Icon Makefg

We have released version 13.2.21230.1449 on August 31st, 2021. This Version is an upgrade release where the following Bugs are fixed and new features are added or changed.

Important Information

If you have previously installed a beta version 13.2, please upgrade to the official release version 13.2.20141.1435 or later for support reasons! As of version 13.2.20083.1640, a script for enhancing the address searching is included. These may cause the setup not to respond for a some time during database update. The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.


Version 13.2.21230.1449 (August 31st, 2021)

based on Fast Channel Version 13.2.21190.1540


  • 29358: Evaluate new SwissSign id-silver product name
  • 29235: Adjust CSP header for WebPortal
  • 29236: Adjsut X-XSS-Protection header
  • 29237: Disable unnecessary HTTP methods


  • 29259: WebPortal on Server 2012 R2 – Inernal server error
  • 26082: Emails received via the POP3 receive connector are downloaded from the server but not delivered to the recipient if the receive connector temporary folder contains *.eml files
  • 29122: SMIME signature signer address validation always fails if MAIL FROM is empty
  • 29090: An unexpected error occurred and the Intranet Role is shutting down. System.ArgumentNullException: Value cannot be null


Version 13.2.21190.1540 (July 21st, 2021)

based on Fast Channel Version 13.2.21151.1540


  • 26243: Web Portal problems
  • 28830: URL Safeguard doesn’t always work correctly if there is HTML inside of the a tag
  • 27510: Disclaimer is added at the wrong position
  • 28594: Report Viewer Control 2010 download link in installer is incorrect
  • 28698: Create config override to use onmicrosoft.de instead of onmicrosoft.com


Version 13.2.21151.1540 (June 23rd, 2021)

based on Regular Channel Version 13.2.21111.1701


  • 28537: Quotes are added after decoding an encoded header value
  • 28539: CxO fraud detection doesn’t match if there is a quotation mark between the first and last name
  • 23630: CxOFraud does not detect attempt as long as user name contains umlaut
  • 28502: Receiving an NDR containing headers of an SMIME encrypted email causes an unexpected error during a connection: Value cannot be null. Parameter name: stream
  • 28215: Subject flags Link overlapping with text
  • 28046: An unexpected error occurred during a connection: Invalid data read from remote host
  • 28255: An unexpected error occurred during a connection: Object reference not set to an instance of an object
  • 28254: An error occurred while checking an email sent from to Support@nospamproxy.de


Version 13.2.21111.1701 (May 6th, 2021)

based on Fast Channel Version 13.2.21069.1155


  • 28110: SSL Cache duration is too high in 13.2
  • 28086: MS removed download link for ReportViewer.exe – this breaks our setup
  • 27815: ‘Header-From’ field is an obfuscated string, but its not true
  • 27840: Excessive memory and cpu usage when using the Trie data structure
  • 26978: Obfuscated string matcher doesn’t match rewritten umlauts (i.e. ö and oe)
  • 27962: Failed to validate a DMARC on an email. Decoded string is not a valid IDN name.
  • 27964: Message tracks could not be retrieved from the Intranet Role.
  • 27969: SwissSign auto enrolment uses correct user information
  • 28087: Adjust 13.2 actions and filters
  • 27678: High CPU usage and unstable


Version 13.2.21069.1155 (March 15th, 2021)

based on Fast Channel Version 13.2.21040.1645

If you have installed version 13.2.21040.1645 from March 1st 2021, perform an update to this new version to avoid problems!


  • 27467: Archived eml file is empty
  • 27471: D3 archive connector cannot handle subjects with special characters
  • 27508: Possible StackOverFlowException when parsing an email address
  • 27333: Activities are shown only in first
  • 27457: Not recognized category from Cyren
  • 26905: URL Safeguard removes PGP signature and email headers after rewriting URLs in PGP signed content
  • 27124: An error occurred while creating a dispatch job: Another read operation is currently in progress
  • 27229: Corporate email server check “SPF protected local address” is successful if only the SPF check for the EHLO domain was successful
  • 27135: Attachments from nested emails are not uploaded to the Web Portal


Version 13.2.21040.1645 (March 01st, 2021)

based on Fast Channel Version 13.2.20349.1331

Due to a subsequently discovered, but very rare problem, this version had to be removed from the download. A new version will be released as soon as possible, to fix all problems.
If you are already using this version, please watch out for temporarily blocked emails and contact support for clarification, if this occurs.


  • 26340: Large files are not auto approved if there are older files to be auto approved with malware scan failures
  • 26931: Update Cyren to new binaries
  • 27013: Restricting maximum concurrent connections per domain doesn’t work reliably
  • 26872: POP3 receive connector only supports TLS 1.0
  • 26776: email is destroyed after outbound email signing
  • 26715: Logging extension for archive connector
  • 26854: Internal domain names (i.e. exchange.local) are resolved using the external DNS servers
  • 26646: Timstamp server for Outlook Add in is invalid
  • 26666: Disclaimer is added at the wrong position


Version 13.2.20349.1331 (January 13th, 2021)

based on Fast Channel Version 13.2.20296.1426


  • 26541: Unexpected error occurred during a connection: Index was out of range.
  • 26415: Attach file failed error.
  • 26519: Illegal characters in path.
  • 25996: Auto Retry of quality signature Item should have the Message Track status Put on hold.
  • 25963: Waiting Status for qualified signature signing Status
  • 26410: Configuring the Cyren service on the Web Portal fails with error message “A potentially dangerous Request.Form value was detected from the client”
  • 26337: Header-From address in the format “Display name <address1@example.com;address2@example.com>” causes Message Tracking deserialization errors
  • 25925: URL Safeguard rewrites URLs in brackets with the closing bracket as part of the URL
  • 25846: CmsMimePart cannot be converted to PDF using auto encryption
  • 26033: Outlook Add-In mime type detection detects Office documents as unprocessable zip archives
  • 26004: Gateway Role creates replication artifacts >50MB which can’t be collected by the Intranet Role and break the replication
  • 26173: Web portal and Outlook Add-In don’t use the correct content filter if a partner user is configured to allow any attachments
  • 25608: Secondary DNS server is not queried if the primary DNS server responds with status code ServerFailure
  • 25609: License usage De-Mail count is incorrect if multiple Gateway Roles are using the same De-Mail domains
  • 26144: URL Safeguard destroys URLs in CSS by replacing them with “Protected link”-HTML
  • 25790: NDR contains empty attachment instead of original email
  • 25673: Outlook Addin: Issues on accessing files from UNC path
  • 26129: Empty header line is created if the header ends with a whitespace and the header has a certain length
  • 26507: Remove hard coded domain white list from the surbl filter
  • 26170: Use the new endpoint for the Cyren IP Reputation


Version 13.2.20296.1426 (November 09th, 2020)

based on Fast Channel Version 13.2.20258.1435


  • 25605: A replication artifact could not be deserialized. The item will be retried at a later time. Error: The string Cards🏠🏡@tizgharan.org.uk is not a valid email address
  • 25606: Message tracks could not be retrieved from the Intranet Role: The string “”@bnv.gob.ve is not a valid email address
  • 24125: Email is signed using SMIME/PGP although it is deactivated in the rule if the sender requests automatic encryption
  • 25654: Database cleanup is slow
    NOTE: If the TempDB will not shrinked automatically, use the SQL tools to do this manually
  • 25687: Cyren malware scanner fails with error: Illegal characters in path
  • 24838: Users should not be imported from file if email contains not allowed chars outside of quotation marks (“”)
  • 24840: Error when importing user from text file with many @ in email address
  • 25133: Text file automatic user import imports email address prefixes (i.e. SMTP:)
  • 24888: Improve error message in LDAP sync when a group cannot be expanded
  • 25729: Message Track filter doesn’t work for Powershell Cmdlets to get actions, activities, attachments, filters, URLs
  • 26059: Outlook-Add-In crashes on initializing the MimeTypeDetection


Version 13.2.20258.1435 (September 28th, 2020)

based on Fast Channel Version 13.2.20199.1826


  • 24112: Create Issue “German Azure Cloud will be removed”
  • 20044: Implement automatic retries of mails waiting for qualified signatures


  • 24831: Add hint to manual that LDAP key server does not support LDAPS
  • 24895: Replication service replicates too many artifacts to the database at once
  • 24837: Reading the Default partner settings is not retried if it fails the first time
  • 24984: EmailAddress.TryParse uses the relaxed algorithm and is used in the Envelope methods
  • 23685: NDR is sent if an email is permanently rejected by the sandbox
  • 23686: Sender IP address is not blocked if an email is rejected permanently by the sandbox
  • 24904: An unexpected error occurred during a connection: Deep clone with non-clonable stream is not supported. Stream must be of type ClonableStream
  • 24995: OpenKeys configuration is not replicated to new Gateway Roles
  • 24884: Disclaimer is added at the wrong position
  • 25016: NoSpamProxy crashes when a large SMIME email is processeds
  • 24720: URL Safeguard error when rewriting URLs in message/delivery-status attachment: Mimepart ‘NestedMessageMimePart’ is not supported
  • 24683: CDR’ed document is not attached to the EML file in case of nested attachments
  • 24825: change tyntec text message provider default hostname
  • 25154: Email is not accepted because of error: Length cannot be less than zero. Parameter name: length
  • 25045: Wrong reject reason for email
  • 25256: Emails cannot be processed by content filter
  • 25165: Downgrade to 7 bit transfer encoding for all emails breaks existing signatures if the email contains a mime part with 8 bit transfer encoding
  • 24917: Intermediate certificate is displayed as “untrusted root, revoked” when imported in NoSpamProxy
  • 25343: Email with very long header line causes 100% CPU usage on Gateway Role
  • 24753: Level of Trust bonus not granted because successful SPF validation doesn’t authenticate MAIL FROM domain
  • 23927: “Strict Open XML” office documents are detected as zip archives
  • 24768: TLS best practice settings include 3DES cipher suite
  • 25319: Attachments are differently identified when a mail was signed
  • 24873: Pdf is not disarmed, zip file detect as unprocessable
  • 25364: An attempt to scan the file in directory ZEL4TVFP for viruses. Error: Padding is invalid and cannot be removed.
  • 25443: Unexpected error occurred during a connection: Index was out of range.
  • 25446: All zip files in large files detect as unprocessable+archive
  • 25408: Cyren IP reputation filter configuration is reset after editing the rule using the MMC
  • 25440: URL Safeguard applies HTML base URL to absolute URLs
  • 25513: Message Tracking search is slow when searching for sender/recipient
  • 25537: TempDB database uses enormous amounts of space during database cleanup
  • 25538: Message Track cleanup doesn’t delete a lot of details if the detail retention time is much shorter than the summary retention time
  • 25526: A parameter was invalid.


Version 13.2.20199.1826 (July 27th, 2020)

based on Regular Channel Version 13.2.20171.1151


  • 24608: An unexpected error occurred during a connection: Die Länge darf nicht kleiner als 0 (null) sein. Parametername: length
  • 24621: Trigram search is slow
  • 24718: DKIM signature verification fails if the email contains an attached EML file with incorrect content type
  • 24684: Emails with nested EML attachment with incorrect content type are not serialized correctly
  • 24640: Email rejected by CxO Fraud Detection action causes two NDRs in default configuration
  • 24662: “Unable to confirm artifacts replication” error if there are a lot of replication artifacts
  • 24679: Multiple reputation filter PTR record tests are failing if the sender IP address doesn’t have a PTR record
  • 24719: An email could not be decoded
Icon Makefg

We have released the Version 13.2.21111.1701 on May 6th, 2021. This Version is an upgrade release where the following Bugs are fixed and new features are added or changed.

Important Information

If you have previously installed a beta version 13.2, please upgrade to the official release version 13.2.20141.1435 or later for support reasons!

As of version 13.2.20083.1640, a script for enhancing the address searching is included. These may cause the setup not to respond for a some time during database update. The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.

Version 13.2.21111.1701 (May 6th, 2021)

includes all changes and bug fixes from Fast Channel Versions 13.2.20199.1826 to 13.2.21111.1701

Please review Release Notes of Fast Channel Version for Changes and Bug Fixes


Version 13.2.20171.1151 (June 30th, 2020)

includes changes and bug fixes from Regular Channel Version 13.2.20141.1435


  • 24397: A replication artifact could not be deserialized
  • 24444: Message tracks could not be retrieved from the Intranet Role
  • 24514: Intranet Role database updates fails: Failed to execute an SQL command. Error: String or binary data would be truncated.
  • 23966: “Error: Invalid algorithm specified” when importing a certificate with rsaSignatureWithripemd160 signature algorithm
  • 24400: Office365 detection fails when an Office 365 accepted domain is used instead of an Guid
  • 24138: Update TLS Best Practices for Windows 2012R2
  • 24503: Sign and Encrypt action incorrectly uses SHA-512 although the certificate only supports SHA-256
  • 24468: Object reference not set to an instance of an object.
  • 24544: Stripping batv data can lead to failures to update message tracking data
  • 24496: Missing data for signature validation. SignedContent is empty and no data stream has been provided.
  • 24520: Attachments in nested EML attachments are not detected if the content type of the nested EML is not message/rfc822
  • 24530: Improve the Mail to many recipient with out- or inbound content filter configured
  • 24504: URL Safeguard details are incorrectly marked as deleted in Message Tracking which causes the cleanup to fail
  • 24547: A lot of inbound Duplicate mails, if it was a mail to 626 recipients


Version 13.2.20141.1435 (June 2nd, 2020)

includes changes and bug fixes from Fast Channel Version 13.1.20071.1529

New / Changed

  • Four new tests for the reputation filter focusing on the HEADER-FROM
  • One new test for the reputation filter that checks if the email was transmitted via a TLS-protected connection
  • DFN CA connector
  • URLs in emails can be disabled by the URL Safeguard
  • Greylisting is now a policy violation
  • BATV addresses are now included in the license count


  • E-Post-Brief connector is supported for the last time
  • Windows 2008 Server R2 is supported for the last time
  • SQL 2008 R2 is supported for the last time
  • SQL 2016 Express Edition is supported for the last time
  • SMTP proxy mode is supported for the last time


  • 22455: Search root in the LDAP User import should not be mandatory
  • 22889: The DKIM and DMARC implementation of NoSpamProxy does not support internationalized domains
  • 22952: Processing delivery attempty is too slow
  • 23222: Multiple attempts to scan an attachment using the Cyren sandbox failed
  • 23254: Restrict the DANE Validation to 20 sec
  • 22905: Replication breaks when the identity counter reaches 2 billion in the UrlVisits database
  • 23159: Import public certificate used for encryption instead of sign only certificate
  • 23178: Reputation filter does not cope well when the From: oder To: header is missing
  • 21654: Users are still counted and message “You exceeded your license …” is shown even if elapsed time is more than 10 days
  • 23877: Could not bind to The address is already in use. Perhaps another SMTP server is running on this endpoint
  • 23953: An attempt to put an email on hold failed
  • 23911: New installation of Intranet Role with existing database on remote SQL server fails
  • 24079: Processing Message Track replication artifacts on the Intranet Role is very slow
  • 23088: URL Safeguard: The specified website ID could not be processed
  • 23255: Sometimes there is a Warning in MMC if the MMC was inatalled remote on a client
  • 24144: Logging output for cleanup of Safeguard URLs during Message Tracking cleanup is incorrect
  • 22932: Metadata service filter name is “OutbreakDetection” in MMC
  • 23591: NSP cuts off header from domain
  • 23571: Update Cyren configuration settings in setup
  • 23565: CxO filter runs after content filtering
  • 23623: Mime-Version is not always created when converting an existing mail to mulitpart
  • 23499: Existing SMIME signature is not removed if the signature is not part of a multipart mimepart
  • 19676: Compilation errors for automatic reply templates are not shown anywhere
  • 23670: [production] Content disarm for an email on hold failed
  • 23684: Plain text body with iso-2022-jp encoding is handled as attachment with mime type application/octet-stream
  • 23636: Mime type for zip archive containing PDF document is detected as unprocessable PDF
  • 23689: Charset of email body is changed to UTF-8 if content filter upload hint is added
  • 20420: URL Safeguard: Protected link text is not set
  • 23400: The mime part of type Netatwork.NoSpamProxy.Net.Smtp.MultipartMimePart is not supported
  • 19285: Long lines in mime parts extracted from TNEF emails are not wrapped
  • 23532: URLSafeguard: Deactivated links with www prefix could not be reactivated
  • 23797: DNS Server settings could not be saved: A parameter was invalid
  • 20481: Files with very long names could not be uploaded to web portal
  • 23808: URL Safeguard rewrites 4 digit version numbers
  • 23736: Large files malware scan is not displayed in MMC if the email is sent via the Web Portal
  • 23809: URL Safeguard rewrites parts of filenames if the extension is a valid TLD
  • 23918: LDAPS doesn’t work with wildcard certificicates
  • 23629: Ascending “ordered by” brokes message tracking
  • 23928: Gateway Role crashes / ARSoft DNS lookup causes stackoverflow exception
  • 23967: CDR file not send if files over size limit should be uploaded to the web portal
  • 23638: Email is put on hold with “Error: A clone of the specified mimepart was not found.” if the content filter removes a file from an attached EML file
  • 23913: Base64 decoder doesn’t ignore extra padding characters if configured to ignore extra characters
  • 24076: Inbound Large Files links are also password protected
  • 24008: Message Tracking cleanup doesn’t finish in cleanup period
  • 23640: Spam URI Realtime Blocklist filter error: Object reference not set to an instance of an object
  • 24030: Disclaimer keyword replacement is slow for larger HTML bodies
  • 23888: URL Safeguard rewrite part of email addresses in attached eml file
  • 24134: Improve notification info
  • 24204: Legacy Excel 4.0 macros are not detected
  • 24191: Spelling errors in message details
  • 24245: CorporateMailOffice365TenantTests unit tests are failing because of an expired certificate
Icon Makefg

Beachten Sie bitte immer zusätzlich die Hinweise im Installationshandbuch und die generellen Upgrade-Hinweise​ hier in der Knowledge Base.

​Vor dem Upgrade sollten Sie sicherstellen, dass das .NET Framework in der Version 4.7.2, besser .NET Framework in der Version 4.8, installiert ist und die SQL Server Version mindestens 2008 R2, besser 2017 oder neuer, entspricht. Alle unterstützten Versionen finden Sie hier.

Wichtiger Hinweis zum Upgrade von Version 13.0 und späteren Versionen

Falls Sie vorab eine Beta-Version 13.2 installiert haben, führen Sie bitte aus Supportgründen ein Upgrade auf die offizielle Release Version 13.2.20141.1435 durch!

Ab Version 13.2.20083.1640 ist ein Skript zum Aufräumen des Message Trackings enthalten, welches in der Datenbank verwaiste Einträge löscht. Hierdurch kann es vorkommen, dass das Setup längere Zeit nicht reagiert.
Das Setup darf nicht abgebrochen werden und muss bis zum Abschluss durchlaufen. Planen Sie hierfür bitte einen längeren Upgrade-Zeitraum ein.

Upgrade von Version 12.2 und älteren Versionen

Bitte installieren Sie mindestens erst Version 13.1.19330.1217 (Regulärer Kanal) oder höher, bevor Sie auf die Version 13.2 upgraden. Diese Version können Sie hier herunterladen.
Bitte beachten Sie auch alle Upgrade-Artikel zu den älteren Versionen in unserer Knowledge Base unter “Updateinformationen”.

Upgrade NSP

​Beim Upgrade von der Version 13.1 auf die Version 13.2 bleiben alle Einstellungen und Benutzerinformationen erhalten. Lediglich die Proxy-Einstellungen und inhaltliche Anpassungen der Vorlagendateien (Templates) müssen wie gewohnt gesichert und nach dem Upgrade wieder installiert werden. Dieser Vorgang ist bei den generellen Upgrade-Hinweisen​ beschrieben.​
Aus Sicherheitsgründen exportieren Sie bitte existierende DKIM-Schlüssel VOR dem Upgrade aus der Konsole unter “Menschen und Identitäten > DKIM-Schlüssel” heraus.

Zusätzlich prüfen Sie bitte die folgenden Punkte nach dem Upgrade:

  • Inhaltsfilter: Da es Änderungen an den Dateitypen (MIME Types) gab, prüfen Sie bitte alle Inhaltsfilter und deren Inhaltsfiltereinträge
  • Der Reputationsfilter im Regelwerk wurde im Vergleich zur Version 13.1 in Version 13.2 erweitert. Dieser Umbau ermöglicht weitere, zusätzliche Prüfungen
    • Vier zusätzliche Prüfungen auf die HEADER-FROM
    • Eine zusätzliche Prüfung ob die Übertragung mit TLS gesichert wurde
  • Ab Version 13.2 wird der Vorfall zu den Spam URI Realtime Blocklisten von einem Fehler zu einer Warnung umgewandelt
  • URL Safeguard: Es besteht nun die Möglichkeit URLs zu deaktivieren
  • Anbieter kryptographischer Schlüssel: Man kann jetzt auch Zertifikate aus dem Deutschen Forschungsnetz (DFN) anfordern
  • Greylisting ist nun ein Richtlinienverstoß
  • BATV Adressen werden jetzt bei der Berechnung der Lizenzwerte berücksichtigt
  • Berechnung der Lizenzwerte für die Module Encryption und Large Files wurden geändert. Es werden ab sofort ein- und ausgehende Mails betrachtet. Siehe Lizenzverwaltung ab Version 13
  • Hinweis auf die Abkündigung des Office 365 Mandant “Deutsche Azure Cloud”
    Ab Version 13.2.20258.1435 wird ein Hinweis auf der Startseite der NoSpamProxy-Konsole eingeblendet, dass der Mandant ab Version 14 nicht mehr unterstützt wird. Alle Anwender, die noch einen solchen Mandanten verwenden, dürfen kein Upgrade auf Version 14 durchführen, bis die Umstellung auf Microsoft-Seite erfolgt ist. Weitere Informationen erhalten Sie hier:

Umstellung der Lizenz

Mit Version 13.0 haben wir die Einbindung der Lizenz von Lizenz-Datei auf Lizenz-Schlüssel umgestellt. Diese Umstellung erfolgt automatisch und es ist keine weitere Aktion erforderlich.
Bei Problemen beachten Sie bitte den Knowledge-Base-Artikel Neue Lizenz installieren

Outlook Add-In

Das Upgrade des Gateways und des Web Portals erfordert zwingend auch ein Upgrade des Outlook Add-Ins, da sonst die Kommunikation mit dem Web Portal nicht mehr gegeben ist.