We have released version 13.2.21230.1449 on August 31st, 2021. This Version is an upgrade release where the following Bugs are fixed and new features are added or changed.

Important Information

If you have previously installed a beta version 13.2, please upgrade to the official release version 13.2.20141.1435 or later for support reasons! As of version 13.2.20083.1640, a script for enhancing the address searching is included. These may cause the setup not to respond for a some time during database update. The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.

Version 13.2.21230.1449 (August 31st, 2021)

based on Fast Channel Version 13.2.21190.1540


  • 29358: Evaluate new SwissSign id-silver product name
  • 29235: Adjust CSP header for WebPortal
  • 29236: Adjsut X-XSS-Protection header
  • 29237: Disable unnecessary HTTP methods


  • 29259: WebPortal on Server 2012 R2 – Inernal server error
  • 26082: Emails received via the POP3 receive connector are downloaded from the server but not delivered to the recipient if the receive connector temporary folder contains *.eml files
  • 29122: SMIME signature signer address validation always fails if MAIL FROM is empty
  • 29090: An unexpected error occurred and the Intranet Role is shutting down. System.ArgumentNullException: Value cannot be null

Version 13.2.21190.1540 (July 21st, 2021)

based on Fast Channel Version 13.2.21151.1540


  • 26243: Web Portal problems
  • 28830: URL Safeguard doesn’t always work correctly if there is HTML inside of the a tag
  • 27510: Disclaimer is added at the wrong position
  • 28594: Report Viewer Control 2010 download link in installer is incorrect
  • 28698: Create config override to use onmicrosoft.de instead of onmicrosoft.com

Version 13.2.21151.1540 (June 23rd, 2021)

based on Regular Channel Version 13.2.21111.1701


  • 28537: Quotes are added after decoding an encoded header value
  • 28539: CxO fraud detection doesn’t match if there is a quotation mark between the first and last name
  • 23630: CxOFraud does not detect attempt as long as user name contains umlaut
  • 28502: Receiving an NDR containing headers of an SMIME encrypted email causes an unexpected error during a connection: Value cannot be null. Parameter name: stream
  • 28215: Subject flags Link overlapping with text
  • 28046: An unexpected error occurred during a connection: Invalid data read from remote host
  • 28255: An unexpected error occurred during a connection: Object reference not set to an instance of an object
  • 28254: An error occurred while checking an email sent from to Support@nospamproxy.de

Version 13.2.21111.1701 (May 6th, 2021)

based on Fast Channel Version 13.2.21069.1155


  • 28110: SSL Cache duration is too high in 13.2
  • 28086: MS removed download link for ReportViewer.exe – this breaks our setup
  • 27815: ‘Header-From’ field is an obfuscated string, but its not true
  • 27840: Excessive memory and cpu usage when using the Trie data structure
  • 26978: Obfuscated string matcher doesn’t match rewritten umlauts (i.e. ö and oe)
  • 27962: Failed to validate a DMARC on an email. Decoded string is not a valid IDN name.
  • 27964: Message tracks could not be retrieved from the Intranet Role.
  • 27969: SwissSign auto enrolment uses correct user information
  • 28087: Adjust 13.2 actions and filters
  • 27678: High CPU usage and unstable

Version 13.2.21069.1155 (March 15th, 2021)

based on Fast Channel Version 13.2.21040.1645

If you have installed version 13.2.21040.1645 from March 1st 2021, perform an update to this new version to avoid problems!


  • 27467: Archived eml file is empty
  • 27471: D3 archive connector cannot handle subjects with special characters
  • 27508: Possible StackOverFlowException when parsing an email address
  • 27333: Activities are shown only in first
  • 27457: Not recognized category from Cyren
  • 26905: URL Safeguard removes PGP signature and email headers after rewriting URLs in PGP signed content
  • 27124: An error occurred while creating a dispatch job: Another read operation is currently in progress
  • 27229: Corporate email server check “SPF protected local address” is successful if only the SPF check for the EHLO domain was successful
  • 27135: Attachments from nested emails are not uploaded to the Web Portal

Version 13.2.21040.1645 (March 01st, 2021)

based on Fast Channel Version 13.2.20349.1331

Due to a subsequently discovered, but very rare problem, this version had to be removed from the download. A new version will be released as soon as possible, to fix all problems.
If you are already using this version, please watch out for temporarily blocked emails and contact support for clarification, if this occurs.


  • 26340: Large files are not auto approved if there are older files to be auto approved with malware scan failures
  • 26931: Update Cyren to new binaries
  • 27013: Restricting maximum concurrent connections per domain doesn’t work reliably
  • 26872: POP3 receive connector only supports TLS 1.0
  • 26776: email is destroyed after outbound email signing
  • 26715: Logging extension for archive connector
  • 26854: Internal domain names (i.e. exchange.local) are resolved using the external DNS servers
  • 26646: Timstamp server for Outlook Add in is invalid
  • 26666: Disclaimer is added at the wrong position

Version 13.2.20349.1331 (January 13th, 2021)

based on Fast Channel Version 13.2.20296.1426


  • 26541: Unexpected error occurred during a connection: Index was out of range.
  • 26415: Attach file failed error.
  • 26519: Illegal characters in path.
  • 25996: Auto Retry of quality signature Item should have the Message Track status Put on hold.
  • 25963: Waiting Status for qualified signature signing Status
  • 26410: Configuring the Cyren service on the Web Portal fails with error message “A potentially dangerous Request.Form value was detected from the client”
  • 26337: Header-From address in the format “Display name <address1@example.com;address2@example.com>” causes Message Tracking deserialization errors
  • 25925: URL Safeguard rewrites URLs in brackets with the closing bracket as part of the URL
  • 25846: CmsMimePart cannot be converted to PDF using auto encryption
  • 26033: Outlook Add-In mime type detection detects Office documents as unprocessable zip archives
  • 26004: Gateway Role creates replication artifacts >50MB which can’t be collected by the Intranet Role and break the replication
  • 26173: Web portal and Outlook Add-In don’t use the correct content filter if a partner user is configured to allow any attachments
  • 25608: Secondary DNS server is not queried if the primary DNS server responds with status code ServerFailure
  • 25609: License usage De-Mail count is incorrect if multiple Gateway Roles are using the same De-Mail domains
  • 26144: URL Safeguard destroys URLs in CSS by replacing them with “Protected link”-HTML
  • 25790: NDR contains empty attachment instead of original email
  • 25673: Outlook Addin: Issues on accessing files from UNC path
  • 26129: Empty header line is created if the header ends with a whitespace and the header has a certain length
  • 26507: Remove hard coded domain white list from the surbl filter
  • 26170: Use the new endpoint for the Cyren IP Reputation

Version 13.2.20296.1426 (November 09th, 2020)

based on Fast Channel Version 13.2.20258.1435


  • 25605: A replication artifact could not be deserialized. The item will be retried at a later time. Error: The string Cards🏠🏡@tizgharan.org.uk is not a valid email address
  • 25606: Message tracks could not be retrieved from the Intranet Role: The string “”@bnv.gob.ve is not a valid email address
  • 24125: Email is signed using SMIME/PGP although it is deactivated in the rule if the sender requests automatic encryption
  • 25654: Database cleanup is slow
    NOTE: If the TempDB will not shrinked automatically, use the SQL tools to do this manually
  • 25687: Cyren malware scanner fails with error: Illegal characters in path
  • 24838: Users should not be imported from file if email contains not allowed chars outside of quotation marks (“”)
  • 24840: Error when importing user from text file with many @ in email address
  • 25133: Text file automatic user import imports email address prefixes (i.e. SMTP:)
  • 24888: Improve error message in LDAP sync when a group cannot be expanded
  • 25729: Message Track filter doesn’t work for Powershell Cmdlets to get actions, activities, attachments, filters, URLs
  • 26059: Outlook-Add-In crashes on initializing the MimeTypeDetection

Version 13.2.20258.1435 (September 28th, 2020)

based on Fast Channel Version 13.2.20199.1826


  • 24112: Create Issue “German Azure Cloud will be removed”
  • 20044: Implement automatic retries of mails waiting for qualified signatures


  • 24831: Add hint to manual that LDAP key server does not support LDAPS
  • 24895: Replication service replicates too many artifacts to the database at once
  • 24837: Reading the Default partner settings is not retried if it fails the first time
  • 24984: EmailAddress.TryParse uses the relaxed algorithm and is used in the Envelope methods
  • 23685: NDR is sent if an email is permanently rejected by the sandbox
  • 23686: Sender IP address is not blocked if an email is rejected permanently by the sandbox
  • 24904: An unexpected error occurred during a connection: Deep clone with non-clonable stream is not supported. Stream must be of type ClonableStream
  • 24995: OpenKeys configuration is not replicated to new Gateway Roles
  • 24884: Disclaimer is added at the wrong position
  • 25016: NoSpamProxy crashes when a large SMIME email is processeds
  • 24720: URL Safeguard error when rewriting URLs in message/delivery-status attachment: Mimepart ‘NestedMessageMimePart’ is not supported
  • 24683: CDR’ed document is not attached to the EML file in case of nested attachments
  • 24825: change tyntec text message provider default hostname
  • 25154: Email is not accepted because of error: Length cannot be less than zero. Parameter name: length
  • 25045: Wrong reject reason for email
  • 25256: Emails cannot be processed by content filter
  • 25165: Downgrade to 7 bit transfer encoding for all emails breaks existing signatures if the email contains a mime part with 8 bit transfer encoding
  • 24917: Intermediate certificate is displayed as “untrusted root, revoked” when imported in NoSpamProxy
  • 25343: Email with very long header line causes 100% CPU usage on Gateway Role
  • 24753: Level of Trust bonus not granted because successful SPF validation doesn’t authenticate MAIL FROM domain
  • 23927: “Strict Open XML” office documents are detected as zip archives
  • 24768: TLS best practice settings include 3DES cipher suite
  • 25319: Attachments are differently identified when a mail was signed
  • 24873: Pdf is not disarmed, zip file detect as unprocessable
  • 25364: An attempt to scan the file in directory ZEL4TVFP for viruses. Error: Padding is invalid and cannot be removed.
  • 25443: Unexpected error occurred during a connection: Index was out of range.
  • 25446: All zip files in large files detect as unprocessable+archive
  • 25408: Cyren IP reputation filter configuration is reset after editing the rule using the MMC
  • 25440: URL Safeguard applies HTML base URL to absolute URLs
  • 25513: Message Tracking search is slow when searching for sender/recipient
  • 25537: TempDB database uses enormous amounts of space during database cleanup
  • 25538: Message Track cleanup doesn’t delete a lot of details if the detail retention time is much shorter than the summary retention time
  • 25526: A parameter was invalid.

Version 13.2.20199.1826 (July 27th, 2020)

based on Regular Channel Version 13.2.20171.1151


  • 24608: An unexpected error occurred during a connection: Die Länge darf nicht kleiner als 0 (null) sein. Parametername: length
  • 24621: Trigram search is slow
  • 24718: DKIM signature verification fails if the email contains an attached EML file with incorrect content type
  • 24684: Emails with nested EML attachment with incorrect content type are not serialized correctly
  • 24640: Email rejected by CxO Fraud Detection action causes two NDRs in default configuration
  • 24662: “Unable to confirm artifacts replication” error if there are a lot of replication artifacts
  • 24679: Multiple reputation filter PTR record tests are failing if the sender IP address doesn’t have a PTR record
  • 24719: An email could not be decoded

We have released the Version 13.2.21111.1701 on May 6th, 2021. This Version is an upgrade release where the following Bugs are fixed and new features are added or changed.

Important Information

If you have previously installed a beta version 13.2, please upgrade to the official release version 13.2.20141.1435 or later for support reasons!

As of version 13.2.20083.1640, a script for enhancing the address searching is included. These may cause the setup not to respond for a some time during database update. The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.

Version 13.2.21111.1701 (May 6th, 2021)

includes all changes and bug fixes from Fast Channel Versions 13.2.20199.1826 to 13.2.21111.1701

Please review Release Notes of Fast Channel Version for Changes and Bug Fixes

Version 13.2.20171.1151 (June 30th, 2020)

includes changes and bug fixes from Regular Channel Version 13.2.20141.1435


  • 24397: A replication artifact could not be deserialized
  • 24444: Message tracks could not be retrieved from the Intranet Role
  • 24514: Intranet Role database updates fails: Failed to execute an SQL command. Error: String or binary data would be truncated.
  • 23966: “Error: Invalid algorithm specified” when importing a certificate with rsaSignatureWithripemd160 signature algorithm
  • 24400: Office365 detection fails when an Office 365 accepted domain is used instead of an Guid
  • 24138: Update TLS Best Practices for Windows 2012R2
  • 24503: Sign and Encrypt action incorrectly uses SHA-512 although the certificate only supports SHA-256
  • 24468: Object reference not set to an instance of an object.
  • 24544: Stripping batv data can lead to failures to update message tracking data
  • 24496: Missing data for signature validation. SignedContent is empty and no data stream has been provided.
  • 24520: Attachments in nested EML attachments are not detected if the content type of the nested EML is not message/rfc822
  • 24530: Improve the Mail to many recipient with out- or inbound content filter configured
  • 24504: URL Safeguard details are incorrectly marked as deleted in Message Tracking which causes the cleanup to fail
  • 24547: A lot of inbound Duplicate mails, if it was a mail to 626 recipients

Version 13.2.20141.1435 (June 2nd, 2020)

includes changes and bug fixes from Fast Channel Version 13.1.20071.1529

New / Changed

  • Four new tests for the reputation filter focusing on the HEADER-FROM
  • One new test for the reputation filter that checks if the email was transmitted via a TLS-protected connection
  • DFN CA connector
  • URLs in emails can be disabled by the URL Safeguard
  • Greylisting is now a policy violation
  • BATV addresses are now included in the license count


  • E-Post-Brief connector is supported for the last time
  • Windows 2008 Server R2 is supported for the last time
  • SQL 2008 R2 is supported for the last time
  • SQL 2016 Express Edition is supported for the last time
  • SMTP proxy mode is supported for the last time


  • 22455: Search root in the LDAP User import should not be mandatory
  • 22889: The DKIM and DMARC implementation of NoSpamProxy does not support internationalized domains
  • 22952: Processing delivery attempty is too slow
  • 23222: Multiple attempts to scan an attachment using the Cyren sandbox failed
  • 23254: Restrict the DANE Validation to 20 sec
  • 22905: Replication breaks when the identity counter reaches 2 billion in the UrlVisits database
  • 23159: Import public certificate used for encryption instead of sign only certificate
  • 23178: Reputation filter does not cope well when the From: oder To: header is missing
  • 21654: Users are still counted and message “You exceeded your license …” is shown even if elapsed time is more than 10 days
  • 23877: Could not bind to The address is already in use. Perhaps another SMTP server is running on this endpoint
  • 23953: An attempt to put an email on hold failed
  • 23911: New installation of Intranet Role with existing database on remote SQL server fails
  • 24079: Processing Message Track replication artifacts on the Intranet Role is very slow
  • 23088: URL Safeguard: The specified website ID could not be processed
  • 23255: Sometimes there is a Warning in MMC if the MMC was inatalled remote on a client
  • 24144: Logging output for cleanup of Safeguard URLs during Message Tracking cleanup is incorrect
  • 22932: Heimdall filter name is “OutbreakDetection” in MMC
  • 23591: NSP cuts off header from domain
  • 23571: Update Cyren configuration settings in setup
  • 23565: CxO filter runs after content filtering
  • 23623: Mime-Version is not always created when converting an existing mail to mulitpart
  • 23499: Existing SMIME signature is not removed if the signature is not part of a multipart mimepart
  • 19676: Compilation errors for automatic reply templates are not shown anywhere
  • 23670: [production] Content disarm for an email on hold failed
  • 23684: Plain text body with iso-2022-jp encoding is handled as attachment with mime type application/octet-stream
  • 23636: Mime type for zip archive containing PDF document is detected as unprocessable PDF
  • 23689: Charset of email body is changed to UTF-8 if content filter upload hint is added
  • 20420: URL Safeguard: Protected link text is not set
  • 23400: The mime part of type Netatwork.NoSpamProxy.Net.Smtp.MultipartMimePart is not supported
  • 19285: Long lines in mime parts extracted from TNEF emails are not wrapped
  • 23532: URLSafeguard: Deactivated links with www prefix could not be reactivated
  • 23797: DNS Server settings could not be saved: A parameter was invalid
  • 20481: Files with very long names could not be uploaded to web portal
  • 23808: URL Safeguard rewrites 4 digit version numbers
  • 23736: Large files malware scan is not displayed in MMC if the email is sent via the Web Portal
  • 23809: URL Safeguard rewrites parts of filenames if the extension is a valid TLD
  • 23918: LDAPS doesn’t work with wildcard certificicates
  • 23629: Ascending “ordered by” brokes message tracking
  • 23928: Gateway Role crashes / ARSoft DNS lookup causes stackoverflow exception
  • 23967: CDR file not send if files over size limit should be uploaded to the web portal
  • 23638: Email is put on hold with “Error: A clone of the specified mimepart was not found.” if the content filter removes a file from an attached EML file
  • 23913: Base64 decoder doesn’t ignore extra padding characters if configured to ignore extra characters
  • 24076: Inbound Large Files links are also password protected
  • 24008: Message Tracking cleanup doesn’t finish in cleanup period
  • 23640: Spam URI Realtime Blocklist filter error: Object reference not set to an instance of an object
  • 24030: Disclaimer keyword replacement is slow for larger HTML bodies
  • 23888: URL Safeguard rewrite part of email addresses in attached eml file
  • 24134: Improve notification info
  • 24204: Legacy Excel 4.0 macros are not detected
  • 24191: Spelling errors in message details
  • 24245: CorporateMailOffice365TenantTests unit tests are failing because of an expired certificate

Always follow the instructions in the installation manual and the general upgrade instructions here in the Knowledge Base.

​Before upgrading make sure that the .NET Framework version 4.7.2 or higher (we reommend .NET Framework version 4.8) is installed and that the SQL Server version is 2008 R2 (we recommend 2017 or later). All supported versions can be found here.

Important note for upgrade version 13.0 and later versions

Do not install this beta version in productive environments!

As of Version 13.2.20083.1640, a script for enhancing the address searching is included. This may cause the setup not to respond for a some time during database update. 

The setup must not be aborted and must run until completed. Please schedule a longer upgrade period for this.

Upgrading from version 12.2 and earlier versions

Please install version 13.1.19330.1217 or higher before upgrading to version 13.2. You can download this version here.
Please also note all upgrade articles for older versions in our Knowledge Base under “Update Information”.

Upgrade NoSpamProxy

When upgrading from version 13.1 to version 13.2, all settings and user information are retained. Only the proxy settings and content adjustments of the template files (templates) must be saved as usual and reinstalled after the upgrade. This procedure is described under General update information.
For security reasons, please export existing DKIM keys from the console under “People and identities > DKIM Keys” BEFORE upgrading.

Additionally, please check the following points after the upgrade:

  • Content filter: As there have been changes to the file types (MIME Types), please check all content filters and their content filter entries
  • The reputation filter in the rule set has been extended in version 13.2 compared to version 13.1. This modification enables further, additional checks
    • Four additional checks on the HEADER-FROM
    • One additional check whether the transmission was secured with TLS
  • Starting with version 13.2, the incident to the Spam URI Realtime Blocklists is converted from an error to a warning
  • URL Safeguard: It is now possible to disable URLs
  • Cryptographic key provider: You can now also request certificates from the German National Research and Education Network (DFN)
  • Greylisting is now a policy violation
  • BATV addresses are now included in the license count
  • Calculation of the license values for the Encryption and Large Files modules has been changed. From now on inbound and outbound emails are considered. See License management in version 13 and higher.
  • Note: Discontinuation of the Office 365 client “Deutsche Azure Cloud”
    From version 13.2.20258.1435 a notification is displayed at the NoSpamProxy console start page that the client is no longer supported from version 14. All users who still have such a client active must not upgrade to version 14 until the migration on Microsoft side has been made. Further information is available here:

License type change

As of version 13.0 we have changed the integration of the license from license file to license key. This change is done automatically and no further action is required.
In case of problems, please refer to the Knowledge Base article How to install a new license.

Outlook Add-In

The upgrade of the gateway and the Web Portal necessarily requires an upgrade of the Outlook Add-In as well, otherwise communication with the Web Portal is no longer possible.