NoSpamProxy Server 15.5.0.1377 (June 3, 2025)

NOTE: Announcement: All NoSpamProxy versions < 15.1.0.1048 will be discontinued with the upcoming version 16.

WARNING: Please note that the port allocation has changed with version 15.2. Port 6062 has been added in version 15.2 and is now required. Information on the changes can be found under Port allocation.

This version contains the following components:

• NoSpamProxy 15.5.0.1377

• Management services 15.5.0.1637

• Identity Service 1.2.71

• Message Tracking Transport service 1.0.11

• Gateway Role 15.5.0.1637

• Web  Portal 15.5.0.1637

• Message Tracking Service 2.0.27

• Intranet Role 15.5.0.1637

• WebApp Hosting Service 1.3.19

• WebApp 1.2.3430.0

• PowerShell 15.5.0.1637

• NoSpamProxy Command Center 15.5.0.1637

• External Process Manager 1.0.484

New features

ARC signing

With version 15.5 of NoSpamProxy Server, ARC signing can be used in NoSpamProxy Server. Authenticated Received Chain (ARC) ensures the authenticity of emails and is closely linked to SPF, DKIM and DMARC. Each intermediate station that verifies an email with regard to SPF, DKIM and DMARC and adapts the header of the email accordingly also signs its own results with an ARC entry. If the email is sent to the next server via redirection or forwarding, this server must also verify all ARC information of the intermediate stations according to the RFC.

From now on, NoSpamProxy will perform ARC signing, whereby both a list of signers curated by NoSpamProxy and ARC signatories added by the user can be used.

See Authenticated Received Chain (ARC).

Archive connector

Archive connectors can now be set more granularly via archive profiles so that emails can now be archived better.

See Archive connectors.

Pseudonyms for system mailboxes

NoSpamProxy now supports pseudonyms for certificates for system mailboxes. NoSpamProxy Server thus fulfils the latest baseline requirements of the CA/Browser Forum.

DSNs are processed by rules

Delivery Status Notifications (DSNs) are now subject to the rules in NoSpamProxy Server. As DSNs are sent without information in the MAIL FROM and the sender only appears in the Header-From, DSNs could not previously be verified by the recipient.

Processing by the set of rules means that a DKIM signature can now be applied, for example, which makes it possible to trace the system from which the respective DSN was sent.

Changes

30497 DMARC results are reported to 32Guards.

38635 The validation check of certificates in the Gateway Role has been improved.

41947 TLS information is reported to 32Guards.

42154 Hashed sender and recipient information is reported to 32Guards.

42212 Audit log extensions have been implemented.

42802 NixSpam RBL has been removed.

43154 IP addresses in URL backup lists can be authorised/blocked.

43475 Subdomain validation for digicert has been improved.

43821 Logging for DOI send connectors has been extended.

44083 The new PDF conversion behaviour for Word and Excel files has been improved.

NOTE: The template EmailHintsPlainText.cshtml has been revised and is available in a new version.

EDI@Energy

43191 The sending of XML as AS4 messages is supported.

43526 CA certificate upload via PowerShell is now possible.

Relevant for Managed Service Providers

42251 Archive options have been made multi-tenant capable.

Fixed bugs

23800 Calendar invitations from files in winmail.dat format are removed after conversion to regular MIME parts.

30592 XCLIENT HELO identity is not taken into account.

34766 PowerShell: Removal of the assigned DKIM key is possible.

35420 Trust level not granted for ARC-signed emails.

37385 Number of users is incorrect in the partner view.

40010 Exception in the archive MIME part analysis interrupts email processing.

41877 Many URLs in emails lead to validation timeout.

41919 Disarming of certain PDFs in SB PDF leads to an unexpected IndexOutOfRangeException.

42290 Automatic user import: Page 1 and 2 show the same groups.

42338 If a validation error occurs early in the validation process, the email is delivered even if the malware scanner actions have not been successfully completed.

42348 Mime Detection PDF/A Metadata recognition ignores e-invoicing information.

42363 Text encoding incorrect after converting the HTML file name to a link.

42399 Model.PrefaceDocument no longer works.

42404 SMS provider tyntec does not work: 'Invalid URI: The host name could not be parsed'.

42443 Zugferd downward compatibility to 2.0 is missing.

42456 NCC: Unable to add an Azure AD.

42495 Synchronisation of partner settings always replicates all settings.

42509 Azure AD user was imported although a manual user with the same email address exists. Email is removed by the manual user.

42519 OpenId authentication not possible after update to version 15.4.

42676 Recognised MIME type of html file changes after web portal upload.

42704 NCC Error message: Unable to cast object of type 'System.String' to type 'System.String[]'.

42744 Some Outlook add-in buttons are disabled.

42786 After an update: An unexpected error has occurred and the file synchronisation service is terminated.

42790 OpenID: Reauthentication in webapp does not work correctly.

42860 Large file synchronisation service could not be stopped.

42908 Processing an email with many URLs in an archive attachment takes a lot of time.

43258 D-Trust certificate requirements lead to multiple certificates being issued.

43284 Internal object name is displayed in the NCC.

43296 Double key line in object "Configuration.ArchiveConnector" with unique index "UX_Configuration_ArchiveConnector_Name" cannot be inserted.

43338 Adding an Archive Connector in the NCC leads to an unhandled argument null exception.

43467 Decrypting PDF attachments in the Outlook Addin does not work.

43470 Email is not delivered to all recipients after encryption.

43500 XRechnung UBL syntax is not recognised.

43674 AddRecipient is missing the input validation.

43675 Better handling of word filters with timeout.

43707 With automatic encryption, the From header is missing for external notification (WebPortal notification).

43715 IPv6 URL allowlisting does not work.

43725 ARC validation fails due to automatic encryption.

43803 Content filter ignores files in signed emails if the signature is not removed.

43860 Intranet role does not start due to a System.NullReferenceException in DiagnosticsService.ProcessTracingRecords.

43863 NCC: Decryption certificate is not displayed in activities.

42744 Some Outlook add-in buttons are disabled.

42786 After an update: An unexpected error has occurred and the file synchronisation service is terminated.

43883 Correction of the "bad mac" error with aes-gcm encryption.

43941 Web Portal Installer does not update the Web.config if it has been changed manually.

44014 The decryption of URL Safeguard links causes a very high CPU load on the web portal.

44015 NCC does not always display the credentials prompt if the default credentials do not work.

44164 Web App: Message track details show incorrect recipient address

44231 IntranetRole.exe.config is not always overwritten by the setup.

44408 E-mail notes in plain text are not indented correctly.

44460 Emails are incorrectly reported as trustworthy to 32Guards.

44527 Enrolment provider does not send the givenName and surname attributes in the request.

44634 PDF Mail layout incorrect.

EDI@Energy

42491 Duplicate market partner, duplicate message tracks with error: The 'Get' action on controller 'EdiAtEnergyMessageTrackDetails' returned a SingleResult containing more than one element.

44512 Intermediate certificates are not sent during the LDAP search for other market partners.

Relevant for Managed Service Providers

42670 Tenant switch does not work for global administrators for on-prem OpenID.