NoSpamProxy 12.2 Fast Channel

We have released the version 2-12-19052-1719 on February 26th, 2019.

This version is an update release where the following bugs are fixed and new feature are added or changed. Release notes for former versions you will find below the current entries.

NOTE: If the update will be done from Version 12.1 or former to the latest Version, it can happen that the update will take longer time during the process of updating the Intrante Role database “NoSpamProxyIntranetRole”. Do not interrupt the setup or reboot the server until the process will be finished! If a problem occurs, the setup will detect it and interrupt automatically.

New / Changed

  • Support SwissSign Silverlight without Common Name and Country
  • PDF URL detection and content filter handling
  • Change default encryption and hashing options for AS2 send connector

fixed issues

  • Email could not be sent if large files were uploaded using upload button in Outlook Add-In
  • CYREN IP Reputation Service could not be started
  • Greylisting action executed in web portal emails
  • PGP key is not imported if PGP signature shouldn't be removed
  • Possible word filter false positive if word contains an "m" or "v" and obfuscated words should be found
  • Level of Trust address pairing bonus points is incorrect
  • No line break for content filter upload hints in HTML mails
  • Attachment name is not correct after Web Portal Upload
  • Excel document with OLE object is not detected correctly
  • SwissSign validation still requires an Organization when 'Silver' certificates are requested
  • Stackoverflow exception in partners view if too many partner keys are defined.
  • Error while processing content filter conditions by the filename condition "winmail.dat; "
  • Attachments in winmail.dat are not removed
  • Merged PDFs with dangerous content are not disarmed

New / Changed

  • Support SwissSign E-Mail ID Silver certificates without organization

fixed issues

  • Error in "S/MIME and PGP validation and decryption" action. Parameter is not set.
  • Signature of the email is invalid if it contains another email with text/plain body as attachment
  • Duplicate entries in gateway role DNS cache
  • DKIM signature is invalidated if subject flags are used
  • Localization: Double entry in preferred technology by partner user
  • Error message "An item with the same key has already been added" during AD Synchronization
  • EdDSA signature has been removed from email
  • DNS cache invalidation not working properly with multiple entries that have a different TTL
  • Greylisting doesn't work correctly if the email has been put on hold for content filtering
  • Spelling mistake in notification of missing certificates
  • Email attachment is not protected if auto-encryption and email to PDF in rule
  • Updated Keys reference to fix a NullReferenceException
  • Get-NspLargeFiles does not output the field ContentType
  • TNEF: Decrypted attachment has an unexpected name and file format
  • Cache for trust points for sender domain is not updated

New / Changed

  • Distinguish between Excel/Word 97-2003 (xls, doc) files with and without macros
  • Add a hint to the PDF header in a PDF Mail that the Acrobat reader is required to access attachments
  • One temp folder for everything by Cyren service
  • Detect OLE objects in office documents
  • Support signature validation of emails which were incorrectly serialized (lone LFs in mail, but signature expected CRLFs)
  • Support SwissSign E-Mail ID Silver certificates without country

fixed issues

  • Level of Trust is not updated with the correct date
  • Error "Specified padding mode is not valid for this algorithm" when building certificate chains
  • No error message if Web Portal files waiting for approval can't be downloaded
  • Receive connector IP blocking is still enabled if protection feature is not licensed
  • Cyren reference ID is not set in message track if email is put on hold
  • Date by Level of trust domain bonuses are not updated if it is already 100 bonuses
  • S/MIME encrypted winmail.dat email is not decrypted
  • Multiple email addresses are extracted from email header if the display name is the email address and surrounded by apostrophes
  • Error when uploading GZIP compressed XML to Web Portal: This operation is not supported
  • Public key is removed from email even if removal of signature is disabled and key harvesting is enabled
  • PGP signature verification fails when the PGP key has a non-self-signed UID
  • PGP signature is removed by 'Remove SMIME signature' option
  • Logging for D-Trust certificate provider is not working
  • D-Trust certificate provider info text for required action references the wrong action
  • GZIP files are not detected by content filter with wildcards

New / Changed

  • Edi@Energy: Use SHA-256 in RSAOAEP padding for S/MIME encryption
  • Add mime type detection for AutoCAD files
    • *.dxf - Drawing Interchange Format or Drawing Exchange Format
    • *.dwt - Drawing Template
    • *.dwg - Drawing
    • *.dwf - Design Web Format

fixed issues

  • Mime type detection for Office XML documents fails for XML documents with incorrect encoding

New / Changed

  • Checks for Address Pairing bonus points

fixed issues

  • Outlook Addin: Corporate design is not applied in Outlook Addin.
  • Email could not be signed. The specified handle is invalid.
  • Get/Set-NspPartnerAddressTrust not working correctly
  • Word/Excel/PowerPoint XML documents are not handled by the Content Filter
  • Message Tracking clean-up slows down replication of new message tracks
  • Trust configuration could not be saved by partner
  • Content disarm failed: Illegal characters in path
  • Domain trust entry is deleted even if it contains trusted subnets
  • Level of Trust address pairing bonus points are shown incorrect in message track
  • De-Mail address rewriting is removed from imported users if there are two automatic user imports with De-Mail address rewriting
  • Illegal characters in path' error in SMIME and PGP inbound action
  • Exception of type 'Netatwork.NoSpamProxy.Security.CertificatePasswordInvalidException

fixed issues

  • Ribbon in Outlook is throwing errors on emails with certain attachments
  • Error by signing a message. Access denied. Added fail-safe when access to an RSA key container fails
  • Email could not be decrypted: Cryptographic Exception
  • Exported PGP public key can't be published to MIT PGP Key Server
  • DNS cache invalidation not working properly with multiple entries that have a different TTL
  • AD import uses insecure connection to Active Directory
  • Intermittent Address resolving issues in Outlook Addin with auto-completed address entries
  • Outlook Addin is missing appropriate trace output to debug faulty customer configurations
  • NoSpamProxy makes two calls to Cyren CTASD by mail
  • Address pairing trust bonus is given to a wildcard entry
  • Outlook Add-in: No reply link is added after configuring a new reply link in the add-in.

fixed issues

  • Header still contains p7m instead of p7s after decryption
  • Gateway role always uses the external Web Portal URL to upload files even if an internal URL is configured
  • Empty text mime parts are detected as application/octet-stream and possibly blocked/removed by the Content Filter
  • Error "Collection was modified; enumeration operation may not execute" when starting the Gateway Role
  • Exception of type "Netatwork.NoSpamProxy.Security.CertificatePasswordInvalidException" when requesting a certificate
  • Management Console: Word Filter crashes under certain conditions
  • Memory leak in mime type detection for legacy office documents

fixed issues

  • Special characters in text files are broken after encryption
  • Transfer encoding is changed from base64 to quoted-printable for text attachments
  • Setup fails when updating the Intranet Role database because the SQL transaction log fills up the hard disk

New / changed

  • Overwrite 'City' field in certificate requests for D-Trust
  • Remove 'City' and 'State' as a required field for D-Trust Enterprise and Team certificates

fixed issues

  • SMTP send timeout is not configurable
  • Content filter changes are not active immediately
  • Password protected Excel files (*.xlsx) are not processed by the Content Filter
  • Search for trust level in partners does not work properly
  • NullReferenceException when requesting a password reset via the Web Portal
  • Duplicate notification in case of failed CDR
  • Word filter only checks the first 4KB of the email body
  • Error when removing user fields: "The requested resource was not found."
  • Put on Hold emails are send again by incoming emails
  • Incomplete SMTP response when a PTR record cannot be resolved
  • Mime type detection for binary files renamed to *.txt not always works correctly

New / changed

  • Updated .NET Requirement to 4.7.2
  • Improved Message Tracking database cleanup
  • Improve detection of auto generated messages in Level of Trust
  • Powershell cmdlet Get-NspMessageTrack has now parameter for IP filtering

fixed issues

  • No automatic cryptographic key enrolment request is generated if an inactive certificate is still valid
  • Autoencryption status for generate and save partner password is missing in Message Track
  • If an archive connector is configured without creating the folder on the Gateway Role, no emails are archived and no error message appears
  • Under certain circumstances "Antivirus scan not possible at the moment" error message appears after uploading large files to the Web Portal
  • Under certain circumstances HTML attachment is renamed to "Attached File.txt
  • Partners view displays the same domain multiple times with different capitalization
  • Reputation filter MAIL FROM/Header-From mismatch test in absence of DMARC doesn't check multiple From headers
  • DSN bonus is not given for simple DSN
  • Under certain circumstances an attempt to put an email on hold failed
  • Under certain circumstances an attached PDF is not encrypted if Autoencryption is required
  • When the Gateway Role deactivates a certificate, the new state is not replicated to the Intranet Role
  • Under certain circumstances exact match filter for body in Disclaimer does not work
  • Web Portal setup: WebPortal.config cannot be accessed and could not be upgraded
  • Large files search fails when using more than one filter criteria: The parameter 'f' was not bound in the specified LINQ to Entities query expression.
  • Missing partner passwords are not replicated to the Web Portal
  • Email was delivered although CYREN antivirus rejected the email
  • Base64 content with empty lines in between the data can't be decoded
  • PDF conversion failed, but email is successfully delivered
  • Email attachment is not protected with a password if the email is auto-encrypted using S/MIME or PGP
  • Files considered too large can't be removed by the user on the Web Portal
  • NoSpamProxy Console crashed when double clicking on an allowed language plane in filter "Allowed Unicode language planes
  • Cyren reference ID is not set in exported Message Track
  • Word matching filter gives positive results for encrypted email
  • User names are sorted alphabetically during a manual certificate request
  • Status of Level of Trust is disabled in Message Track but is enabled in rule
  • Certificate enrolment request fails with "Bad Version of provider."
  • dotNet could not be downloaded during Web Portal installation
  • SwissSign product type "Silver Light" has been renamed
  • Certificate harvesting option can not be deactivated
  • Action "Extract certificates" does not work with signed/encrypted mails
  • Cannot decrypt a PGP-Inline encrypted mail
  • Outbound notification for encrypted emails uses incorrect sender address
  • Large logos are truncated in the PDF header of PDF mails
  • Error message when closing the MMC (TaskCanceledException)
  • Many "Invalid logon attempt" messages are recorded in the Security EventLog
  • Content transfer encoding uuencode not supported for attachments
  • Column ordering of domains in DKIM keys Fails
  • Certificate request can't be completed because the private key can't be read
  • Web Portal upload failed: Sequence contains more than one matching element
  • Default algorithm is Aes256 instead of Aes128
  • MMC crashes when an invalid template was configured on the D-Trust certificate Provider
  • File synchronization between two Web Portals not working for files >2GB
  • Outbound emails from Office 365 are not accepted because the certificate validation fails

fixed issues

  • Outbound emails from Office 365 are rejected with "Unable to relay

New / changed

  • Implement efail mitigations

fixed issues

  • Automatic user import - Generic LDAP doesn't use search path for group search
  • Active Directory group lookup does not work: The distinguished name contains invalid Syntax
  • Email is sent multiple times if the SMTP server takes very long to respond to commands
  • Partner password can't be changed using the Web Portal
  • Web Portal Mails always using external URL if attachment is uploaded to Web Portal
  • Domaintrust is increased although it is set to statically zero
  • Domaintrust maintenance run never finishes if DNS requests time out for some Domains
  • Performance Counter for Queues maybe incorrect after a service restart
  • Public Suffix List caching doesn't work for Spam URI Realtime Blocklists filter
  • RTF emails converted to PDF contain a winmail.dat attachment
  • After removing a corporate users active certificate no certificate is active
  • Sandbox response for already uploaded but not yet analysed files is not processed correctly
  • Large files filter for sender/recipient and status not working correctly
  • Plain text attachment is detected as application/octet-stream
  • UTF-7 encoded email with Base64 encoded attachment can not be decoded
  • No HTML file with download link after inline image is uploaded to Web Portal
  • Email to PDF conversion adds hint for pin to PDF even if all attachments are uploaded to the Web Portal