SecurityGateway for Email Servers v10.0リリースノート

SecurityGateway 10.5.0rc3

修正点

(beta only) [28107] fix to "Save" toolbar button is not enabled after adding a new DKIM selector
(beta only) [28108] fix to "top X number of Y property" custom dashboard report results should be sorted number of messages descending
(beta only) [28092] fix to the title for the "Junk Email - Top Countries" report is incorrect
(beta only) [4720] fix to incorrect output when sorting the message list by the "IP Address" column

SecurityGateway 10.5.0rc2

修正点

(beta only) [27273] fix to eligible messages are not being ARC signed
(beta only) [592] fix to the domain name is not included when viewing the DNS configuration of a DKIM/ARC selector
[28151] fix to From Header Screening may truncate the modified header value

SecurityGateway 10.5.0rc1

修正点

(beta only) [28133] fix to SPF Lookups do not use DNS servers specified at Setup | System | DNS Servers
(beta only) [28143] fix to outbound messages are not DKIM signed after upgrading to 10.5.0 beta
(beta only) [25142] fix to additional permissions such as "Can Create Domains" are not saved for domain administrators. This was introduced in 10.5.0b with the addition of the Quarantine Manager role.
[28136] fix to message header modifications are not made when message is redirected
[28137] fix to when a client sends an EHLO/HELO command containing a literal IP address, the open and closing brackets are stripped from the EHLO/HELO string before it is evaluated against the host blocklist or allowlist. As a result, an EHLO string such as [192.168.1.100] will match a host blocklist entry formatted as #.#.#.#.
[24988] fix to redirected messages are not archived

SecurityGateway 10.5.0b

主な新機能

[25142] Added a "Quarantine Administrator" role.
This role allows a user to be configured to manage and optionally view messages in the user quarantine queue without being allowed to change any settings.

変更点と新機能

[18878] SPF Check Behavior Update: When the reverse-path (MAIL FROM) is null, the SPF check will now use the EHLO/HELO domain value for verification, provided it is a valid domain.

修正点

(beta only) [28122] fix to unable to add Trusted ARC Sealer
(beta only) [28126] the default host list blocklist entry "#.#.#.#" matches when the PTR lookup on the connecting IP address returns no results
(beta only) [28132] SPF lookup fails when exists mechanism in policy should match

SecurityGateway 10.5.0a

特記事項

[28099] Microsoft Internet Explorer is longer supported for accessing the Administration Console. Please use the latest version of Microsoft Edge, Firefox, Chrome, Safari, or a modern mobile browser.

主な新機能

[27273] ARC (Authenticated Received Chain) - RFC 8617
ARC is an email authentication protocol that allows intermediate mail servers to digitally sign a message's authentication results. When a downstream mail server performs DMARC verification and detects that SPF or DKIM have failed (due to forwarding or mailing list modifications, for instance), it can review ARC results from a trusted server to determine whether to accept the message.

ARC verification can be configured under Security | Anti-Spoofing | DMARC Verification and is enabled by default. Trusted ARC Sealers are domains whose ARC results are trusted. ARC results from non-trusted domains will be ignored during DMARC verification.

ARC signing can be enabled under Security | Anti-Spoofing | DKIM Signing. ARC signing requires that DKIM signing is enabled and uses the same selector as DKIM signing. By default, ARC signing for eligible messages is performed when DKIM signing occurs. Forwarded (redirected) messages are eligible for ARC signing.
[27243] Feature/Settings Search Field Added
A search field has been added to the top of the user interface, allowing users to quickly locate specific features and settings. This functionality is available to administrators and users, but excludes Secure Messaging recipients.
[592] Improved DKIM selector management
Added support for shared/global selectors that can be used across multiple domains.

DKIM signing can now be globally enabled by selecting a shared/global selector as the default. This requires creating a DNS record pointing to the selector’s public key for each domain.

Introduced the ability to import and export selectors.
[27119] Location Data Enhancements
The country and continent of the sender's IP address are now stored in the database. These fields can be displayed as optional columns in the Message Log and used as search criteria when querying the Message Log.

New reports introduced: Summary | Junk Email - Top Countries, Inbound Email | Top Countries, Anti-Spam | Top Countries

Location data can be utilized when creating Custom Dashboard Reports.

変更点と新機能

[4720] Added connection IP address as an available column to message log
[27885] LetsEncrypt will change the HTTP host name and AlternateHostNames to use all lower case characters.
[27803] Added an option to Custom Dashboard Reports to "Show the top X number of Y property"
[27153] Added default values for Host Block list ("localhost", "friend", "user", "ylmf-pc", "-*", "*_*", "#.#.#.#", "*.invalid", "*/*", "*|*"). These hostnames are commonly associated with botnets.

修正点

[26101] fix to SPF lookup fails to find a nested INCLUDE SPF record
[19166] fix to SPF record containing an unknown mechanism does not return a permanent error
[27936] fix to unable to save user options when enabling the option to show administrator contact info
[28090] fix to list column resize does not work correctly after hiding the first column
[27993] fix to when the "User Verification Sources | Options | Flag users for re-verification after X hours" option is enabled, re-verification is not triggered after the set number of hours when the user sends or receives mail