Info Icon

Information on different NoSpamProxy versions

,

On our download page we offer you different versions of NoSpamProxy. These versions differ – even within one release cycle – due to different test strategies.

Regular channel

The versions in the regular channel usually include new functions in addition to bug fixes. Since all functions are extensively tested, these versions have a longer throughput time in quality assurance. In addition, these versions are deployed as productive installations to selected users about four weeks before release.

Fast channel

These versions contain only bug fixes, which is why the throughput time in quality assurance is shorter. The tests are limited to the basic functions including installation and update. In addition, the functions that have received an error correction are tested. After the quality assurance tests, these versions also run as productive installations for about two weeks before being released to selected users.

Beta versions

These versions are deployed before a release and contain new or changed features. The deployment phase is announced via our blog, where all partners and end users have the opportunity to register for such a version.

Beta versions may not be used in productive environments!

Other versions

For individual customers, we release versions at irregular intervals that are specially tailored to them. These versions are not released publicly, but are only distributed to the respective customers.

These versions also go through quality assurance.

/by
info icon

System Requirements

, ,

This article provides an overview of the minimum requirements that must be met in order to run NoSpamProxy.

Note: In order for you to receive support services,

  • the listed requirements must be fulfilled and
  • a corresponding manufacturer support contract must be in effect.

We do not guarantee the completeness of the following information on third-party products. In any case, make sure to check the manufacturer’s pages for updates!

General requirements

  • A corporate email server, either in the company network or in the cloud.
  • NoSpamProxy can NOT be operated using the combination “Domain Controller + Exchange + NoSpamProxy” on one single system, because the operation of Exchange on a domain controller is prohibited. See Exchange Server Supportability Matrix.
  • NoSpamProxy can be installed on a system in parallel with the email server. However, this combination is not recommended, because of duplicate port assignments (mostly ports 25, 443 and 6060/6061), which can cause problems during operation. We recommend to always change the ports of the email server in case of parallel operation, so that NoSpamProxy can be reached from outside via the standard ports.

NoSpamProxy uses the following standard ports:

  • Port 6060/6061 TCP
    • internal communication between the Intranet Role and the Gateway Roles
  • Port 25 TCP
    • SMTP
    • inbound and outbound
    • modifyable
    • also used by Exchange during parallel operation
  • Port 443 TCP
    • SSL
    • internal and external communication with the Web Portal
    • modifyable
  • Port 443 UDP
    • internal and external communication with the Web Portal
    • only necessary if QUIC for HTTP/3 should be used
  • Port 465 TCP
    • POP3
    • to retrieve POP3 messages
    • no support for NoSpamProxy Protection

Hardware requirements

The following specifications are minimum requirements. The recommended configuration depends on the email volume and the use of individual NoSpamProxy functions.

  • 4GB RAM
  • 2 processor cores
    • virtualized or physical
  • Hard disk space
    • should be discussed individually with the support or presales team
    • If Intranet and Gateway Role are operated on one single system with no Web Portal present, 100GB should be sufficient.

Supported NoSpamProxy versions

The following versions are currently covered by our support:

  • Version 13.2
  • Version 13.1
  • Version 13.0
  • Version 12.2
  • Version 12.1 (no longer supported with release of version 14)
  • Version 12.0 (no longer supported with release of version 14)
  • Version 11.1 (no longer supported with release of version 14)

NoSpamProxy Outlook Add-In

  • Outlook 2010 and later

Microsoft Operating Systems

  • Microsoft Windows Server 2022
  • Microsoft Windows Server 2019
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2012 (no longer supported with version 14)
  • Microsoft Windows Server 2008 R2 (no longer supported with version 14)

Microsoft .NET Framework

  • .NET Framework 4.8, supported as of NoSpamProxy version 13, mandatory as of version 14
  • .NET Framework 4.7.2, mandatory supported from NoSpamProxy 12.2 onwards
  • .NET Framework 4.6.2, supported up to version 12.1 and older
  • .NET Framework 4.5.7, supported up to version 11.1 and older

Microsoft SQL Server Express Version

  • Microsoft SQL Server 2019 Express Version (supported for Windows Server 2016 and above)
  • Microsoft SQL Server 2017 Express Version (supported for Windows Server 2012 R2 and Windows Server 2016)
  • Microsoft SQL Server 2014 Express Version (no longer supported with version 14)
  • Microsoft SQL Server 2012 Express Version (no longer supported with version 14)
  • Microsoft SQL Server 2008 R2 Express Version (no longer supported with version 14)

For details on supported combinations, please refer to the official Microsoft pages for each product.

Microsoft SQL-Server Standard/Enterprise

  • Microsoft SQL-Server 2012 SP4 and later
  • Microsoft SQL-Server 2012 SP3 and older (no longer supported with version 14)

Microsoft Report Viewer

Microsoft Report Viewer 2010 is required to install the Intranet Role (no longer necessary with version 14)

Microsoft Visual Studio Tools for Office

Visual Studio Tools for Office 2010 Runtime or higher is required to install the Outlook Add-In.

Further notes

  • When using the NoSpamProxy Management Console on a Windows Server 2012 R2, it may happen that the console start page does not display the Latest News. The reason for this is that the operating system cannot open a secure connection to the source of the messages. For this, the following two TLS ciphers must be activated in the operating system, followed by a restart of the operating system
  • Make sure that any third-party applications you use that connect to NoSpamProxy are covered by their respective manufacturer’s support. If this is not the case, the NoSpamProxy support team will not be able to provide support.
  • Make sure that the necessary exceptions are set in the local Windows Defender (and other AV scanners used) to allow NoSpamProxy to run smoothly.
  • If you have installed NoSpamProxy and Microsoft Exchange on the same server, make sure that the respective version of the framework is supported by Exchange before installing or updating the Microsoft .NET framework. An overview of supported versions is provided in the Exchange Server Supportability Matrix.
  • Further details about the installation of the add-in can be found in the Outlook Add-In Installation and Group Policy manual. There, the installation with the MSI file for software distributions is also addressed.

 

/by
info icon

Upgrade to Version 13.2

Always follow the instructions in the installation manual and the general upgrade instructions here in the Knowledge Base.

​Before upgrading make sure that the .NET Framework version 4.7.2 or higher (we reommend .NET Framework version 4.8) is installed and that the SQL Server version is 2008 R2 (we recommend 2017 or later). All supported versions can be found here.

Important note for upgrade version 13.0 and later versions

Do not install this beta version in productive environments!

As of Version 13.2.20083.1640, a script for enhancing the address searching is included. This may cause the setup not to respond for a some time during database update. 

The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.

Upgrading from version 12.2 and earlier versions

Please install version 13.1.19330.1217 or higher before upgrading to version 13.2. You can download this version here.
Please also note all upgrade articles for older versions in our Knowledge Base under “Update Information”.

Upgrade NoSpamProxy

When upgrading from version 13.1 to version 13.2, all settings and user information are retained. Only the proxy settings and content adjustments of the template files (templates) must be saved as usual and reinstalled after the upgrade. This procedure is described under General update information.
For security reasons, please export existing DKIM keys from the console under “People and identities > DKIM Keys” BEFORE upgrading.

Additionally, please check the following points after the upgrade:

  • Content filter: As there have been changes to the file types (MIME Types), please check all content filters and their content filter entries
  • The reputation filter in the rule set has been extended in version 13.2 compared to version 13.1. This modification enables further, additional checks
    • Four additional checks on the HEADER-FROM
    • One additional check whether the transmission was secured with TLS
  • Starting with version 13.2, the incident to the Spam URI Realtime Blocklists is converted from an error to a warning
  • URL Safeguard: It is now possible to disable URLs
  • Cryptographic key provider: You can now also request certificates from the German National Research and Education Network (DFN)
  • Greylisting is now a policy violation
  • BATV addresses are now included in the license count
  • Calculation of the license values for the Encryption and Large Files modules has been changed. From now on inbound and outbound emails are considered. See License management in version 13 and higher.
  • Note: Discontinuation of the Office 365 client “Deutsche Azure Cloud”
    From version 13.2.20258.1435 a notification is displayed at the NoSpamProxy console start page that the client is no longer supported from version 14. All users who still have such a client active must not upgrade to version 14 until the migration on Microsoft side has been made. Further information is available here:

License type change

As of version 13.0 we have changed the integration of the license from license file to license key. This change is done automatically and no further action is required.
In case of problems, please refer to the Knowledge Base article How to install a new license.

Outlook Add-In

The upgrade of the gateway and the Web Portal necessarily requires an upgrade of the Outlook Add-In as well, otherwise communication with the Web Portal is no longer possible.

/by
Info Icon

NoSpamProxy Server license management version 13 and higher

New licensing procedure

In order to further prepare NoSpamProxy Server for hybrid and cloud deployment scenarios, version 13 and higher will no longer require the familiar import and regular replacement of the license file for maintenance extensions. Instead, all license information is made available in a secure database in a cloud service. NoSpamProxy installations access this cloud service at regular intervals. In this pull procedure, only information about the NoSpamProxy version used and the operating system is transmitted to the manufacturer.

With the conversion of the licensing procedure in preparation for NoSpamProxy Server version 13, we have introduced various improvements.

  • All licenses are managed in a central and secure database and are therefore always up-to-date.
  • When purchased via providers such as ALSO Cloud Marketplace, the monthly and user-specific purchase of NoSpamProxy Server can now also be automatically implemented without repeated sending and importing of new licenses.
  • Discrepancies between orders and issued licenses are immediately noticeable and can be clarified.
  • By sending the unique link to a license certificate that is always available online, no PDF file sent as an attachment can be lost.
  • The license certificate now also contains the customer’s current maintenance period – as desired by many partners.
  • The licensing of the Sandbox service is also evident in the certificate.
  • The familiar PDF file with the certificate can, for example, simply be generated by the standard “Print to PDF” printer on all Windows clients.

Calculation of license values

All values are measured over a period of 90 days, except the value for the Sandbox for which a period of 30 days is considered. All values are aggregated based on users, if possible. If an assignment to users is not possible, each email address is counted individually. The email addresses stored under “Configuration > Email routing > Corporate email servers” are also taken into account. This also applies to emails that are sent from an external source but are still sent with the company’s own email domain.

  • Protection module: Number of outbound emails
  • Encryption module: Number of addresses that signed and/or encrypted at least one email via S/MIME or PGP or sent PDF Mails
    Note: From version 13.2 on, incoming emails are also considered! This requires a separate inbound and outbound set of rules for users who are allowed to use Encryption.
  • Disclaimer module: Number of addresses with applied disclaimers on emails
  • Large Files module: Number of addresses for which attachments were processed by Large Files
    Note: From version 13.2 on, inbound emails are also considered! This requires a separate inbound and outbound set of rules for users who are allowed to use Large Files.
  • Sandbox: Number of addresses whose associated emails contained files that were uploaded to the Sandbox

On our GitHub page https://github.com/noSpamProxy/Reports/tree/master/Get-NspLicenseReport you will find a script that gives you an overview via Powershell. Alternatively you can use the included Powershell CmdLet PS> Get-NspFeatureUsage.

Procedure in case of licensing problems or sublicensing

Should licensing problems occur with individual customers of partners after the switch, these will be issued as a warning in the NoSpamProxy Server console and sent to the administrator via email. Several warning levels and sufficient reaction times are allowed for (several weeks) in order to clarify discrepancies. In no case will there be immediate functional restrictions or standstills in the processing of emails. The following causes could be the reason for reported license problems:

  • Since licensing is based on the number of actual users and NoSpamProxy Server can only recognise the number of different email addresses from which emails were sent, a high number of functional mailboxes can lead to the tolerance of 20% being exceeded. In this case, the customer must subsequently license through the reseller.
/by
info icon

Upgrading to Version 13.0 and 13.1

Before upgrading, please make sure that the .NET Framework is installed in version 4.7.2 and that the SQL Server version matches at least2008 R2, better 2012 or later. All supported versions can be found here.

Important note for upgrade version 12.2 and later versions

As of upgrade version 12.2.18253.1152, a script for cleaning up the message tracking is included- This script deletes orphaned entries in the database. This may cause the setup not to respond for a some time. The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.

If the Protection module is licensed, it is possible that the Cyren services do not work and no viruses and spam checks are performed after the update to version 13, although the NoSpamProxy license itself has been correctly validated. To correct this, in the NoSpamProxy Management Console go to Configuration/NoSpamProxy Components/Gateway Roles, select the gateway role(s) and click on Synchronize configuration.

Synchronize configuration

Upgrading from version 11.1, 12.0 or 12.1

Please install at least version 12.2.18253.1152 or higher before upgrading to version 13.0. Please also refer to all upgrade articles for older versions in our Knowledge Base under General update information.

Upgrading NoSpamProxy

When upgrading from version 12.2 to version 13.0, all settings and user information are retained. Only the proxy settings and content adjustments of the template files (templates) have to be saved as usual and reinstalled after the upgrade. For security reasons please export existing DKIM keys BEFORE the upgrade from the console under “People and Identities > DKIM Keys”.

In addition, please check the following points after the upgrade:

  • Content filter: Since there were some changes to the file types (MIME Types), please check all content filters.
  • The reputation filter in the rules has been extended and allows additional checks.
  • Since the actions for malware detection have been combined in one action, please check whether all desired checks are still active in the “Malware Scanner” action.
  • LAB features that were activated via the system variable before the upgrade may have to be reconfigured after the upgrade, as these have been included in the product as official features.
    • Cyren Sandbox
    • Content Disarm and Reconstruction (CDR) for PDF files (PDF-2-PDF)
    • The ICAP Filter  has been integrated into the Malware Scanner action
    • Advanced “Header-From” validation in the Reputation Filter
  • In a future version of NoSpamProxy,the “Direct Delivery” option for inbound send connectors will no longer be supported. We will inform you of this as of version 13 if you still have this delivery option activated.
    The following message will be displayed: Direct delivery of inbound emails is deprecated and will be removed in future versions. You should switch to queued delivery instead. This can be configured on the Email routing node. You can find more info on this in our Knowledge Base.Direct delivery deprecated
    To change this, refer to the article Switching to queued delivery in our Knowledge Base.
  • In version 13, the DKIM function has been enhanced. This adds a second key to existing DKIM keys during an upgrade. All further information can be found in the Knowledge Base article Using DKIM from version 13.
  • Extended Notifications can be activated/deactivated under “Configuration > User Notifications > Email Notifications”.

Modified license type

Starting with version 13.0, the license type has been changed from a license file to a license key. This change is performed automatically and no further action is required. Find more information in our Knowledge Base article How to install a new license.

Outlook Add-In

Gateway and Web Portal upgrades require an upgrade of the Outlook Add-In. Otherwise, communication with the Web Portal is not possible.

/by
info icon

Updating to version 9.2

,

From version 9.0

When updating from version 9.0 to version 9.1 or 9.2, all settings and user information are retained during the update.

From version 8.5

When upgrading to version 9.0, the subdivision into the new areas Monitoring, People and Identities and Configuration is immediately noticeable. For each of these areas, users can be explicitly allowed access via security groups. This means that you can assign the rights to a person in your company, e.g. to only use the Monitoring area. This person would then have no access to People and Identities or Configuration. The installation program of the Net at Work Mail Gateway automatically makes the user logged on during the installation a member of all three groups.

The security groups mentioned above are explained in more detail below.

Mail Gateway Monitoring Administrators

Members of this user group may use the Monitoring area. This area displays email statistics, email queues, or key figures about the performance of your server.

Mail Gateway People and Identities Administrators

Members of this user group may use the People and Identities area. This area manages internal and external communication partners and their cryptographic keys.

Mail Gateway Configuration Administrators

Members of this user group may use the Configuration area. This area contains the settings of the Net at Work Mail Gateway and its gateway roles, such as connectors, rules, notifications, and connections to other systems.

The new structure consistently combines previously redundant configuration settings and enables task-oriented administration. This means that the management console of version 9.0 no longer focuses on the roles of the Net at Work Mail Gateway, but on the task you have to perform.

This allowed many areas to be merged and simplified. An example: The address rewriting area of version 8.5 had to be configured to match the local users and their email addresses. The address transcriptions have now been moved to the email addresses of the local users, so that the assignment between email addresses and address transcriptions is made automatically.

Finally, the Commtouch service has been renamed to CYREN. CYREN continues to provide you with a high level of service.

Warning
An upgrade to version 9.0 is currently only supported by version 8.5.

Some changes of version 9.0 have a strong effect on the installation of the update. This is the replication of all configuration data between the intranet role and the connected gateway roles. In particular, installations with more than one gateway role must be updated to version 9.0 with great care.

Furthermore, the roles “Reporting Role” and “UserManagement Role” have been combined and are now managed as “Intranet Role”. The new Intranet role will continue to work with the previous database of the UserManagement role. This database will be extended by the update by the tables of the previous reporting role.

In the previous versions, a separate certificate with the name of the service was created for each service and used for the connection between the individual roles. Since version 9.0, a certificate with the server name is created in the CN.

Please note
If you use a custom MSC file instead of the Management Console (MSC file) shortcut created by Setup, this file may not work after the upgrade and the interface may display errors. In this case, please delete your custom MSC file and recreate it.

From version 8.0

When updating from version 8.0 to version 8.5, all settings and user information are retained during the update.

/by
info icon

Updating to Version 10.1

,

From Version 10

When updating from version 10 to version 10.1, all settings and user information are retained during the update.

From Version 9.2

When updating from version 9.2 to version 10.1, please note the following points.

Automatic user import

The import of ‘Active users’ has been changed to ‘Import all users as active’. This changed the behavior to match the current usage of user accounts in Microsoft Exchange Server.

Actions in rules

The action ‘Manage attachments’ was moved to the ‘Content filter’. The previous settings of the action will be lost and must be reconfigured after the update. The content filter can now manage file names, file types and sizes up to the user level. The configuration is done through the corporate users and the partners. The content filter is described in detail in the user manual.

Email flow in the rules

A rule with a email flow from a ‘corporate email address’ to a ‘corporate email address’ is disabled by the setup. This rule is no longer necessary from version 10, since the function previously covered by this rule is now covered by the default behavior of NoSpamProxy. Please check your rule set and adjust it if necessary.

Improved out-of-office response recognition

For automatic replies from your email server, such as out-of-office replies, you do not need an extra rule from version 10. NoSpamProxy automatically detects if a reply was sent from a company email server and assigns it to the appropriate rule for outbound email traffic.

Email templates

The templates for automatically created emails are overwritten and must be saved beforehand. After installation, you must apply the changes you made to the old templates to the new templates again. Further information is available in the article How to change the Web Portal Design for Version 10 and How to change NoSpamProxy notifications.

Changed behavior for accepting a sender with its own domain

Up to version 9.2 it was possible to allow external senders to use their own email domain via a rule. This is no longer possible. Email servers that want to use your sender domain must now be included in the list of ” corporate email servers “.

If the server cannot be specified, it is also possible to allow each server to use a specific sender address of your domain. However, this increases the risk of fake mails and should only be used as a “last resort”.

/by
Info Icon

Updating to version 11.1

,

From version 11.0

SQL Server 2005 and 2008

Please check the SQL version you are using before upgrading. If Microsoft SQL 2005 or 2008 is still in use, an update to at least SQL 2008 R2, preferably SQL 2014, must be carried out before installing version 11.1. Before the SQL upgrade, stop the NoSpamProxy services in the Windows services to stop the database access. When upgrading, make sure that the bit version matches. SQL 2005 was typically installed in 32-bit.

Upgrade NSP

Please always follow the instructions in the installation manual!

When updating from version 11 to version 11.1, all settings and user information are retained during the update with one exception. The following manual activities must be carried out after the update:

If you have used the “Reverse DNS Check” action, you must reactivate it after the update. You will now find this function on the “Filter” tab.

Furthermore, you should check the completeness of the content filters for security reasons.

From version 10.1

When updating from version 10.1 to version 11.1, all settings and user information are retained during the update.
The group “NoSpamProxy Disclaimer Administrators” is added to use the NoSpamProxy function disclaimer. Please add all users who should manage the templates and rules of the disclaimers to this user group. After upgrading to version 11.1 please check the instructions on the start page in NoSpamProxy and follow the instructions.

Best Practices

If you do not use the Web Portal, please skip this point:

  1. Update all web portals first. The order is not important.
  2. Update all Gateway Roles that are not installed on the same system as the Intranet Role.
  3. Update the system with the Intranet Role last.

Email templates

The templates for automatically created emails are overwritten and should be saved beforehand to be on the safe side. With the new template system you can now make your graphical adjustments directly in the NoSpamProxy interface under “Preferences”. These settings will be kept for future updates or upgrades.

/by