATA with a 5xx error-code
unless the session has been previously authenticated. This option honors the
"requires authentication to match the message sender" checkbox. Connections
from trusted IPs and local loopback are not subject to this option. This option
is disabled by default.
- [13789] Added a new option to Ctrl+S | SSL & TLS | MDaemon which forces all
incoming connections to use STARTTLS. This is useful in certain configurations
in which all incoming connections can be expected to conform. When enabled,
MDaemon will respond to MAIL with an error-code unless STARTTLS has succeeded.
Connections from trusted IPs and local loopback are not subject to this option.
This option is disabled by default.
- [13796] When MDaemon detects a semaphore file that it does not recognize it will
state so in the system log.
- [13245] The ActiveSync server will not send reminders for events in a shared
calendar folder to users who do not have write access to the folder.
- [13821] The SPF white list now also applies to the SMTP envelope email address.
- [13483] An ActiveSync log viewer application is now bundled with MDaemon. Run
\MDaemon\ASLogViewer\ASLogView.exe.
- [14025] The Ctrl+Q | "Include original message when informing sender" option has
been deprecated and removed. MDaemon's DSN system includes the headers of the
original message but never the whole thing.
- [14026] The Ctrl+Q | "Inform the sender when message is placed in retry queue"
option has been deprecated and removed. MDaemon always sends DSNs when required
in order to comply with Internet standards.
- [14027] The "Place undeliverable DSN messages into the bad message queue" option
was moved from the Ctrl+Q | Retry Queue tab to the Ctrl+Q | DSN Options tab.
FIXES
- [12434] fix to missing listadmins.dat file preventing manual editing button from
opening the file for edits
- [13185] fix to WorldClient theme Choose File button truncated in some languages
- [13152] fix to WorldClient theme Instant Messenger some strings not translated
- [13149] fix to WorldClient theme advanced search strings overlapping checkboxes
in some languages
- [13187] fix to some settings in Remote Administration do not show the same
default values that MDaemon does
- [13130] fix to WorldClient and LookOut themes lists do not scroll to the top
after changing pages
- [13184] fix to quota.msg losing data due to not being thread-safe; also the
Date: header gets updated now when this file changes
- [9616] fix to X-Spam-Flag header being removed errantly when the option to strip
X- headers enabled
- [13206] fix to LookOut theme menu bar is truncated in some languages when right-
clicking and selecting the Share Folder option
- [13319] fix to WorldClient theme when you right-click a message, the Add Contact
feature does not add the contact
- [12988] fix to WorldClient theme unable to utilize preview pane on an iOS device
- [12755] fix to WorldClient Signature editor does not save changes in Source view
- [13452] fix to unable to forward/redirect to more than one address with User
IMAP filters in Remote Administration
- [13459] fix to apply button not working in MD GUI's mailing list editor
- [13463] fix to spam filter exclude file not working right when specifying
header/value combinations
- [12452] fix to C:\MDaemon directory is created when doing a fresh install to a
different location
- [5016] fix to LookOut and WorldClient themes - New appointment button does not
use selected date in Week view
- [10337] fix to WorldClient - When printing an email with a large attached image
the image is truncated in the printout
- [13467] fix to Remote Administration's Domain Manager Host fields not matching
up with MDaemon
- [13073] fix to browser prompts to install a plugin when receiving instant
messages in the WorldClient theme by adding an option to disable the new message
sound.
- [13499] fix to errant event log entries about holding queue when messages in bad
queue
- [13650] fix to main screen splitter position not being saved across re-starts
- [12347] Messages are now checked for queue expiration at the start of message
processing rather than at the end of a delivery attempt. This solves a bug in
which at times some messages were left in retry queue too long.
- [12712] fix to RECALL feature not working with message directory hashing option
enabled
- [9251] The check-box within the Domain Manager to skip message size checking for
authenticated sessions has been replaced with an edit control where you can
enter a separate max message size for authenticated sessions. This way
authenticated senders an have one max message size set for them which is
different from the one applied to non-authenticated senders.
- [13208] Ctrl+P | DNS-BL | Hosts now includes a test button which will test the
"DNS-BL host" value by looking up 127.0.0.2.
- [13628] fix to WorldClient & LookOut themes - When printing a sent message, the
BCC header is not included in the printout
- [12042] fix to LookOut theme - when creating a signature, it does not use the
default font size that is currently selected
- [12943] fix to LookOut and WorldClient themes - when zooming out with two
calendars shown side-by-side, the calendar pane on the right goes blank
- [13742] fix to quarantine queue visible in MDRA if SecurityPlus is not installed
- [12525] fix to LookOut and WorldClient themes - BlackBerry Wired Activation gets
stuck on "Loading device(s)" when using IE 11
- [13745] fix to Account Manager not keeping selected item in focus across an
account edit operation
- [5631] fix to WorldClient - blank contacts can be created
- [8576] fix to LookOut theme - Message Preview - Unable to transition from inline
message preview to hide message preview and vice versa
- [13754] fix to potential message loop when postmaster forwards mail
- [10486] fix to MDaemon sends duplicate copies of mailing list messages to
recipients who are members of multiple groups that are members of the mailing
list
- [4360] fix to shared folder ACLs are not updated when changing an account's
email address
- [11566] fix to blank lines are added to the message body when composing plain
text messages in WorldClient using IE 10
- [13432] fix to Remote Administration not saving changes to WorldClient's Dynamic
Screening properly
- [13186] fix to Remote Administration not displaying Daily Cleanup times
correctly
- [13324] fix to ActiveSync outbound byte statistics not always being updated in
MDaemon GUI
- [13526] fix to WorldClient may insert extra lines in exported calendar CSV files
- [13920] fix to quota sent-per-day not always working when aliases were used
MDaemon 14.0.5 - July 6, 2016
FIXES
- [17293] fix to potential security vulnerability
MDaemon 14.0.4 - June 19, 2015
FIXES
- [15229] fix to security vulnerability in content filter
MDaemon 14.0.3 - July 15, 2014
CHANGES AND NEW FEATURES
- [13310] Added Korean language to MDaemon Remote Administration and WorldClient
Instant Messenger
FIXES
- [13090] fix to meeting invitation shows that the invitee is the organizer
whenever request is synced to iPhone via ActiveSync
- [13234] fix to changes to account ActiveSync Public Folders setting not being
saved in Remote Administration
- [13200] fix to "554 Sorry, message looks like spam to me" sent twice in SMTP
session in some configurations
- [13079] fix to domain specific smart host not being used in some configurations
- [13015] fix to authentication not taking place when sending to smart host(s) in
some configurations
- [13145] fix to smart host being ignored upon A record lookup failures in some
configurations
- [8397] fix to messages bouncing back errantly in some configurations
- [13153] fix to queue-based spam filter scan not being performed if errors
happened during SMTP session spam filter scan
- [13142] fix to WorldClient theme may open the previously selected message when
attempting to print a different message
- [12693] fix to some calendar views in the WorldClient and LookOut themes may
incorrectly include events from the previous or next day
- [12648] fix to Mobile theme unable to edit public calendar entries
- [13204] fix to Content Filter may modify messages in a way that breaks DKIM
signatures when AV is enabled
- [13076] fix to new WorldClient IM windows open without a place to type a
response
- [13151] fix to WorldClient theme left column too narrow for some languages
- [12299] fix to script error when editing a contact's name in the LookOut theme
using IE 8
- [13284] fix to memory leak when the "Use recursive aliasing" option is enabled
- [13302] fix to the From header in generated autoresponder messages may not be
encoded properly
- [13381] fix to a duplicate event is created when viewing a meeting invite in
Outlook with Outlook Connector after it has been accepted using WorldClient or
ActiveSync
- [13386] fix to MDaemon Remote Administration assigning a template when editing
or creating a group
- [13421] fix to PIM items may get out of sync if they are changed on both the
server and ActiveSync device between syncs
- [12415] fix to WorldClient's Standard theme not working with MDaemon 14 by
installing an update from
KBA-02597
MDaemon 14.0.2 - May 14, 2014
FIXES
- [13156] fix to mailing list messages getting stuck in the inbound queue
MDaemon 14.0.1 - May 13, 2014
SPECIAL CONSIDERATIONS
- [12974] WebAdmin has been renamed to MDaemon Remote Administration.
- [12975] ComAgent has been renamed to WorldClient Instant Messenger.
CHANGES AND NEW FEATURES
- [9932] Added Manual Learn button to MDaemon Remote Administration's Spam Filter
Bayesian Classification section.
- [11288] MDaemon Remote Administration now allows log files to be viewed in a new
window.
- [12846] MDaemon Remote Administration logos and color scheme updated.
- [10907] ActiveSync WhiteList and BlackList support wildcards.
- [9949] Added MDaemon Remote Administration mailbox reports for quotas for
mailbox size and message count.
- [12948] WorldClient theme selection behavior changed to not select the checkbox
unless the checkbox is clicked.
- [12672] Added the ability to nick name favorite folders from the context menu in
the LookOut and WorldClient themes.
- [10957] Added the ability to select a default From address on WorldClient's
Options | Compose page.
- [13037] Changed the date formatting in the WorldClient theme's message list to
match the simpler look.
- [12973] The trial installation process has been streamlined. The installer asks
for less customer information and retrieves a trial key automatically. The
initial trial period is 14 days but can be extended to the full 30 days by
clicking on the link on the Help | Register Your Alt-N Products dialog and
following the instructions on our web site.
FIXES
- [13122] fix to WorldClient vulnerability that may allow remote code execution
- [12910] fix to error 5 when compacting the statistics database
- [12289] fix to MDaemon Remote Administration showing inactive quota data in
Mailbox Summary Report
- [12930] fix to unable to copy/move messages to public folders via MDaemon Remote
Administration
- [12921] fix to quota settings appear over the "New Email" button in the
WorldClient theme
- [12925] fix to unable to log in to WorldClient theme using Russian language
- [12926] fix to opened email message windows appear blank in the WorldClient
theme using Italian language
- [12903] fix to incorrect default cursor location when using Advanced Compose in
the WorldClient theme
- [12834] fix to ActiveSync does not hide PIM items marked private in shared
folders
- [12887] fix to "Prevent this page from creating additional dialogs" prompt when
printing in WorldClient theme using FireFox
- [12841] fix to ActiveSync may not list all shared folders that a user has access
to
- [12966] fix to Copy/Move dialog in MDaemon Remote Administration not sized
properly to accomodate large Public Folder paths
- [12883] fix to WorldClient theme mark all read and delete all options dot not
work in the folder list for the Catalan language
- [12911] fix to the WorldClient theme favorites section missing until you log
back in when message list threading is toggled
- [12756] fix to WorldClient theme view unread messages filter lost when message
list is resized
- [12979] fix to WorldClient and LookOut themes deleting messages from the
external message view does not always show that the message is deleted in the
list
- [12890] fix to LookOut theme message header color changes in external message
view when toggling the expand button
- [11854] fix to LookOut theme two line header output in message list hides
replied and forwarded flags
- [12769] fix to LookOut and WorldClient themes Message preview pane does not
refresh when all messages are moved out of a folder
- [12877] fix to WorldClient theme when using a transparent png as custom banner,
the transparency does not work on the Logon page
- [12777] fix to WorldClient theme after reading a message in the preview pane it
remains scrolled down when switching to the next message
- [9858] fix to Lite theme cannot switch between themes in Options | Personalize
using iPad
- [12955] fix to WorldClient theme advanced search date selection does not work
- [12924] fix to WorldClient theme not very clear which messages are unread
- [12902] fix to LookOut and WorldClient themes - certain User.ini values cause
the Options | Personalize page to get stuck in a refresh
- [13012] fix to able to enable Instant Messaging in MDaemon Remote Administration
without having WorldClient Instant Messaging enabled
- [12076] fix to LookOut and WorldClient themes - when clicking Options>Outlook
Connector the screen is reloaded to the first screen that is displayed after
login
- [12715] fix to WorldClient theme - Advanced search beginning date picker not
opening in IE
- [13036] fix to JavaScript error on MDaemon Remote Administration's User
ActiveSync Devices page
- [13038] fix to WorldClient theme - Folder context menu contains option to delete
"default" folders
- [12899] fix to Remote Administration's autoresponse saving logic to
differentiate between shared and personal autoresponse files
- [12952] fix to WorldClient theme cannot resize the folder list frame
- [13101] fix to potential crash when editing an account in Remote Administration
- [12588] fix to filenames of attachments downloaded from WorldClient using IE 11
may be corrupted
- [12701] fix to WorldClient does not detect inline images in certain messages as
being inline
- [13090] fix to meeting invitation shows that the invitee is the organizer
whenever request is synced to iPhone via ActiveSync
- [12272] fix to embedded images in HTML messages are not displayed on Android
devices
- [12680] fix to BlackBerry 10 devices show HTML messages as plain text after
updating to MD 14
MDaemon 14.0.0 - March 25, 2014
SPECIAL CONSIDERATIONS
- [10732] Product registration system has been updated to utilize a digitally
signed XML based license file. This approach allows for greater flexibility, and
will enable ALT-N to offer new innovative purchasing and renewal options. The
installation process will automatically download the license file. Product
activation has been replaced by a scheduled mechanism that will update the
license file on a periodic basis. The system is able to accommodate temporary
connectivity outages, however communication with the licensing service is
required for continued use of the product.
- [12415] WorldClient's Simple theme has been renamed to Lite. MDaemon Lite's
WorldClient will use this theme. The Standard theme is no longer included with
MDaemon. It will be available as a separate download.
MAJOR NEW FEATURES
[12504] NEW WORLDCLIENT THEME (Requires MDaemon PRO)
A new theme, WorldClient, has been introduced in response to customer requests
for a more modern, browser-based email client. This new theme incorporates
numerous design elements from popular consumer and business browser-based email
clients and was designed with input from professional UI/UX development teams.
This new WorldClient theme is now the default WorldClient theme for new
installs. When updating, the installer will ask if you want to change your
default to this new theme.
[12091] ACTIVESYNC SERVER NOW SUPPORTS SHARED FOLDERS (Requires MDaemon PRO and
active ActiveSync Software License Renewal)
MDaemon's ActiveSync server now supports other users' shared folders in addition
to personal and public folders. The behavior of any client accessing shared
folders via the ActiveSync protocol can vary. While MDaemon's ActiveSync
implementation supports Email, Events, Contacts, Tasks and Notes, not all device
clients are capable of handling this data.
[12723] The MDaemon GUI has controls to turn ActiveSync shared folders on or off
at the global level (at F2 | Server Settings | Public & Shared Folders and Alt+M
| ActiveSync | Options), at the domain level (at Alt+F2 | Domain Settings |
Options), or account level (at Account Editor | Mail Services). "Inherit" means
the domain or account will use the value that was configured at the global or
domain level.
CHANGES AND NEW FEATURES
- [12432] The Dynamic Screening "Account failed authentication" emails to the
postmaster now list the date, time, IP, and protocol for the failed attempts.
- [6250] MDaemon now logs "Failed $PROTOCOL$ authentication attempt from $IP$ for
"$EMAIL$"" to make it easier to find and troubleshoot authentication failures.
- [4715] Added support for inline images in domain signatures. An image may be
added...
- From WebAdmin...
- In the HTML editor click the "Image" toolbar button and select the upload tab
- In the HTML editor click the "Add image" toolbar button
- Drag and drop an image into the HTML editor with Chrome, FireFox, Safari, or
MSIE 10+
- Copy and paste image from the clipboard into the HTML editor with Chrome,
FireFox, MSIE 11+
- By using the "$ATTACH_INLINE:path_to_image_file$" macro in the signature HTML.
For example, <IMG border=0 hspace=0 alt="" align=baseline
src="$ATTACH_INLINE:c:\images\mr_t_and_arnold.jpg$">
- [8031] WorldClient supports adding inline images to composed HTML messages.
Users can upload images using the same methods mentioned above for WebAdmin in
[4715].
- [9703] WorldClient's LookOut theme now features a side by side calendar view.
- [12388] WorldClient's HTML compose editor has been updated to a newer version
that is compatible with IE 11.
- [12669] WorldClient's English and English-UK spell check dictionaries have been
updated.
- [12364] WebAdmin now allows Global Administrators to Freeze/Unfreeze mail
queues.
- [9332] WebAdmin now includes Queue Management functionality for Global
Administrators.
- [12087] WebAdmin's Account Manager now displays icons for OC and AS users.
- [3920] Added "Return port settings to defaults" to WebAdmin.
- [11287] WebAdmin now allows Global Admins to configure Outbreak Protection
settings.
- [11311] WebAdmin now allows Global Admins to configure server-wide
Auto-responder settings.
- [4381] It is now possible to administer the WorldClient server settings via
WebAdmin.
- [2222] Added HTML support in CF "Append a corporate signature" action. Updated
WebAdmin to use an HTML editor to edit the signature. Inline images are
supported and may be uploaded using WebAdmin or the
$ATTACH_INLINE:path_to_image_file$" macro.
- [12554] ActiveSync User Agent protocol restrictions can now be set using the
entire value, not just the portion preceding the forward slash.
- [12767] ActiveSync protocol restrictions now support * and ? wildcards.
FIXES
- [12500] fix to issues releasing certain messages from Spam Trap or Holding Queue
using WebAdmin
- [12470] fix to problems releasing or requeuing messages from the Holding Queue
using WebAdmin
- [12515] fix to The "Automatically decline requests that conflict with an
existing event" option does not account for events with a busy status of "Free"
- [12509] fix to Save button not always enabled for Domain Admins on User Editor |
Mail Services tab in WebAdmin
- [12529] fix to in WebAdmin certain content filter rule conditions are not
correctly synched with MDaemon
- [12425] fix to ActiveSync server does not support the "Limit .old file roll
overs to one per day" logging option
- [12457] fix to IMAP folder subscriptions are not updated when creating,
renaming, or deleting folders using ActiveSync
- [12615] fix to invalid message subject characters may cause an error when
attempting to view the Spam Trap folder in WebAdmin
- [12066] fix to vague error when changing user password in WebAdmin to an invalid
value
- [2205] fix to mailing list thread numbers do not work properly when the subject
line is encoded
- [12270] fix to messages sent from Outlook 2013 using ActiveSync may display
incorrect characters when received by an Outlook IMAP or Outlook Connector
account
- [12447] fix to the From header in generated auto-responder messages does not
have the full name encoded
- [12635] fix to contact birthday and anniversary not being synced to ActiveSync
devices
- [12650] fix to being unable to unfreeze or re-enable account in WebAdmin under
certain circumstances
- [12587] fix to WorldClient Options | Filters page may not list rules when the
search text or folder name contain certain characters
- [12565] fix to the "Has Attachment", "Is Unread", and "Is Flagged" Advanced
Search options do not work in WorldClient's LookOut theme
- [12663] fix to bad queue summary emails may not list all messages in the bad
queue
- [12448] fix to MDaemon does not remove old config backups if the config backup
directory has been changed
- [12376] fix to MD GUI's IP Shield list box does not have a scroll bar
- [12271] fix to WebAdmin reports contain no results for custom date range where
start and end dates are the same
- [12584] fix to WorldClient crashes when viewing All Contacts if RelayFax
integration is enabled
- [11720] fix to WorldClient lists inline images as attachments when composing
- [12701] fix to WorldClient does not detect inline images in certain messages as
being inline
- [9690] fix to WorldClient's LookOut theme may not show the note's contents on
the Advanced Edit view
- [12662] fix to WorldClient's LookOut theme may show incorrect colors for notes
- [12641] fix to WorldClient LookOut theme's message list doesn't refresh when a
new message arrives in an empty folder
- [12359] fix to dynamic screening does not block other active connections from an
IP that is blocked due to repeated authentication failures
- [12727] fix to WorldClient's LookOut theme only marks the first message as read
when using the delay before marking read option
- [12783] fix to not enough room in WebAdmin's Holding Queue settings for Summary
Email frequency
- [11668] fix to ComAgent does not handle mailto URLs on Windows 7
- [4631] fix to Comagent's tooltip never refreshes message count
- [12077] fix to attachments of PIM items saved by Outlook Connector are corrupted
when the items are edited in WorldClient
- [12745] fix to Account Editor may move an account's mail to a different
directory after the mailbox name is changed
MDaemon Server v13 Release Notes
MDaemon 13.6.5 - July 6, 2016
FIXES
- [17293] fix to potential security vulnerability
MDaemon 13.6.4 - June 19, 2015
FIXES
- [15229] fix to security vulnerability in content filter
MDaemon 13.6.3 - May 13, 2014
FIXES
- [13122] fix to WorldClient vulnerability that may allow remote code execution
MDaemon 13.6.2 - January 22, 2014
CHANGES AND NEW FEATURES
- [12403] The MDaemon GUI log search feature that was removed in 13.6.1 has been
restored.
FIXES
- [12389] fix to MDaemon may generate invalid Received headers when the option to
hide software version identification is enabled
- [12401] fix to PIM changes made on ActiveSync clients are not synced to Outlook
Connector
- [12410] fix to ActiveSync option to hide unsubscribed folders does not hide all
of the unsubscribed folders
- [12371] fix to WorldClient LookOut theme resets which calendar folders are
displayed when opening the Calendar view
- [12254] fix to Account Editor's ActiveSync "... include public folders"
defaults to No
- [12430] fix to not being able to update MDaemon if installed in a drive's root
directory
- [12457] fix to IMAP subscriptions are not updated when performing folder operations
on ActiveSync clients
- [12341] fix to ActiveSync connections may hang when attempting to sync a PIM folder
that is locked
- [12463] fix to WorldClient message recall does not work if the MDaemon account alias
has been changed
- [12500] fix to issues releasing certain messages from Spam Trap or Holding Queue
using WebAdmin
MDaemon 13.6.1 - December 11, 2013
SPECIAL CONSIDERATIONS
- [12105] The default settings for two SMTP authentication related values have changed.
The option to require SMTP authentication when mail is from local accounts and the
option to require authentication credentials to match that of the email sender are
both now enabled by default. If this is not to your liking you can disable both
options at Ctrl+S|Sender Authentication|SMTP Authentication.
- [11579] The "STARTTLS Required" list found at Ctrl+S|SSL & TLS|STARTTLS
Required List is now also applied to the MAIL FROM value during an SMTP session
(in addition to the EHLO and IP). If MDaemon receives a MAIL command followed
by an email address which is on the "STARTTLS Required" list during a
session which has not been secured then the MAIL command gets a "454 STARTTLS
Required." What happens after that is anyone's guess. Most
clients will just drop the connection and that's the end of it.
MAJOR NEW FEATURES
[6865] SIMPLE MESSAGE RECALL (MDaemon PRO only)
A new page has been added to F2|Server Settings which will allow you to configure
MDaemon's simple message recall system. It works like this: an incoming message
from an authenticated local user can be delayed for 1 to 15 minutes (you can decide
how long). During this delay period the message is simply left in the inbound mail
queue. The idea is to provide a grace period for your users to realize they need
to recall a message. Once the delay period expires the message is delivered like
normal. However, if during the delay period, the same authenticated account which
created the message to be recalled should also send a RECALL email to the MDaemon@
system account which specifies the Message-ID of the message(s) to be recalled then
those recalled messages are deleted from the inbound queue as if they never arrived
and the recalled message will not be delivered to anybody. This is the only way
to guarantee that none of the recipients of the recalled message will ever see the
message. MDaemon will notify the sender of the RECALL message as to the success
(or failure) of the attempt. The RECALL must be performed while the message is still
present in the inbound queue. After that, its likely too late to guarantee that
the recipients have not already seen it. Accounts can not recall messages sent by
other accounts and SMTP authentication is required for each step of the process.
Only messages from authenticated local accounts are subject to the recall delay.
All recall processing is logged to the Routing and Mail|MDaemon UI/log files.
Here's how to send a RECALL message (pick one): 1) From your mail client's Sent
folder right-click (or whatever your mail client requires) and Forward As Attachment
the email(s) that you want to recall, put RECALL as the message subject and send
that to the MDaemon@ system account. 2) From your mail client's Sent folder view
the headers of the message you want to recall. Copy the Message-ID header value
(the part to the RIGHT of the Message-ID: string) to the clipboard. Create a new
message to the MDaemon@ system account and place RECALL plus the message ID value
on the subject. It should look something like this: RECALL <5268DC1A.1020608@example.com>.
Either of these methods work but only the second is used if both are performed within
the same RECALL message. This feature is disabled by default. The default delay
interval is 1 minute.
WorldClient may also be used to recall messages. WorldClient will display a "Recall"
button when viewing recent messages in the Sent Items folder. If clicked before
the recall time limit expires, WorldClient will send a RECALL message to MDaemon.
MDaemon will send an email back to the user saying whether the recall was successful.
CHANGES AND ADDITIONAL NEW FEATURES
- [11123] Back by popular demand. An option was added to Ctrl+O|Preferences|Headers
which hides MDaemon software version and other identifying information when creating
Received headers or responding to various protocol requests. The option is
disabled by default.
- [12038] All system generated messages will now honor the Ctrl+O|Preferences|Miscellaneous
option to go through the content filter (or not). Previously, several such messages
ignored this setting.
- [12058] Changed error text during account creation from "Mailbox and/or real
name already in use" to "Mailbox already in use"
- [12034] Alt+Q now launches the queue and stats manager (MDStats) app
- [12011] Added ActiveSync for MDaemon product information link to Alt+M|ActiveSync|Server
UI and reorganized the top level HELP menu to include several Alt-N product information,
purchasing, and renewal/upgrade links.
- [12096] Added size of statistics DB to F2|Logging|Statistics Log
- [11923] Added more information to the MDStats configuration report.
- [11096] DomainPOP and MultiPOP will move on to the next message when they get an
-ERR response to a RETR command rather than terminating the session.
- [12116] The option at F2|Server Settings|Servers "...refuses duplicate RCPT
values within the same session" (see [10322]) was changed to "...ignores
duplicate RCPT values within the same session." MDaemon will accept and
then discard the duplicate recipients rather than refuse them during the SMTP session.
- [9071] Added new option to Ctrl+O|Preferences|Disk that lets you set the number
of days to retain daily config file backups. The default is set to ZERO which
means never delete old backups. Any deleting takes places as part of the midnight
cleanup event.
- [11947] The UI right-click log search option was removed. It was very crude
and could not be substantially improved. It may be replaced in future by a
stand alone app. Until then any freely available text file tool can be used
to search the log files.
- [12119] Software update notifications are now sent to all global admins and not
just the postmaster alias.
- [11984] A new option was added to Ctrl+O|Preferences|System where you can customize
the subject used when MDaemon sends mailing list digest messages. The default
is "$LISTNAME$ message digest $TIMESTAMP$ $ISSUE$." These macros
expand to the name of the mailing list, the time-stamp of the digest message creation,
and the issue number. MDaemon no longer inserts the text "special issue"
into digest subjects.
- [12085] An internal limit to the size of messages sent through the inline SMTP spam
scanning feature has been removed. The size setting at Ctrl+P|Spam Filter|Options
will now govern whether inline SMTP scanning is performed on the message or not.
- [11824] Even though addresses of this form are technically legal: "Arvel Hathcock"@example.com
- MDaemon can't currently handle them properly so it will now refuse them during
the SMTP session rather than accept the address and parse it wrong later.
- [11671] The daily quota report email is now customizable and able to be translated.
See QuotaReport.dat in your MDaemon APP folder for information. You can also alter
the subject of these report emails using a new option at Ctrl+O|Preferences|System.
- [11503] MDaemon will better handle improperly formed (non-RFC compliant) message
bodies.
- [12157] Added Last Access column to Account Manager showing the last time the account
was accessed.
- [12151] The "...edit mail folder location" web access right has been completely
removed.
- [10242] In the Account Editor the two password fields will light up red if the password
does not match or violates policy. Otherwise, green.
- [11552] Added option to Account Editor|Account Details which allows you to configure
an account to be exempt from the automatic password expiration feature.
- [11474] Added a last access time to the bottom of List Editor|Settings so you can
see whether lists are being used or not.
- [12158] The ActiveSync device list at Alt+M|ActiveSync|Devices no longer includes
policy nodes when there is no policy in force. This saves UI processing time.
- [10818] DomainPOP can now use the Spam Honeypot feature. If DomainPOP parses
out a Spam Honeypot address then it doesn't matter how many other addresses
are also parsed because they are all ignored. These messages go to the bayesian
learning folder. Also, DomainPOP can not use the Spam Honeypot sub-feature
to submit the sending IP to the dynamic screening system. DomainPOP does not
know the connecting IP and doesn't need to even care.
- [11447] Added new options to Ctrl+S|Screening|Dynamic Screen which let MDaemon watch
accounts that receive more than X failed authentication attempts in a single day.
The default is 10 and the option is disabled by default. Once the maximum
number of authentication attempts have been reached in a given day the account can
be frozen or the postmaster can be warned (or both). If the account is frozen
an email is always sent to the postmaster. Replying to that email will re-enable
the account. The database of authentication failures is maintained in memory
and gets reset on a restart and at midnight each night.
- [10794] Added a new option to Account Editor|Attachments which lets you specify
whether to extract attachments from inbound messages. This defaults to true
to maintain previous behavior.
- [11545] Added a new option to Ctrl+U|Passwords which allows you to specify a number
of passwords to remember. When users change their password they will not be
allowed to reuse old passwords. The option is set to 0 (off) by default.
Since this is new, the current account passwords are not remembered. It won't
be until passwords are changed that they start getting remembered. Salted hashes
of previous passwords are stored - not the actual passwords themselves.
- [10035] Added an "Edit File" button to Ctrl+U|Aliases which opens the
Alias.dat file in a text editor. This allows you to more easily edit and search
around in the file. Make whatever changes you want, exit the text editor,
and MDaemon will reload the file.
- [10677] Greatly improved Domain Manager loading time for sites with hundreds of
domains.
- [11724] Added a new option to Ctrl+U|Quotas which lets you disable accounts that
have been inactive for more than X days. The default is 0 (disabled).
Once the maximum number of inactive days has been reached, the account is disabled
and an email is sent to the postmaster. Replying to the email will reenable
the account. Processing is done as part of the midnight cleanup event each
night.
- [9222] Added a QUEUE.SEM file which you can create in the APP folder to enable/disable
the mail queues. This file can contain any number of lines but each one has
to contain one of the following strings (one per line): ENABLE INBOUND, ENABLE
REMOTE, ENABLE LOCAL, or DISABLE INBOUND, DISABLE REMOTE, DISABLE LOCAL.
- [9658] Added a new setting to Account Editor|Options which will let you configure
whether the account should have the domain signature added to emails they send.
The default is yes, add the domain signature (if there is one).
- [12174] The behavior of the Ctrl+T Groups and Templates editor has changed slightly.
All the settings on the Options page are now available for use with any template.
The only exception is that the settings to make an account a global or domain administrator
can not be used with the New Accounts template. This is to prevent the accidental
case in which somebody might enable these options by mistake in the New Accounts
template thereby making all new accounts into admins. We don't want that
to happen. As a result of this work the global and domain administrator settings
have been removed from the Account Editor/Template Editor|Options page and placed
on their own Administration page.
- [3947] Added new option to Account Editor | Options which lets you exempt an account
from the "Authentication credentials must match those of the email sender"
global option. This is disabled by default.
- [11775] Active Directory monitoring will now honor the full last day for expired
accounts before disabling them.
- [5240] Added button to Ctrl+W|WebAdmin|Web Server which lets you edit WebAdmin's
mailing list admins file.
- [10122] Added option to Ctrl+Q|Mail Queues|Holding Queue to send a summary email
of bad queue content. This takes place at the same time as the holding queue
summary email is sent and is in the same format.
- [6214] Added two new scripting macros: $AR_START$ returns the autoresponder start
date/time. $AR_END$ returns the autoresponder end date/time. Also, all
user related macros previously unavailable for use are now eligible for use in autoresponder
scripts.
- [12191] The Hijack Detection settings were moved from Ctrl+S|Screening|Dynamic Screen
to their own screen at Ctrl+S|Screening|HiJack Detection.
- [9822] Manual activation page now allows you to select and copy & paste the relevant
activation data.
- [9825] You can now set the spam score for DNSBL hits from Ctrl+P|DNS-BL|Options.
- [12088] Added WebAdmin.ini to the list of configuration files viewable via WebAdmin.
- [12218] Added Catalan language to WorldClient.
- [9841] Added Administrator, Frozen and Partial status icons to WebAdmin's Account
Manager.
- [12244] Added a "None" option to the WorldClient keyboard shortcut layouts.
- [12275] the WorldClient Compose options now let you disable the check for the subject
field being empty
- [12174] WebAdmin now warns when elevating a user to administrator
- [11408] WebAdmin now checks the Account Template and Group names for the presence
of a comma
- [11686] WebAdmin shows the name of the domain(s) that you are deleting in a confirmation
prompt
- [8860] The ActiveSync server will hide unsubscribed folders from clients if the
user has "Hide unsubscribed folders" enabled in WorldClient.
FIXES
- [12094] fix to WorldClient may set a contact date field to the day prior when using
a time zone different than the default
- [12120] fix to installer allowing installation into root directory
- [11617] fix to mailing list .grp files not updating settings and members when domain
name changed
- [12044] fix to some new account template settings not always being applied to accounts
properly
- [12089] fix to Whitelist@ and BlackList@ addresses not working when sending from
an alias
- [11653] fix to potential bogus error message when creating or renaming mailing lists
- [11381] fix to VRFY command not honoring subaddressing system
- [12148] fix to some text on Retry Queue page not being translated properly in WebAdmin
- [11590] fix to Mail Folder Location option greyed out in WebAdmin (it is now able
to be edited by Global Admins)
- [11802] fix to LDAP query to a remote Active Directory root may fail with error
9
- [12163] fix to unable to save Autoresponder in WebAdmin in certain circumstances
- [12155] fix to non-admin Account menu permissions quirk in WebAdmin
- [12164] fix to MDaemon GUI's Domain Manager lists upper case domain names before
lower case ones
- [12132] fix to virus name is not displayed in WebAdmin's "Viruses by Name"
report
- [12166] fix to the LookOut theme conflicting with the German keyboard shortcuts
on the Mac when the user presses ALT+L to generate the @ symbol
- [12175] fix to files attached to meeting invitations are not displayed on ActiveSync
devices
- [4258] fix to several places where a Winsock error might lead to orphaned .msg and
.ctl files
- [7067] fix to errant ACL setup in Mail Archive public folder structure if it was
manually moved or deleted
- [12183] fix to scripting error in WebAdmin's user editor when ActiveSync is
not installed or active
- [12185] fix to holding queue summary email not sent to CF Admins as configured
- [2126] fix to removing a secondary domain does not remove all the accounts from
ODBC storage
- [7009] fix to forwarded message addressing problem at times when using SPF option
to forward using local address
- [12173] fix to WebAdmin pop-up dialogs display a "Sign Out" link. For
pop-up dialogs this should be replaced by a "Close" link.
- [12214] fix to minor sorting issues on WebAdmin's Holding Queue page
- [12144] fix to two response messages are sent after accepting or declining a meeting
invitation on an ActiveSync device
- [12216] fix to the contact tooltips not disappearing in every case when a user hovers
or clicks on a contact
- [11465] fix to the LookOut theme not busting the cache for the external compose
window
- [12217] fix to unable to remove user account in WebAdmin if mailbox name contains
"+"
- [12195] fix to possible POP3 server crash after a Winsock error occurs
- [12177] fix to MDaemon GUI ActiveSync sessions refresh issue
- [12227] fix to the LookOut theme in IE11 where various context menus don't work
- [12004] fix to WorldClient compose window closes without warning when saving a draft
message fails
- [12072] fix to reduced number of active connections possible when running as a service
on Windows Server 2012
- [12266] fix to Account Editor not selecting the correct domain when editing an account
whose domain name is not lower case
- [10308] fix to MDStats issues parsing IMAP logs
- [11432] fix to Content Filter header search and replace corrupts From and To headers
that contain encoded text
- [11988] fix to Account Editor may corrupt the mailbox path when using a multibyte
character in the full name
- [11511] fix to ComAgent truncates file transfer filenames at 63 characters
- [11633] fix to WorldClient InstantMessaging.log character encoding issue
- [5761] fix to postmaster alias may not work in folder ACLs
- [12310] fix to unable to save MultiPOP settings in WebAdmin
- [12320] fix to the SecurityPlus option to add a warning to the subject of messages
with non-scanned attachments does not work
- [12303] fix to default smart host "Allow per-account authentication" option
does not work correctly
- [12316] fix to ActiveSync sync issues with Android 4.4 clients
- [12221] fix to calendar items created on ActiveSync clients have Low priority in
WorldClient
- [12277] fix to possible MDAirSync memory leak when processing FolderSync commands
- [12276] fix to ActiveSync server may not send messages from Windows Phone clients
- [12268] fix to possible error when using ActiveSync to accept a meeting request
that was sent from an iCloud account
- [12147] fix to meeting organizer is changed after accepting a meeting invitation
using ActiveSync on an iOS device
- [12159] fix to attachment downloads fail on some Samsung Android ActiveSync clients
- [12170] fix to possible MDAirSync crash when running under IIS and IPv6
- [12149] fix to contact birthday may be off by 1 day when using ActiveSync on an
iOS device
- [11417] fix to a potential script error when editing recurring events in the WorldClient
LookOut theme
MDaemon 13.6.0 - October 15, 2013
SPECIAL CONSIDERATIONS
- [11492] MDaemon Standard has been renamed to MDaemon Lite.
- [11676] The trial period for MDaemon, SecurityPlus, Outlook Connector, and ActiveSync
has been reduced from 60 days to 30 days.
MAJOR NEW FEATURES
[9554] ENHANCED REPORTING FOR WEBADMIN
In WebAdmin, a "Reports" menu has been added for global administrators.
Global administrators may choose from the reports listed below. For each report,
data may be generated for several predefined date ranges or the admin may specify
a custom date range.
- [10802] Enhanced bandwidth reporting
- [10803] Inbound vs. Outbound messages
- [10804] Good messages vs. Junk Messages (percentage of email that is spam or a virus)
- Inbound messages processed
- Top recipients by number of messages
- [10000] Top recipients by message size
- Outbound messages processed
- [10806] Top spam sources (domains)
- Top recipients of spam
- Viruses Blocked by Time
- Viruses Blocked by Name
In order to facilitate this feature, MDaemon now logs statistical information to
a SQLite database file. By default this database is stored in the "MDaemon\StatsDB"
folder and 30 days of data is retained. Data older than this will be removed
during the nightly maintenance process. A new screen has been added to F2
| Logging | Statistics log which controls the statistics log file and DB maintenance.
[6885] ACTIVESYNC SERVER NOW SUPPORTS PUBLIC FOLDERS (Requires MDaemon PRO)
ActiveSync Services for MDaemon now support MDaemon’s public folders in addition
to mailbox folders. The behavior of any client accessing public folders via the
ActiveSync protocol can vary. While MDaemon's ActiveSync implementation supports
Email, Events, Contacts, Tasks and Notes, not all device clients are capable of
handling this data. Public folder access can be controlled at the user, domain,
and server levels.
[11841] Added new switch to F2 | Server Settings | Public & Shared Folders screen
which lets you set the global default for public folder sync'ing to Yes or No. The
same switch was also added to Alt+M | ActiveSync | Options for convenience. Also
added a control to Alt+F2 | Domain Settings | Options which lets you set public
folder sync'ing at the domain level to one of the following three states: Yes, No,
or Inherit. Inherit means the domain will honor the global default. Finally, added
a control to the Account Editor | Mail Services which lets you set public folder
sync'ing at the user level to one of the following three states: Yes, No, or Inherit.
Inherit means the user will do whatever the domain is configured to do. This setting
is not available as part of the template system.
CHANGES AND NEW FEATURES
- [11354] Added an ActiveSync "soft wipe" ability. A soft wipe removes just
the data for the ActiveSync account from the device, unlike a device wipe which
restores the device to a factory default condition.
- [5092] Added a "Folder" column for the "All Contacts" view in
WorldClient.
- [6017] Added an option to print messages with or without attachments.
- [6028] Added a warning in WorldClient for users before sending a message with no
subject.
- [6490] Added a context menu option in WorldClient's LookOut theme that remembers
the last folder a message was copied/moved to.
- [8451] Added a context menu option in WorldClient's LookOut theme for resending
a message that was previously sent by the user.
- [8457] Added HTML editor to WebAdmin to edit default and domain signatures/disclaimers.
- [10252] Added a favorite folders list to WorldClient's LookOut theme.
- [11245] Added an option in WorldClient to "Never Mark" a message "Read"
while previewing the message.
- [10351] Colorized Session Log functionality has been added to WebAdmin for those
who have enabled it in MDaemon.
- [11218] Added keyboard shortcut layout options for the WorldClient LookOut theme.
- [11695] Added a warning message when enabling the global or domain admin options
within the account editor.
- [11797] Re-sizing a dialog box in the MDaemon GUI will now scale the right hand
dialog rather than the left hand tree window.
- [11792] Added usage data to ActiveSync devices page in Mobile Device Management.
- [11740] Added a X-MDBadQueue-Reason header when the CF "move message to bad
queue" action is used.
- [10696] The WorldClient LookOut theme's Folders right click menu command defaults
the "subfolder of" field to the selected folder.
- [11810] Added an ActiveSync sessions window to the Sessions pane in the main UI.
This only shows ActiveSync sessions that persist (not all do). The entire window
is erased and refreshed every 10 seconds. You can right-click an entry to Blacklist
a device or see the Properties of a device. ActiveSync sessions do not show
up in the All Sessions window.
- [10984] MDaemon will log an entry to the windows event log if an account gets frozen
by hijack detection (if event logging is enabled and set to log security issues).
Also, a new switch was added to F2 | Logging | Windows Event Log which writes an
entry to the windows event log anytime the holding queue is not empty and a holding
queue summary email is generated. This switch is enabled by default.
- [11976] A new setting was added to Alt+M | ActiveSync | Options which will let you
select a day of the month when MDaemon will automatically reset all ActiveSync device
usage stats for all users across all domains. You can change this to whatever
day of the month you wish. If you set the day to 31 and the month ends before
day 31 then the last day of the month is used as the reset date. The reset
event takes place as part of the normal midnight maintenance and is logged to the
System log like other maintenance routines. The setting is set to 0 (disabled)
by default.
- [11998] Increased default encryption key length for newly generated self-signed
SSL certificates.
FIXES
- [11634] fix to WebAdmin's "Junk Email Breakdown" report is not accurately
displaying viruses detected or refused
- [11752] fix to WorldClient LookOut theme message flagging refreshing wrong when
preview pane is on right
- [11761] fix to SyncML settings not correctly reflected in WebAdmin interface
- [11786] fix to possible MDaemon.exe crash when using a mailing list that queries
members from Active Directory
- [11794] fix to binding secondary domains to individual IPs does not work
- [11644] fix to colored logs ignoring color selection on line prior to end partial
transcript entry
- [11795] fix to Daily Quota Reports being sent to domain admins without any over
quota users listed in the body
- [11790] fix to device stats data using last accessed information instead of since
device stat reset date
- [11864] fix to the WorldClient Mobile theme error alert pops up in the compose view
when tapping advanced
- [11862] fix to MDaemon GUI's public folders manager does not allow certain Japanese
and Chinese characters in folder names
- [11871] fix to installer error message when dealing with disks > 2TB
- [11874] fix to minor logic issue on WebAdmin's User Quota page
- [11879] fix to ActiveSync server does not recognize TNEF meeting invites generated
by Outlook
- [11900] fix to WebAdmin not properly checking for a blank mailbox name before saving
a new account
- [10057] fix to WebAdmin may incorrectly assume message is local when releasing a
message from the spam trap or holding queue. This results in the message not being
delivered.
- [11922] fix to Update Counts button on Account Editor | Quotas screen not working
- [11541] fix to WorldClient LookOut theme may display the wrong message in the View
Source window
- [11846] fix to MDaemon UI issues when learning messages from the Bayesian Spam and
non-Spam queues
- [11745] fix to Account Editor may create an account even when a validation error
occurs
- [11043] fix to WorldClient LookOut theme may not print events from all selected
calendars
- [11912] fix to WebAdmin may crash when saving an autoresponder
- [11744] fix to WorldClient LookOut theme contact info popup box lists email address
three times
- [11757] fix to message that contains only attachment would go missing when content
filter rule inserts signature
- [11910] added message to WebAdmin's Status page (for Global Admins only) if
MDaemon update checker has found an update
- [12026] fix to Account Template Mail Folder Path changes not saved properly in WebAdmin
- [12027] fix to Max Message Size setting not always being saved properly in WebAdmin
- [12016] fix to ActiveSync autodiscover not working on fresh installs of MD 13.5
- [11974] fix to content filter rule using REGEX search-and-replace may garble header
text
- [12031] fix to frozen accounts may be able to send messages to local accounts using
unauthenticated SMTP connections
- [10445] fix to being unable to remove Groups from List Membership from WebAdmin
- [12093] fix to unable to view some log files in WebAdmin when certain conditions
exist
- [12090] fix to duplication of certain files in WebAdmin's log file list
MDaemon 13.5.5 - July 6, 2016
FIXES
- [17293] fix to potential security vulnerability
MDaemon 13.5.4 - June 19, 2015
FIXES
- [15229] fix to security vulnerability in content filter
MDaemon 13.5.3 - May 13, 2014
FIXES
- [13122] fix to WorldClient vulnerability that may allow remote code execution
MDaemon 13.5.2 - August 6, 2013
SPECIAL CONSIDERATIONS
- [11478] The way smart hosts are used has changed. In the past the smart host for
a domain was only used when the routing option to send all mail to domain smart
hosts was enabled. This prevented use of smart hosts for particular domains and
standard direct delivery for others. Beginning with this version if a smart host
is configured and enabled for a domain then that smart host will receive outbound
mail regardless of any other settings in the software. So, now it is possible to
specify and use smart hosts for some (and not necessarily all) of your domains.
Please note that use of smart hosts had to be reset to OFF for all domains due to
this change. So, if you want to enable smart hosts for one or more domains use the
domain manager to do so.
- [11356] The WebAdmin log rollover and storage options have changed. WebAdmin will
now rollover its logs on the same schedule as MDaemon (F2 | Logging in the MDaemon
GUI). Weekly and Monthly rollovers are no longer supported. Additionally, new installs
starting with this release will have their WebAdmin logs stored in the same location
as the MDaemon logs (\MDaemon\Logs by default). Lastly, the WebAdmin-specific logging
options that remain have moved under the general Log Options menu in WebAdmin.
CHANGES AND NEW FEATURES
- [11382] POP/SMTP protocol command latency controls have been deprecated and removed
from F2|Server Settings|Timeouts.
- [11383] Moved message hop count setting from F2|Server Settings|Timeouts to Ctrl+Q|Retry
Queue|Undeliverable Mail.
- [11479] The POP-Before-SMTP settings have been removed from the Domain Manager's
Smart Host screen.
- [11521] The ActiveSync server sends messages to clients in newest-first order.
- [11261] Improved clarity of Security menu in WebAdmin when SecurityPlus is not installed.
- [10534] WebAdmin now hides the BES logs section if BES has not been installed.
- [11086] Moved the Gateway | Options "Access" section to the Gateway |
Dequeue section in WebAdmin.
- [11262] Updated the WebAdmin logging section's menu style.
- [11337] Added validation to WebAdmin's ActiveSync Policy Editor.
- [8319] WebAdmin now decodes UTF-8 subject headers in its mail folder views.
- [11239] Several WebAdmin validation error messages are now translated.
- [10862] Added date and time pickers to the WorldClient Mobile theme's calendar
and task editors.
- [11208] Added several Options pages to the WorldClient Mobile theme.
- [11540] The Calendar Statistics pane in WorldClient's LookOut theme can be turned
off by setting HideCalendarStats=Yes in WorldClient's Domains.ini or a user's User.ini.
- [11109] Added Email Templates to WorldClient's Simple and Standard themes.
- [11672] WorldClient.exe is now Large Address Aware, allowing it to use up to 4 GB
of RAM on a 64-bit OS.
FIXES
- [11559] fix to WebAdmin overwrites the language selected by the user with the HTTP
Accept-Lanaguage of the browser
- [10142] fix to the WorldClient Simple theme not populating the To address when clicking
on a sender's name in the message list to compose a message
- [11402] fix to not being able to select an autocompleted email address in the WorldClient
Mobile theme
- [11459] fix to the WorldClient LookOut theme's calendar statistics showing time
amounts as decimal numbers of hours rather than hours and minutes
- [1958] fix to the WorldClient move/copy dialog in some themes may make folders appear
as if they are subfolders of the wrong parent folder
- [11070] fix to the LookOut theme logging users out when very large numbers of messages
are moved
- [9054] fix to the WorldClient LookOut theme not unchecking the Unread advanced search
field in the message list view
- [11467] fix to formatting issue with accounts with a lot of mail in WebAdmin's
User's Quota page
- [8800] fix to the WorldClient LookOut theme's free/busy dialog not taking the
start/end times from the calendar event editing dialog
- [11524] fix to time of changed occurrences may be incorrect after accepting an invite
in WorldClient from a user in a different timezone
- [11548] fix to incorrect translated text on WorldClient's change password page
- [11536] fix to ActiveSync server does not sync contacts that do not contain enough
information to generate a FileAs value
- [11558] fix to searching contacts in WorldClient using only an email domain name
does not return any results
- [11549] fix to account level autoresponder exceptions in WebAdmin only showing first
address
- [10114] fix to the HTML compose control may not work in Internet Explorer 10
- [11483] fix to non-ASCII characters in messages may appear corrupted in some ActiveSync
clients
- [11593] fix to non-ASCII characters in HTML messages sent via some ActiveSync clients
may be corrupted
- [11597] fix to broken Outlook Connector download link in the emails MDaemon optionally
generates after installing OC
- [11564] fix to possible MDaemon UI crash at midnight after closing the composite
log
- [11502] fix to allowing the "MDaemon" account to be enabled for ActiveSync
- [11580] fix to the WorldClient Mobile theme showing an incorrect page could when
performing a search that returns multiple pages
- [10375] fix to the WorldClient LookOut theme showing a blank window when clicking
on the Maximize button on the HTML signature editor
- [11618] fix to WorldClient.exe does not automatically listen on port 80 when ActiveSync
is enabled
- [11546] fix to the WorldClient LookOut theme's autoresponder editor not allowing
Chrome users to select a time
- [11606] fix to accepted meetings are not synchronized to the server when using Outlook
2013 with ActiveSync
- [11515] fix to the WorldClient Standard theme's Contacts view having overlapped
Edit and Delete buttons
- [11613] fix to the WorldClient LookOut theme's ComAgent does not wrap long URLs
or turn them into hyperlinks
- [11642] fix to the WorldClient LookOut theme's ComAgent not showing emoticons
- [7928] fix to the WorldClient LookOut theme Mark as Read/Unread is not available
in some folders
- [11659] fix to ActiveSync policy names containing non-ASCII characters are corrupted
when viewed in WebAdmin
- [11647] fix to not being able to send read or delivery receipt requests when using
Outlook 2013 with ActiveSync
- [11607] fix to ComAgent's "Show ComAgent window in Windows taskbar" option
may not work correctly
- [11662] fix to non-ASCII characters are corrupted in ComAgent reminder instant messages
- [9750] fix to the WorldClient LookOut theme's Shared Calendars list may not show
the folder's owner
- [11666] fix to Content Filter's regular expression searches being case sensitive
- [11557] fix to ComAgent error when using Outlook as the traditional mail client
- [11490] fix to not being able to change ComAgent's skin more than once
- [11601] fix to meeting invitations sent from ActiveSync clients may not be recognized
by Outlook 2013
- [11648] fix to ActiveSync server may generate malformed HTML when replying
- [11652] fix to high/low message priority being reversed on ActiveSync clients
- [11635] fix to BlackBerry 10 devices using ActiveSync cannot open large attachments
- [11683] fix to MDaemon quarantines messages with an Outbreak Protection virus threat
level of 1
- [11628] fix to ComAgent contact synchronization with Outlook fails
- [11681] fix to PIM items deleted on ActiveSync clients are not deleted from Outlook
Connector
- [9812] fix to Active Directory monitoring fails if the base entry DN is configured
to bind to a specific object on a specific server
- [11678] fix to Active Directory monitoring corrupts non-ASCII characters in public
address books
- [11728] fix to Active Directory monitoring does not create contacts in the public
address book when the option to update the public address book is enabled but the
option to create/update MDaemon accounts is disabled
MDaemon 13.5.1 - June 28, 2013
FIXES
- [11512] fix to Content Filter corrupting messages that contain an attachment as
the message body
- [11463] fix to possible ActiveSync server crash when parsing malformed WBXML
- [11537] fix to MDaemon's Account Editor does not show the correct state of the "automatically
decline meeting request" options
- [9813] fix to the meeting organizer does not receive a response when a conflicting
meeting request is automatically declined
- [11493] fix to MDaemon UI crash when opening the Public Folder Manager if a folder
name is too long
- [11446] fix to MDaemon UI crash when entering long values in the alias editor
- [11487] fix to MDaemon may continuously retry failed connections to smart hosts
- [11466] fix to the "Require IP persistence" option for WebAdmin is not
honored
- [11373] fix to WorldClient LookOut theme's ComAgent pane closes when clicked in
- [11472] fix to ComAgent group messaging does not work for users with accents in
their names
- [11470] fix to the WorldClient LookOut theme may redirect IE8 users to the Standard
theme
- [11526] fix to WorldClient may crash while performing auto-complete lookup
- [11461] fix to invalid ActiveSync GAL search response when there are multiple results
- [11518] fix to ActiveSync GAL search responses do not include additional contact
details
- [11484] fix to ActiveSync log level cannot be changed from "None" on a
new install
- [11495] fix to a bad contact may cause an ActiveSync device to sync contacts over
and over
- [11516] fix to migration process may break IMAP ACLs for certain group names
- [11529] fix to possible ActiveSync server crash when a message send fails
MDaemon 13.5.0 - June 18, 2013
SPECIAL CONSIDERATIONS
- Please note that MDaemon's BlackBerry Enterprise Server does not (and can not) work
with BlackBerrry OS 10 devices. BlackBerry OS 10 devices are managed through MDaemon's
ActiveSync server or with different management tools obtained directly from BlackBerry
themselves. MDaemon's BES is for devices running BlackBerry OS 7 or below and can
not possibly be updated to support BlackBerry OS 10 or newer. The newer BlackBerry
devices have moved on from the older BES technology.
- [11236] ActiveSync for MDaemon licensing has changed to have license sizes and software
license renewal. A new screen at Alt+M | ActiveSync | Accounts lets you manage which
accounts are allowed to use ActiveSync. Please review this screen and the ActiveSync
Server screen to confirm the enabled accounts, domains, and options are configured
how you want them.
- [10156] The behavior of the Ctrl+S | SSL & TLS | STARTTLS Required List has changed.
Hosts and IPs listed here will now require TLS on both incoming and outgoing connections
from any host or IP on the list. In the past, the list only applied to outgoing
connections. Also, IPs listed here can now be specified in CIDR notation.
- [10500] In the past MDaemon would leave the public folders behind when a domain
was deleted. A new option has been added to F2 | Server Settings | Public & Shared
Folders which now determines whether this takes place. The default is to leave the
public folders alone to preserve existing behavior but it is recommended to enable
this option to delete them.
- [5597] When this version starts up for the first time it will perform a one-time
migration of account settings from WEBACCES.DAT into the accounts' HIWATER.MRK file
which is a more appropriate place for these configuration settings. The WEBACCES.DAT
file is no longer used and will be removed as part of this migration process. Also,
Ctrl+T|New Accounts|Web Services settings now apply only to newly created accounts
and no longer affect existing accounts at all. A new "Apply installation defaults"
button reverts all the settings on this page to installation defaults. Some of the
verbiage on this screen and on the Account Editor|Web Services screen was changed
slightly.
- [6814] The content of the NoComd.dat file is obsolete. Depending on your configuration,
this file was emailed like an autoresponder to anyone who submitted an MDaemon command
email that failed to contain any valid commands for MDaemon to process. The content
of the file contained instructions on how to ask for help, which hasn't been possible
for non-local users in quite a while. A new NoCommand.dat file has been created
which no longer contains this errant instruction. If you would like to provide instruction
to non-local users on (for example) how to send a SUBSCRIBE or UNSUBSCRIBE command
email you can easily modify the NoCommand.dat file to do so. If you have previously
modified the NoComd.dat file you can move your modifications into NoCommand.dat
from the backup of NoComd.dat which was created as part of the installation process
or from a backup created by the nightly config file backup feature.
- [10419] MDaemon no longer supports extraction of attachments into an account's FILES
folder. This folder was rarely accessible. Instead, this option extracts attachments
into the account's Documents IMAP folder which is accessible via WorldClient.
Each account's FILES folder will be left in place in case there are files there
which should not be deleted. However, no further use of this folder is made by MDaemon.
As part of this, the $FILEDIR$ macro was removed. Also, text was updated on both
the Account Editor | Attachments screen and the Ctrl+T|New Accounts|Web Services
screens.
- [10340] The format of log file lines in colorized logs (see below) has changed to
include a two-digit color code in each line immediately following the time-stamp.
- [10269] MDaemon will no longer bounce messages on a 5XX error from your smart host
if one or more of the MX hosts from the receiving domain returned a temporary error
earlier in the delivery session. This is on the theory that maybe one of the receiving
domain's servers will correct itself before the next queue run. However, it is an
indication of a bad site configuration if you are using a smart host and that smart
host refuses to accept mail from your MDaemon server. It is expected that this will
not ordinarily be the case. A new switch was added to F2 | Server Settings | Delivery
called "Bounce message on 5XX error from smart host" which defeats this
mechanism and causes the message to go ahead and immediately bounce. If the message
is not bounced it becomes part of the standard retry queue mechanism. If all
of the receiving domains MX hosts return 5XX errors -and- the smart host returns
5XX errors then the message has nowhere else to go and is bounced regardless of
any other settings.
- [10839] It's very easy to accidentally configure a valid account to receive bounces
from mailing lists in such a way as to cause the list pruning operation to delete
the account's other (non-list) related mail. To help prevent this when it is not
intended we have updated the documentation with warnings and have reversed the default
settings for two existing options: Ctrl+O | Miscellaneous "List pruner deletes messages
that don't contain parsable addresses" has had the default change from TRUE to FALSE
and Ctrl+O | Miscellaneous "List pruner saves messages which result in list member
removal" has been changed from FALSE to TRUE. Please set these options to how you
want your system to behave.
MAJOR NEW FEATURES
[10124] IMPROVED AND UPDATED ACTIVESYNC SUPPORT (Requires MDaemon PRO)
The ActiveSync server now supports ActiveSync protocol versions 12.1, 14.0, and
14.1. This should allow our ActiveSync server to communciate with a wider variety
of devices and applications including Outlook 2013. The amount of work and changes
necessary for this were extensive but mostly behind the scenes deep inside the ActiveSync
server engine itself. However, the changes have allowed us to expose new ActiveSync
policy capabilities and make many improvements to overall device mananagement. As
before, Alt-N's ActiveSync server is a separately licensed product available for
a one-time free trial period and for purchase on the Alt-N web site after the free
trial has expired. Additional changes include:
[10521] The Alt+M | ActiveSync | Policies screen has been redesigned and now allows
specification of many new ActiveSync policy elements. There are numerous new possibilities
with this than in older versions. As before, specific devices may elect to ignore
your policy requests and we've found this to be somewhat sporadic depending on the
device used and the version of the OS running on the device.
[10478] The Alt+M | ActiveSync | Options screen has a new control which will let
you specify the number of days of inactivity after which MDaemon will forget about
a particular device. This defaults to 31 days. When MDaemon forgets a device it
means that any previous configuration and/or access history is discarded. The next
time the device connects it will be forced to reprovision if a policy is in place
at the domain level, perform an initial foldersync, and re-sync all subscribed folders.
This helps to keep your installation clean from having a lot of old/retired/unused
devices. As part of the daily cleanup event MDaemon will check all devices for inactivity.
[9240] Improved ActiveSync and SyncML Server screens in UI so that you no longer
have to save changes when selecting a new domain from the domain drop-down list.
Settings are remembered and saved all at once if you click OK or ignored entirely
if you click Cancel.
[10477] The Alt+M | ActiveSync | Integrated Accounts screen was converted from a
ListBox to a TreeView based dialog and renamed "Devices". Also, the BES
and BIS "Integrated Accounts" screens were reorganized and renamed as
"Devices" and "Subscribers" respectively.
[10479] The "Delete" buttons found on both the Alt+M | ActiveSync | Devices
and Account Editor | ActiveSync Devices were renamed to "Forget device"
which more accurately reflects what's happening there. When these buttons are pressed
the ActiveSync server is told to discard any previous configuration and/or access
history for a particular device.
[10692] ActiveSync now supports a device ID, device type, and device OS white and
black list. New screens for managing this were added to Alt+M | ActiveSync.
You can white and/or black list devices based on their ID, type, and OS values.
[9508] The option to enable/disable ActiveSync services was moved from Account Editor
| Options to Account Editor | Mail Services.
[10811] Added Alt+M | ActiveSync | Restrictions screen which lets you specify User
Agent and Device Type values and restrict devices matching those values to specific
versions of ActiveSync.
[9358] IMPROVED ATTACHMENT LINKING (Requires MDaemon PRO)
MDaemon now supports attachment linking for outbound messages. In the past this
feature was restricted to incoming messages only. A new option has been added to
the Account Editor | Attachments screen to enable this on a per-user basis. The
option works only in conjunction with Attachment Linking so that overall system
must also be enabled and the user configured to use Attachment Linking. When the
user sends an email, Attachment Linking will extract the file, store it, and replace
it with a URL that you can customize. Also, a new control has been added to Ctrl+W
| Attachment Linking which allows you to specify the maximum number of days that
any attachment will be stored. As part of the daily cleanup event MDaemon
will remove any file found to be older than the specified number of days from the
root attachment folder and all sub-folders thereof. This only works when you
are using the default root attachment folder which is <MDaemonRoot>\Attachments\.
It does not work if you customize the attachment folder to point elsewhere.
This option is disabled (set to 0) by default to preserve existing behavior.
See the user's manual for complete details on Attachment Linking. In addition,
the overall system was polished up and refined internally for optimization purposes.
The option called "Extract text/plain attachment types" was renamed to
"Extract quoted-printable text/plain attachments" to better reflect what
it has always done.
[9359] Another new Attachment Linking option was added to Ctrl+W | Attachment Linking
which allows you to specify a minimum size below which attachments are not extracted.
Using this you can configure MDaemon to ignore small attachments and only pull out
bigger ones. This option is disabled (set to 0) by default to preserve existing
behavior. As a result of the code changes needed to implement this the following
macros have been deprecated and are no longer supported: $ATTACHMENTCOUNT$,
$ATTACHMENT(x)$, and $ATTACHMENTS$.
[10414] Attachment Linking will try to use the file name provided in the MIME headers
(if present). But if the file name is longer than 50 chars then only the last 50
chars will be used. If the file name is missing an extension ".att" will
be appended (MDaemon needs an extension).
[10497] IMPROVED DOMAIN MANAGER
The Alt+F2 | Domain Manager has been reworked. It now displays several screens for
each domain instead of having everything on a single screen. There are also better
options for creating, deleting, and renaming a domain. Many domain specific functions
have been removed from other places in the UI and consolidated here. As a result
of this you will no longer find default domain related settings in F2 | Default
Domain & Servers. In fact, that menu selection has been renamed to F2 | Server Settings.
MDaemon no longer needs the concept of primary/secondary domains but it does still
need one of your domains to be selected as the default domain. The default domain
is used any time the server engines can not determine a more appropriate domain
to use in a given processing context (which should be almost never). The Domain
Manager has a button which allows you to easily select which of your domains you
want as the default. The default domain can not be deleted.
[9303] The F2 | Domain Signatures (text/plain) and F2 | Domain Signatures (text/html)
screens were removed and replaced by a single screen at F2 | Default Signatures.
This makes it possible to see and edit both signatures in the same view. The
Domain Manager includes a similar screen for individual domains.
[4536] It is now possible to specify different smart host related settings on a
per-domain basis using the new Domain Manager. F2 | Server Settings | Delivery still
controls the type of message routing which takes place. In order to use any smart
host the proper message routing option still needs to be selected there. Also, its
necessary to configure a default smart host which will be used by any domain that
does not configure a different smart host to use. The default smart host is configured
at F2 | Server Settings | Delivery.
[10896] The "Enable smarter message routing" option was removed from F2
| Server Settings | Delivery UI.
Many of the screens at Ctrl+W | WorldClient (web mail) have lost the domain dropdown
box and now apply only as defaults for newly created domains. The screens
were copied into the Domain Manager where you can configure per-domain options for
all the elements.
[10008] PUBLIC FOLDER MANAGER (Requires MDaemon PRO)
The old UI for managing public folders was difficult to use with a large number
of public folders. A new UI is available via Alt+P that is a bit better. The older
public folder UI was removed from F2 | Server Settings however the Public &
Shared Folders global options screen is still there.
[5920] The Public Folder Manager will no longer allow public folder submission addresses
to be used if the address is already being used by another public folder. Also,
the submission address value is now checked to be sure it is a valid email address
form.
[10427] IMPROVED GROUPING AND ACCOUNT TEMPLATES
The grouping feature has been improved in several ways. First, a new UI for it has
been added to Ctrl+T which lets you more easily manage groups. The old UI
for this was removed from Ctrl+T. Second, groups can now have an optional
Account Template assigned. Account Templates allow you to define named sets of account
settings. A UI for managing Account Templates is accessible using Ctrl+T or from
the Accounts | Groups & Templates top level menu. Third, the Account Editor
| Mail Folder & Groups screen has been redone (in fact, the Account Editor has
been slightly updated in several places). From this screen you can assign one or
more groups to an account. The old UI for setting up new account default settings
has been removed. New accounts now automatically have the "New Accounts "
account template applied to them at the time they are created. The "New
Accounts" template is a special template that can not be renamed or deleted
but you can edit it. It then takes the place of the old New Account Defaults.
Groups can now be used to assign most of an account's settings automatically.
For example, if you want to assign an autoresponder to a certain set of accounts
you can create and name an account template which defines the autoresponder, then
assign that account template to a group, and then finally assign the group to one
or more of your accounts. From that point, the template will determine the accounts
autoresponder settings. Templates can control almost all or just select portions
of an account's settings. You can decide what portions of an account's settings
are to be part of a template. When an account is part of a group which maintains
an account template the controls within the account editor which are managed by
the groups account template will be disabled and a message will be displayed saying
that certain account settings are governed by a group. When you edit an account
template any account which is a member of a group that owns the template will be
automatically updated. When you change a group's account template to another
account template or delete a group or account template all the relevant user accounts
are updated immediately. Groups have a new "Priority" setting (from
1-1000). When an account is a member of multiple groups that each own an account
template with conflicting account settings the group with the lowest priority value
wins and will have its account template applied. When there is no conflict the settings
from each group are collectively applied. In the case of a tie the first group
found wins. When an account is removed from a group that has an account template
the account settings previously controlled by the account template revert to whatever
the New Account template says or possibly to another group's account template
if the account is a member of multiple groups.
[8381] Groups can disable ComAgent entirely or just the instant messaging portion
of ComAgent independently of an account template. In case of a conflict with
an account template owned by the group (if any) then this setting wins.
[10450] The Groups member of the MD_UserInfo structure has been increased in size
allowing an account to be a member of many more groups than before.
[9715] Groups now have an edit control where you can specify an Active Directory
group. When an MDaemon group is configured to link to an Active Directory
group any member of the Active Directory group will be placed into the linked MDaemon
group automatically. This only works if you are using the Active Directory
monitoring feature. You can map any AD attribute you want to use as a trigger
for putting accounts into MDaemon groups however the "memberOf" AD attribute
will most likely be the one to use. You can configure this by editing ActiveDS.dat
in notepad. This feature is disabled by default. To enable it, edit
ActiveDS.dat and tell MDaemon what AD attribute to use for your group trigger or
uncomment the "Groups=%memberOf%" line in ActiveDS.dat to use what I guess
would be the most common attribute.
[6790] MULTI-LANGUAGE COMAGENT
ComAgent now supports multiple languages. Rather than each language of MDaemon including
a ComAgent in just that language, all languages of MDaemon now include a ComAgent
that supports English, German, Spanish, French, Italian, Japanese, Dutch, Polish,
Portuguese, Russian, Swedish, Thai, and Chinese. The user can select the language
from ComAgent's Preferences dialog. ComAgent now also has improved support for international
characters in instant messages and file transfers.
[10340] COLORIZED SESSION LOGS
The UI tabs which display Routing, SMTP-in, SMTP-out, IMAP, POP, MultiPOP, and DomainPOP
activity may now use some colors to help visually separate events during a session.
A new option was added to F2 | Logging | Options called "Use colors when displaying
mail session logs" to control this. The same UI option can also be found at
Ctrl+O | GUI. The option is disabled by default. The default text colors can be
changed by editing the LogColors.dat file as follows:
[Colors]
Background=0x000000
|
Background color; black
|
SelectedBackground=0xff0000
|
Selected background color; blue
|
Default=0xffffff
|
Default text color; white
|
Processing=0x00ffff
|
Internal processing and parsing activity; default is yellow
|
DataIn=0x008040
|
Incoming data from other server; default is dark green
|
DataOut=0x00ff00
|
Outgoing data sent to other server; default is bright green
|
Error=0x0000ff
|
Error messages; default is red
|
TCPIP=0xff8000
|
TCP/UDP/DNS/PTR related activity; default is light blue
|
SpamFilter=0x0080ff
|
Spam filtering; default is orange
|
AntiVirus=0xdda0dd
|
AntiVirus processing; default is plum
|
DKIM=0xff00ff
|
DomainKeys and DKIM activity; default is fuchsia
|
VBR=0x40c0ff
|
Vouch by Reference activity; default is light orange
|
SPF=0x808080
|
Sender Policy Framework activity; default is grey
|
Plugins=0x0080c0
|
Any message sent from a plugin; default is brown
|
Localq=0x00ffff
|
Local queue routing; default is yellow
|
Spam=0x0080ff
|
Spam message routing; default is orange
|
Restricted=0x40c0ff
|
Restricted message routing; default is light orange
|
BlackList=0x808080
|
Blacklisted message routing; default is grey
|
Gateway=0x00ff00
|
Gateway message routing; default is light green
|
Inboundq=0xff8000
|
Inbound message routing; default is light blue
|
PublicFolder=0xdda0dd
|
Public folder message routing; default is plum
|
If you want to use colors but don't want to colorize one or more of the above
elements just set the corresponding values to zero. For example: SpamFilter=0 (the
Default color will be used). That trick doesn't work for Background or SelectedBackground.
If you want to change those two you have to provide a new color value. The
color values are specified in hexadecimal of this form: 0xbbggrr where bb is the
relative intensity for blue, gg for green, and rr for red. So it's a COLORREF basically.
There are many sites online which provide lists of hex values for colors. Watch
the byte order though as many provide them in #rrggbb form. Changing colors requires
a restart of MDaemon or creation of a file called COLORS.SEM in the APP folder.
The main UI utilizes colors in real time as the log string is actually constructed
and displayed however the configuration session which reads log files from disk
must read the color value from a new bit placed just after the time-stamp in the
logged string. As a result, a configuration session will not be able to colorize
portions of log files created prior to MDaemon 13.5.0.
Because attributes necessary to the use of colors may be specified only at the time
the window is initially created toggling the use of colors on/off requires an MDaemon
restart before it will take effect.
[9579] IMPROVED ACTIVE DIRECTORY MONITORING (Requires MDaemon PRO)
Active Directory monitoring has been improved to periodically query AD and keep
all public contact records updated with the most recent information stored in AD.
Common fields like an account's postal address, phone numbers, business contact
information, etc will be populated into their public contact record and this data
will be updated any time it is changed in Active Directory. Numerous contact record
fields will be monitored in this way. For a complete list of which public contact
record fields can be mapped to Active Directory attributes see my commentary in
the ActiveDS.dat file. Also, you do not need to enable full Active Directory account
monitoring to take advantage of this. A new switch has been added to the Ctrl+U
| Active Directory | Monitoring which allows you to enable this feature independantly
from the full Active Directory account monitoring feature (which may be too much
for many sites).
The ActiveDS.dat file has several new mapping templates which allow you to specify
one or more AD attributes from which to populate a particular contact record field
(for example, %fullName% for the fullname field, %streetAddress% for the street
address, etc). I've defaulted many of these to what appear to be correct values
on our active directory server here at Alt-N but your mileage may vary. I could
not find proper attributes in our Active Directory for some of the contact fields
but thats because I'm not an AD expert. They are exposed anyway and can be used
if needed. A one-time migration of ActiveDS.dat will be performed upon first-time
start-up of MDaemon 13.5.0 in order to expose these changes. None of your
existing alterations to this file will be lost.
MDaemon must match an accounts email address to some attribute within Active Directory
in order to know which contact record to update. If it can't find such a match it
does nothing. By default MDaemon will try to construct an email address using the
data taken from the attribute mapped to the Mailbox template (see ActiveDS.dat)
to which MDaemon will internally append the default (primary) domain name just as
it would when actually creating and deleting accounts based on Active Directory
data. However, you can uncomment the "abMappingEmail" template inside ActiveDS.dat
and tie it to any AD attribute you wish (like %mail% for example). Just understand
that MDaemon expects the value of this attribute to contain an email address that
will be recognized as a valid local user account.
MDaemon accounts which are flagged as hidden are not subject to having their contact
record created or updated. This feature will create the contact records on the fly
if they don't already exist and it will update contact records which do exist. It
does not care about and will happily overwrite any changes you make outside of Active
Directory. Contact record fields that are not mapped are left unaltered so any existing
data that is not subject to being changed by this process will not be altered or
lost. Lastly, the Active Directory UI screens have been reworked slightly and the
code over-all has been somewhat optimized but you should know that this process
hits Active Directory every 10 seconds by default (you can change it) so if you
query the root for this rather than a more narrow Active Directory container you
might notice it (or maybe not, I don't know for sure).
[10017] Active Directory monitoring will now update an account's alias value. In
the past an accounts alias could be plucked from Active Directory only at the time
the account was initially created. Note that there's no way to remove any old alias
that might have been put there by AD changes earlier because I can't easily tell
what old alias should be deleted and I can't delete them all because some aliases
might have been created outside AD (users can have more than one alias). This means
that over time some orphaned aliases might accumulate but no harm done and they
can be removed using the alias editor.
[10476] Active Directory monitoring feature updated to test and log entire set of
values for an attribute. In the past only the first in the set was being tested/logged.
Also the logging was simplified and shortened.
[5728] PERFORMANCE COUNTERS
Performance counters have been implemented to allow monitoring software to track
MDaemon's status in real time. There are counters for the number of active sessions
for the various protocols, number of messages in the queues, server active / inactive
states, MDaemon up time, and session and message statistics.
CHANGES AND NEW FEATURES
- [11296] The WorldClient Mobile theme is now updated for modern smart phones to create
an improved user experience for touch screen devices.
- [10019] The MDaemon system account email address is no longer visible/selectable
within controls like the public folder submission address dropbox. The account is
not eligible for these types of functions and thus should not be selectable.
- [9820] When applicable, WebAdmin now shows quota information per user on the Mailbox
Charts.
- [9047] When looking at the bad queue content within the GUI the "Subject"
column has been replaced with "Bad queue reason" and contains a text description
of why the message was placed within the bad queue.
- [10129] WebAdmin's Holding Queue and Spam Trap views now display the X-MDaemon-Deliver-To
header information for each message.
- [10093] If an email is destined for a domain which has no MX records and also has
no A records then the message will be immediately bounced back to sender as undeliverable.
- [10176] Loading IPScreen.dat items into the GUI is deferred until the IP Screen
editor is selected rather than when the Security Settings dialog is first opened.
- [10284] F2 | Server Settings | Servers no longer has per-domain options related
to maximum acceptable message size. These options exist in the Domain Manager and
the F2 screen is for global (not per-domain) settings.
- [10322] Added option to F2 | Server Settings | Servers which causes the SMTP server
to refuse duplicate recipients in the same SMTP session. Duplicates are refused
with "452 That recipient has already been specified." This option is disabled
by default to preserve previous behavior.
- [9721] When a public folder goes from not having a submission address to having
one every existing ACL is granted the "post" right now rather than just
the "anyone" ACL.
- [10341] The text strings sent to the routing log have been simplified and made consistent.
Long paths that are not necessary were shortened. The System log will display each
queue path on startup on queue state changes.
- [10342] DNSBL hits and refusals now have their own separate counters within the
UI tool window and on the statistics report. These counts are no longer folded into
the SPAM counts.
- [10368] Added option to enable/disable sending of notification emails to the Ctrl+P
| Spam Filter | Updates screen. This mirrors the same option currently found in
the Content Filter UI and does the same job but here it is easier to find.
- [10371] The "Account Settings" menu option was renamed to "Account
Options" and a new "Passwords" screen was added into it. From here
you can set the requirement to use strong passwords and you'll find a new button
which will let you edit the bad passwords file. Values in the bad passwords file
can never be used for account passwords. Bad passwords can be provided using
reg-ex. This requires the strong passwords option be enabled.
- [10381] Removed the "double click item to remove it from list" type of
behavior that some parts of the UI still employed. These included the Sender Blacklist,
IP Screening, and Host Screening dialogs, all of which have a "remove"
button for this purpose now.
- [10397] The catalog editor was converted to a standard type modeless dialog box.
- [10404] The ZIP file names of log archives now include a date-stamp of when the
ZIP file itself is created rather than a date determined (sometimes errantly) by
what might be inside the ZIP. So today's ZIP contains what was archived today,
which could be yesterday's log files -or- many days worth of log files X days
old or older, depending on your configuration settings.
- [9026] Log files are no longer archived as part of the cleanup.bat file processing
and this now takes place as its own event and as the very last thing in the midnight
cleanup processing chain. Hopefully this will fix an issue which sometimes occurs
where log files have nothing or the wrong things in them.
- [8766] Added descriptive text to groups editor explaining how to edit a group name
and description.
- [8007] The Ctrl+T | Account Templates | Web Services now includes the ability to
set defaults for LAN IP exceptions.
- [6251] When MDaemon generates Message-ID values, APOP greetings, and AUTH "first
ready" responses it now uses server FQDN values rather than the default domain
name. Where possible the FQDN value used will be the one associated with the
current processing context.
- [7261] The option to force a Reply-To header into all messages not containing one
has been removed from Ctrl+O | Headers screen. MDaemon can't get this
right in all cases and this is a mail client responsibility (not a mail server's).
- [6482] In the past the greylisting system first translated RCPT data in case an
alias was used and then compared, stored, and used this translated data which may
then have differed from the actual RCPT data provided. This violates the greylisting
best-practices and whitepaper which states that the actual RCPT data must be used
(not some translated or altered version of it). So the greylisting system
has been changed and now the actual RCPT data is always used.
- [10354] When an autoresponder attempts to subscribe an address to a mailing list
the attempt will now fail if the address is one of those configured to not receive
the autoreponse.
- [9528] Added "Update Counts" button to Account Editor | Quotas which refreshes
the counts on the screen (sometimes the cached values are out of date). Also, I
changed the descriptive text on this screen to indicate that the email count includes
stored documents as well.
- [6928] Account mail folder paths may no longer contain the following DOS/Windows
reserved names as this causes problems for some OS API calls: \AUX\, \CON\, \COM1\,
\COM2\, \COM3\, \COM4\, \LPT1\, \LPT2\, \LPT3\, \NUL\, \PRN\. Attempting to create
or edit an account which contains any of these values within the mail folder path
will generate an error message.
- [10420] The session identifier logged with each line of a session's log no longer
includes the so-called child ID value. This value is not necessary (the session
number is enough) and it is already logged at the top of each session. So
the identifier is now simply the session number (from 1-999999) which rolls over
back to 1 after reaching 1000000. It is not intended to be a GUID but rather
is just a visual aid when looking at a log file in a viewer. The current value
will now be stored and remembered across reboots rather than starting over at 1
each time MDaemon is restarted. Also, the session identifier will now be padded
with leading zeros so that the log lines up evenly when using a viewer like notepad.
- [10430] The "Folder, Attachments, Groups" screen within the Account Editor
has been renamed to "Mail Folder & Groups." The attachment related
settings have been removed and placed into a new screen within the Account Editor
called "Attachments."
- [10431] The "New Account Defaults" settings have been removed from the
Account Settings editor and placed into their own editor called Account Templates
which you can access using Ctrl+T or from the Accounts top-level menu.
- [10432] The "Account Defaults" screen within the Account Editor has been
reorganized and the controls resized so that the values they contain can fit when
at their maximums.
- [10463] The account/folder/group/mailing list picker object has been reworked and
is now resizable and will remember its size and position.
- [9504] The IPs within the IP Screen and Host Screen UI will be sorted.
- [9497] The "Use subaddressing" checkbox was moved from Account Editor
| IMAP Filters to Account Editor | Options so it can be part of the new account
template system (the IMAP Filters page is not part of the template mechanism).
- [10159] The spam filter will no longer bother checking the size of a message if
spam filtering is already being skipped for certain other reasons.
- [8890] When dynamic screening detects a connection from an IP that has been temporarily
banned it will now issue a 4XX temp error with a message to try again later. The
previous 5XX error and non-descript message was inaccurate for this situation.
- [10297] Added option to Ctrl+P | Spam Filter | Options which will let you keep the
spam filter white and blacklist entries in sorted sequence. Note that if you have
added your own comments into the file (lines starting with #) enabling this option
will sort these lines to the top of the file which is probably not what you want.
This feature is disabled by default to preserve existing behavior. The sort operation
takes place upon the next change to the white or black list file.
- [9819] New controls were added to Ctrl+U | Quotas which cause a daily quota report
email to be sent to all global and domain administrators. The report lists all accounts
which are within XX percent of their quota maximums. You can configure the percent.
If you set the percent to ZERO all accounts get included in the report. The report
sent to global administrators includes information on all relevant accounts for
all domains. The report sent to the domain administrators just covers their domain.
The report can be costly in terms of cycles so it runs in its own thread and is
part of the daily cleanup event. Also, and separately but I'm listing it here, a
new switch was added which toggles sending of the near quota warning emails to accounts
on/off. In the past configuring the percent for this to ZERO was the toggle.
- [10406] A new control was added to Ctrl+O | System which will let you set the hour
at which the daily maintenance and cleanup event takes place. In the past this has
been fixed at midnight (which I still recommended). The new control defaults to
midnight to preserve existing behavior. Regardless of what hour you schedule for
this some things still happen at midnight anyway (such as the running of Midnight.bat
and log file maintenance).
- [10246] If a mailing list allows anyone to post (that is, the mailing list is NOT
configured to allow only list members to post) then messages from NULL sender (ie..
MAIL FROM:<>) sent to the list will be accepted. In the past, they were refused.
- [5699] If a mailing list's public folder is missing, messages will be routed to
the bad message queue rather than being dropped on the floor.
- [10498] MDaemon's startup routine has been optimized and is now many times faster
- especially for sites with thousands of domains. MDaemon no longer logs every
missing postmaster/abuse alias for every domain. Instead, it logs a single
message saying you are missing at least one (if you are). Also, the socket
startup routine was optimized to log only errors and not every single protocol initialization
for every single domain (this was REALLY slowing things down). Finally, the
Everyone@ and MasterEveryone@ lists are no longer created if they already exist.
These lists contain macros and not actual list members so there's no reason
to always rebuild them on startup.
- [10499] I added an option to Ctrl+O | Preferences | UI which lets you control whether
you want the various dialogs throughout the UI to expand the left hand tree nodes
or not. Note that the first (or root) node is always expanded regardless of
this setting.
- [10510] The routing log will display encoded From/To/Subject data in decoded form.
- [6144] The mail statistics report email now reports free disk space in MB rather
than bytes.
- [10227] The UI will display consistent results when creating a certificate for use
with SSL/TLS.
- [8719] DomainPOP and MultiPOP logging no longer bothers with logging the temp file
I/O. Instead it logs the final message creation placed into the Inbound queue
(or an error result). This lets you track DomainPOP/MultiPOP through other
logs which was not easy to do in previous versions.
- [5818] An option was added to Ctrl+U | Passwords which allows you to set a maximum
number of days before users will have to change their password. This option
defaults to ZERO (disabled). If you set it to (for example) 30 days then users
will have 30 days from the next time their account is edited in the UI or from their
next logon via POP, IMAP, SMTP, or WorldClient to change their password (which,
once changed, will start a new 30 day time limit). After that, if they don't
change their password they will not be able to logon to POP, IMAP, SMTP, WorldClient,
or WebAdmin. WorldClient will prompt the user for a change of password if
the user has permission to edit his password, but Outlook, Thunderbird, etc, will
not. Many mail clients will not show a helpful error message to the user, so they
may need admin assistance to figure out why the logon is failing. Accounts which
are about to have their passwords expire are sent a warning email each day for X
days leading up to the password becoming expired. The number of days can be
set by a new option at Ctrl+U | Passwords.
- [10520] Added an option to the Account Editor | Account Details screen which allows
you to require an account to change their password before it can connect using POP,
IMAP, SMTP, WorldClient, or WebAdmin. Take care with this option because it
may not be easy or possible for an account to do this (see 5818).
- [10222] Added an option to the Account Editor | Account Details screen which allows
you to "Freeze" an account. Frozen accounts can receive mail but
can not send or check mail. The controls on this screen were re-organized
somewhat. The Smart Host logon/password options were moved from here to the
Account Editor | Mail Services screen.
- [10512] Added options to Account Editor | Web Services screen to disable ComAgent
entirely and/or disable the Instant Messaging portion of ComAgent.
- [10544] The icons in the account manager have changed slightly. Frozen accounts
now receive the white X icon (this used to be the icon for accounts with partial
mail service). Frozen accounts are similar to disabled accounts which also have
an X icon and white is a good color to indicate a frozen state. Accounts with partial
mail service now get an orange check mark to indicate their similarity to full access
accounts which have a green check mark.
- [1889] WorldClient now gives users the ability to download all of a message's
attachments by sending them in a zip file.
- [10030] The IMAP server now supports the XLIST extension.
- [2434] The Enter key may be used in ComAgent's "My Contacts" window
to open an instant messenger window for the selected contact
- [10632] Added RESTARTWC.SEM sem file which causes WorldClient to be stopped and
restarted. This works only when WorldClient is running using its own built-in web
server.
- [3429] Removed the WorldClient option to send an invitation to the meeting planner.
It did not work properly and it only made sense for public folders, for which a
more robust solution needs to be developed.
- [10563] The rules processing engine within content filter is now enabled by default
for new installations.
- [10567] F2 | Event Scheduling will no longer show AntiVirus related elements when
AntiVirus is either not installed or has an expired subscription.
- [6023] Contact "Email 2" and "Email 3" fields are now used for
auto-complete results and contact search results
- [8339] Contact "Nickname" field is now used for auto-complete results
and contact search results
- [10857] The holding queue no longer automatically stores messages sent to or from
a disabled or frozen account unless the holding queue is enabled and a new switch
at Ctrl+Q | Holding Queue which configures this specific behavior is also enabled
(it is enabled by default to preserve existing behavior).
- [10846] Increased amount of space for account restrictions by factor of 10. Better
solution will come in MDaemon 14.0.
- [2540] Gateway .LCK files are stored in the \MDaemon\Lockfiles\ folder now rather
than the gateway's mail folder. This allows much faster startup times for sites
with large numbers of gateways.
- [9700] Updated Content Filter's regex engine. The new engine follows the
ECMA grammar and is much more powerful than the previous regex engine. There
are some syntax changes, the main being backreferencing (\1, \2, \3, etc) has changed
to ($1, $2, $3 and so on). MD3Conv will update any rules that contain "regular
expression search and replace" during installation including MDaemon's
ticketing system rules.
- [10917] MDaemon no longer forces the domain names you create to lower case. Domain
names are case-insensitive so MDaemon will use whatever case you use when you create
the domain's name.
- [10890] MDaemon.exe is now Large Address Aware, allowing it to use up to 4 GB of
RAM on a 64-bit OS.
- [10932] Disabled accounts are now removed from the domains global address book.
If the account is later re-enabled it will be added back (depending on your configuration
settings).
- [8079] WorldClient sends an email to the postmaster when the dynamic screening bans
an IP. Settings to control this are in \MDaemon\WorldClient\WorldClient.ini:
[DynamicScreening]
SendBanNotification=Yes
SendBanNotificationTo=postmaster
- Updates to the WorldClient LookOut theme:
- [10747] Update to modernize the theme's appearance and color scheme
- [8948] A new Email Templates editor for inserting pre-written pieces into emails
- [10853] Quick calendar filtering on the Day, Week and Month views to allow you to
narrow down the labels of the calendar entries - just hover over a calendar label
list below the calendar folder list to reduce the displayed entries. This
also gives users a small report on their event totals.
- [10854] When the message list is less than 600 pixels wide it will re-render to
be a double-rowed message list
- [10373] Various performance improvements to speed up the loading time
- [10855] When users hover over calendar entries they will now be presented with a
preview of the event to speed up seeing details
- [11025] Added an option to add message footer to messages that have attachments
that could not be scanned.
- [9025] Messages sent to the MDaemon system account to perform various functions
are now logged with details in a new "MDaemon" tab within the main UI
and tracked into their own log file.
- [10073] By default MDaemon will no longer send a "No valid command found"
email back to those who send such emails. You can re-enable this function via a
new option in Ctrl+O|Preferences called "Send response to invalid command messages."
- [10074] MDaemon no longer supports making account changes by sending email messages
to the system account. Account holders can still make changes to their accounts
by logging into WorldClient or WebAdmin. The UI checkbox called "Allow changes
to account via email messages" has been removed from both the account editor
and the new account defaults UI.
- [10077] Numerous popup dialogs were changed to have unnecessary text such as "Click
'Ok' to continue" removed.
- [11118] added Thai language to WorldClient language options
- [9813] Added ability for an account that automatically processes meeting requests
to decline conflicting and recurring requests
- [10444] Added text clarifying the use of Macros in List Membership to WebAdmin
- [3122] Added About MDaemon dialog to WebAdmin. More to come for this page in further
versions.
- [11224] Added an option in ComAgent to show the ComAgent window on the taskbar.
- [11202] Added file name to ComAgent file transfer window captions.
- [10246] Messages sent to lists with a NULL reverse path were previously rejected
after RCPT but are now rejected after DATA in order to work with several routers
and call-back verification schemes.
FIXES
- [10233] fix to SMTP MAIL value not tested against "Spam Filter (no filtering)"
list
- [10259] fix to list of AV excluded-from emails being included in the list of password-
protected files exclusion list
- [10393] fix to DomainPOP not always handling tab characters properly when parsing
for addresses
- [10257] fix to change of log file size not taking effect immediately
- [7771] fix to restricted accounts being unable to send mail to other domain sharing
servers
- [10036] fix to unable to stop/disable WorldClient service from configuration session
- [9561] fix to message to multiple lists with public folders not each getting a copy
in the public folder
- [9231] fix to "...but only from LAN IPs" options in web default settings
not applied to all accounts when "Apply to all accounts now" button pressed
- [5044] fix to mailing lists being incorrectly written to the global address book
file
- [5410] fix to bounce notifications improperly stripping BATV encoding from return
path address
- [6155] fix to smart routing sometimes delivering local mail from the remote queue
- [10453] fix to mailing list membership not updated when group names changed or deleted
- [10471] fix to MDaemon account showing up in various account picker/account tree
objects within the GUI
- [8128] fix to Active Directory full scan button not always taking stock of latest
Active Directory configuration settings
- [8650] fix to DomainPOP parsing not handling BATV encoded local addresses properly
- [8482] fix to missing domain public folders not always being created when option
to do so is enabled
- [6627] fix to Ctrl+E | Mail Scheduling Option "deliver mail X minutes after
last delivery" never working properly
- [9374] fix to list password not parsing from encoded subject data properly
- [10253] fix to $SUBJECT$ macro not handling encoded subject data properly
- [6590] fix to Active Directory search code not working with multi-byte characters
properly
- [3554] fix to MDStats adding entries to SA whitelist_from_rcvd often incorrectly
(now uses just whitelist_from)
- [10455] fix to forwarded messages not honoring outbound IP binding or forwarders
account disabled status
- [2347] fix to account/group updates not updating Content Filter rules
- [10573] fix to inline image links are broken in WorldClient's HTML compose editor
- [10564] fix to "All messages sent From" option from "postmaster"
to "postmaster@$DEFAULTDOMAIN$."
- [10483] fix to searching in the WorldClient LookOut theme's calendar year view
- [9991] fix to random crashing on shut down for ComAgent
- [3861] fix to disabling instant messaging for a user does not take effect until
ComAgent is restarted
- [3187] fix to not all instant messaging items are removed from the ComAgent UI when
instant messaging is disabled
- [10624] fix to WorldClient users may receive a "The meeting location is occupied
at that time" error message when creating event with location and time of an
existing event. This was a holdover from an obsolete resource scheduling approach.
The recommended approach is to create and invite a resource user that automatically
accepts and declines calendar invites. This is compatible with all platforms that
support calendar invites and free/busy lookups.
- [10614] fix to an appointment changed by another user via WorldClient will show
it as a meeting request on an ActiveSync device
- [10468] fix to the attendee does not receive a meeting request when creating a meeting
in a shared calendar using WorldClient
- [10636] fix to possible IMAP and WorldClient error when moving folders to become
subfolders of Inbox
- [10797] fix to WebAdmin displaying a blank entry for domain selection on the ActiveSync
Server page
- [10821] fix to right-click add to black/white list feature not adding correct address
to lists in some cases
- [10686] fix to Firefox printing message headers on a separate page from the body
in the LookOut theme
- [10771] fix to "strong password required" error message missing from ODBC
and LDAP backend DLLs
- [10786] fix to UI allowing accounts to be created with mailbox ending with '.'
- [10908] fix to ActiveSync and SyncML UI not handling default settings properly in
all cases
- [10648] fix to changes to "Add Sender Header" in WebAdmin's Headers page
not being saved.
- [11012] fix to newly created gateways not honoring all default dequeue IP access
settings properly
- [9232] fix to ComAgent does not send instant messages when the Enter key is pressed
if certain dialogs are open
- [11032] fix to WebAdmin not handling the Account Restrictions page properly for
all languages
- [10992] fix to when accepting a meeting request in WorldClient, the invitee's Outlook
Connector shows the invitee as the meeting organizer
- [11022] fix to list unsub confirmation checkbox not sticking
- [11216] fix to wrong commandline value logged when running an external process fails
- [6755] fix to blank "File As" field in Outlook Connector for contacts
created in WorldClient that have only a company name
- [11223] fix to potential crash when using "Remove contacts which are missing
name or phone data" button
- [11212] fix to vulnerability (false positive) reported in WebAdmin during PCI Compliance
check
- [11182] fix to script error in WebAdmin when editing content filter rule using MSIE
and a language other than English
- [10728] fix to account with "+" sign not rendering properly in WebAdmin's
Alias Editor
- [11267] fix to Timeout and Remote IP columns not sorting properly on sessions tab
in UI
- [11281] fix to unable to delete/edit/refresh the session window content in the configuration
session
MDaemon 13.0.8 - July 6, 2016
FIXES
- [17293] fix to potential security vulnerability
MDaemon 13.0.7 - June 19, 2015
FIXES
- [15229] fix to security vulnerability in content filter
MDaemon 13.0.6 - May 13, 2014
FIXES
- [13122] fix to WorldClient vulnerability that may allow remote code execution
MDaemon 13.0.5 - March 26, 2013
FIXES
- [10852] fix to security vulnerabilities in MDaemon's IMAP server
- [10475] fix to appointments (not meeting invitations) created by iOS devices via
ActiveSync display differently on other iOS devices on the same account
- [10483] fix to searching in the WorldClient LookOut theme's calendar year view
- [10495] fix to times may be off by UTC offset when parsing calendar invite created
by an iOS device
- [10557] fix to ActiveSync requests may leak memory. This causes
the memory usage of WorldClient.exe to grow over time.
- [10614] fix to an appointment changed by another user via WorldClient will show
it as a meeting request on an ActiveSync device
- [10624] fix to WorldClient users may receive a "The meeting location is occupied
at that time" error message when creating event with location and time of an
existing event. This was a holdover from an obsolete resource scheduling approach.
The recommended approach is to create and invite a resource user that automatically
accepts and declines calendar invites. This is compatible with all platforms that
support calendar invites and free/busy lookups.
- [10468] fix to in WorldClient when creating a meeting in a shared calendar, the
attendee does not receive a meeting request
- [10645] fix to when an ActiveSync user accepts an invite more than once in the iPhone
mail application, the response message is sent to an invalid email address "<3>"
- [10822] fix to meeting planner cannot edit an event synchronized to their Android
device via ActiveSync
- [10686] fix to Firefox printing message headers on a separate page from the body
in the LookOut theme
- [10676] fix to duplicate messages in Sent Items when using ActiveSync with BlackBerry 10
MDaemon 13.0.4 - January 15, 2013
CHANGES AND NEW FEATURES
- [9218] Added Vietnamese language to WorldClient.
- [10403] The IMAP server now allows messages to be copied into a user's Deleted
Items folder even when over quota, so users of IMAP clients that copy messages into
Deleted Items when deleting them are able to delete messages successfully.
FIXES
- [10385] fix to WorldClient HTML injection vulnerability
- [10386] fix to predictable WorldClient session IDs
- [10389] fix to WorldClient's login request to WebAdmin may disclose authentication
credentials
- [10390] fix to non-admin users may possibly import accounts into WebAdmin
- [10452] fix to IMAP server STARTTLS plaintext command injection vulnerability
- [10183] fix to the WorldClient LookOut theme not updating the message status icon
in some cases when a message status changes
- [10171] fix to the WorldClient Simple theme's notes list not rendering the note
properly
- [10150] fix to the WorldClient Simple theme's message view having images clip
the menu when the message is scrolled in Internet Explorer
- [10218] fix to the WorldClient Simple theme calendar week view copy link not working
after using the move link
- [4894] fix to the search paging not working in the WorldClient Mobile theme
- [10358] fix to possible MDaemon crash if the Strip X-Headers setting is enabled
- [10259] fix to list of AV excluded-from emails being included in the list of password-protected
files exclusion list
- [10136] fix to mailing list import from CSV not honoring current list membership
default type value
- [10137] fix to mailing list import from CSV may change the list membership default
type
- [10246] fix to SMTP server accepting messages to mailing lists which arrive using
a NULL reverse path (ie.. MAIL FROM:<>) - such messages should be rejected
- [10283] fix to problem adding/changing message headers when TEMP folder is on different
volume
- [10320] fix to bad month name in some ActiveSync-related date strings
- [10325] fix to wrong icons for some items in MDaemon's Stats pane
- [10232] fix to "Spam Filter (no filtering)" list not working with BATV
encoded addresses
- [10356] fix to WorldClient crash after ActiveSync fails to start up successfully
- [10291] fix to confusing error about "not saving changes" on WebAdmin's
My Mailing Lists page
- [10401] fix to error when saving WebAdmin's Content Filter | Attachments page
- [10417] fix to MDaemon UI options to disable or password-protect the Free/Busy service
do not work properly
- [10415] fix to inline AV scanning not applying modified settings
- [10423] fix to IMAP server does not apply dynamic screening when logins fail due to
the "full email address required" option
- [10425] fix to IMAP AUTH command does not enforce the "full email address
required" option
- [9904] fix to the WorldClient LookOut theme's insertion of distribution lists
from the contact picker into appointments
- [10065] fix to the WorldClient LookOut theme is unable to remove compose attachments
that have multiple spaces or Japanese characters in the filename
- [10438] fix to deleted and changed occurrences of recurring calendar events are
not synchronized to some ActiveSync clients
- [10319] fix to UTF-8 encoded characters in message bodies may appear corrupted in
some ActiveSync clients
- [10443] fix to WebAdmin's ActiveSync Server per-domain settings not being generated
or saved properly
- [10439] fix to the WorldClient LookOut theme not rendering messages if the status
column is not displayed
- [10446] fix to incorrect times on changed occurrences synchronized via ActiveSync
if the user is configured to use a different time zone than the MDaemon server
- [10447] fix to certain deleted and changed occurrences are not synchronized via
ActiveSync if the user is configured to use a different time zone than the MDaemon
server
MDaemon 13.0.3 - November 14, 2012
CHANGES AND NEW FEATURES
- [9955] Multiple account/list editor windows operating on the same account/list simultaneously
is no longer allowed. Instead, trying to open a second editor window will bring
the initial window to focus and forefront.
- [10010] The simple message ticketing system has been changed in order to address
several issues including:
- [9752] Remove Reply-To header from outbound ticketed emails
- [9981] Ticketing system no longer prevents other content filter rules from operating
on messages
- [9948] Locally sent replies to messages sent from the ticketing folder will no longer
have an additional identifier automatically added
- [9827] Ticketing system now allows message processing to handle spam properly
To take advantage of these changes you will need to allow MDaemon to delete and
recreate the ticketing rules. Use the public folder UI to select the public folder
using ticketing and click Replace. This causes MDaemon to replace the ticketing
rules in CFSYSRULES.DAT with new rules that incorporate the above changes.
- [9914] Updates to WebAdmin's dynamic screening section to match MDaemon
- [10034] The update checking process will now send only one update notification email
each time a new update is made available rather than sending the same notification
email about the same available update every single day. So if you were annoyed
by a daily update notification email which caused you to disable the update notification
option you can safely reenable it now.
- [10050] Added option in the AntiVirus screen to allow a message with a password-protected
non-scannable file to pass through AV scanner if it is in the exclusion list.
- [10066] How MDaemon creates configuration file ZIP backups has been changed to exclude
files that didn't need to be backed up and improve performance. MDaemon only
backs up files in the following subfolders of <MDaemonRootFolder>: (including
subfolders) App, Digests, Domains, SpamAssassin, WebAdmin, WorldClient, and (excluding
subfolders) SecurityPlus. By default only files matching these masks are included
in the ZIP: *.INI|*.DAT|*.SUP|*.MBF|*.RSP|*.GRP|*.CF. You can configure the files
you want to include in the ZIP at F2|Preferences|Disk.
- [5849] A new Domain Sharing option has been added to F2|Domain Sharing which causes
MDaemon to keep emails destined for another host within a shared domain in the queue
rather than send these emails immediately to the smart host on a delivery error
(such as a domain sharing host being offline). Sending these mails to the smart
host often leads to a mail loop. This change allows emails with delivery problems
to go through the delivery retry process just as forwarded mail for a gateway domain
can do. This option is enabled by default.
- [9892] F2|Default Domain & Servers|Servers now has the option to refuse messages
which are not RFC compliant enabled by default. This is possible because the check
for an RFC compliant "Date" header has been moved to a new option on the
same UI page right under it. This option is disabled by default to allow messages
from non-compliant email software (like Microsoft Outlook) to be accepted.
- [10059] MDaemon will add its host name and IP to the bottom of all license expiration
warning emails. This way if you can easily distinguish between multiple MDaemons
you might be running.
- [10041] Account exporting to Eudora has been deprecated and removed (it is out of
date by about a decade).
- [10095] Updates to WebAdmin's MDaemon Logging Options section to match MDaemon
- [10130] added Public Folders ACL Help window to WebAdmin
FIXES
- [9938] fix to WorldClient's calendar event start time control may wrap in Google
Chrome
- [9942] fix to personal black lists being used even when option globally disabled
- [9677] fix to ticketing rules are not deleted when deleting a public folder that
uses ticketing
- [9983] fix to queued mail from disabled accounts being delivered rather than sent
to holding queue
- [9565] fix to the WorldClient LookOut theme loading indicator may get stuck when
deleting items from the message list too quickly
- [9982] fix to incorrect version information in ComAgent.exe
- [10013] fix to meeting updates and responses are sent to ActiveSync devices as new
meeting invitations
- [10004] fix to WebAdmin's public and shared folder text is inconsistent with
MDaemon
- [10005] fix to WebAdmin's public folder prefix setting should be disabled if
public folders are globally disabled
- [10006] fix to save button not always enabled when changes made to Public Folders
section
- [10009] fix to Content Filter work folders not being removed when attachment compression
is enabled
- [10021] fix to unable to change page list view page in WebAdmin by typing in a page
number and pressing the "Enter" key
- [5694] fix to WorldClient contact import fails with CSV file created by non-English
Outlook
- [10026] fix to WorldClient's LookOut theme may not open to the folder selected
in ComAgent
- [10020] fix to crash when opening Mobile Device Management UI and BIS sub/unsub
log corrupt
- [9985] fix to ComAgent icon does not stop blinking after the new messages are read
- [9988] fix to WorldClient does not use the HTML signature when forwarding a message
as an attachment
- [9997] fix to unable to use ALL_USERS or GROUP macros when adding members to mailing
lists in WebAdmin
- [10040] fix to unable to use GROUP macro when editing Public Folder ACLs in WebAdmin
- [8156] fix to the WorldClient LookOut Calendar Day view when double clicking a time
of day to create an event in Firefox - the proper time of the event is set instead
of always defaulting to 8:30
- [10022] fix to the WorldClient Simple theme where the address lookup would be malformed
and fonts are extra small
- [10023] fix to the WorldClient Simple theme needing two clicks on the CC field
- [9897] fix to the WorldClient LookOut theme not rendering the free busy data properly
in IE9
- [10037] fix to WorldClient web server may still listen for ActiveSync connections
on port 80 after ActiveSync has been disabled
- [9980] fix to WebAdmin not refreshing status of previously wiped ActiveSync devices
- [10029] fix to hour possibly incorrect on meeting invitations sent to ActiveSync
devices
- [10058] fix to erroneous "WARNING, Unknown Result : 0x80070003" logged
to ActiveSync log file after a PING request
- [10052] fix to certain browsers unable to import users or mailing list members using
WebAdmin
- [10049] fix to missing "Session X; Child Y" lines in SMTP-out session
logs
- [10067] fix to WebAdmin creating wrong SEM when updating hijack whitelist
- [10057] fix to WebAdmin not always releasing Spam Trap messages to the correct queue
- [10082] fix to possible IMAP error "Receive buffer error, aborting. Message
cannot be delivered." when iPhone tries to upload copy of sent message
- [10113] fix to the WorldClient LookOut theme requiring delete permissions for public
folders to mark a message as read.
- [10070] fix to copies of messages sent using ActiveSync SmartReply and SmartForward
are not saved to Sent Items folder
- [10047] fix to meeting is duplicated when accepting a meeting using ActiveSync on
an iOS device
- [10128] fix to the WorldClient Simple theme not showing the remote image link when
a remote image has been blocked
- [10091] fix to deleting an ActiveSync device does not remove it from ActiveSync.ini
- [10096] fix to MAIL command reverse lookup option to refuse mail if a lookup returns
'domain not found' not working
MDaemon 13.0.2 - October 24, 2012
FIXES
- [9926] fix to possible WorldClient crash when uploading attachments
- [10062] fix to potential account access vulnerability
MDaemon 13.0.1 - October 2, 2012
CHANGES AND NEW FEATURES
- [9781] WorldClient's HTML editor control no longer disables the browser's
native spell checker. However, in order to view the list of suggestions, the user
must use CTRL+RIGHT CLICK to display the browser's native context menu. If the
user only right clicks, an item in the HTML editor control's context menu will
remind the user to use CTRL+RIGHT CLICK when spell checking.
- [9786] The public folder ticketing rules created in CFSYSRULES.DAT have been changed
to prevent false matches: Condition03 in RuleTicketing-1 matches to "@<domain>"
now rather than just "<domain>" and Condition01 in RuleTicketing-2
was changed from "contains" to "is equal to". In order
to take advantage of these tweaks for public folders which have already had ticketing
enabled you can manually edit CFSYSRULES.DAT with notepad and make these changes
yourself (being sure to create a CFILTER.SEM afterwards) or you can edit the public
folders with the UI by selecting them and clicking REPLACE which will recreate the
rules for the folder in CFSYSRULES.DAT.
- [9611] Added ActiveSync Domains and Integrated Accounts sections to WebAdmin.
- [9828] RFC compliance checking (a) now rejects messages which contain multiple addresses
in the "From" header and are missing the required "Sender" header
and (b) now rejects messages that have multiple addresses in "Sender"
header.
- [9824] The SMTP server corrects site policy text (if needed) to ensure a valid response.
- [9732] The Account Manager now sorts the accounts list by mailbox by default.
FIXES
- [9767] fix to WebAdmin not configuring IMAP Compression setting properly
- [9797] fix to WebAdmin toolbar buttons may not be enabled when using MSIE
- [9803] fix to incorrect title of the "Total Sessions" report in WebAdmin
- [6058] fix to the WorldClient LookOut theme's print calendar as list feature
possibly printing events from the previous or next day if they are all day events
- [8604] fix to the WorldClient LookOut theme possibly corrupting the output of the
BCC field when the message is previewed
- [9249] fix to the WorldClient LookOut theme not properly setting folder ACLs when
using the context menu after having viewed the Options-Folders view
- [9378] fix to the WorldClient LookOut theme's calendar view clipping the bottom
of the Search and Cancel buttons in Firefox
- [9580] fix to the WorldClient Simple theme not allowing users to create or edit
recurring events
- [9682] fix to the WorldClient LookOut theme's folder list clipping the scrollbar
by a few pixels
- [9684] fix to the WorldClient LookOut theme's 8 day calendar view icon not being
updated properly
- [9685] fix to the WorldClient LookOut theme's 8 day calendar view date span
being 7 days
- [9686] fix to the WorldClient LookOut theme's 8 day calendar view not showing
all 8 days without the need to scroll if there is not enough content to require
scrolling
- [9688] fix to the WorldClient LookOut theme's 8 day calendar view not resizing
properly when the browser window is resized
- [9689] fix to the WorldClient LookOut theme's 8 day calendar view not highlighting
selected items properly
- [9789] fix to possible javascript errors in the WorldClient LookOut theme when moving
the mouse over calendar events
- [9810] fix to the WorldClient LookOut theme's documents view not handling multiple
document folders being viewed consecutively and only uploading to the initially
viewed document folder
- [9191] fix to the WorldClient LookOut theme's compose view not finishing rendering
before an error message is displayed
- [9726] fix to the WorldClient LookOut theme's folder options view duplicating
the "subfolder of" drop down folder list contents when a new folder is
created
- [9079] fix to the WorldClient LookOut theme getting stuck trying to load on the
iPhone - it now redirects to the Mobile theme
- [9785] fix to ticketing option enabled on existing public folder not taking effect
immediately
- [9821] fix to Help|About not showing registration name/company for SP or OC
- [9791] fix to WebAdmin allowing users to copy Spam Trap messages into Non-Spam folder
when Bayesian Classification was disabled
- [8988] fix to the WorldClient LookOut theme possibly inserting folders under the
wrong parent folder in the Options-Folders view
- [9277] fix to the WorldClient LookOut theme not allowing users to select text in
notes, the autoresonder, and other text areas in Firefox
- [9812] fix to Active Directory monitoring fails if the base entry DN is configured
to bind to a specific object
- [9808] fix to Domain Manager failures when large numbers of domains present
- [9391] fix to possible ComAgent crash when recipient declines a file transfer request
- [9604] fix to IP Shield improperly handling certain FROM headers
- [9790] fix to WorldClient is unable to remove a contact's Birthday value
- [9668] fix to the WorldClient LookOut theme's message preview 'Add Filter'
in an external window not rendering properly. The user is now shown an inline editor.
- [9203] fix to incorrect Italian translation for the Recipient column in the WorldClient
LookOut theme
- [9758] fix to WorldClient's Advanced Compose options are left unchecked when
resuming a draft
- [9770] fix to ActiveSync may send an incorrect event end time if the user is in
a different time zone than the server
- [9763] fix to ActiveSync body truncation options are not always handled correctly
- [9833] fix to changes to column widths in the WorldClient LookOut theme may be lost
until switching views or logging back in to WorldClient
- [9645] fix to EDITUSER.SEM cannot be used to enable or disable an account
- [9395] fix to the WorldClient LookOut theme lists message attachments in reverse
order
- [9838] fix to incorrect message size in single message POP3 LIST response
- [9219] fix to MasterEveryone list is not updated after creating or deleting domains
from a Configuration Session
- [9276] fix to outbound attachment compression may add a blank line to the end of
certain attachments
- [9836] fix to "Not Found" error in WebAdmin when attempting to edit or
add certain content filter conditions/actions using a browser other than MSIE
- [9537] fix to when user's date format is %d/%m/%Y WorldClient's datepicker
corrupts date manually entered using the %d.%m.%Y format
- [9150] fix to the WorldClient LookOut theme's message window not handling the
accept invitation dialogs properly and preventing users from accepting an invite
- [9867] fix to in WebAdmin message timestamps are off by an hour in Spam Trap Folder
list
- [9857] fix to the WorldClient Simple theme not posting Note Save/Cancel requests
properly to the server
- [9847] fix to Domain Manager dialog only lists up to 500 domains
- [9835] fix to WorldClient header line wrapping may introduce spaces into email addresses
- [9862] fix to the WorldClient LookOut theme still deleting an event if a user clicks
'Cancel' on the recurring event deletion confirmation dialog
- [9868] fix to WebAdmin's Domain Editor not always saving some of the settings
properly
- [9832] fix to the WorldClient LookOut theme's multi-calendar checkboxes possibly
getting out of sync with what is presented to the user
- [9760] fix to the WorldClient LookOut theme's drag and drop target in the compose
view not being wide enough to handle some translated strings
- [9861] fix to ActiveSync remote wipe does not work
- [9863] fix to ActiveSync task due date may be off by one day for certain time zones
- [9879] fix to WebAdmin not always handling messages in the Holding Queue that have
Route Slips properly
- [9856] fix to WebAdmin removing certain Public Contact details when editing Account
Options tab
- [9788] fix to MD GUI may say that ActiveSync is not enabled when it really is
- [9896] fix to WebAdmin mailbox report results should not include the "MDaemon"
system account
- [9895] fix to WebAdmin not creating the right SEM file when updating Dynamic Screen
entries
- [9900] fix to being returned to the day view no matter which calendar view you created
an event from in the WorldClient Simple theme
- [9899] fix to appointment times for a recurring series are changed when the time
for a single instance is changed on an ActiveSync device set to a different time
zone than the server
- [9915] fix to duplicate updates are sent to each attendee when updating an event
that has multiple attendees
MDaemon 13.0.0 - September 4, 2012
SPECIAL CONSIDERATIONS
- [9012] MDaemon FREE is no longer supported beginning with this version. The last
MDaemon FREE version is MDaemon 12.5. The FREE registration key will not work in
this release moving forward. The installation process will offer to convert
FREE installs to TRIAL installs.
- [8960] A new global on/off setting was added for SyncML and ActiveSync servers to
enable/disable them globally for all domains. Please check to be sure the
SyncML and ActiveSync servers are enabled/disabled per your liking. This global
switch is now used for ActiveSync when enabling/disabling it via the FILE menu and
"Servers" section of the main UI.
- [9157] MDaemon no longer checks messages for RFC compliance by default to avoid
an issue with Outlook's test messages (which are missing the Date header).
Check F2|Servers to make sure this setting is how you like it.
- [9022] MDaemon no longer supports Windows XP older than Service Pack 2 or Windows
Server 2003 older than Service Pack 1.
MAJOR NEW FEATURES
[9104] ACTIVESYNC DEVICE POLICY SUPPORT (Requires MDaemon PRO)
Support for basic ActiveSync device policy has been added. You can manage pre-defined
policies and create your own policies from a new screen at Alt+M | ActiveSync |
Policies. Policies can be created from amongst the following 4 elements (more elements
may be added in future versions as they become possible to achieve with ActiveSync):
- "Require a password" - include this policy element to force the ActiveSync
device to require a password and to enable selection of other policy elements which
require a password to be present.
- "...passwords must contain both letters and numbers" - include this policy
element to force a more complex form for ActiveSync device passwords (requires "Require
a password" policy element enabled).
- "...lock device after XX minutes of inactivity" - include this policy
element to force the device to the lock screen after a given number of inactive
minutes.
- "...wipe device after 10 failed password attempts" - include this policy
element to wipe all device content (return to factory install settings) following
10 consecutive failed password attempts.
A default policy can be assigned per domain from the Alt+M | ActiveSync | Domains
screen. Policies can be assigned per device from the Account Editor's ActiveSync
screen (which was called "Mobile Details" in previous versions).
Note that not all ActiveSync devices recognize or apply policy consistently. Some
may ignore policy altogether and others may require a device reboot before changes
take effect (defeating the purpose of many of the policy elements). Also, no policy
is applied until the next time the device connects on its own to the ActiveSync
server.
[5820] DETECT AND STOP HIJACKED ACCOUNTS (Requires MDaemon PRO)
Dynamic Screening has been improved by adding an option to disable local accounts
which try to send more than XX messages in XX minutes. When an account is
disabled an email is sent to the postmaster which can be replied to which re-enables
the account. Note that the account could quickly get disabled again if the
message sending continues. Accounts disabled by this process can still accept
incoming mail but they can not log in to web mail or web administration and they
can not collect or send mail. The intent is to try and recognize and stop
a hijacked account so that the postmaster can review the situation and take action.
The postmaster account is exempt from this.
[5426] WORLDCLIENT DOCUMENT FOLDERS (Requires MDaemon PRO)
MDaemon 13 adds document sharing to the WorldClient themes. Document folders
have full ACL controls that can be used to set permissions and sharing rules.
Any types of files can be shared through the system. In the LookOut theme
browsers that support the HTML5 Drag and Drop API such as Chrome and Firefox should
be able to drag files from the desktop into the browser window to upload documents.
Filenames can be searched as well as selected documents being attached to new messages
that are being composed.
[2505] IMAP "COMPRESS" AND "BINARY" SUPPORT (Requires MDaemon
PRO)
[2505] The IMAP server now supports the COMPRESS extension (RFC 4978), which compresses
all data sent to and from the client. This does require extra memory and CPU usage
per IMAP session. You can disable COMPRESS support via a new option in F2|Servers.
[8525] The IMAP server now supports the BINARY extension (RFC 3516), which lets
clients download message attachments in decoded form.
[9250] SIMPLE MESSAGE TICKETING SYSTEM (Requires MDaemon PRO)
A system has been added to MDaemon that allows public folders to be configured as
a message ticketing public folder. If this is enabled for a public folder MDaemon
will add the public folder name and a unique identifier to the subject of messages
sent to the submission address of the public folder. Any outbound messages having
this specially formatted subject will have the From address changed to the submission
address of the public folder and a copy of the outbound message will be placed into
a child public folder named "Replied To". In addition, any inbound messages
with this specially formatted subject will be automatically redirected to the public
folder, regardless of the address the message was sent to.
[8505] ACTIVESYNC AUTODISCOVER SERVICE (Requires MDaemon PRO)
Autodiscover allows users to set up an ActiveSync account with just their email
address and password, without needing to know the host name of the ActiveSync server.
Autodiscover requires HTTPS to be enabled. For most systems it also requires that
a new CNAME or A record be added to DNS. "autodiscover.yourdomainname.com"
should resolve to the server running ActiveSync.
CHANGES AND NEW FEATURES (Some require MDaemon PRO)
- [9574] "Upgrade Protection" is now called "Software License Renewal".
You may notice several UI, support file, and web site changes in this regard.
- [6745] MDaemon no longer requires a valid NIC card in the machine in order to install
or run. This allows MDaemon to run on Amazon EC2 and/or other virtualized environments.
- [9733] New MDaemon, SecurityPlus, and Outlook Connector installations have had their
trial periods increased from 30 days to 60 days. For SP and OC the new 60
days trial requires MDaemon 13 or higher.
- [8951] The "BlackBerry Device Management... Alt+B" menu option was renamed
"Manage Mobile Devices... Alt+M" and the SyncML and ActiveSync configuration
pages were moved into it from "Web, Sync, & IM Services...Ctrl+W"
which was also renamed to "Web & IM Services... Ctrl+W." Some of the
text at the top of the SyncML and ActiveSync pages was rewritten to make required
use of WorldClient more clear.
- [9002] Several ActiveSync server configuration settings were exposed on a new tab
added to Alt+M. For details on what these options do consult the MDaemon users manual.
- [9008] The domain listing will always be presented in alphabetical order now throughout
the UI but the primary domain will always sort to the top of the list. The
option to sort the domain listing was removed from Preferences.
- [8969] The secondary domains editor was redesigned to look and work like other dialogs
in the UI. The menu option for this was renamed from "Extra domains"
to "Domain Manager."
- [6272] The new Domain Manager now allows you to disable AntiVirus and/or AntiSpam
services for the default domain.
- [8954] The WorldClient Standard theme now has a separate auto-responder option view.
- [8968] UI editor windows are now resizable but will not reduce below certain minimums.
They will remember their height and width and reuse those values the next time the
window opens.
- [7872] UI session windows are now resizable.
- [8978] The SYSTEM log will be updated with the state of the queues (frozen or active)
any time such a state is altered.
- [8971] Updated text displayed for a specific ActiveSync key retrieval error so it's
more helpful.
- [8994] The option to skip SMTP max message size checking if SMTP AUTH is used has
been changed to per-domain and the F2|Servers and Alt+F2|Domain Manager UIs have
new checkboxes for this.
- [9015] The "...manage BlackBerry device" MDaemon UI options related to
WebAdmin permissions have been renamed to "...manage mobile devices" as
this now applies to more than just BlackBerry phones.
- [8603] CSV contact import/export from WorldClient now includes the BlackBerry PIN
field
- [8528] Improved validation of start date and due date fields when creating or editing
a task in WorldClient
- [9027] Exposed "MDS Browser Domains" policy to the BES policy editor.
For more information on this policy see:
http://docs.blackberry.com/en/admin/deliverables/4222/MDS_Browser_Domains_204039_11.jsp
- [8945] Changed text from "WebAdmin (accounts can...)" to "With web
service access account may..." in the Account Editor and New Account Defaults
web access UI to better reflect reality (some options can be done from WorldClient
in addition to WebAdmin so the original text was not precise).
- [4380] Added ActiveSync and SyncML configuration screens to WebAdmin. Moved BES/BIS
menus along with ActiveSync/SyncML to new Mobile Devices menu.
- [4372] Implemented Minger dialog in WebAdmin.
- [9107] Re-organized the Preferences and Setup menu sections in WebAdmin.
- [9127] The default domain is assumed when low disk warning email address is missing
one.
- [9129] Removed the "... maximize use of stack memory (POP3 only - may cause
instability)" from F2 | Servers as unnecessary.
- [9164] A warning is added to SYSTEM log for each orphaned LCK/WRK/LOG file that
can't for whatever reason be deleted at startup.
- [8578] In addition to DNS.SEM doing this, all the Windows DNS servers and spam filter
DNS settings are reloaded any time the DNS UI page is accessed.
- [5441] Added option to F2|Logging|Maintenance that deletes archived log ZIP files
older than XX days. This defaults to 0 days (meaning nothing happens) to preserve
existing behavior. Deletion happens during the midnight cleanup event.
- [9183] MDaemon no longer supports the "procnow" or "getaddress"
special email addresses.
- [8696] MDaemon will show "OC" and the client version (if known) rather
than "IMAP" in the Type column for Outlook Connector sessions.
- [8916] Added option to Help menu to check for SecurityPlus core software (not virus
pattern) updates. This update will also be performed automatically once every 14
days and the postmaster will be informed via an email if a new update is available
(you can disable notification of available updates at Ctrl+O|Miscellaneous).
- [9213] MDaemon will no longer repeatedly spam email the postmaster when a new update
is available. Instead, only a single email notification per available update will
be sent.
- [6531] The Ctrl+O|System option to move an account's mail folder to a new location
upon a domain value change now also takes place upon a mailbox value change. The
wording of the option in the UI has been updated accordingly. Note that moves only
take place if the previous (old) mail folder path contains the old domain and/or
mailbox value at the time the change to new values occurs.
- [3104] Exposed Holding Queue in WebAdmin
- [2431] Added an "Add Contact" menu item to the ComAgent tray popup menu
- [9246] MDaemon will write out the current product version to WISE section in registry
to assist the update checking process.
- [9250] Added Content Filter macro $GEN_GUID$ which will generate unique ID with
11 alpha-numeric characters. Example: 0XVBASADTZC.
- [9259] For newer versions of Windows which do not allow for interactive access to
service processes, MDLaunch will now also start-up a visible and accessible UI in
addition to the invisible and inaccessible services.
- [3095] Added SecurityPlus configuration dialog to WebAdmin
- [9287] Calendar and task reminders are now sent from a dedicated thread
- [9247] Added SecurityPlus updater dialog to WebAdmin
- [3711] Added Domain Sharing dialog to WebAdmin
- [9063] Added the ability to select multiple attachments in WorldClient's LookOut
theme for HTML5 enabled browsers such as Chrome or Firefox that support the functionality
- [8552] Added the ability to drag and drop attachments to the WorldClient LookOut
theme compose view (and attachments view) for HTML5 enabled browsers such as Chrome
or Firefox that support the functionality
- [8102] Add the ability for the WorldClient LookOut theme to store the checked state
of the calendar view. Settings are now stored in the [CheckedFolders] section of
the User.ini file. Values are stored as FolderName=Yes|No
- Various improvements to the loading performance of the WorldClient LookOut theme
- [8543] Exposed "Export to Public Address Book" option in WebAdmin
- [9312] Reloadcache.sem reloads ipscreen.dat, hostscreen.dat and batvxcpt.dat.
- [7704] Added Queues Configuration section to WebAdmin
- [8142] Instead of stripping invalid characters from Attachment Linking filenames,
MDaemon will replace them with underscores.
- [8908] Added ActiveSync support for iCalendar meeting requests and responses.
- [8997] The ActiveSync server now updates the user's Last Access time.
- [9347] Account Editor quotas tab now displays the current email message count and
current disk space used.
- [9350] After installation, the activation process will now automatically take place
in the background without the need for popup dialog wizards. If some error occurs
or user interaction is required for any reason the standard wizards will appear.
- [9363] Added current disk usage and message count to WebAdmin's account editor
- [9465] The Simple theme has been updated to use a "Responsive Design"
so that it works better on multiple devices and should be more touch screen friendly.
This also changes to use (some) HTML5, JavaScriptNext and CSS3 for browsers that
support them. iPads, iPhones and Android devices will now be directed to this
theme by default for logon to help take advantage of the simplicity, and clarity
of layout on smaller screens.
- [9522] Added "Traffic Charts" to WebAdmin for global administrators. Interactive
graphs display the Total Sessions, Messages Sent and Received, Junk Email Breakdown,
and POP Messages Collected for the server over the past seven days.
- [2139] ComAgent's messenger window indicates when the other person is typing.
- [9493] WebAdmin warns the user when leaving a page that has unsaved changes.
- [9494] If SecurityPlus is installed, WorldClient will scan uploaded files for viruses,
and delete files that are infected. This applies to compose attachments, Documents
folders, and ComAgent file transfers. WorldClient only scans files for domains that
have AntiVirus enabled (see the "Enable AntiVirus" checkbox in MDaemon's
Domain Manager). The following INI settings in \MDaemon\WorldClient\Domains.ini
can be used to configure this feature: VirusScanUploads=Yes, DeleteInfectedUploads=Yes,
DeleteNonScannedUploads=No.
- [9512] If SecurityPlus is installed, MDaemon will scan messages uploaded to the
server using IMAP for viruses. Infected messages will be refused.
- [9500] Added support for the $Forwarded and $MDNSent IMAP message flags to the IMAP
server and WorldClient. This allows Outlook Connector and WorldClient to share a
message's forwarded status and read receipt sent status.
- [4332] MDaemon's IMAP server now supports the QUOTA extension (RFC 2087). This
allows clients that support it to request the account's quota usage information.
- [9362] (Requires MDaemon PRO) WorldClient's branding images may now be easily
customized. To customize the images, select the "WorldClient Branding"
option from WebAdmin's "Main" menu.
- [9513] Removed Slovenian and Croatian languages from WorldClient.
- [9523] Added "Free disk space" to WebAdmin's status page for global
administrators
- [4974] Changed WorldClient's threaded message view to sort threads based on
the date of the newest message in the thread rather than the root message.
- [9552] Re-organized the Mobile Details section in WebAdmin's account editor
for clarity
- [9522] Added "Mailbox Charts" to WebAdmin for global administrators. Interactive
graphs display the Top Mailboxes by Size and Top Mailboxes by File Count. This information
is queried from the quota cache database (QuotaCounts.dat) file.
- [9573] BlackBerry device information has been moved from the "Mobile Details"
page of the Account Editor to the BES "Integrated Accounts" page on the
Mobile Device Management dialog. Double click on an entry to get more information
about it.
- [9709] If SecurityPlus is installed and messages scanned then 'X-MDAV-Result'
header is added with the result of 'clean' or 'infected'.
This is done so that Content Filter can process the message further if necessary.
FIXES
- [8567] fix to CFEngine.exe loading AV engine even if it is disabled
- [8893] fix to WebAdmin does not detect BES status change until it is restarted
- [8374] fix to daily send quota not counting each RCPT toward the limit properly
- [7622] fix to DNS lookups to 127.0.0.1 not working with outbound socket binding
- [8070] fix to all DNS servers are not attempted when MX or A lookups return DNS
server failures
- [8397] fix to message bounce when last DNS MX record in list has no A record
- [8509] fix to MDMigrator fails to import folders whose name contains characters
not allowed as directory names by the Windows file system
- [9194] fix to MDMigrator not including newer Outlook versions in its error messages
regarding what version of Outlook is required
- [8732] fix to errant delivery if connection lost during DATA; MD must drop session
when this occurs
- [5044] fix to mailing list UI not updating public contact list with list name correctly
at all times
- [9066] fix to Account Manager not always returning to proper selection after an
edit
- [9165] fix to "Disk Used" column not sorting properly in Account Manager.
It now sorts properly while also keeping all "over" quota accounts sorted
together as well. Also, it is no longer required that the account have quota restrictions
enabled in order to display disk usage data in the account manager.
- [4341] fix to SyncML appointments fail to transfer meeting planner to device
- [9170] fix to IP Cache expiring permanent items errantly when max entry count reached
- [9185] fix to incorrect logging of passing a message to a plugin for processing
- [5838] fix to iCalendar parser does not populate recurrence timezone
- [8480] fix to AV exclusions not working due to BATV address
- [9133] fix to "Enable BES" checkbox state may be incorrect in a configuration
session
- [9090] fix to ComAgent reconnect attempts cannot be set higher than 10
- [5376] fix to ComAgent auto-update not completing
- [3732] fix to ComAgent not logging out when user selects "Offline" status
- [9271] fix to Account Restrictions settings not saving in German/French (possibly
other languages)
- [9108] fix to a corrupted domains.dat file may prevent WebAdmin from listing all
domains
- [9137] fix to HTML Signature feature not working at the domain level
- [9294] fix to WebAdmin displays "Parameter too large" error when refreshing
browser
- [2060] fix to the folder's expanded/collapsed state conflicting with other settings
in some cases. They are stored in the [CollapsedFolders] section of the User.ini
file as FolderName=Yes|No for collapsed state
- [9296] fix to IMAP server does not support blank SEARCH arguments
- [9018] fix to being unable to move a calendar item to another folder using ActiveSync
- [9028] fix to incorrect iCalendar message sent when a meeting planner changes an
occurrence of a recurring event.
- [5637] fix to MDaemon is unable to connect to SMTP/POP servers that require a valid
client certificate chain
- [9205] fix to WorldClient LookOut theme login error when a user's Sent Items
folder is set to Inbox
- [9198] fix to ActiveSync all day events may not appear as all day events on the
client
- [9376] fix to email address change via GUI not reflected in GroupwareUsers.dat
- [9233] fix to the WorldClient LookOut theme's summary view possibly showing
two notifications that there are no messages to display
- [9384] fix to MDaemon hangs temporarily if a Configuration Session window is open
when creating domains using the MDaemon API
- [9390] fix to incorrect response to the POP3 STAT command for a mailbox over 2GB
in size
- [9413] fix to ComAgent may still open the previous default browser after the default
browser is changed to IE
- [9448] fix to ActiveSync server creates a public contacts folder if one does not
exist when a client tries to search the global address list
- [9447] fix to possible ActiveSync sync failure if an email address contains non-ASCII
characters
- [9471] fix to BES button on the Account Manager may be enabled when BES is not installed
- [9482] fix to IMAP server sends APPENDUID and COPYUID responses for folders the
user does not have read permission to
- [9485] fix to AD monitoring might not detect changes when using an alternate domain
controller
- [2332] fix to IMAP server does not enforce quota limits when users copy or upload
messages
- [9507] fix to WorldClient does not enforce quota limits when saving, copying, or
moving messages
- [7108] fix to possible cause for BIS push notifications to stop being sent
- [9539] fix to multiple instances of the BES plugin may be started
- [8152] fix to WorldClient may not import all contacts from a CSV when multi-line
values are present
- [9559] fix to WorldClient's remote image blocker treats images in data URIs
as remote images
- [9563] fix to incorrect alias translation may prevent mailing list member from sending
to private list
- [9195] fix to sub-folders not being removed from the folder list when a parent folder
is deleted in the LookOut theme's Options-Folders view
- [9558] fix to the WorldClient compose auto-complete not finding contacts in some
languages
- [9568] fix to changes to Reverse Lookup Whitelist in WebAdmin require a restart
of MDaemon
- [9571] fix to a possible CFEngine.exe crash
- [9564] fix to WorldClient is unable to edit contacts created by certain Android
ActiveSync devices
- [8153] fix to the WorldClient LookOut theme's note editor clipping the date
in IE8
- [9556] fix to Android 4.0.3 calendar app crashes when trying to edit a meeting that
has had changes synced from WorldClient
- [6254] fix to WorldClient LookOut theme's contact edit dialog not wide enough
in German
- [9605] fix to WebAdmin log filtering may incorrectly return no results
- [9714] fix to WebAdmin may log the user out when the clicking on the "Shared
Folders" or "Public Folders" tab while viewing that page
MDaemon Server v12.X Release Notes
MDaemon 12.5.9 - July 6, 2016
FIXES
- [15229] fix to security vulnerability in content filter
- [17293] fix to potential security vulnerability
MDaemon 12.5.8 - October 24, 2012
FIXES
- [10062] fix to potential account access vulnerability
MDaemon 12.5.7 - August 16, 2012
FIXES
- [9516] fix to XSS vulnerabilities in WorldClient (CVE-2012-2584)
- [9274] fix to potential message corruption when setting SMTP message size limit
in some cases
- [9315] fix to possible ActiveSync memory leak in PING processing
MDaemon 12.5.6 - May 10, 2012
FIXES
- [9180] fix to attachments of messages sent using ActiveSync are present in the
Sent Items copy but empty in the delivered message
- [9184] fix to the calendar Print button does not work in WorldClient's LookOut
theme
- [9052] fix to MDMigrator does not work with Japanese Exchange
- [9179] fix to possible crash in MDMigrator
- [9086] fix to WebAdmin may not list all accounts when sorting the account list
in descending order
MDaemon 12.5.5 - May 1, 2012
SPECIAL CONSIDERATIONS
- [9109] Use of the event log for BES components has been disabled in order to
avoid excessive logging of items not relevant to MDaemon's BES. This has also
required resetting the Agent and BES overall log levels back to their defaults
of "Informational." If this is not to your liking you can set these levels to
something else at Alt+M | BlackBerry Enterprise Server | Options.
CHANGES
- [9046] MDaemon's memory usage has been adjusted to allow for more simultaneous
IMAP sessions.
- [8705] Added the ability to include list of VIEWS as part of the list of TABLES
in the ODBC configuration wizard.
- [7439] Removed the Latin text from the WorldClient HTML compose editor's image
preview pane.
FIXES
- [9052] fix to MDMigrator is unable to connect to a Japanese Exchange server
- [8423] fix to calendar items created in WorldClient's Simple theme having the
time changed from PM to AM
- [8611] fix to the WorldClient LookOut theme not updating the displayed quota
data as users' mail folders are updated
- [9140] fix to ActiveSync server is not able to save changes to certain PIM
folders
- [9141] fix to the WorldClient LookOut theme not properly reloading the folder
list after deleting a folder
- [9143] fix to HTML messages that use the <pre> tag do not display correctly in
WorldClient's LookOut theme
- [9144] fix to MDaemon logs "Configuration Session is shutting down" when a
Configuration Session starts up
- [9087] fix to MDaemon errantly skipping next MX host(s) on SMTP 4xx error in
some situations
- [2491] fix to the WorldClient Standard theme's address book possibly prompting
the user to resubmit form information if a search is performed before a contact
is created
- [9077] fix to the WorldClient LookOut theme's compose view address lookup font
size being too large
- [6751] fix to the WorldClient compose editor's cursor not handling IE's zoom
setting properly
- [8593] fix to the WorldClient LookOut theme's notes and tasklists not being able
to be printed
- [8637] fix to WorldClient's LookOut theme not rendering the recipient column on
the sent folder table headers
- [8926] fix to the WorldClient LookOut theme not properly remembering the default
contacts folder in some cases
- [8737] fix to the WorldClient LookOut theme not properly highlighting rows when
the user has enabled the Pastel or Purple styles
- [9110] fix to possible ActiveSync server crash when a copy of a sent message
cannot be created in the user's Sent Items folder
- [9112] fix to ActiveSync folder create, rename, and delete operations failing
- [3941] fix to the WorldClient LookOut theme not allowing messages to be copied
from read-only folders
- [8469] fix to WorldClient's Search not being triggered when hitting Enter after
typing in search text on the message list view
- [9048] fix to ActiveSync activation being requested even for expired trial keys
- [9014] fix to possible web server hang during ActiveSync initialization
- [9036] fix to messages forwarded via ActiveSync are base64 encoded and cannot be
rendered by some clients
- [9041] fix to two mailing list welcome messages being sent to new members under
some conditions
- [8849] fix to spam filter delete option not working in some cases
- [6653] fix to BIS devices cannot accept certain meeting invitations sent from
WorldClient
- [8909] fix to some of the "New Account Defaults" settings are not applied unless
an account is created in the MDaemon GUI
- [8836] fix to MDaemon's SyncML server is not compatible with Funambol Windows
Sync Client v10
- [9076] fix to incorrect error response text when the SMTP server refuses a
message over the size limit
- [9001] fix to WorldClient's LookOut theme may not allow users to copy/move
messages to Inbox
- [9080] fix to ActiveSync error when trying to move a message on a device after
it has been moved on the server
MDaemon 12.5.4 - March 6, 2012
CHANGES AND NEW FEATURES
- [8468] The F2 | Servers option "...drops connection if transmission exceeds" has
been removed in favor of the global "... refuses all messages larger than" and
per-domain "... refuses messages to domain larger than" settings. Overly large
messages are refused with a "552 Message too big (max XX KB)" or "552 Message
too big for domain.com (max XX KB)" response to the MAIL command if the sending
server supports the SIZE extension, otherwise it is sent as the DATA response
after the message is received. Note that once an incoming message exceeds the
allowable size MDaemon will permit the transmission to continue to completion
but it will write no further data to disk, to protect against disk-fill
attacks. The Ctrl+O | Miscellaneous option "...Skip SIZE checks for
authenticated SMTP sessions" has been moved to F2 | Servers and renamed "...but
not if the SMTP session is authenticated."
- [8802] WebAdmin domain administrators may now add/edit domain administrators for
their allowed domains
- [8783] MDaemon's installer no longer includes all of the BES software directly.
Instead, the admin is asked whether BES should also be installed. If yes, the
install process launches a browser window which assesses eligibility, provides
important BES related information, and offers the proper download links to
install the rest of BES.
- [7522] When RAW messages are found and processed MDaemon will trigger a remote
mail processing event if the "deliver queued mail immediately whenever possible"
scheduling option is enabled. Previously, RAW message processing was incapable
of triggering this event.
- [5645] WebAdmin domain administrators may now configure an account's BES
settings. This requires the "Manage BlackBerry device" permission be set for the
domain adminstrator.
- [8867] WorldClient now auto-saves drafts every 3 minutes by default rather than
every 1 minute. This can be changed by editing WorldClient's Domains.ini
AutoSaveDraftFrequency=X (in minutes, or 0 to disable).
- [8803] ActiveSync was added to the Servers pane in the UI. This toggles the
state of the ActiveSync server for the "Default" setting. It does not change any
per-domain ActiveSync server setting.
- [8823] The ActiveSync server now supports remote wipe via a new button found on
the Mobile Details page within the Account Editor. You can also see details
about each ActiveSync device that has connected to the account.
- [8762] The Account Manager will display the amount of disk space used in MB
rather than KB.
- [8835] The WorldClient LookOut theme will notify users when logging in if their
autoresponder is enabled in case they would like to turn it off.
- [7690] Updated the WorldClient Lookout theme to use a calendar date picker
control when scheduling an autoresponder.
- [8828] Messages sent via SMTP from "MDaemon@<anylocaldomain>" will no longer be
accepted even if authenticated. The only way to accept mail from that address
is if the sending server is listed in the Trusted IP section in Ctrl+S (Security
Settings).
- [8642] Updated several pages in WebAdmin to match MDaemon.
- [8822] The ActiveSync server will mark a message as replied on the server when a
client uses the SmartReply command.
- [8445] The ActiveSync server now supports the Ping command, which is used to
push changes from the server to the client.
- [6623] The ActiveSync server now supports the Search command, which allows
clients to search the public Contacts folder.
- [8739] The BES configuration UI now includes a page with a link to a new BES
landing page at Alt-N if BES is not installed (MDaemon PRO only).
- [8740] Install process will put up a progress dialog when installing EULA
related files to keep the install process from appearing to be frozen
- [7215] WebAdmin now includes the ability to edit group name, description, and
members
- [8636] WebAdmin now disables Mail Services tab for disabled user accounts
- [8479] A valid SecurityPlus license key is no longer required in order to use or
develop MDaemon plugins that call SMTPMessageFunc, SMTPMessageFunc2,
SMTPMessageFunc3, DomainPOPMessageFunc, or MultiPOPMessageFunc.
- [8460] The ActiveSync server now considers messages that have been marked as
deleted by an IMAP client, and not expunged, to be deleted.
- [8965] The SpamAssassin rule URIBL_RHS_DOB has been disabled due to slowness it
may be causing.
FIXES
- [8801] fix to incorrect logic when viewing WebAdmin's forwarding tab for certain
types of users
- [8785] fix to BIS controls not being disabled in WebAdmin if BIS is globally
disabled
- [8787] fix to WebAdmin not disabling options when IP Shield is disabled
- [8841] fix to WorldClient truncates HTML message content at a null character
- [8848] fix to WorldClient does not open a compose window when clicking certain
"mailto" links in HTML messages
- [8871] fix to ActiveSync cannot mark a message as read if the folder's IMAP.MRK
is empty
- [8712] fix to WorldClient LookOut theme may auto-save duplicate draft messages
if a compose window is left open after logging out
- [8667] fix to ComAgent may not be able to load user settings when running on
Windows Server 2008 R2 with roaming profiles
- [8279] fix to WorldClient LookOut theme "Add to WhiteList/BlackList" adds
incorrect email address if the name is not enclosed in double quotes
- [8798] fix to ActiveSync may not sync task completed status properly
- [8789] fix to Content Filter leaving abandoned message in work directory
- [8868] fix to some Android ActiveSync clients may lose the subject of a changed
instance of a recurring appointment
- [8896] fix to some Android ActiveSync clients fail to sync messages with blank
bodies
- [8389] fix to OC new account default setting may not be applied when creating an
account from the MDaemon UI
- [8054] fix to MDaemon's BES plugin does not support folders with an apostrophe
in their name
- [8894] fix to dragging an instance of a recurring event in WorldClient to
another day changes the start/end time if the timezone of the event is different
than the server's timezone
- [8895] fix to being unable to edit an occurrence of a recurring event in
WorldClient, if due to a timezone offset, the occurrence is displayed on a
different date than what is stored in the calendar.mrk file
- [8810] fix/change to the WorldClient LookOut week view not highlighting the
current day of the week so that when the "New Appointment" button is clicked the
user will know what day to expect it on
- [8903] fix to the WorldClient LookOut theme not always clearing events from the
calendar properly when a user unchecks a calendar
- [8602] fix to the WorldClient LookOut theme not moving recurring events properly
with the month view drag and drop
- [8924] fix to low disk space warning emails sent every 30 seconds (now sent once
every 3 hours)
- [7296] fix to WorldClient's HTML compose "Insert Special Character" command does
not work
- [8797] fix to the WorldClient LookOut theme's whitelist/blacklist context menu
may not close in IE8
- [8799] fix to the WorldClient LookOut theme not saving the AM/PM checkbox
setting once it is unchecked in the Options > Calendars view
- [8765] fix to WebAdmin not range checking the Bayesian Auto-learning spam score
threshholds
- [8805] fix to WebAdmin does not read the correct default value for the "Enable
attachment linking" option
- [8812] fix to export to public address book function creating incomplete contact
records for mailing lists
- [8834] fix to the WorldClient LookOut theme not hiding the "Loading" indicator
when users move quickly between various calendar views
- [8601] fix to ActiveSync may not resume a large sync when interrupted by the
user changing an item on the device
- [8831] fix to ActiveSync SmartReply might not append the message body correctly
- [8598] fix to ActiveSync unable to decode certain meeting attendees
- [8321] fix to the WorldClient Standard theme wrapping phone numbers when
non-numerical characters are present and the table is wide
- [2080] fix to the WorldClient Standard and Simple theme not requiring logical
start or end dates when the the no start and end date checkbox is unchecked
- [8556] fix to SPF verifier not treating a domain having multiple SPF records as
an error
- [8595] fix to Domain Admins unable to edit user's POP/IMAP settings in WebAdmin
- [8130] fix to the WorldClient LookOut theme multi-calendar task creation dialog
clipping the cancel button in some browsers
- [3456] fix to the WorldClient Simple theme auto-responder not handling the
proper date settings as well as preventing it from auto-enabling itself in some
cases
- [1951] fix to the WorldClient Mobile theme not validating dates for calendar
events properly
- [8710] fix to unable to delete an alias from the aliases page of the WebAdmin
user account editor
- [8711] fix to in WebAdmin the "edit aliases" web permission is not honored for
users that are not an administrator
- [8738] fix to WebAdmin displaying the wrong error message when Domain Admins
attempted to add certain aliases
- [8402] fix to WorldClient does not validate task percent complete field
- [8772] fix to MDSpamD uses the DNS servers configured in Windows rather than the
ones configured in MDaemon
- [8774] fix to MDSpamD is not restarted after changing the DNS servers configured
in MDaemon
- [8786] fix to some BIS related options not disabled when BIS disabled
MDaemon 12.5.3 - January 17, 2012
CHANGES
- [8553] The 200KB size limit on messages scanned by Outbreak Protection has been
reset to ZERO (meaning no size limits anymore). If you want to maintain size
limitations to speed up scanning you can manually set the size limit by editing
Plugins.dat [Outbreak Protection] MaxScanSize=<value in KB>.
- [8475] The global message size restriction is now checked and enforced after
MAIL command received (assuming the SIZE command is also provided by the sending
SMTP server).
- [8072] Improved performance of listing account in WebAdmin. This is most
noticeable on systems with a very large number of users.
- [8617] To make sure all ActiveSync devices are in sync, an initial sync of each
folder will be triggered after updating to this version.
FIXES
- [8438] fix to BES installer may fail with "Error code 3" after changing the logs
directory
- [8549] fix to ActiveSync server may not tell the client to delete all of the
messages that had been deleted from the server
- [8465] fix to some Android ActiveSync clients fail to sync after trying to
change the read status of a message that had been deleted from the server
- [8485] fix to the WorldClient LookOut theme load error when calendars are
disabled
- [8359] fix to the WorldClient LookOut theme's message list sometimes inserting
new messages that arrive at the bottom of the list rather than the top
- [8561] fix to the WorldClient LookOut theme's right-click menu not working with
Internet Explorer 8
- [8224] fix to WorldClient's LookOut theme showing the loading indicator
indefinitely in Internet Explorer 8
- [8253] fix to the WorldClient LookOut theme's calendar day, week and month views
possibly rendering events with their edges overlapping
- [8560] fix to the WorldClient LookOut theme's autoresponder view not notifying
the user that the start/end dates are not working as expected
- [8538] fix to the WorldClient LookOut theme's compose window may not reflect
changes made to compose options until next login
- [6298] fix to WebAdmin may not save Compression Exclusions properly
- [8429] fix to WebAdmin not allowing admins to change user passwords when user is
set for Dynamic Authentication
- [8428] fix to WebAdmin not displaying some translated buttons properly
- [8575] fix to WebAdmin cannot add new aliases in certain localized versions
- [8548] fix to possible WebAdmin crash when viewing certain autoresponders
- [8471] fix to MDMigrator may display "Invalid Server DN found" and exit even
when properly configured
- [8565] fix to SMTP server sending 422 response code instead of 452 in over
quota, max RSET, and max list message size situations
- [2188] fix to Content Filter's "Decompress inbound local domain attachments"
switch functioning incorrectly
- [8606] fix to editing an occurrence of a recurring event on the server for an
out of coverage BES user causes the edited occurrence to not be synchronized to
the device and warnings in the Window's event log
- [8608] fix to JavaScript error when viewing Admin Notes tab in WebAdmin with
certain browsers
- [8600] fix to the WorldClient LookOut theme's month view where calendar events
that span multiple weeks may not render properly
- [8599] fix to AV initialization error not causing messages to be put in holding
queue
- [4867] fix to the WorldClient LookOut theme not presenting errors if a user
setup an IMAP filter that created a loop
- [8210] fix to the WorldClient LookOut theme's compose view in IE9 where the tab
key will not move focus from the subject field to the message body
- [8409] fix to HTML messages containing JavaScript may show as blank in
WorldClient
- [8644] fix to the WorldClient LookOut theme not saving special folders and
reloading properly on the Options-Folders view
- [8706] fix to WorldClient listing the meeting planner as an attendee when
viewing a meeting created by Outlook Connector
- [8632] fix to ComAgent taskbar button may not flash when the first instant
message is received
- [8618] fix to meeting responses and reminders may not be processed by the
Content Filter
- [8698] fix to MDaemon fails to process some valid message attachments sent to
the whitelist@ or blacklist@ addresses
- [8720] fix to recurring meeting may be deleted on BlackBerry device (BES) after
a single occurrence has been edited via Outlook Connector
- [8724] fix to installer offering BES install option to Standard/FREE users
MDaemon 12.5.2 - December 1, 2011
CHANGES AND NEW FEATURES
- [8282] MINGER.SEM can now be created which stops and then starts the Minger
server.
- [8228] BES options UI has several new controls where you can specify the maximum
size of attachments that can be downloaded to the BlackBerry device, the maximum
size of individual attachments that can be uploaded in an email from the
BlackBerry device, and the maximum size of all attachments combined together
that can be uploaded in an email from the BlackBerry device.
- [8304] Added warning text in account editor about the Notes/Comments data being
viewable by others and also renamed the field to Description to match mapping
with Active Directory field.
- [8308] MDaemon will remove an old Accounts.csv at startup and at midnight each
night.
- [8302] MDaemon UI will strip out lines with " * " (space asterisk space) from
SpamAssassin white and blacklist files to prevent a problem whereby that single
asterisk character matches to any and everything - defeating the purpose. If
for some reason you want to whitelist or blacklist everything use "*@*" instead.
- [8294] Added 9pt to list of font size in WorldClient's compose window
- [8362] Added the ability to login/logout directly from ComAgent's right-click
tray menu
- [8333] Account export to .csv now requires providing a global administrator
users logon and password. Also, the logon used to start the export operation is
now logged to the SYSTEM log.
- [6692] Added "Administrator Notes" tab to account editor where you can enter
notes or whatever you wish about an account. This information is not sync'ed to
the public contacts or mapped to any field in Active Directory.
- [8370] Account editor "Signature" tab no longer requires creating the account
first.
- [8053] Moved WorldClient's "Search Deleted Messages" option from the UI to
Domains.ini SearchDeletedMessages=Yes.
FIXES
- [8281] fix to account restriction feature not adjusting for BATV encoded
addresses
- [8290] fix to some text missing on WebAdmin's Miscellaneous Options dialog
- [8287] fix to button sizing issues in some localized versions of WebAdmin
- [8313] fix to HTTP success response header for ActiveSync SendMail command is
not formatted correctly, which may cause the response to not be delivered to the
device
- [8301] fix to not being able to subscribe/unsubscribe to lists without "allow
changes via email" switch set
- [7434] fix to list subscribe/unsubscribe emails to MDaemon account may not be
parsed correctly
- [8356] fix to the WorldClient LookOut theme's auto-responder not setting the
start year properly when a user returns to the auto-responder view
- [8312] fix to possible ActiveSync crash when syncing deletes from the client
- [8317] fix to some Android ActiveSync clients not able to sync the Inbox folder
- [8361] fix to birthday and anniversary dates synced using ActiveSync may be off
by one day
- [8358] fix to ActiveSync may send an incorrect attachment for HTML messages
- [8355] fix to all day events created on device appear as a two day event in
WorldClient when using ActiveSync
- [8328] fix to SMTP server sending incorrect error code in response to too many
RCPT commands
- [8378] fix to WebAdmin's public folder list does not include sub folders
- [8387] fix to ActiveSync possibly leaving .lck files behind until the web server
is restarted
- [8331] fix to creating a new contact in WorldClient may set the birthday and
anniversary automatically to 1/1/1601
- [8286] fix to WorldClient's LookOut theme rendering half hour events as hour
events in IE8
- [8372] fix to WorldClient's LookOut theme not switching to the inline preview in
IE8
- [8323] fix to the WorldClient LookOut theme's day view not being able to advance
past the day daylight saving time begins
- [8388] fix to PTR host names with no A record not treated as PTR mismatch and
dropping connection when configured to do so
- [8400] fix to SMTP error when attempting to use the STARTTLS Required List
- [8410] fix to the WorldClient LookOut theme selecting multiple calendar events
on the month view without the CTRL key being pressed
- [8433] fix to the WorldClient LookOut theme not handing dragging and dropping of
events in the month view properly, creating empty events
- [8432] fix to domain alias list in WebAdmin does not include aliases in the
format of x@domain.com = x@external.com
- [8437] fix to unable to change save account "Mail Services" settings from
WebAdmin
MDaemon 12.5.1 - November 9, 2011
CHANGES AND NEW FEATURES
- [8263] Changed the default number of login attempts allowed by WorldClient's
dynamic screening from 5 to 10. WorldClient returns the error "Logon refused" if
the user's IP is banned. More information can be found in WorldClient.log.
- [8080] For tracking purposes, IP and Dynamic Screening will now include the IP
address being refused in the SMTP response string.
- [8007] Added "...but only from LAN IPs" options to new account defaults (Web
Services)
- [8059] Added enabling OC option to new account defaults (Mail Services)
- [8073] Added better edit checks when entering new list member email address
using UI
- [8208] When the "Send all outbound email to the Server specified below" delivery
option is used and authentication credentials for that server are also
configured MDaemon will attempt to use those credentials regardless of the
actual host name that DNS resolves for the Server value.
- [8229] Active Directory interaction is now logged into its own tab and log file
rather than the SYSTEM tab and log file.
- [4345] Active Directory monitoring now supports explicit mapping of email
addresseses. To configure this, edit your ActiveDS.dat file and add
"Email=%mail%" to the [Templates] section. You can map any AD attribute here
and it does not have to be %mail% but what you use needs to contain and return a
valid email address or nothing will happen. If you setup an "Email=" template
and it contains a valid email address then the mailbox and domain taken from
that email address will be used over any other values taken from any other
templates or options. Domains which do not exist in MDaemon will be
automatically created on the fly. This new "Email=" template is not present by
default so if you want it you have to configure it manually.
- [8188] Added more colors to the WorldClient LookOut theme's calendar color
array.
- [8113] Renamed "Minimize GUI to task bar on startup" to "Always keep icon on
task bar"
- [8058] The MDaemon system account is no longer visible/accessible via Account
Manager
- [8234] The "Bounce message if receiving domain has no MX records" now only
applies when using the "Send all outbound email directly..." delivery option.
- [4512] WorldClient's LookOut theme supports "Forward As Attachment" with
multiple messages selected.
FIXES
- [6579] fix to refresh on WebAdmin status page not using proper timing
- [7975] fix to WorldClient's LookOut theme last week in month view calendar may
be clipped unnecessarily
- [8164] fix to WorldClient's LookOut theme not allowing paging in the contact
picker
- [8090] fix to WorldClient's LookOut theme not rendering the task list view in
IE7 & 8
- [8068] fix to WorldClient's Mobile theme overriding the user's selected theme
when editing options
- [8071] fix to various problems when using certain symbols in list name in
WebAdmin
- [8082] fix to localized text not translated properly in some places in WebAdmin
- [8135] fix to WebAdmin's value for Maximum SQL memory (BES) not always matching
MDaemon's value
- [8165] fix to WorldClient's LookOut theme not translating a few strings on the
calendar picker view
- [8162] fix to changing BES service book name in WorldClient does not update
device and blanks it out in MDaemon GUI
- [8173] fix to BES MDS-CS service may not be able to start due to missing
msvcr71.dll file
- [8166] fix to header translation changes made via config session not taking
immedate effect
- [8175] fix to ActiveSync activation dialog appearing in MDaemon Standard and
MDaemon FREE
- [8169] fix to DNS server changes made via config session not taking immediate
effect
- [8230] fix to various ActiveSync body truncation defects, some of which would
cause errors on the iOS ActiveSync client
- [8182] fix to X-MDDSN-Message header not present in DSN messages like it should
be
- [8185] fix to the WorldClient LookOut theme opening the copy/move dialog in a
new tab instead of inside of the theme on tablet devices
- [8186] fix to the WorldClient LookOut theme not outputting the preview pane
properly in Firefox 3.x when a user returns to the message list
- [8193] fix to when creating or editing a calendar event in WorldClient, the time
picker control may not update until another control is selected
- [7260] fix to cannot set autoresponder start or end date in German version of
WebAdmin
- [8197] fix to "End after X occurrences" option not saved for recurring events
created or edited using WorldClient's Lookout theme
- [7982] fix to the WorldClient LookOut theme not creating events at the right
time in Firefox
- [8201] fix to the WorldClient LookOut theme not handling month view paging to
move back in time chronologically
- [8219] fix to MDaemon Standard crash when adding new accounts
- [8189] fix to holding queue summary email going through CF processing and
sometimes getting sent to holding queue itself
- [8223] fix to unable to create accounts in WebAdmin when running MDaemon
Standard
- [8227] fix to Active Directory TEST button not working unless AD monitoring
enabled
- [8222] fix to when using Outlook Connector the corresponding item in Outlook may
not be updated when it is edited in WorldClient
- [8231] fix to particular malformed HTML message may crash WorldClient when
viewed
- [5205] fix to Active Directory monitoring feature sometimes errantly truncating
property values or not using entire property values as mapped from ActiveDS.dat
- [8232] fix to mail folder with an invalid FolderClass value in its hiwater.mrk
file may prevent ActiveSync synchronization
- [8192] fix to ambiguous error message when enabling ActiveSync for first time
using invalid email address
- [8235] fix to ActiveSync, recurring events created on the client which end after
X occurrences, never end when synchronized to the server and viewed in
WorldClient
- [8242] fix to the spam filter engine not being restarted upon configuration
changes
- [5683] fix to ComAgent 'Remove Contact' does not remove the contact from the
user's buddy list on the server
- [8255] fix to the entire recurring series is removed from WorldClient's calendar
after editing or deleting a single occurrence using Outlook Connector
- [8257] fix to WebAdmin's userlist quota values may not match up with MDaemon in
all cases
- [8237] fix to not being able to enable a disabled account in WebAdmin
- [8241] fix to the WorldClient LookOut theme incorrectly stripping off the shared
and public prefixes in the calendar view
- [8259] fix to WorldClient LookOut theme's buddy manager in ComAgent not
adjusting the monitor height properly and allowing for scrolling
- [8260] fix to the WorldClient LookOut theme displaying message list scroll bars
incorrectly if ViewMessagesInNewWindow=Yes is set in the user's User.ini
- [8236] fix to ActiveSync protocol version incompatibility with some Android
devices
- [8269] fix to message with a specific ICS attachments causes local queue
processing to stop
- [8275] fix to WorldClient password change option does not enforce strong
password requirement
- [8258] fix to the WorldClient LookOut theme month calendar view not rendering
properly in some cases
- [8278] fix to WorldClient's LookOut theme not handling JSON decoding for some
messages in the external preview window
MDaemon 12.5.0 - October 18, 2011
SPECIAL CONSIDERATIONS
- [6697] ActiveSync for MDaemon license key is now subject to product activation.
Trial keys must be activated within 5 days and production keys within 30 days.
Click here for more
information on product activation.
- [7084] Incorporation of MDS-CS has required that your "BlackBerry Enterprise
Server logging" value found at Alt+B | Options be reset to a default value of
"Informational". If this is not what you want you can easily change it there.
- [7210] The Domain Sharing option "Incoming Minger lookups trigger Domain Sharing
processing" has been removed. If you have multiple servers using Domain Sharing
be sure to configure each node to use all the other nodes for Domain Sharing (if
appropriate for your setup) and this option should not be needed.
- [7003] The Ctrl+U | Quotas option "Over quota accounts can accept mail but not
send mail" has been removed and replaced with two separate options "Refuse
incoming messages sent to over quota accounts" (enabled by default) and "Refuse
outgoing messages sent from over quota accounts" (disabled by default). These
new defaults may not replicate previously configured behavior so check and
change as needed.
MAJOR NEW FEATURES
[7784] ACTIVESYNC FOR MDAEMON NOW SYNCS EMAIL + PIM DATA
ActiveSync for MDaemon has been improved and is now capable of sync'ing email as
well as PIM data. For information on configuring your specific ActiveSync device
see the documentation that accompanied your device. Some information on basic
configuration is available from the Alt-N web site for
Windows Mobile,
iOS, and
Android devices.
ActiveSync for MDaemon is a separately licensed product available from Alt-N
Technologies. ActiveSync for MDaemon will not work beyond a one-time 30-day
evaluation period unless a
license is purchased.
[7494] TABLET SUPPORT AND OTHER WORLDCLIENT IMPROVEMENTS
WorldClient's flagship theme, LookOut, has undergone major architectural and
design changes to accomodate tablet devices such as the PlayBook and the iPad.
Users should not have to change any settings to take advantage of these changes.
Specific items of interest:
- Single finger scrolling
- Dragging and dropping between folders with one finger; use two fingers to copy
to the destination folder
- No popup windows for message composition, item entry and item editing to help
maintain context
- Inline message preview to help preserve the flow of the mail folder and maximize
screen real estate
Other WorldClient improvements:
- Various HTML5 & CSS3 features have been used to improve performance and loading
time (Lookout theme). The Compose view now uses app-caching to help load up the
HTML editor more quickly (particularly over SSL connections) on browsers such as
the PlayBook, Chrome and Firefox that support the manifest HTML attribute.
- [5349] WorldClient now supports some of the dynamic screening settings. By
default, 5 authentication failures will cause an IP to be banned for 30 minutes.
New settings for this can be found at Ctrl+S | Dynamic Screening.
DYNAMICSCREEN.SEM in the \MDaemon\WorldClient directory will reload any manual
changes.
- [7115] If ActiveSync is enabled for any domain and WorldClient is configured to
use the internal web server then WorldClient will automatically run on port 80
in addition to whatever other ports might be configured if it's not already
running on port 80 or 443. ActiveSync requires port 80 or 443. If you are
running WorldClient via IIS or if you have configured specific IP:Port binding
combinations via the MDaemon UI then this does not apply and you must manually
configure those items to include port 80 or 443.
- [7790] WorldClient's LookOut theme now lets you add an email contact to your
whitelist or blacklist (when users have access to these features) through a drop
down menu when they hover over the email address in the message preview
- [3692] Advanced message searching has now been enhanced with a number of other
new search parameters to help make finding messages easier
- ComAgent chatting has been moved to a side panel instead of being in a
'floating' tab that may cover other parts of the interface (Lookout theme).
- Calendars can now be viewed together to help see schedules for multiple users
(Lookout theme).
- Autoresponder settings moved to own options view to help make management easier.
- [4600] WorldClient's LookOut theme now auto-saves draft messages every minute.
- [2461] WorldClient can decode malformed =?ISO-8859-1? style header lines.
- [4723] WorldClient will not include Outlook winmail.dat attachments when
forwarding a message.
- [6177] Added "Mobile Phone 2" field to WorldClient.
- [5949] When importing calendar .csv file in WorldClient, if no end date/time is
specified assume the event is one day long.
- [5443] Exposed BlackBerry PIN field in WorldClient for Contacts.
[7578] SPAM FILTER UPDATED TO INCLUDE SPAMASSASSIN 3.3.2
MDaemon's spam filter has been updated and now includes SpamAssassin 3.3.2.
A summary of changes and other documentation on SpamAssassin can be
found here.
[7543] The Spam Filter update UI option "Run SA-UPDATE as part of update
process" has been removed. This will now always take place. In fact,
this is now the only way of doing the update. The old and out-dated Alt-N
method based on UpdateSpamAssassin.exe has been removed and that file has been
deleted. We now rely on sa-update to perform all necessary SpamAssassin
updates. Also, the 80_MDaemon_updates.cf file is no longer used and has
been deleted.
[7631] Also, changed installer to no longer delete existing .cf rule content.
The rule updating process will manage .cf files.
[5331] Also, the SMTP session log will now include a line indicating if spam
filter processing was skipped due to message being too large.
[7084] BLACKBERRY MOBILE DATA SYSTEM - CONNECTION SERVICE (MDS-CS)
MDaemon's BES now includes MDS-CS. MDS-CS permits behind-the-firewall access to
files and web applications from BlackBerry devices. This will (for example)
allow you to access your private Intranet without a VPN connection.
Click here for details about MDS-CS but please note that Alt-N does not
necessarily support all the features and capabilities of MDS-CS that you may
find there.
MDS-CS can be individually disabled while leaving other BES services running.
This can be done from a new Alt+B | MDS-CS screen. You will also find settings
there to set the default web port (MDS-CS is a web driven service) and a domain
value which will appear on the BlackBerry device anytime the device prompts for
authentication related to MDS-CS activities. This defaults to COMPANY.COM so you
likely will want to change it.
[8076] IMPROVED BLACKBERRY SERVICE INTEGRATION
MDaemon's BlackBerry related service integration has been improved/changed as
follows.
[7758] BES users can now configure their MDaemon autoresponder using the "Out of
Office Reply" settings on the handheld.
[7405] Added Mobile Details tab to the Account Editor which lists BlackBerry and
ActiveSync device details.
[6321] Added BES button to Account Manager which will allow you to BES enable
selected accounts. Note that each BES enabled account consumes server
resources so only select and BES enable accounts which intend to activate a
BlackBerry device.
[6749] MDaemon will update BES database with current computer name on startup.
[7264] A BES cleanup thread will run at midnight which will defrag BES database
indexes.
[7263] A BES cleanup thread will run at midnight which will remove old history
rows from the BES database.
[5557] Added SMTP server port option to BIS domain configuration UI. This
should not normally need special configuration but it is possible to point BIS
to other SMTP servers so the ability to specify a port value is useful in those
cases.
[7838] The BES Agent now automatically reloads users after their email address,
full name, or mail directory has changed in MDaemon. A restart of the BlackBerry
Controller service is no longer needed.
[6695] A line is added to the BES log when a slow sync is started and finished
for a BES user
[6804] Exposed additional BlackBerry Enterprise Server features to end user in
WorldClient. The PIN, model number, platform version, and phone number of the
user's activated device is displayed. The user may reset the device's password,
resend service books to the device, change the service name, or wipe their
device. This feature is enabled by default, however may be disabled via a new
option added to the Web Services section of the Account Manager.
[6182] When a BlackBerry device is subscribed to an MDaemon account using BIS
(not BES) the option "Allow multiple BlackBerry device integrations" found at
Alt+B | BlackBerry Internet Service | Options will control what happens to
previous subscribed BlackBerry devices. If there are any, they will be
removed from MDaemon's configuration and no further event notifications will be
pushed to those devices. However, the fully proper way to unsubscribe a
device is to delete the email account from the device itself. Still, the
system will self police much better now.
[2222] HTML DOMAIN SIGNATURES
A new screen at "F2 | Default Domain / Servers" will allow you to configure an
HTML version of your domain signature. You must compose your HTML using your
editor of choice, then cut-and-paste the HTML into this screen. If present,
MDaemon will afix the HTML version of your domain signature into any "text/html"
message part found within outbound email. See the users manual for more details
on how this feature works.
[5338] GLOBAL RECIPIENT (RCPT) BLACKLIST
The "Address Blacklist" feature has been renamed "Sender Blacklist" and a new
"Recipient Blacklist" feature has been added. The new "Recipient
Blacklist" operates on SMTP envelope RCPT data only (not message headers).
You can configure it at Ctrl+S | Recipient Blacklist. Also, the
Blacklist.dat file has been renamed SenderBlacklist.dat and a new
RecipientBlacklist.dat file has been created. BLACKLIST.SEM now reloads
both files into memory.
[6390] PERSONAL SENDER (MAIL) BLACKLIST
Each account now has a personal "BlackList" contact folder. Incoming messages
from any SMTP mail sender listed in the BlackList will be rejected with "550
recipient unknown." Messages that make it past SMTP and into the local queue but
have a blacklisted address in the FROM or SENDER header will be moved to the bad
message folder. The BlackList folder is automatically created the next time a
message is received for the account. Users can manage their account's BlackList
folder via WorldClient just as with the WhiteList folder.
[7834] Added option to "Ctrl+P | White List (automatic)" to permit forwarding of
messages to "BlackList@<domain>" which will automatically add the email address
taken from the forwarded message's FROM header to an account's personal
blacklist. Future messages from that email address to the account which
blacklisted it will be refused. To use this feature, the option mentioned
above must be enabled and the user must forward a message (as an attachment of
type message/rfc822) to "BlackList@<domain>." Each MDaemon account already
has a "Spam Filter uses personal contacts, white list and black list files"
checkbox on the "Account Editor | Options" screen which must also be enabled for
this feature to be used.
[6958] OUTBOUND MESSAGE SENDING QUOTAS
New quota options are available in the new account defaults and account editor
which let you set a limit to the number of messages an account can send via SMTP
per day. The counter automatically resets back to zero for all accounts at
midnight each night. Note that it's possible to exceed this limit slightly
if messages come in faster than the cache can keep up, but it won't be much over
the limit (if at all).
[7275] INBOUND MESSAGE SIZE RESTRICTIONS
Maximum acceptable message size limits can now be configured on a per-domain
basis using new controls in F2 | Servers and Alt+F2 | Extra Domains. There is
also a new control to set a global SMTP message size limit in F2 | Servers which
will be applied to all domains. By default, size limits are applied to everyone
however you can exempt size checks for authenticated sessions with a new switch
in Ctrl+O | Miscellaneous.
[7310] IMPROVED USE OF DNS
MDaemon will now use all DNS servers found within Windows if configured to use
Windows DNS servers (not just the first two that are discovered). This
required several internal changes including doing away with the old "max retry
attempts" option for DNS lookups. MDaemon will now try each DNS
server once per lookup operation and in sequence until it exhausts the complete
list of DNS servers or finds the first one that works. Immediate retries
of DNS servers that just failed one second earlier are not productive. Also, on
startup, the System log will display each DNS server and an indication of where
it came from (manually configured or taken from Windows). Also, the UI
controls for primary DNS server and secondary DNS server have been
removed. Now there is just a single edit box that lets you manually
configure as many DNS servers as you want. Finally, the options to use
Windows DNS servers or manually configured DNS servers are no longer mutually
exclusive. If you configure both, MDaemon will use both.
[6244] Also, to meet RFC requirements, MDaemon will (when possible) randomly
pick from amongst several A records when determining where to send mail.
[7453] Also, MDaemon will treat blank (NULL) MX values as if no MX was provided
at all (because it wasn't).
[7410] Also, removed the following DNS related options from F2 | DNS in UI and
from the server code: 1. "Lookup MX records when delivering mail" (no longer a
need for this option) 2. "Use IP addresses returned with MX record lookup
result" (these will be used if they are found). Also, removed the GUI'less
option [Domain] "UseMultiHomedMXARecords" as MDaemon should just always do these
things.
[7256] Also, added option to Ctrl+S | Reverse Lookups which will allow you to
refuse MAIL domains which do not have MX records. This is disabled by
default and should be used with caution as domains do not need MX records in
order to exist, be valid, or send/receive mail.
[7033] CONFIGURATION SESSION IMPROVEMENTS
The "Configuration Session" UI has been improved in several ways. For example,
the right-click menu now works properly and allows you to disconnect an active
session and you can double-click or view "Properties" of one or more active
sessions which displays the session log. You can also submit the connecting IP
address to the IP and/or Dynamic Screen features.
[7031] Also, configuration session "Sessions" window will update individual line
items more efficiently now and [7032] handle a much larger amount of session
data.
[6919] Configuration session can also change the primary domain name now.
[6864] Finally, changes made to IP Screen, Host Screen, and Address BlackList
via WebAdmin will now be picked up by configuration sessions.
[7388] IMPROVED IP SHIELD PROTECTION
The IP Shield has changed. It is now enabled by default for new
installations and supports the $LOCALDOMAIN$ macro which expands to cover all
local domains (including gateways). If you use this macro it is no longer
necessary to keep the IP Shield up to date when local domains or gateways
change. Existing installs will not have their existing IP Shield values
altered in any way. However, a new "Default" button is in the IP Shield
editor UI which will convert existing IP Shield values over to the new
$LOCALDOMAIN$ system if desired. Finally, by default (or if you hit the
"Default" button in the UI) entries are added to the IP Shield associating all
reserved IP address ranges with $LOCALDOMAIN$.
[7400] Also, when the IP Shield option "Don't apply IP Shield to authenticated
sessions" is enabled the message returned to the SMTP client upon an access
refusal will be "Authentication required" in order to give them a clue on how to
fix the issue: by enabling Authentication in their mail client.
[7389] In addition, the IP Shield now has a master on/off switch. It
defaults to on and that's fine even when there are not yet any configured
domain/IP pairs.
[5192] Also, the IP Shield has a new option "Check FROM header address against
IP Shield" (disabled by default). If you enable this then the IP Shield
will compare the address taken from the message's FROM header in addition to
that taken from SMTP MAIL value. Note that this option can lead to
problems with incoming list messages (for starters). This option should
not be enabled unless you are sure you need it.
[7988] Also, added option to IP Shield to exempt Trusted IPs from the IP Shield.
This option is enabled by default.
[7391] Finally, the IPShield.dat file is now cached in memory to increase access
speed. Create an IPSHIELD.SEM to reload the file into memory.
CHANGES AND NEW FEATURES
- [1909] Added support for PLAIN authentication to the SMTP server.
- [7527] The "... uses ESMTP whenever possible" option has been removed from F2 |
Servers. MDaemon will now always use ESMTP when possible.
- [5146] Added a Ctrl+S | STARTTLS Required List which lets you specify host names
and IPs which require use of STARTTLS in order to receive mail from your server.
- [7554] Priority.dat has been made memory resident to improve performance.
Excption.dat has been renamed NoPriority.dat and also made memory resident to
improve performance. PRIORITY.SEM and NOPRIORITY.SEM sem files reload them if
needed. EXCEPTION.SEM has been removed.
- [7505] Added per-account options to restrict POP, IMAP, and WC access to local
LAN IPs only. These can be found on the new "Mail Services" tab within the
account editor.
- [7499] The "LAN Domains" and "LAN IPs" UI screens were moved out from under the
RAS UI heading and placed under "Ctrl+S | Other" since this functionality is
tied to security settings and not only to RAS. These two screens have also
received minor cosmetic modifications.
- [7502] The LAN domain and LAN IP values have been removed from MDaemon.ini and
placed into new .dat files (LanDomains.dat and LanIPs.dat). MDaemon now uses
these .dat files and caches them in memory to improve performance.
- [7073] The following .dat files contain timers that expire the entry from the
file: LDAPCache.dat, SPFCache.dat, DKCache.dat, DeadIPs.dat. Manually editing
the time left for an entry in one of these files and setting the value to -1
(negative one) will cause that entry to never expire from the .dat file. In
this way (if you need to) you can permanently add entries to these files which
won't auto-expire out of the files.
- [7542] If you want to add entries to the DynamicScreen.dat file while MDaemon is
running you should add them to DynamicScreenUpd.sem and let MDaemon then handle
moving the entries into the DynamicScreen.dat file properly to avoid MDaemon
stepping on itself.
- [7508] Added second password confirmation edit box to account editor and moved
service checkboxes (IMAP, POP, MultiPOP, OC) to a new tab called "Mail
Services." Finally, renamed "WorldClient & WebAdmin" tab to "Web Services".
- [6486] The account manager now shows file count and disk space used and also
indicated with "(over)" any account that is over quota. If an account is not
configured to use quotas "N/A" will be shown in these fields.
- [5231] Added a White List button to the Attachment Linking UI which lets you
list names of files that should NOT be extracted by Attachment Linking.
Winmail.dat is listed by default and the old undocumented [Special]
SkipWinmailDat=Yes/no option has been removed.
- [7408] Removed "Reject invalid mailing list submissions during SMTP session"
option. This will always take place.
- [7409] Removed "Disable IMAP IDLE" from GUI. If you want to disable IDLE (can't
imagine why) you can do it by manually editing MDaemon.ini [Special]
NoIMAPIDLE=Yes (default No). This should be discouraged.
- [7415] Removed "IMAP NOOP and IDLE triggers 1 minute timeout" option from GUI.
This option leads to more resource use than it actually saves. However,
[Special] IMAPNoopTimeout=Yes can still be set manually if you don't believe me
:)
- [5515] Max RCPT and RSET value in F2 | Servers can each now be set to ZERO
indicating no limits.
- [6257] Added new tab to Ctrl+Q which will allow you to edit the subject and body
content of DSN messages.
- [3376] The STARTTLS/SSL white list file now accepts IP addresses in addition to
host names.
- [7594] The built-in "MDaemon" system user account will no longer be listed when
selecting an account to edit since it is not possible to edit this account.
- [7526] RAW created messages should include full name in FROM for local senders.
- [7474] Moderated lists can now also have the privacy flag set.
- [7498] Use consistent UI language when CIDR, ? * and # wildcards are allowed.
- [7501] The "lndomain.dat" file will be removed on startup as it is legacy from
days gone by and is not used by anything
- [7446] Added EDIT button to autoresponder tab in account editor UI.
- [7447] Cosmetic change from "auto-responder", "Auto-Responder", etc to
"autoresponder" everywhere in UI for consistency.
- [5264] Removed popup warning about SecurityPlus needing activation when opening
content filter UI (no way to get this to popup properly)
- [7215] Added account picker to Groups UI - double-click on a group name to open
the account picker.
- [6920] Removed MDUSERDLL_SIGDB and MDUSERDLL_DEFSIGDB from API (functionality
was deprecated some time ago).
- [7057] Rearranged the Queues window right-click menu items to make it harder to
accidentally release instead of delete messages.
- [4361] Attachment linking logging will now include "Success" if extraction
operation succeeded or "Extraction failed" if fails.
- [4736] The log window right-click "Mail to Support" option has been removed. It
is long out of date and Alt-N support staff prefers customers to use the form on
the Alt-N web site.
- [6759] On startup and at midnight MDaemon will update MDaemon.ini [Registration]
UpgradeProtectionDaysLeft=XX to allow scripts/add-ins to check this.
- [6706] Added MDaemon service description to services applet data on startup.
- [4772] The status bar will say "Time Left: N/A" when the "Deliver mail at this
interval" option is disabled.
- [6816] Messages to the MDaemon account will no longer have the subject censored
in the RAW log.
- [6150] Improved warning message when pressing "Restart WorldClient" button in WC
properties.
- [7209] MDaemon will log the forwarded message file name in routin