We have released version 13.2.21327.1706 on December 09th, 2021. This Version is an upgrade release where the following Bugs are fixed and new features are added or changed.

Important Information

If you have previously installed a beta version 13.2, please upgrade to the official release version 13.2.20141.1435 or later for support reasons! As of version 13.2.20083.1640, a script for enhancing the address searching is included. These may cause the setup not to respond for a some time during database update. The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.

 

Version 13.2.21327.1706 (December 09th, 2021)

based on Fast Channel Version 13.2.21230.1706

Changes:

• New Certificate PKI Provider DigiCert implemented
• TLS 1.3 can be used, if the operatings system supports it

Fixed:

Gateway Role

• • 27842: Mail processing error for e-mail in UTF16le format
  • 27961: Signature validation report can’t be created
  • 29687: PGP Signature validation failed
  • 30144: Root certificate not detected correctly and certificate chain check failed

Intranet Role

• • 25521: Message Tracking cleanup improved

Other

• • 28348 Templates: Missing sender in encrypted e-mail notification
  • 29354 Content Filter: Wrong classification of ZIP file created with 7-zip
  • 29735 URL Safeguard: Internationalized domain names (IDNs) are not rewritten correctly

 

Version 13.2.21230.1449 (August 31st, 2021)

based on Fast Channel Version 13.2.21190.1540

Changes

• 29358: Evaluate new SwissSign id-silver product name
• 29235: Adjust CSP header for WebPortal
• 29236: Adjsut X-XSS-Protection header
• 29237: Disable unnecessary HTTP methods

Fixed

• 29259: WebPortal on Server 2012 R2 – Inernal server error
• 26082: Emails received via the POP3 receive connector are downloaded from the server but not delivered to the recipient if the receive connector temporary folder contains *.eml files
• 29122: SMIME signature signer address validation always fails if MAIL FROM is empty
• 29090: An unexpected error occurred and the Intranet Role is shutting down. System.ArgumentNullException: Value cannot be null

 

Version 13.2.21190.1540 (July 21st, 2021)

based on Fast Channel Version 13.2.21151.1540

Fixed

• 26243: Web Portal problems
• 28830: URL Safeguard doesn’t always work correctly if there is HTML inside of the a tag
• 27510: Disclaimer is added at the wrong position
• 28594: Report Viewer Control 2010 download link in installer is incorrect
• 28698: Create config override to use onmicrosoft.de instead of onmicrosoft.com

 

Version 13.2.21151.1540 (June 23rd, 2021)

based on Regular Channel Version 13.2.21111.1701

Fixed

• 28537: Quotes are added after decoding an encoded header value
• 28539: CxO fraud detection doesn’t match if there is a quotation mark between the first and last name
• 23630: CxOFraud does not detect attempt as long as user name contains umlaut
• 28502: Receiving an NDR containing headers of an SMIME encrypted email causes an unexpected error during a connection: Value cannot be null. Parameter name: stream
• 28215: Subject flags Link overlapping with text
• 28046: An unexpected error occurred during a connection: Invalid data read from remote host
• 28255: An unexpected error occurred during a connection: Object reference not set to an instance of an object
• 28254: An error occurred while checking an email sent from to Support@nospamproxy.de

 

Version 13.2.21111.1701 (May 6th, 2021)

based on Fast Channel Version 13.2.21069.1155

Fixed

• 28110: SSL Cache duration is too high in 13.2
• 28086: MS removed download link for ReportViewer.exe – this breaks our setup
• 27815: ‘Header-From’ field is an obfuscated string, but its not true
• 27840: Excessive memory and cpu usage when using the Trie data structure
• 26978: Obfuscated string matcher doesn’t match rewritten umlauts (i.e. ö and oe)
• 27962: Failed to validate a DMARC on an email. Decoded string is not a valid IDN name.
• 27964: Message tracks could not be retrieved from the Intranet Role.
• 27969: SwissSign auto enrolment uses correct user information
• 28087: Adjust 13.2 actions and filters
• 27678: High CPU usage and unstable

 

Version 13.2.21069.1155 (March 15th, 2021)

based on Fast Channel Version 13.2.21040.1645

If you have installed version 13.2.21040.1645 from March 1st 2021, perform an update to this new version to avoid problems!

Fixed

• 27467: Archived eml file is empty
• 27471: D3 archive connector cannot handle subjects with special characters
• 27508: Possible StackOverFlowException when parsing an email address
• 27333: Activities are shown only in first
• 27457: Not recognized category from Cyren
• 26905: URL Safeguard removes PGP signature and email headers after rewriting URLs in PGP signed content
• 27124: An error occurred while creating a dispatch job: Another read operation is currently in progress
• 27229: Corporate email server check “SPF protected local address” is successful if only the SPF check for the EHLO domain was successful
• 27135: Attachments from nested emails are not uploaded to the Web Portal

 

Version 13.2.21040.1645 (March 01st, 2021)

based on Fast Channel Version 13.2.20349.1331

Due to a subsequently discovered, but very rare problem, this version had to be removed from the download. A new version will be released as soon as possible, to fix all problems.
If you are already using this version, please watch out for temporarily blocked emails and contact support for clarification, if this occurs.

Fixed

• 26340: Large files are not auto approved if there are older files to be auto approved with malware scan failures
• 26931: Update Cyren to new binaries
• 27013: Restricting maximum concurrent connections per domain doesn’t work reliably
• 26872: POP3 receive connector only supports TLS 1.0
• 26776: email is destroyed after outbound email signing
• 26715: Logging extension for archive connector
• 26854: Internal domain names (i.e. exchange.local) are resolved using the external DNS servers
• 26646: Timstamp server for Outlook Add in is invalid
• 26666: Disclaimer is added at the wrong position

 

Version 13.2.20349.1331 (January 13th, 2021)

based on Fast Channel Version 13.2.20296.1426

Fixed

• 26541: Unexpected error occurred during a connection: Index was out of range.
• 26415: Attach file failed error.
• 26519: Illegal characters in path.
• 25996: Auto Retry of quality signature Item should have the Message Track status Put on hold.
• 25963: Waiting Status for qualified signature signing Status
• 26410: Configuring the Cyren service on the Web Portal fails with error message “A potentially dangerous Request.Form value was detected from the client”
• 26337: Header-From address in the format “Display name <address1@example.com;address2@example.com>” causes Message Tracking deserialization errors
• 25925: URL Safeguard rewrites URLs in brackets with the closing bracket as part of the URL
• 25846: CmsMimePart cannot be converted to PDF using auto encryption
• 26033: Outlook Add-In mime type detection detects Office documents as unprocessable zip archives
• 26004: Gateway Role creates replication artifacts >50MB which can’t be collected by the Intranet Role and break the replication
• 26173: Web portal and Outlook Add-In don’t use the correct content filter if a partner user is configured to allow any attachments
• 25608: Secondary DNS server is not queried if the primary DNS server responds with status code ServerFailure
• 25609: License usage De-Mail count is incorrect if multiple Gateway Roles are using the same De-Mail domains
• 26144: URL Safeguard destroys URLs in CSS by replacing them with “Protected link”-HTML
• 25790: NDR contains empty attachment instead of original email
• 25673: Outlook Addin: Issues on accessing files from UNC path
• 26129: Empty header line is created if the header ends with a whitespace and the header has a certain length
• 26507: Remove hard coded domain white list from the surbl filter
• 26170: Use the new endpoint for the Cyren IP Reputation

 

Version 13.2.20296.1426 (November 09th, 2020)

based on Fast Channel Version 13.2.20258.1435

Fixed

• 25605: A replication artifact could not be deserialized. The item will be retried at a later time. Error: The string Cards??@tizgharan.org.uk is not a valid email address
• 25606: Message tracks could not be retrieved from the Intranet Role: The string “”@bnv.gob.ve is not a valid email address
• 24125: Email is signed using SMIME/PGP although it is deactivated in the rule if the sender requests automatic encryption
• 25654: Database cleanup is slow
  NOTE: If the TempDB will not shrinked automatically, use the SQL tools to do this manually
• 25687: Cyren malware scanner fails with error: Illegal characters in path
• 24838: Users should not be imported from file if email contains not allowed chars outside of quotation marks (“”)
• 24840: Error when importing user from text file with many @ in email address
• 25133: Text file automatic user import imports email address prefixes (i.e. SMTP:)
• 24888: Improve error message in LDAP sync when a group cannot be expanded
• 25729: Message Track filter doesn’t work for Powershell Cmdlets to get actions, activities, attachments, filters, URLs
• 26059: Outlook-Add-In crashes on initializing the MimeTypeDetection

 

Version 13.2.20258.1435 (September 28th, 2020)

based on Fast Channel Version 13.2.20199.1826

Changed

• 24112: Create Issue “German Azure Cloud will be removed”
• 20044: Implement automatic retries of mails waiting for qualified signatures

Fixed

• 24831: Add hint to manual that LDAP key server does not support LDAPS
• 24895: Replication service replicates too many artifacts to the database at once
• 24837: Reading the Default partner settings is not retried if it fails the first time
• 24984: EmailAddress.TryParse uses the relaxed algorithm and is used in the Envelope methods
• 23685: NDR is sent if an email is permanently rejected by the sandbox
• 23686: Sender IP address is not blocked if an email is rejected permanently by the sandbox
• 24904: An unexpected error occurred during a connection: Deep clone with non-clonable stream is not supported. Stream must be of type ClonableStream
• 24995: OpenKeys configuration is not replicated to new Gateway Roles
• 24884: Disclaimer is added at the wrong position
• 25016: NoSpamProxy crashes when a large SMIME email is processeds
• 24720: URL Safeguard error when rewriting URLs in message/delivery-status attachment: Mimepart ‘NestedMessageMimePart’ is not supported
• 24683: CDR’ed document is not attached to the EML file in case of nested attachments
• 24825: change tyntec text message provider default hostname
• 25154: Email is not accepted because of error: Length cannot be less than zero. Parameter name: length
• 25045: Wrong reject reason for email
• 25256: Emails cannot be processed by content filter
• 25165: Downgrade to 7 bit transfer encoding for all emails breaks existing signatures if the email contains a mime part with 8 bit transfer encoding
• 24917: Intermediate certificate is displayed as “untrusted root, revoked” when imported in NoSpamProxy
• 25343: Email with very long header line causes 100% CPU usage on Gateway Role
• 24753: Level of Trust bonus not granted because successful SPF validation doesn’t authenticate MAIL FROM domain
• 23927: “Strict Open XML” office documents are detected as zip archives
• 24768: TLS best practice settings include 3DES cipher suite
• 25319: Attachments are differently identified when a mail was signed
• 24873: Pdf is not disarmed, zip file detect as unprocessable
• 25364: An attempt to scan the file in directory ZEL4TVFP for viruses. Error: Padding is invalid and cannot be removed.
• 25443: Unexpected error occurred during a connection: Index was out of range.
• 25446: All zip files in large files detect as unprocessable+archive
• 25408: Cyren IP reputation filter configuration is reset after editing the rule using the MMC
• 25440: URL Safeguard applies HTML base URL to absolute URLs
• 25513: Message Tracking search is slow when searching for sender/recipient
• 25537: TempDB database uses enormous amounts of space during database cleanup
• 25538: Message Track cleanup doesn’t delete a lot of details if the detail retention time is much shorter than the summary retention time
• 25526: A parameter was invalid.

 

Version 13.2.20199.1826 (July 27th, 2020)

based on Regular Channel Version 13.2.20171.1151

Fixed

• 24608: An unexpected error occurred during a connection: Die Länge darf nicht kleiner als 0 (null) sein. Parametername: length
• 24621: Trigram search is slow
• 24718: DKIM signature verification fails if the email contains an attached EML file with incorrect content type
• 24684: Emails with nested EML attachment with incorrect content type are not serialized correctly
• 24640: Email rejected by CxO Fraud Detection action causes two NDRs in default configuration
• 24662: “Unable to confirm artifacts replication” error if there are a lot of replication artifacts
• 24679: Multiple reputation filter PTR record tests are failing if the sender IP address doesn’t have a PTR record
• 24719: An email could not be decoded

We have released the Version 13.1.20071.1529 on March 16th, 2020. This Version is an upgrade release where the following Bugs are fixed and new features are added or changed.

Important Information

As of update Version 12.2.18253.1152, a script for cleaning up the message tracking is included, which deletes orphaned entries in the database and from Version 13.0.19169.1943, a script for improving Table Indexes was added.
These may cause the setup not to respond for a some time during database update. The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.

If the Protection module is licensed, it is possible that the Cyren services do not work and no viruses and spam checks are performed after the update to version 13, although the NoSpamProxy license itself has been correctly validated. To correct this, in the NoSpamProxy Management Console go to Configuration/NoSpamProxy Components/Gateway Roles, select the gateway role(s) and click on Synchronize configuration.

It is possible in combination with some Domain names, that the Reputation filter will block emails due to an obfuscated owned Domain. Only in this case we will recommend to reduce the SCL Points to maximum 2 SCL Points (Default is 4 SCL Points) for the test ‘Header-From’ is an owned Domain at the Reputation filter, to be found on the tab Filters at the applied rule, on tab ‘Header-From’ Tests. This will be improved within the next Major Version.
Example: Owned Domain = example.com, but the Reputation filter will also detect my-example.com as an obfuscated owned Domain.

 

Version 13.1.20071.1529 (March 16th, 2020)

based on Fast Channel Version 13.1.20048.1517

In order to prevent the error message “Unable to relay”, this version is required if emails are to be sent from Office 365 via NoSpamProxy.

Fixed

• Cleaned up the Office 365 certificate check and changed the default behaviour to exclude the Root certificate from the revocation check
• Remove check for self-signed UID from PGP key import
• Charset decoding is performed incorrectly when extracting body from winmail.dat
• Version number in PDF metadata is detected as URL and checked by the Spam URI Realtime Blocklist filter
• Email is put on hold with “Error: A clone of the specified mime part was not found.” if the content filter removes a file from an attached EML file
• Outlook Add-In does not handle Content Filters correctly
• ICAP Malware scanner does not work with Symantec Endpoint Protection
• URLSafeGuard: Links with umlaut could not be complete rewritten
• Disclaimer is not positioned correctly when replying to Gmail emails
• PGP encrypted attachment having Content-Type header with long media type and encoded file name can’t be serialized after decryption
• Adobe cannot open the Attachment from PDF
• GlobalSign certificates could not be revoked
• Homographic attack detection does not work
• Content filter in partner domain/user is not detect in outlook addin
• Sending an administrative notification for CPU or HDD stress level failed. Error: Value cannot be null.
• Resolution of the dependency failed by sending an administrative notification for CPU or HDD
• Converted files are not approved if it is a Web Portal mail
• Error in webportal template for redirection
• Failed to update health statistics. Error: System.ArgumentNullException
• Different content filters for partner users are not working correctly also in Add-In
• Mail permanently blocked cause of modification

Version 13.1.20048.1517 (February 26th, 2020)

based on Regular Channel Version 13.1.19330.1217

New / Changed

• Proactively kill external mime detection process if memory exceeds 256 MB

Fixed

• SMTP error message contains only LF instead of CRLF if multiple Reputation Filter tests fail
• Disclaimer images are sometimes displayed as attached files
• Word filter with content “mom” triggers on “ror” when obfuscation is enabled
• Missing MIME-Version header causes display problems in Outlook after signing an email
• Duplicate certificate import
• Remove archive metadata settings not possible
• Message statistics are not cleaned up
• When the Web Portal returns HTML instead of JSON, the user of the Outlook AddIn gets a useless error message.
• Web Portal synchronization is very slow on Windows Server 2019 clients
• DNSSEC is not enabled after Gateway Role restart
• PDF mime type detection hangs and uses a lot of CPU/RAM with a certain document
• “Receiver rewriter” and “Reroute email” actions are not executed if MAIL FROM is empty
• SMTP receive connector “maxInvalidRecipients” setting is reset after configuring the connector using the MMC
• Active Directory import: Log detailled information why a TLS connection failed
• Web Portal: An attempt to enumerate the files failed
• SMTP AUTH command doesn’t accept username/password directly
• Word filter in simple finds matches in words
• After saving changes in receive connector: Perhaps another SMTP server is running on this endpoint.
• Cannot upload some files to Web Portal
• Email temporary blocked. An error occurred while checking an email: OperationCanceledException
• Metadata service: Failed to contact the server. Value cannot be null
• URL Safeguard Exception: An item with the same key has already been added.
• “Error: Access is denied” when decrypting a PGP encrypted email
• Obfuscated domain is not detected as external
• The DELETE statement conflicted with the REFERENCE constraint “FK_Url_MessageTrackEntry”
• Content filter “File name” does not detect files in hierarchy within zip
• Colour theme is not replicated if a new Gateway Role/Web Portal is added
• No results by PowerShell-Command: get-nspuser and set-nspuser
• Gateway Role hangs with 100% processor usage when a deeply nested mail is processed
• Metadata service: Object reference not set to an instance of an object.
• Improved wording for the case when a password for PDF encryption could not be obtained or generated.
• URL Safeguard rewrites the links incorrect if used <base href=…>-tag
• The “digiSeal server: Sign attachments on outbound emails” action only signs attachments that are part of a multipart mimepart
• Base64 decoder doesn’t ignore extra characters if invalidBase64LengthHandling=”IgnoreExtraCharacters” is configured
• Base64 decoder doesn’t remove invalid characters correctly if the encoded content has multiple lines
• URL Safeguard doesn’t rewrite links with whitespaces in a-href-tag correctly
• URL Safeguard takes very long to rewrite URLs

We have released the Version 13.0.19241.1237 on September 4th, 2019. This Version is an update release where the following Bugs are fixed and new features are added or changed.

Important Information (Common)

As of update version 12.2.18253.1152, a script for cleaning up the message tracking is included, which deletes orphaned entries in the database. From Version 13.0.19169.1943, a script for improving Table Indexes was added.
These may cause the setup not to respond for a some time during database update. The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.

If the Protection module is licensed, it is possible that the Cyren services do not work and no viruses and spam checks are performed after the upgrade to version 13, although the NoSpamProxy license itself has been correctly validated. To correct this, in the NoSpamProxy Management Console go to Configuration/NoSpamProxy Components/Gateway Roles, select the gateway role(s) and click on Synchronize configuration.

It is possible in combination with some Domain names, that the Reputation filter will block emails due to an obfuscated owned Domain. Only in this case we will recommend to reduce the SCL Points to maximum 2 SCL Points (Default is 4 SCL Points) for the test ‘Header-From’ is an owned Domain at the Reputation filter, to be found on the tab Filters at the applied rule, on tab ‘Header-From’ Tests. This will be improved within the next Major Version.
Example: Owned Domain = example.com, but the Reputation filter will also detect my-example.com as an obfuscated owned Domain.

Version 13.0.19241.1237 (September 4th, 2019)

based on Regular and Fast Channel Version 13.0.19204.1650

Fixed

• Greylisting action is executed before the filters
• Mail-From and Header From are different in Encrypted email notification
• Wizard does not save inbound send connectors
• Exception in second execution of configuration wizard
• ZIP bomb handling – NSP stucks with high ressource usage
• Images from disclaimer templates are attached multiple times if multiple disclaimer templates are applied to the email
• Search filter in Event Log returns unfiltered results for remote roles
• File synchronization between Web Portals hangs if a BITS job fails with a transient error
• An unexpected error occurred while signing or encrypting a message.SBPGPExceptions.EElPGPEncryptionStreamException
• Copy of a web portal email is sent unencrypted if the rule is configured to reject the email
• Service crashes when owned domain is added with a whitespace character
• Exception if CDR of encrypted file failed
• Attachment is always unknown to the sandbox if URL Safeguard has rewritten an URL in the attachment
• Check if the Cyren service restarts after the permissions are set for remote web portal
• A replication artifact could not be deserialized. No message track
• Web Portal Copy has to be always encrypted
• Wrong domain is used in DKIM signature header if owned domain and DKIM key domain are different
• Status mailware scan failed warning has to be updated after the problem is fixed
• Check if the Cyren service restarts after the permissions are set for remote web portal
• Reply Link to Web portal does not work
• Password-protected files are ignored by the converter and the Web Portal
• An unhandled error occurred during the malware scan
• Web portal upload for an email on hold failed: Object reference not set to an instance of an object

Version 13.0.19204.1650 (August 6th, 2019)

based on Fast Channel Version 13.0.19197.1833

Fixed

• Could not assess the current license usage. Object reference not set to an instance of an object
• Rescan of quarantined Web Portal files fails: Final output block size must be at least 56
• Reputation filter blocks De-Mail notifications if substring match tests are enabled
• URL Safeguard does not rewrite some links calendar invitation
• URL Safeguard: Wrong detection of URLs in outlook calendar invitation
• URL Safeguard: /n is included in link

 

Version 13.0.19197.1833 (July 25th, 2019)

based on Regular and Fast Channel Version 13.0.19169.1943

New / Changed

• URL Safeguard: configuration info for host and URLs in attachments rewriting

Fixed

• Cyren IP reputation filter error: Der Wert darf nicht NULL sein. Parametername: input
• Load data in message track takes too much time and url safeguard shows wrong information
• Missing provider name if eventlog with id 3583 is created
• Cyren URL Classification filter does not detect malware links in encrypted emails
• Calendar request inside of a winmail.dat is not detected and the email is signed
• A PDF attachment with an attachment that has an undefined content length cannot be processed correctly.
• Quoted printable encoded PDF is not disarmed correctly.
• Wrong padding is shown for encryption/decryption in message track
• Validation policies could not be saved in SMIME and PGP validation action
• An unexpected error occurred, and the Intranet Role is shutting down
• Could not assess the current license usage. Object reference not set to an instance of an object

 

Version 13.0.19169.1943 (July 09th, 2019)

based on Fast Channel Version 13.0.19149.1743

Fixed

• Outlook Add-In is sending text message even if the user has disabled this function
• Wrong error message when importing PGP secret key
• PDF Mail tab in partner user settings missleads a user
• URL Safeguard timeout if the HTML body contains a large amount of URLs (4000+)
• Header-FROM/TO contains an @ sign outside of an email address
• Emails are accepted if an error occurs that is not a timeout and the validation timeout handling is set to “Accept”
• Cyren Antispam/Antivirus service is not responding until the Gateway Role is restarted
• Exception in error message of executed URL Safeguard action: “An item with the same key has already been added”
• Spam Uri Realtime Blocklist filter checks URLs without protocol against blacklists
• AES-128-GCM and AES-256-GCM encryption algorithms are missing from the inspection report
• Level of Trust fixed domain bonus for freemailer domain is not granted
• Outlook calendar invitation contains lines longer than 75 characters after URL Safeguard has rewritten URLs
• URL Safeguard and Spam Uri Realtime Blocklist filter detect URLs in calendar invites if the lines in the invite have been folded
• Message Track displays “No bonuses where granted because the email was not authenticated” if Level of Trust is configured to require authentication only for the domain bonus
• Powershell CmdLet Get-NspEmailOnHold doesn’t include emails waiting for content filter processing

 

Version 13.0.19149.1743 (June 24th, 2019)

based on Fast Channel Version 13.0.19147.917

Fixed

• Spam URI Realtime Blocklists filter also detects email addresses as URLs
• Level of Trust subject bonus is granted for free mailer addresses
• Alert to the Administrator about license validation failed
• Content filter treats folders inside of zip archives as empty files with mime type “application/octet-stream” and without file name
• PDF document is corrupted after content disarm
• Attachments without filename can’t be uploaded to the Web Portal: Value cannot be null, parameter name: filename

 

Version 13.0.19147.917 (June 11th, 2019)

based on Regular Channel Version 13.0.19120.1521

New / Changed

• Enable Cyren URL classification service by default in SURBL Filter

Fixed

• Change supported Outlook Version from 2007 to 2010 Service Pack 2
• Incorrect charset detected after decrypting a PGP encrypted text attachment
• PGP signature validation fails if the signature contains a non-standard issuer-fpr subpacket
• Self-signed pgp key created in kleopatra could not be imported
• Self-signed pgp public keys could not be imported
• If a public key lookup service is not responsive, mailflow may be interrupted
• UI incorrectly states that the 13.0 already scans links for PDF documents
• Email without signer infos is displayed as signed and unmodified in Message Track
• License on Gateway Role and Web Portal becomes invalid after 30 days even if the license server successfully confirmed the license
• Retrieving Level of Trust domain bonus causes error: Object reference not set to an instance of an object
• URL Safeguard: Exception when reporting misclassification
• Dialog with error by configuration of AD enrolment
• Target host missing from Message Track delivery attempt if email is temporarily rejected
• ResettableCancellationToken not properly disposed
• Message Track displays “No bonuses where granted because the email was not authenticated” if Level of Trust is configured to require authentication only for the domain bonus
• Outlook Add-In does not create HTML file
• Get-NspMessageTrack missing TLS information
• Email is supposed to be rejected due to a validation timeout but is delivered to the recipient if the email is put on hold by the Content Filter
• Failed to create an address rewriting entry
• Outbound automatic reply is not sent if the email is signed, encryption is required, and PDF Mail is used as fallback encryption
• PGP encrypted email could not be decrypted: Invalid header line
• Calendar invites from O365 are not detected properly and signed, even if signing of calendar invites is disabled
• An unexpected error occurred while signing or encrypting a message
• URL Safeguard creates visited URL replication artifacts with empty recipient that can’t be processed by the Intranet Role

We have released the version 12.2.19052.1719 on February 26th, 2019. This Version is an update release where the following Bugs are fixed and new feature are added or changed. Release notes for former versions you will find below the current entries.

Important Information

If the update will be done from Version 12.1 or former to the latest Version, it can happen that the update will take longer time during the process of updating the Intrante Role database “NoSpamProxyAddressSynchronization”. Do not Interrupt the setup or reboot the server until the process will be finished! If a problem occurs, the setup will detect it and interrupt automatically!

 

NoSpamProxy 12.2.19052.1719 (26.02.2019)

New / Changed

• Support SwissSign Silverlight without Common Name and Country
• PDF URL detection and content filter handling
• Change default encryption and hashing options for AS/2 send connector

Fixed Issues

• Email could not be sent if large files were uploaded using upload button in Outlook Add-In
• CYREN IP Reputation Service could not be started
• Greylisting action executed in webportal emails
• PGP key is not imported if PGP signature shouldn’t be removed
• Possible word filter false positive if word contains an “m” or “v” and obfuscated words should be found
• Level of Trust address pairing bonus points is incorrect
• No line break for content filter upload hints in HTML mails
• Attachment name is not correct after Web Portal Upload
• Excel document with OLE object is not detected correctly
• SwissSign validation still requires an Organization when ‘Silver’ certificates are requested
• Stackoverflow exception in partners view if too many partner keys are defined.
• Error while processing content filter conditions by the filename condition “winmail.dat; “
• Attachments in winmail.dat are not removed
• Merged PDFs with dangerous content are not disarmed

 

NoSpamProxy 12.2.19022.1759 (23.01.2019)

New / Changed

• Support SwissSign E-Mail ID Silver certificates without Organisation

Fixed Issues

• Error in “S/MIME and PGP validation and decryption” action. Parameter is not set.
• Signature of the email is invalid if it contains another email with text/plain body as attachment
• Duplicate entries in Gateway Role DNS cache
• DKIM signature is invalidated if subject flags are used
• Localization: Double entry in preferred technology by partner user
• Error message “An item with the same key has already been added” during AD Synchronization
• EdDSA signature has been removed from email
• DNS cache invalidation not working properly with multiple entries that have a different TTL
• Greylisting doesn’t work correctly if the email has been put on hold for content filtering
• Spelling mistake in notification of missing certificates
• Email attachment is not protected if auto-encryption and mail to PDF in rule
• Updated Keys reference to fix a NullReferenceException
• Get-NspLargeFiles does not output the field ContentType
• TNEF: Decrypted attachment has an unexpected name and file format
• Cache for trust points for sender domain is not updated

 

NoSpamProxy 12.2.19007.1316 (10.01.2019)

New / Changed

• Distinguish between Excel/Word 97-2003 (xls, doc) files with and without macros
• Add a hint to the PDF header in a PDF Mail that the Acrobat reader is required to access attachments
• One temp folder for everything by Cyren service
• Detect OLE objects in office documents
• Support signature validation of mails which were incorrectly serialized (lone LFs in mail, but signature expected CRLFs)
• Support SwissSign E-Mail ID Silver certificates without country

Fixed Issues

• Level of Trust is not updated with the correct date
• Error “Specified padding mode is not valid for this algorithm” when building certificate chains
• No error message if Web Portal files waiting for approval can’t be downloaded
• Receive connector IP blocking is still enabled if protection feature is not licensed
• Cyren reference ID is not set in message track if email is put on hold
• Date by Level of trust domain bonuses are not updated if it is already 100 bonuses
• S/MIME encrypted winmail.dat mail is not decrypted
• Multiple email addresses are extracted from email header if the display name is the email address and surrounded by apostrophes
• Error when uploading GZIP compressed XML to Web Portal: This operation is not supported
• Public key is removed from email even if removal of signature is disabled and key harvesting is enabled
• PGP signature verification fails when the PGP key has a non-self-signed UID
• PGP signature is removed by ‘Remove SMIME signature’ option
• Logging for D-Trust certificate provider is not working
• D-Trust certificate provider info text for required action references the wrong action
• GZIP files are not detected by content filter with wildcards

 

NoSpamProxy 12.2.18337.1725 (05.12.2018)

New / Changed

• Edi@Energy: Use SHA-256 in RSAOAEP padding for S/MIME encryption
• Add mime type detection for AutoCAD files
  • *.dxf   – Drawing Interchange Format or Drawing Exchange Format
  • *.dwt  – Drawing Template
  • *.dwg – Drawing
  • *.dwf  – Design Web Format

Fixed Issues

• Mime type detection for Office XML documents fails for XML documents with incorrect encoding

 

NoSpamProxy 12.2.18330.1808 (28.11.2018)

New / Changed

• Checks for Address Pairing bonus points

Fixed Issues

• Outlook Addin: Corporate design is not applied in Outlook Addin.
• Email could not be signed. The specified handle is invalid.
• Get/Set-NspPartnerAddressTrust not working correctly
• Word/Excel/PowerPoint XML documents are not handled by the Content Filter
• Message Tracking clean-up slows down replication of new Message Tracks
• Trust configuration could not be saved by partner
• Content disarm failed: Illegal characters in path
• Domain trust entry is deleted even if it contains trusted subnets
• Level of Trust address pairing bonus points are shown incorrect in message track
• De-Mail address rewriting is removed from imported users if there are two automatic user imports with De-Mail address rewriting
• ‘Illegal characters in path’ error in SMIME and PGP inbound action
• Exception of type ‘Netatwork.NoSpamProxy.Security.CertificatePasswordInvalidException’

NoSpamProxy 12.2.18315.1244 (14.11.2018)

Fixed Issues

• Ribbon in Outlook is throwing errors on emails with certain attachments
• Error by signing a message. Access denied. Added fail-safe when access to an RSA key container fails
• Email could not be decrypted: Cryptographic Exception
• Exported PGP public key can’t be published to MIT PGP Key Server
• DNS cache invalidation not working properly with multiple entries that have a different TTL
• AD import uses insecure connection to Active Directory
• Intermittent Address resolving issues in Outlook Addin with auto-completed address entries
• Outlook Addin is missing appropriate trace output to debug faulty customer configurations
• NoSpamProxy makes two calls to Cyren CTASD per mail
• Address pairing trust bonus is given to a wildcard entry
• Outlook Add-In: No reply link is added after configuring a new reply link in the add-in.

 

NoSpamProxy 12.2.18296.1808 (26.10.2018)

Fixed Issues

• Header still contains p7m instead of p7s after decryption
• Gateway Role always uses the external Web Portal URL to upload files even if an internal URL is configured
• Empty text mime parts are detected as application/octet-stream and possibly blocked/removed by the Content Filter
• Error “Collection was modified; enumeration operation may not execute.” when starting the Gateway Role
• Exception of type “Netatwork.NoSpamProxy.Security.CertificatePasswordInvalidException” when requesting a certificate
• Management Console: Word Filter crashes under certain conditions
• Memory leak in mime type detection for legacy office documents

NoSpamProxy 12.2.18281.1805 (15.10.2018)

Fixed Issues

• Special characters in text files are broken after encryption
• Transfer encoding is changed from base64 to quoted-printable for text attachments
• Setup fails when updating the Intranet Role database because the SQL transaction log fills up the hard disk

 

NoSpamProxy 12.2.18270.1450 (01.10.2018)

New / changed

• Overwrite ‘City’ field in certificate requests for D-Trust
• Remove ‘City’ and ‘State’ as a required field for D-Trust Enterprise and Team certificates

Fixed issues

• SMTP send timeout is not configurable
• Content filter changes are not active immediately
• Password protected Excel files (*.xlsx) are not processed by the Content Filter
• Search for trust level in partners does not work properly
• NullReferenceException when requesting a password reset via the Web Portal
• Duplicate notification in case of failed CDR
• Word filter only checks the first 4KB of the email body
• Error when removing user fields: “The requested resource was not found.”
• Put on Hold emails are send again by incoming emails
• Incomplete SMTP response when a PTR record cannot be resolved
• Mime type detection for binary files renamed to *.txt not always works correctly

NoSpamProxy 12.2.18253.1152 (14.09.2018)

New / changed

• Updated .NET Requirement to 4.7.2
• Improved Message Tracking database cleanup
• Improve detection of auto generated messages in Level of Trust
• Powershell Cmdlet Get-NspMessageTrack has now parameter for IP filtering

Fixed issues

• No automatic cryptographic key enrolment request is generated if an inactive certificate is still valid
• Autoencryption status for generate and save partner password is missing in Message Track
• If an archive connector is configured without creating the folder on the Gateway Role, no mails are archived and no error message appears
• Under certain circumstances “Antivirus scan not possible at the moment” error message appears after uploading large files to the Web Portal
• Under certain circumstances HTML attachment is renamed to “Attached File.txt”
• Partners view displays the same domain multiple times with different capitalization
• Reputation filter MAIL FROM/Header-From mismatch test in absence of DMARC doesn’t check multiple From headers
• DSN bonus is not given for simple DSN
• Under certain circumstances an attempt to put a mail on hold failed
• Under certain circumstances an attached PDF is not encrypted if Autoencryption is required
• When the Gateway Role deactivates a certificate, the new state is not replicated to the Intranet Role
• Under certain circumstances exact match filter for body in Disclaimer does not work
• Web Portal setup: WebPortal.config cannot be accessed and could not be upgraded
• Large files search fails when using more than one filter criteria: The parameter ‘f’ was not bound in the specified LINQ to Entities query expression.
• Missing partner passwords are not replicated to the Web Portal
• Email was delivered although CYREN antivirus rejected the email
• Base64 content with empty lines in between the data can’t be decoded
• PDF conversion failed, but mail is successfully delivered
• Email attachment is not protected with a password if the email is auto-encrypted using S/MIME or PGP
• Files considered too large can’t be removed by the user on the Web Portal
• NoSpamProxy Console crashed when double clicking on an allowed language plane in filter “Allowed Unicode language planes”
• Cyren reference ID is not set in exported Message Track
• Word matching filter gives positive results for encrypted email
• User names are sorted alphabetically during a manual certificate request
• Status of Level of Trust is disabled in Message Track but is enabled in rule
• Certificate enrolment request fails with “Bad Version of provider.”
• dotNet could not be downloaded during Web Portal Installation
• SwissSign product type “Silver Light” has been renamed
• Certificate harvesting option can not be deactivated
• Action “Extract certificates” does not work with signed/encrypted mails
• Cannot decrypt a PGP-Inline encrypted mail
• Outbound notification for encrypted mails uses incorrect sender address
• Large logos are truncated in the PDF header of PDF Mails
• Error message when closing the MMC (TaskCanceledException)
• Many “Invalid logon attempt” messages are recorded in the Security EventLog
• Content-Transfer-Encoding uuencode not supported for attachments
• Column ordering of domains in DKIM keys Fails
• Certificate request can’t be completed because the private key can’t be read
• Web Portal upload failed: Sequence contains more than one matching element
• Default algorithm is Aes256 instead of Aes128
• MMC crashes when an invalid template was configured on the D-Trust certificate Provider
• File synchronization between two Web Portals not working for files >2GB
• Outbound emails from Office 365 are not accepted because the certificate validation fails

 

NoSpamProxy 12.2.18207.1238 (27.07.2018)

Fixed issues

• Outbound emails from Office 365 are rejected with “Unable to relay”

 

NoSpamProxy 12.2.18157.1044 (14.06.2018)

New / changed

• Implement efail mitigations

Fixed issues

• Automatic user import – Generic LDAP doesn’t use search path for group search
• Active Directory group lookup does not work: The distinguished name contains invalid Syntax
• Email is sent multiple times if the SMTP server takes very long to respond to commands
• Partner password can’t be changed using the Web Portal
• Web Portal mails always using external URL if attachment is uploaded to Web Portal
• Domaintrust is increased although it is set to statically Zero
• Domaintrust maintenance run never finishes if DNS requests time out for some Domains
• Performance Counter for Queues maybe incorrect after a service Restart
• Public Suffix List caching doesn’t work for Spam URI Realtime Blocklists filter
• RTF mails converted to PDF contain a winmail.dat attachment
• After removing a corporate users active certificate no certificate is active
• Cyren sandbox response for already uploaded but not yet analysed files is not processed correctly
• Large files filter for sender/recipient and status not working correctly
• Plain text attachment is detected as application/octet-stream
• UTF-7 encoded mail with Base64 encoded attachment can not be decoded
• No HTML file with download link after inline image is uploaded to Web Portal
• Email to PDF conversion adds hint for pin to PDF even if all attachments are uploaded to the Web Portal