This article applies to:
- Trustwave MailMarshal (SEG) 10.0
- What are the known issues and limitations for MailMarshal (SEG) 10.0?
In the initial release of MailMarshal (SEG) 10.0 some functionality is not available. Many of these items are planned to be improved or implemented in a later release.
Important Known Issues in 10.0.4:
- Folder changes cause quarantine problem: If you edit properties of a Folder, the physical path location information is lost. Message files are stored in an incorrect location. Message details and release for earlier quarantined messages do not work.
- Folder editing is corrected in release 10.0.5. However, any changes made in 10.0.4 are not automatically fixed.
- For customers who encounter this issue, a tool is available to detect incorrectly configured folders and move the incorrectly stored files. Contact Trustwave support.
Functionality first added in MailMarshal (SEG) 10.0.1:
The following features (present in SEG 8.X but not in 10.0.0) are included in version 10.0.1:
- Folder physical path setting for individual folders
- Folder security for individual folders
- Authorization for configuration and email management by Windows accounts
- Granular folder access authorization
- Configuration commit scheduling
Updates released in MailMarshal (SEG) 10.0.5:
The following issues or limitations present in MailMarshal (SEG) 10.0.4 and below have been resolved in version 10.0.5.
- In release 10.0.4, editing of folder properties caused messages to be stored in an incorrect location.
- In release 10.0.4, for Windows authentication users, the "light" theme was not applied when selected.
- In release 10.0.4, the rule condition "sender authenticated successfully" was no evaluated as expected.
- See Release Notes for other updates.
Updates released in MailMarshal (SEG) 10.0.4:
The following issues or limitations present in MailMarshal (SEG) 10.0.3 and below have been resolved in version 10.0.4.
- Prerequisite check on nodes now correct handles the case where IIS was previously installed then uninstalled.
- The Configuration Service now accepts passwords that contain the characters: ; = '
Policy elements and settings:
- The retention setting shown on the Management Console Reporting page is correctly applied.
- On upgraded installations, all Connector groups synchronize as scheduled.
- Issues with incorrect selection of items in list views are corrected.
- Message Templates and Message Stamps will now use the HTML formatting created using the WYSIWYG editor. You can also continue to use the stylesheet method described in Help.
- Timezone offsets are correctly applied to all items in the Dashboard.
- Unicode characters in subjects are handled correctly.
- Folder permissions using Windows accounts are correctly retained.
Updates released in MailMarshal (SEG) 10.0.3:
The following issues or limitations present in MailMarshal (SEG) 10.0.2 and below have been resolved in version 10.0.3.
- Upgrade correctly determines the database location if the location was changed.
- Validation of group names is improved.
Policy Elements and Settings:
- In 10.0.2, changing Reporting Groups in the Management Console prevented further configuration changes. This issue is fixed.
- Raw HTML source of email can be viewed.
Updates released in MailMarshal (SEG) 10.0.2:
The following issues or limitations present in MailMarshal (SEG) 10.0.1 and below have been resolved in version 10.0.2.
- Detection of WebDAV by the installer is corrected.
Policy Elements and Settings:
- Re-commit of the current configuration can be requested from the system configuration > General page.
- Reporting Groups configuration is present.
- Caution: An issue has been identified in the Reporting Group interface 10.0.2. Upgrade to 10.0.3.
- The Variables list on the HTML message stamp editor is corrected.
- Rules can be enabled or disabled from the list view.
- Large lists load with acceptable speed.
- Selecting an item no longer causes display issues on smaller resolution displays.
- Deleting or forwarding from a filtered list selects the correct item.
- Sorting is case-insensitive (as in 8.X).
Updates released in MailMarshal (SEG) 10.0.1:
The following issues or limitations present in MailMarshal (SEG) 10.0.0 have been resolved in version 10.0.1.
- Issues with folder and history display when installing the Array Manager on non-English Windows distributions are corrected.
- The installer detects port conflict issues (most likely where Exchange or another mail server is installed on the same server). For more discussion of steps required when installing on Exchange Server, see Trustwave Knowledgebase article Q21146.
- The installer prompts for an Operational User for the Configuration Service database if required.
- Upgrade handles additional cases where rules (including disabled rules) contain references to templates, folders, or other rules that no longer exist or where the reference was malformed.
Policy Elements and Settings:
- Entry of service names/keys in Advanced Settings is no longer case sensitive.
- When restore takes a long time, the Management Console correctly shows the status.
- Automatic backups are performed only if selected.
- Maintenance expiry is correctly shown on the License page.
- Configuration can be committed as prompted after entering a license key.
- Issues with folder display in certain timezones are corrected.
- Filtering on the Message History pages is corrected. Note that filtering applies only to the displayed page, by design. To search over all available items, use Search instead.
Known Issues in MailMarshal (SEG) 10.0
- Configuration import error
- Configuration import will fail if services are not listening on the default IP and port. To import manually (using MMExportCFG), use the -a and -c parameters to set the correct server and port information.
- Azure Databases:
- The Installer and Server Tool cannot currently create Azure SQL managed instance databases. SEG can use Azure databases if they are created in advance.
- Upgrade - TLS 1.3 and Elliptic Curves:
- Trustwave previously suggested use of the secp521r1 Elliptic Curve for key exchange. Customers should be aware that if this is the only curve enabled, email delivery from Gmail may not succeed. This change is due to TLS1.3 behaviors and Google's decision not to use the secp521r1 curve.
- The X25519 curve is widely used and this is the default in both SEG 8.2 and MailMarshal (SEG) 10.0.
- To check settings see the Inbound Security - TLS page for each mail server.
- Array Join credentials:
- Adding an "Array Join" credential in the SEG Server Tool (used to join a processing server to an array) requires a restart of the Array Manager. The tool does not prompt you for this restart.
Policy Elements and Settings
- Configuration restore:
- A restored configuration is committed with no confirmation or possibility of review in some cases.
- Restoring a configuration from a previous version that has rules referencing SpamZeroDay.xml and KnownThreats.xml causes the Engine to stop. (The upgrade process blocks upgrade of these configurations, but restore does not.)
- Configuration backup:
- The retention setting applies to manual as well as automatic backups, since the files are created in the same location. To save manual backups, copy them to another location.
- Backups and restores do not include DKIM keys unless a password is explicitly entered either as default or as override. No warning about missing passwords or unsaved keys is provided.
- A custom backup location set in SEG 8.X will apply in MailMarshal (SEG) 10.X. This setting currently cannot be edited in 10.X.
- Connector User Group usage:
- Connector user groups that are selected for use and saved do not display in the user interface. Configuration is correctly saved. This issue applies to Digests, SpamProfiler exclusions, and DHA settings. Note that Trustwave recommends using local groups in these settings (with the connector groups as members).
- Blended Threat licensing status is not shown on the License page.
- Maintenance expiry shows today's date if the key cannot be validated through the Trustwave website (it should display "unknown").
- Reminders about license status (seen in earlier versions) are not provided when you enter a new key.
- Entering a key that has a Marshal RBL credential forces configuration commit with no notice.
- Upgrading with an expired key results in no key being displayed on the License page. This behavior will not be changed.
- Mail Server settings display:
- If custom settings have been configured, reverting to the default settings and saving does not update the display in the console. The settings have actually been updated correctly.
- Policy Elements:
- Dead Letter folders are not configurable in the Folders list.
- The Console does not prevent moving a target rule above a rule that refers to it (circular policy).
- Enabling default virus scanner rules does not validate that a scanner is present and working.
- Setting a user to "blocked" or "deleted" is only effective after a restart of the Management Console website.
- Message History:
- The default view of message history only shows items from "today". To see all items, use Search. The default should be to return all items up to the configured row count.
Limitations in MailMarshal (SEG) 10.0
The following functionality that was present in previous versions is not currently available in 10.0.
- Finding items in User Groups and IP Groups
- Moving or copying rules between Policy Groups
- Restore from Mail Recycle Bin (this does not affect retention of messages)
- Removing unused processing nodes from the configuration/console view
- RSS news feeds
- Alternative: subscribe to the Notifications forum on the Trustwave support site
The DMARC Dashboard has been retired. Customers must use third party services for this functionality.