We have released the Version 13.0.19241.1237 on September 4th, 2019. This Version is an update release where the following Bugs are fixed and new features are added or changed.

Important Information (Common)

As of update version 12.2.18253.1152, a script for cleaning up the message tracking is included. This script deletes orphaned entries in the database. TFrom Version 13.0.19169.1943, a script for improving Table Indexes was added.
These may cause the setup not to respond for a some time during database update. The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.

If the Protection module is licensed, it is possible that the Cyren services do not work and no viruses and spam checks are performed after the upgrade to version 13, although the NoSpamProxy license itself has been correctly validated. To correct this, in the NoSpamProxy Management Console go to Configuration/NoSpamProxy Components/Gateway Roles, select the gateway role(s) and click on Synchronize configuration.

Synchronize configuration

It is possible in combination with some Domain names, that the Reputation filter will block emails due to an obfuscated owned Domain. Only in this case we will recommend to reduce the SCL Points to maximum 2 SCL Points (Default is 4 SCL Points) for the test ‘Header-From’ is an owned Domain at the Reputation filter, to be found on the tab Filters at the applied rule, on tab ‘Header-From’ Tests. This will be improved within the next Major Version.
Example: Owned Domain = example.com, but the Reputation filter will also detect my-example.com as an obfuscated owned Domain.

 

Version 13.0.19241.1237 (September 4th, 2019)

based on Regular and Fast Channel Version 13.0.19204.1650

Fixed

  • Greylisting action is executed before the filters
  • Mail-From and Header From are different in Encrypted email notification
  • Wizard does not save inbound send connectors
  • Exception in second execution of configuration wizard
  • ZIP bomb handling – NSP stucks with high ressource usage
  • Images from disclaimer templates are attached multiple times if multiple disclaimer templates are applied to the email
  • Search filter in Event Log returns unfiltered results for remote roles
  • File synchronization between Web Portals hangs if a BITS job fails with a transient error
  • An unexpected error occurred while signing or encrypting a message.SBPGPExceptions.EElPGPEncryptionStreamException
  • Copy of a web portal email is sent unencrypted if the rule is configured to reject the email
  • Service crashes when owned domain is added with a whitespace character
  • Exception if CDR of encrypted file failed
  • Attachment is always unknown to the sandbox if URL Safeguard has rewritten an URL in the attachment
  • Check if the Cyren service restarts after the permissions are set for remote web portal
  • A replication artifact could not be deserialized. No message track
  • Web Portal Copy has to be always encrypted
  • Wrong domain is used in DKIM signature header if owned domain and DKIM key domain are different
  • Status mailware scan failed warning has to be updated after the problem is fixed
  • Check if the Cyren service restarts after the permissions are set for remote web portal
  • Reply Link to Web portal does not work
  • Password-protected files are ignored by the converter and the Web Portal
  • An unhandled error occurred during the malware scan
  • Web portal upload for an email on hold failed: Object reference not set to an instance of an object

 

Version 13.0.19204.1650 (August 6th, 2019)

based on Fast Channel Version 13.0.19197.1833

Fixed

  • Could not assess the current license usage. Object reference not set to an instance of an object
  • Rescan of quarantined Web Portal files fails: Final output block size must be at least 56
  • Reputation filter blocks De-Mail notifications if substring match tests are enabled
  • URL Safeguard does not rewrite some links calendar invitation
  • URL Safeguard: Wrong detection of URLs in outlook calendar invitation
  • URL Safeguard: /n is included in link

Version 13.0.19197.1833 (July 25th, 2019)

based on Regular and Fast Channel Version 13.0.19169.1943

New / Changed

  • URL Safeguard: configuration info for host and URLs in attachments rewriting

Fixed

  • Cyren IP reputation filter error: Der Wert darf nicht NULL sein. Parametername: input
  • Load data in message track takes too much time and url safeguard shows wrong information
  • Missing provider name if eventlog with id 3583 is created
  • Cyren URL Classification filter does not detect malware links in encrypted emails
  • Calendar request inside of a winmail.dat is not detected and the email is signed
  • A PDF attachment with an attachment that has an undefined content length cannot be processed correctly.
  • Quoted printable encoded PDF is not disarmed correctly.
  • Wrong padding is shown for encryption/decryption in message track
  • Validation policies could not be saved in SMIME and PGP validation action
  • An unexpected error occurred, and the Intranet Role is shutting down
  • Could not assess the current license usage. Object reference not set to an instance of an object

Version 13.0.19169.1943 (July 09th, 2019)

based on Fast Channel Version 13.0.19149.1743

Fixed

  • Outlook Add-In is sending text message even if the user has disabled this function
  • Wrong error message when importing PGP secret key
  • PDF Mail tab in partner user settings missleads a user
  • URL Safeguard timeout if the HTML body contains a large amount of URLs (4000+)
  • Header-FROM/TO contains an @ sign outside of an email address
  • Emails are accepted if an error occurs that is not a timeout and the validation timeout handling is set to “Accept”
  • Cyren Antispam/Antivirus service is not responding until the Gateway Role is restarted
  • Exception in error message of executed URL Safeguard action: “An item with the same key has already been added”
  • Spam Uri Realtime Blocklist filter checks URLs without protocol against blacklists
  • AES-128-GCM and AES-256-GCM encryption algorithms are missing from the inspection report
  • Level of Trust fixed domain bonus for freemailer domain is not granted
  • Outlook calendar invitation contains lines longer than 75 characters after URL Safeguard has rewritten URLs
  • URL Safeguard and Spam Uri Realtime Blocklist filter detect URLs in calendar invites if the lines in the invite have been folded
  • Message Track displays “No bonuses where granted because the email was not authenticated” if Level of Trust is configured to require authentication only for the domain bonus
  • Powershell CmdLet Get-NspEmailOnHold doesn’t include emails waiting for content filter processing

Version 13.0.19149.1743 (June 24th, 2019)

based on Fast Channel Version 13.0.19147.917

Fixed

  • Spam URI Realtime Blocklists filter also detects email addresses as URLs
  • Level of Trust subject bonus is granted for free mailer addresses
  • Alert to the Administrator about license validation failed
  • Content filter treats folders inside of zip archives as empty files with mime type “application/octet-stream” and without file name
  • PDF document is corrupted after content disarm
  • Attachments without filename can’t be uploaded to the Web Portal: Value cannot be null, parameter name: filename

Version 13.0.19147.917 (June 11th, 2019)

based on Regular Channel Version 13.0.19120.1521

New / Changed

  • Enable Cyren URL classification service by default in SURBL Filter

Fixed

  • Change supported Outlook Version from 2007 to 2010 Service Pack 2
  • Incorrect charset detected after decrypting a PGP encrypted text attachment
  • PGP signature validation fails if the signature contains a non-standard issuer-fpr subpacket
  • Self-signed pgp key created in kleopatra could not be imported
  • Self-signed pgp public keys could not be imported
  • If a public key lookup service is not responsive, mailflow may be interrupted
  • UI incorrectly states that the 13.0 already scans links for PDF documents
  • Email without signer infos is displayed as signed and unmodified in Message Track
  • License on Gateway Role and Web Portal becomes invalid after 30 days even if the license server successfully confirmed the license
  • Retrieving Level of Trust domain bonus causes error: Object reference not set to an instance of an object
  • URL Safeguard: Exception when reporting misclassification
  • Dialog with error by configuration of AD enrolment
  • Target host missing from Message Track delivery attempt if email is temporarily rejected
  • ResettableCancellationToken not properly disposed
  • Message Track displays “No bonuses where granted because the email was not authenticated” if Level of Trust is configured to require authentication only for the domain bonus
  • Outlook Add-In does not create HTML file
  • Get-NspMessageTrack missing TLS information
  • Email is supposed to be rejected due to a validation timeout but is delivered to the recipient if the email is put on hold by the Content Filter
  • Failed to create an address rewriting entry
  • Outbound automatic reply is not sent if the email is signed, encryption is required, and PDF Mail is used as fallback encryption
  • PGP encrypted email could not be decrypted: Invalid header line
  • Calendar invites from O365 are not detected properly and signed, even if signing of calendar invites is disabled
  • An unexpected error occurred while signing or encrypting a message
  • URL Safeguard creates visited URL replication artifacts with empty recipient that can’t be processed by the Intranet Role

We have released the Version 13.0.19204.1650 on August 06th, 2019. This Version is an upgrade release where the following Bugs are fixed and new features are added or changed.

Important Information

As of update Version 12.2.18253.1152, a script for cleaning up the message tracking is included, which deletes orphaned entries in the database and from Version 13.0.19169.1943, a script for improving Table Indexes was added.
These may cause the setup not to respond for a some time during database update. The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.

If the Protection module is licensed, it is possible that the Cyren services do not work and no viruses and spam checks are performed after the update to version 13, although the NoSpamProxy license itself has been correctly validated. To correct this, in the NoSpamProxy Management Console go to Configuration/NoSpamProxy Components/Gateway Roles, select the gateway role(s) and click on Synchronize configuration.

Synchronize configuration

It is possible in combination with some Domain names, that the Reputation filter will block emails due to an obfuscated owned Domain. Only in this case we will recommend to reduce the SCL Points to maximum 2 SCL Points (Default is 4 SCL Points) for the test ‘Header-From’ is an owned Domain at the Reputation filter, to be found on the tab Filters at the applied rule, on tab ‘Header-From’ Tests. This will be improved within the next Major Version.
Example: Owned Domain = example.com, but the Reputation filter will also detect my-example.com as an obfuscated owned Domain.

 

Version 13.0.19204.1650 (August 06th, 2019)

includes changes and bug fixes from Fast Channel Version 13.0.19197.1833, listed below

New / Changed

From 13.0.19197.1833

  • URL Safeguard: configuration info for host and URLs in attachments rewriting

Fixed

  • Could not assess the current license usage. Object reference not set to an instance of an object
  • Rescan of quarantined Web Portal files fails: Final output block size must be at least 56
  • Reputation filter blocks De-Mail notifications if substring match tests are enabled
  • URL Safeguard does not rewrite some links calendar invitation
  • URL Safeguard: Wrong detection of URLs in outlook calendar invitation
  • URL Safeguard: /n is included in link

From 13.0.19197.1833

  • Cyren IP reputation filter error: Der Wert darf nicht NULL sein. Parametername: input
  • Load data in message track takes too much time and url safeguard shows wrong information
  • Missing provider name if eventlog with id 3583 is created
  • Cyren URL Classification filter does not detect malware links in encrypted emails
  • Calendar request inside of a winmail.dat is not detected and the email is signed
  • A PDF attachment with an attachment that has an undefined content length cannot be processed correctly.
  • Quoted printable encoded PDF is not disarmed correctly.
  • Wrong padding is shown for encryption/decryption in message track
  • Validation policies could not be saved in SMIME and PGP validation action
  • An unexpected error occurred, and the Intranet Role is shutting down
  • Could not assess the current license usage. Object reference not set to an instance of an object

 

Version 13.0.19169.1943 (July 09th, 2019)

includes changes and bug fixes from Fast Channel Versions 13.0.19149.1743 and 13.0.19147.917, listed below

New / Changed

From 13.0.19147.917:

  • Enable Cyren URL classification service by default in SURBL Filter

Fixed

  • Outlook Add-In is sending text message even if the user has disabled this function
  • Wrong error message when importing PGP secret key
  • PDF Mail tab in partner user settings missleads a user
  • URL Safeguard timeout if the HTML body contains a large amount of URLs (4000+)
  • Header-FROM/TO contains an @ sign outside of an email address
  • Emails are accepted if an error occurs that is not a timeout and the validation timeout handling is set to “Accept”
  • Cyren Antispam/Antivirus service is not responding until the Gateway Role is restarted
  • Exception in error message of executed URL Safeguard action: “An item with the same key has already been added”
  • Spam Uri Realtime Blocklist filter checks URLs without protocol against blacklists
  • AES-128-GCM and AES-256-GCM encryption algorithms are missing from the inspection report
  • Level of Trust fixed domain bonus for freemailer domain is not granted
  • Outlook calendar invitation contains lines longer than 75 characters after URL Safeguard has rewritten URLs
  • URL Safeguard and Spam Uri Realtime Blocklist filter detect URLs in calendar invites if the lines in the invite have been folded
  • Message Track displays “No bonuses where granted because the email was not authenticated” if Level of Trust is configured to require authentication only for the domain bonus
  • Powershell CmdLet Get-NspEmailOnHold doesn’t include emails waiting for content filter processing

From 13.0.19149.1943:

  • Spam URI Realtime Blocklists filter also detects email addresses as URLs
  • Level of Trust subject bonus is granted for free mailer addresses
  • Alert to the Administrator about license validation failed
  • Content filter treats folders inside of zip archives as empty files with mime type “application/octet-stream” and without file name
  • PDF document is corrupted after content disarm
  • Attachments without filename can’t be uploaded to the Web Portal: Value cannot be null, parameter name: filename

From 13.0.19147.917:

  • Change supported Outlook Version from 2007 to 2010 Service Pack 2
  • Incorrect charset detected after decrypting a PGP encrypted text attachment
  • PGP signature validation fails if the signature contains a non-standard issuer-fpr subpacket
  • Self-signed pgp key created in kleopatra could not be imported
  • Self-signed pgp public keys could not be imported
  • If a public key lookup service is not responsive, mailflow may be interrupted
  • UI incorrectly states that the 13.0 already scans links for PDF documents
  • Email without signer infos is displayed as signed and unmodified in Message Track
  • License on Gateway Role and Web Portal becomes invalid after 30 days even if the license server successfully confirmed the license
  • Retrieving Level of Trust domain bonus causes error: Object reference not set to an instance of an object
  • URL Safeguard: Exception when reporting misclassification
  • Dialog with error by configuration of AD enrolment
  • Target host missing from Message Track delivery attempt if email is temporarily rejected
  • ResettableCancellationToken not properly disposed
  • Message Track displays “No bonuses where granted because the email was not authenticated” if Level of Trust is configured to require authentication only for the domain bonus
  • Outlook Add-In does not create HTML file
  • Get-NspMessageTrack missing TLS information
  • Email is supposed to be rejected due to a validation timeout but is delivered to the recipient if the email is put on hold by the Content Filter
  • Failed to create an address rewriting entry
  • Outbound automatic reply is not sent if the email is signed, encryption is required, and PDF Mail is used as fallback encryption
  • PGP encrypted email could not be decrypted: Invalid header line
  • Calendar invites from O365 are not detected properly and signed, even if signing of calendar invites is disabled
  • An unexpected error occurred while signing or encrypting a message
  • URL Safeguard creates visited URL replication artifacts with empty recipient that can’t be processed by the Intranet Role

Version 13.0.19120.1521 (May 6th, 2019)

New / Changed

  • Extend Surblfilter to check links in pdf documents
  • Make Greylisting Action independant from Cyren IP Reputation
  • DKIM generator: split RSA and ed25519 into seperate textboxes
  • PDF URL detection and content filter handling
  • Change DNS resolution for the OData endpoint

Fixed Issues

  • Impossible to use “Cyren URL classification service” alone
  • Web Portal file store permissions hint doesn’t include required “Modify” permission for NT Service\NetatworkMailGatewayFileSynchronizationService user
  • Base64 encoded mime parts are not encoded correctly after being processed by URL Safeguard
  • Web Portal settings can’t be saved if neither PDF Mail nor Large Files is available
  • Owned domains could not be associated with new created Office 365 tenant
  • Self-signed pgp public keys could not be imported
  • Multipart/Mimepart encoded with UUEncode cannot be parsed.
  • SMIME signature validation is not successful and mail is marked as “probably modified”
  • Default values for PSS certificate are not used
  • Emails with different case sensitivity could be added in filters of email flow
  • Web Portal File Replication Service: Object reference not set to an instance of an object.
  • Base64 decoding fails if the base64 content ends with a line of tab stops
  • MessageTracking is not cleaned up properly and fast enough (StackOverflowException)
  • Mime type detection for XML files sometimes takes 100 seconds per file
  • Email with JavaScript in PDF could not be processed
  • Email could not be signed if root imported after user certificate
  • Outlook calendar invites are modified, and the calendar part is not displayed in Outlook after being processed
  • Wrong info in message track if URL tracking is disabled
  • Intranet role cannot communicate with WebPortal with TLS 1.2 only
  • PDF document with UTF-8 with BOM encoding is detected as text/plain
  • Emails are accepted if an error occurs that is not a timeout and the validation timeout handling is set to “Accept”
  • URL Safeguard swaps domains in enQsig links without checking if it contains own domain
  • Fraud action: Checkbox for “Ignore emails on trusted partner” does nothing
  • Web Portal File Replication Service: Object reference not set to an instance of an object.
  • IssuedTo is not set or shows type name by user certificates
  • Reputation Filter “‘Header-From’ is an owned domain” test tries to validate email addresses in the display name
  • Documentation on reputation filters not sufficient

Version 13.0.19084.2011 (March 28th, 2019)

New / Changed

  • Add content filter mime type encrypted PDF
  • Add content filter mime type unprocessable pdf files

Fixed Issues

  • NDR or out-of-office messages are not detected as being sent from a corporate email server if “SPF protected local address” is used
  • De-mails are not routed if there is no De-Mail connector
  • GET-NSPCERTIFICATE cmdlet displays only SubjectCN instead of SubjectDN
  • Word Filter: behavior if none of the words are found
  • PDF restrictions are swapped
  • Padding is invalid and cannot be removed
  • URL Detection in PDFs causes external process to appear with high cpu load

Version 13.0.19076.2212 (March 20th, 2019)

Fixed Issues

  • Double issue if number of De-Mail domains permitted in license is exceeded
  • DKIM keys are not re-encrypted if the sensitive data protection password is changed
  • All features are disabled in license on Gateway Role after update to 13.0
  • Encrypt pdf with password in subject flag does not work
  • Failed to announce a new replication partner. Error: Only parameter-less constructors and initializers are supported in LINQ to Entities
  • Status of the CYREN integration service could not be determined

Version 13.0.19071.1240 (March 14th, 2019)

Fixed Issues

  • [URL Safeguard] Domains are not rewritten if they contain international characters
  • WebPortal setup could not be downloaded over the link in mmc
  • Different error status from DNS with enabled/disabled TLS cert validation
  • Email is not signed with pgp key if key for partner not active/exist but smime is active
  • Sandbox usage is counted incorrectly
  • No DKIM keys can be created for domains shorter than 8 characters
  • Attachments having a filename without extension can’t be scanned by Cyren when uploaded to the Web Portal
  • DKIM: CNAME reference for ECDSA key is wrong
  • Configuration error in WebPortal.config after updating to 13.0
  • Password selection “Use the password supplied by the sender” for the “Protect attachments with a password” action always generates a new password if no password is supplied
  • Large files file name is truncated to 64 characters

Version 13.0.19059.1641 (March 1st, 2019)

Fixed Issues

  • Check for an updated license doesn’t work after it failed once because no Gateway Role could be reached
  • Better wording in tooltip for outbound Large File links (content filter action)
  • Punctuation mistake and inconsistence in ‘License update failed’-dialog
  • Exception occurs during the validation of SMIME messages
  • Online license could not be validated after update to 13.0

Version 13.0.19057.1802 (February 28th, 2019)

New / Changed

  • Option to archive files modified by the content filter
  • Replace keywords in an email with a disclaimer
  • Cyren sandbox
  • Better support for a large number files in the Web Portal
  • Better user experience with partially deleted messagetracks
  • Automatic license management
  • Message tracks now contain the SHA-256 hashes of attachments (not visible in Messagetracking)
  • Improved display of the Level of Trust details in the Message Tracking
  • Removed INPS Blacklist
  • Edi@Energy: Use SHA-256 MFG with RSA-OAEP
  • URL Safeguard
  • Report False Positive mails to Cyren from the Message Tracking
  • Report False Positive and Negative Urls in a Message Track
  • Discontinued Proxy Mode for inbound mails
  • CxO Fraud action
  • Administrative alert when the database is nearly full
  • More types in file type detection
  • Protect large files with a password
  • Consolidated all malware scanners into a single action with better failure handling and administrative alerts
  • Remove LAB Status from ICAP supports
  • Remove LAB status from PDF Content Disarm
  • Partial S/MIME support (AES-GCM)
  • Sign with DKIM EdDSA keys
  • Revamped UI for the Content Filter Action
  • Improved performance in message tracking searches
  • Extension of Reputation filter (Header-From and Header-To)
  • Project Heimdall (action in rule)
  • Extension of E-Mail Notifications

Fixed Issues

  • Email with virus is not blocked if host to ICAP could not be resolved
  • Error “Value cannot be null. Parameter name: input” when email is processed by “S/MIME and PGP validation and decryption” action
  • De-Mail permissions are not replicated to Gateway Role
  • Fixed issue with legacy license settings in config file
  • Signature of the email is invalid if another email with text/plain body  attached
  • Duplicate entries in Gateway Role DNS cache
  • DKIM signature is invalidated if subject flags are used
  • Fixed incorrect display of level of trust information (If the sender IP was trusted, the sender was still not displayed as authenticated)
  • A potentially dangerous Request.Form value was detected from the client
  • Error message “An item with the same key has already been added” during AD Synchronization
  • EdDSA signature has been removed from email
  • Missed ValidationTimeoutHandling parameter by Set-NspSmtpProtocolSettings
  • DNS cache invalidation not working properly with multiple entries that have a different TTL
  • Greylisting doesn’t work correctly if the email has been put on hold for content filtering
  • User certificate is not imported if root/intermediate not exists or in quarantine
  • Get-NspLargeFiles does not output the field ContentType
  • Certificate is valid despite of quarantined root and intermediate certificates
  • Greylisting action will be executed even if email is trusted
  • Object reference not set to an instance of an object
  • Email attachment is not protected if auto-encryption and mail to PDF in rule
  • E-Mail cannot be decrypted due to Null reference exception
  • ERROR while “Discover DNS settings”
  • User field could not be added: Internal server error
  • TNEF: Decrypted attachment has a unexpected name and file format
  • Cache for trust points for sender domain is not updated
  • NullReferenceException when updating default partner settings
  • CYREN IP Reputation Service could not be started
  • Greylisting action executed in webportal emails
  • No activity for “Applied disclaimer” in message track
  • PGP key is not imported if PGP signature shouldn’t be removed
  • Possible word filter false positive if word contains an “m” or “v” and obfuscated words should be found
  • Word filter does not block obfuscated words
  • Attachment information are removed from MessageTrack JSON after content filtering
  • Word filter message contains word with bracket in message track
  • Level of Trust address pairing bonus points is incorrect
  • No error message in Message Track if Cyren service is not responding
  • No line break for content filter upload hints in HTML mails
  • Email could not be signed if root imported after user certificate
  • Connection to SwissSign CA cannot be established
  • Attachment name is not correct after Web Portal Upload
  • Cannot add a new gateway role altough limit of additional servers has not been reached
  • Partner with user settings and without domain settings is not shown in partners view
  • Synchronization process with other Web Portals failed
  • License is marked invalid although everything is okay
  • Excel document with OLE object is not detected correctly
  • Wrong number of users displayed in partners
  • CYREN IP Reputation Service could not be started
  • Synchronization process with other Web Portals failed unexpectedly
  • Zip file entry with invalid filename causes Content Filter failure
  • DNSSec validation should not be performed for inbound connections
  • Exception by extreme long name in user fields
  • Email addresses with display name are not parsed correctly if the display name contains a different email address
  • Special characters in 8bit encoded mime part are replaced with ? after signing
  • An error ocurred while checking a mail: Der Wert darf nicht NULL sein. Parametername: pattern
  • Corporate user search doesn’t search description field
  • Content filter message size limit is applied to announced message size if content filtering is disabled in rule
  • Activities for SMIME decryption/encryption do not display padding mode
  • Encryption algorithm mode is not displayed in case of CBC
  • Email is not blocked if message limit is used
  • Target Info is missing on General tab in message track
  • If content filters are defined for partner and corporate user, CDR and sandbox settings are not considered when comparing actions
  • Content filter and action are not sorted
  • Attachments in winmail.dat are not removed
  • After merging pdf files final PDF is not disarmed.
  • Encryption padding in Message Track is incorrect for inbound emails if OAEP padding is used
  • Encryption padding in Message Track is incorrect for outbound emails if EDI@Energy compliance is used to ensure valid encryption algorithms

On 10.01.2019, version 12.2.19007.1316 was released. It is an update release which fixes the following bugs and introduces new features. The release information of previous versions can be found under current information.

Important Information

If you update from a version 12.1 or older to this new version, it is possible that the setup does not react for a prolonged period of time while the database NoSpamProxyAddressSynchronization (Intranet role) is adapted. The setup must not be aborted and must run until completed. If necessary, plan ahead for a longer update period.

New / Changed

  • Distinguish between Excel/Word 97-2003 (xls, doc) files with and without macros
  • Add a hint to the PDF header in a PDF Mail that the Acrobat reader is required to access attachments
  • One temp folder for everything by Cyren service
  • Detect OLE objects in office documents
  • Support signature validation of mails which were incorrectly serialized (lone LFs in mail, but signature expected CRLFs)
  • Support SwissSign E-Mail ID Silver certificates without country

Fixed Issues

  • Level of Trust is not updated with the correct date
  • Error “Specified padding mode is not valid for this algorithm” when building certificate chains
  • No error message if Web Portal files waiting for approval can’t be downloaded
  • Receive connector IP blocking is still enabled if protection feature is not licensed
  • Cyren reference ID is not set in message track if email is put on hold
  • Date by Level of trust domain bonuses are not updated if it is already 100 bonuses
  • S/MIME encrypted winmail.dat mail is not decrypted
  • Multiple email addresses are extracted from email header if the display name is the email address and surrounded by apostrophes
  • Error when uploading GZIP compressed XML to Web Portal: This operation is not supported
  • Public key is removed from email even if removal of signature is disabled and key harvesting is enabled
  • PGP signature verification fails when the PGP key has a non-self-signed UID
  • PGP signature is removed by ‘Remove SMIME signature’ option
  • Logging for D-Trust certificate provider is not working
  • D-Trust certificate provider info text for required action references the wrong action
  • GZIP files are not detected by content filter with wildcards

 

NoSpamProxy 12.2.18337.1725 (05.12.2018)

New / Changed

  • Checks for Address Pairing bonus points

Fixed Issues

  • Outlook Addin: Corporate design is not applied in Outlook Addin.
  • Email could not be signed. The specified handle is invalid.
  • Get/Set-NspPartnerAddressTrust not working correctly
  • Word/Excel/PowerPoint XML documents are not handled by the Content Filter
  • Message Tracking clean-up slows down replication of new Message Tracks
  • Trust configuration could not be saved by partner
  • Content disarm failed: Illegal characters in path
  • Domain trust entry is deleted even if it contains trusted subnets
  • Level of Trust address pairing bonus points are shown incorrect in message track
  • De-Mail address rewriting is removed from imported users if there are two automatic user imports with De-Mail address rewriting
  • ‘Illegal characters in path’ error in SMIME and PGP inbound action
  • Exception of type ‘Netatwork.NoSpamProxy.Security.CertificatePasswordInvalidException’

NoSpamProxy 12.2.18315.1244 (14.11.2018)

Fixed Issues

  • Ribbon in Outlook is throwing errors on emails with certain attachments
  • Error by signing a message. Access denied. Added fail-safe when access to an RSA key container fails
  • Email could not be decrypted: Cryptographic Exception
  • Exported PGP public key can’t be published to MIT PGP Key Server
  • DNS cache invalidation not working properly with multiple entries that have a different TTL
  • AD import uses insecure connection to Active Directory
  • Intermittent Address resolving issues in Outlook Addin with auto-completed address entries
  • Outlook Addin is missing appropriate trace output to debug faulty customer configurations
  • NoSpamProxy makes two calls to Cyren CTASD per mail
  • Address pairing trust bonus is given to a wildcard entry
  • Outlook Add-In: No reply link is added after configuring a new reply link in the add-in.

NoSpamProxy 12.2.18296.1808 (26.10.2018)

Fixed Issues

  • Header still contains p7m instead of p7s after decryption
  • Gateway Role always uses the external Web Portal URL to upload files even if an internal URL is configured
  • Empty text mime parts are detected as application/octet-stream and possibly blocked/removed by the Content Filter
  • Error “Collection was modified; enumeration operation may not execute.” when starting the Gateway Role
  • Exception of type “Netatwork.NoSpamProxy.Security.CertificatePasswordInvalidException” when requesting a certificate
  • Management Console: Word Filter crashes under certain conditions
  • Memory leak in mime type detection for legacy office documents

NoSpamProxy 12.2.18281.1805 (15.10.2018)

Fixed Issues

  • Special characters in text files are broken after encryption
  • Transfer encoding is changed from base64 to quoted-printable for text attachments
  • Setup fails when updating the Intranet Role database because the SQL transaction log fills up the hard disk

NoSpamProxy 12.2.18270.1450 (01.10.2018)

New / changed

  • Overwrite ‘City’ field in certificate requests for D-Trust
  • Remove ‘City’ and ‘State’ as a required field for D-Trust Enterprise and Team certificates

Fixed issues

  • SMTP send timeout is not configurable
  • Content filter changes are not active immediately
  • Password protected Excel files (*.xlsx) are not processed by the Content Filter
  • Search for trust level in partners does not work properly
  • NullReferenceException when requesting a password reset via the Web Portal
  • Duplicate notification in case of failed CDR
  • Word filter only checks the first 4KB of the email body
  • Error when removing user fields: “The requested resource was not found.”
  • Put on Hold emails are send again by incoming emails
  • Incomplete SMTP response when a PTR record cannot be resolved
  • Mime type detection for binary files renamed to *.txt not always works correctly

NoSpamProxy 12.2.18253.1152 (14.09.2018)

New / changed

  • Updated .NET Requirement to 4.7.2
  • Improved Message Tracking database cleanup
  • Improve detection of auto generated messages in Level of Trust
  • Powershell Cmdlet Get-NspMessageTrack has now parameter for IP filtering

Fixed issues

  • No automatic cryptographic key enrolment request is generated if an inactive certificate is still valid
  • Autoencryption status for generate and save partner password is missing in Message Track
  • If an archive connector is configured without creating the folder on the Gateway Role, no mails are archived and no error message appears
  • Under certain circumstances “Antivirus scan not possible at the moment” error message appears after uploading large files to the Web Portal
  • Under certain circumstances HTML attachment is renamed to “Attached File.txt”
  • Partners view displays the same domain multiple times with different capitalization
  • Reputation filter MAIL FROM/Header-From mismatch test in absence of DMARC doesn’t check multiple From headers
  • DSN bonus is not given for simple DSN
  • Under certain circumstances an attempt to put a mail on hold failed
  • Under certain circumstances an attached PDF is not encrypted if Autoencryption is required
  • When the Gateway Role deactivates a certificate, the new state is not replicated to the Intranet Role
  • Under certain circumstances exact match filter for body in Disclaimer does not work
  • Web Portal setup: WebPortal.config cannot be accessed and could not be upgraded
  • Large files search fails when using more than one filter criteria: The parameter ‘f’ was not bound in the specified LINQ to Entities query expression.
  • Missing partner passwords are not replicated to the Web Portal
  • Email was delivered although CYREN antivirus rejected the email
  • Base64 content with empty lines in between the data can’t be decoded
  • PDF conversion failed, but mail is successfully delivered
  • Email attachment is not protected with a password if the email is auto-encrypted using S/MIME or PGP
  • Files considered too large can’t be removed by the user on the Web Portal
  • NoSpamProxy Console crashed when double clicking on an allowed language plane in filter “Allowed Unicode language planes”
  • Cyren reference ID is not set in exported Message Track
  • Word matching filter gives positive results for encrypted email
  • User names are sorted alphabetically during a manual certificate request
  • Status of Level of Trust is disabled in Message Track but is enabled in rule
  • Certificate enrolment request fails with “Bad Version of provider.”
  • dotNet could not be downloaded during Web Portal Installation
  • SwissSign product type “Silver Light” has been renamed
  • Certificate harvesting option can not be deactivated
  • Action “Extract certificates” does not work with signed/encrypted mails
  • Cannot decrypt a PGP-Inline encrypted mail
  • Outbound notification for encrypted mails uses incorrect sender address
  • Large logos are truncated in the PDF header of PDF Mails
  • Error message when closing the MMC (TaskCanceledException)
  • Many “Invalid logon attempt” messages are recorded in the Security EventLog
  • Content-Transfer-Encoding uuencode not supported for attachments
  • Column ordering of domains in DKIM keys Fails
  • Certificate request can’t be completed because the private key can’t be read
  • Web Portal upload failed: Sequence contains more than one matching element
  • Default algorithm is Aes256 instead of Aes128
  • MMC crashes when an invalid template was configured on the D-Trust certificate Provider
  • File synchronization between two Web Portals not working for files >2GB
  • Outbound emails from Office 365 are not accepted because the certificate validation fails

NoSpamProxy 12.2.18207.1238 (27.07.2018)

Fixed issues

  • Outbound emails from Office 365 are rejected with “Unable to relay”

NoSpamProxy 12.2.18157.1044 (14.06.2018)

New / changed

  • Implement efail mitigations

Fixed issues

  • Automatic user import – Generic LDAP doesn’t use search path for group search
  • Active Directory group lookup does not work: The distinguished name contains invalid Syntax
  • Email is sent multiple times if the SMTP server takes very long to respond to commands
  • Partner password can’t be changed using the Web Portal
  • Web Portal mails always using external URL if attachment is uploaded to Web Portal
  • Domaintrust is increased although it is set to statically Zero
  • Domaintrust maintenance run never finishes if DNS requests time out for some Domains
  • Performance Counter for Queues maybe incorrect after a service Restart
  • Public Suffix List caching doesn’t work for Spam URI Realtime Blocklists filter
  • RTF mails converted to PDF contain a winmail.dat attachment
  • After removing a corporate users active certificate no certificate is active
  • Cyren sandbox response for already uploaded but not yet analysed files is not processed correctly
  • Large files filter for sender/recipient and status not working correctly
  • Plain text attachment is detected as application/octet-stream
  • UTF-7 encoded mail with Base64 encoded attachment can not be decoded
  • No HTML file with download link after inline image is uploaded to Web Portal
  • Email to PDF conversion adds hint for pin to PDF even if all attachments are uploaded to the Web Portal

Version 10.1.196 was released on 13.1.2016. It is a maintenance release which fixes the following bugs:

New / changed
=============

  • For new installations with version 10.1.196.0, the role certificates are now created using RSA-SHA256.
  • The CYREN engine has been updated to version 5.00.0085.
  • Improvements in replication of data between roles

Fixed issues
============

  • “Bare-LF” or “Base64 encoding” error when delivering emails to certain domains
  • Umlauts in file names that are moved from the gateway role to the Web Portal generate incorrect download URLs.
  • Emails cannot be sent via rule with automatic encryption enabled
  • People and Identities Administrators cannot use all nodes in the interface
  • Installation of 64bit Outlook Add-In fails
  • If an expired certificate exists, no new certificate is requested during automatic encryption.
  • Assignment of a content filter to a partner is overwritten.
  • Domain trust settings cannot be updated under certain circumstances.

It is strongly recommended that you install this update. The version can simply be installed over the existing version. However, always follow the general update instructions if you have configured a proxy server, or if you use a customised template file for the Web Portal or the email notifications.

Version 10.1.282 was released on 25.5.2016. It is a maintenance release which fixes the following bugs:

New / changed
=============

  • Optimizations in the Level of Trust
  • Optimization of the filter and action sequence
  • An optional reverse DNS check that checks for the presence of the pointer record in the DNS and whether it contains the IP address, which is a characteristic of dynamic IP addresses.

Fixed issues
============

  • A problem when synchronising files between two Web Portals
  • Incorrect detection of duplicate emails under certain circumstances
  • D-Trust operator certificate was sometimes not displayed in the selection dialog
  • The email queue was not displayed for domains that begin with “Q-” in the name
  • “Scan is being performed” is displayed for an infinite period of time in Outlook with Outlook Addin installed
  • Emails sent from Office 365 were occasionally rejected with “Unable to relay
  • The web portal cannot be installed in Microsoft Azure
  • Emails detected as trustworthy by Level of Trust were not processed correctly by the content filter
  • The Outlook Addin cannot access a file in the temp directory during uploading.
  • emails can be sent before the complete upload of all attachments by the Outlook Addin.

The installation of this update is strongly recommended. The version can simply be installed over the existing version. However, always follow the general update instructions if you have configured a proxy server or are using a customised template file for the Web Portal or the email notifications.

Version 11.0.366 was released on 15.7.2016. It is a maintenance release, which fixes the following bugs:

Fixed issues
============

  • Error synchronizing with Active Directory
  • If only NoSpamProxy Encryption is licensed, the “Theme” section below the Presettings node will not appear.
  • Error “Failed to save Domaintrust entries to the database” after update to NoSpamProxy 11.0.304, if SQL 2005 exists
  • Error message when attaching a verification report for encrypted and signed emails
  • The default encryption is now set to AES128.
  • Problem with notifications for shared email attachments
  • Error “The stress level of the system currently is critical” after update to NoSpamProxy 11.0.304
  • The Inspection Report is not displayed in the Outlook Add In.
  • Content filtering does not work when replying via Web Portal
  • Error “A stored mail which was put on hold could not be read from the disk”
  • Presentation problem in the PDF document when a custom logo is used in the theme.
  • Attachments that are sent via the Web Portal cannot be downloaded.
  • The version can simply be installed over the existing version. However, always follow the general update instructions if you have configured a proxy server.

Version 11.0.379 was released on 11.8.2016. It is a maintenance release which fixes the following bugs and introduces new features:

New / changed
=============

  • The SURBL filter can now also be used for outbound emails.
  • Improved pipelining in Powershell cmdlets
  • MD5 signature for S/MIME disabled

Fixed issues
============

  • NullReferenceException when processing a specific email
  • ArgumentNullException when processing a specific email
  • Auto-encrypt email is not converted to PDF and encrypted
  • Suspended email due to an illegal character
  • Zip file is unusable when sent via Web Portal
  • Installation with SQL Server 2005 fails
  • The report of an email does not state that the email was securely transmitted via the Web Portal.
  • Content filtering settings for new domain are not saved
  • Large Files: Internal link is not used
  • Disclaimer does not always apply the user-defined fields
  • Files are transferred via Large Files, although no content filter is defined.
  • Repeated sending of paused emails causes problems
  • PGP-encrypted attachments <65kbyte are removed from the email when decrypted
  • Filtering in the certificate selection dialog for SwissSign does not work.
  • UI crash at De-Mail Owned Domain association
  • NullReferenceException for certificate validation
  • Files that require Administrative Sharing cannot be downloaded from the MMC by the administrator

The version can simply be installed over the existing version. However, always follow the general update instructions if you have configured a proxy server.

Version 11.0.422 was released on 23.9.2016. It is a maintenance release that fixes the following bugs and introduces new features:

New / changed
=============

  • If TLS security is required for a partner and delivery is done via a smarthost, the mail is returned to the sender with an NDR. Previously, the mail stayed in the queue until it expired.
  • Routing logic
  • The SwissSign provider does now support Umlaute.
  • Unclear message „The SSPI negotiation failed“. Now, several different messages are displayed, depending on cause of the issue.
  • Massively improved the performance of the Level of trust Subsystem
  • Filename handling of decrypted PGP plaintext files
  • Timeout handling when sending and receiving mails

Fixed issues
============

  • Incorrect encoding used on PGP encrypted mails
  • Error „Failed to get the size of the dispatch job“
  • Administrative addresses were not replicated correctly
  • Mails with a duplicate boundary were incorrectly processed.
  • Inspection report does not state when a mail is received via the Web Portal
  • Disclaimer. you cannot add the } sign in Html view
  • Disclaimer. The editor panel disappears
  • Conditions on a disclaimer rule could not be deleted.
  • An unexpected error occured. Error: Could not find a part of the path
  • Messagetrack data were not correctly processed
  • Disclaimer. Cannot not use an @ character in the template
  • Concurrency exception during Active Directory user Import
  • Error message „An item with the same key has already been added.“
  • Dialog „Server performance“ could not be opened.
  • Error „Input string was not in a correct format.“ when sending a mail
  • Performance problem with SURBL filter
  • „The parameter value cannot be null. Parametername: uriString.“ in Outlook add in
  • Error message „Object reference not set to an instance of an object.“
  • Error message „Could not find a part of the path ‚C:ProgramDataNet at Work Mail GatewayTemporary FilesMailQueues“
  • While trying to cleanup empty queue directories, the an error occured
  • Link for Web portal download is wrong
  • Target host is not displayed in message tracking details.
  • TLS switches to „Encryption required“
  • Error message „Collection was modified; enumeration operation may not execute.“
  • Error message: „There are no records in the SqlDataRecord enumeration“
  • Word filter does not find matches containing a full stop.
  • Mails on hold view does not show all entries
  • Mail is sent unencrypted even if encryption is required.
  • Empty queues are displayed in the queue Viewer
  • High cpu usage may occur on a Gateway Role
  • Empty queues are not removed
  • Error message „The operation was canceled. While not all actions and filters could be executed“
  • Using auto enrollment with a D-Trust setup causes multiple requests for a single mail address
  • Using mail enabled Exchange Public Folders in conjunction with groups do not work as expected
  • Message „Could not upload a file to the Web Portal on https://server/enQsig/api/upload/file: Unknown. {„files“:[{„error“:““}]}
  • Internal address in ‚From‘ header filter does not work correctly
  • The size of the NoSpamProxy eventlog is reset during each update
  • Not all queues are displayed
  • Performance problems with many certificates (>1000) in the store.
  • PGP decryption configuration switches were not honored.
  • Reply links with a very long subject do not work.
  • Exception when trying to copy data to the clipboard in the NoSpamProxy MMC
  • DKIM signature is not applied to NDRs or other DSNs without a sender.
  • Set-NspPartnerTlsDetail cmdlet does not expose any parameters

The version can simply be installed over the existing version. However, be sure to follow the general upgrade instructions if you have configured a proxy server.