Trustwave SPE 4.2 Release Notes

Last Revision: December 04, 2020

The information in this document is current as of the date of publication. To check for any later information about this release, please see Trustwave Knowledge Base article Q20992.

For the latest product documentation, please see the Trustwave SPE Support website: https://www.trustwave.com/support/SEG-Service-Provider-Edition/.

New Features
System Requirements
Upgrade Instructions
Uninstalling
Release History

New Features

For more information about additional minor features and bug fixes, see the release history.

Features New in Release 4.2.4

Trustwave SPE 4.2.4 works with Trustwave SEG 8.2.6 and later versions.
The Customer Console now includes a search page for messages/connections rejected at connection time (Rejected Messages).
- This feature requires you to make a change to the Trustwave SEG database. See the Upgrade Notes below.

Features New in Release 4.2.0

Trustwave SPE 4.2 works with Trustwave SEG 8.2.3 and later versions.
SPE provides a Distributor tier. Each Reseller is assigned to a Distributor for management and reporting purposes.
The Executive Names list can be customized for each domain.
SPE installations support the Syslog functionality of SEG. Before enabling Syslog for an array, create a Syslog database for the array using the SEG Server Tool.
SPE installations support the Cloud Email Archiving functionality of SEG.
SPE installations support the Azure Information Protection RMS functionality of SEG.
Report generation for both the Admin Console and the Customer Console has been improved. Reports can be generated as PDF or CSV for both scheduled and immediate views.
A new rule action allows NDRs to not be generated in special cases (allowing improved handling of NDRs generated by a customer's internal server).
Header Rewrite rules are available to Advanced Customers in the Customer Console.

Features New in Release 4.0.3

SQL 2017 is supported.

Features New in Release 4.0.2

Trustwave SPE now provides a customer notification/news page. The content of this page can be edited in the Admin Console. Notifications are displayed to each Customer Console user when they log in.
Trustwave SPE now provides a "quarantine by keywords" function, using a simplified TextCensor. This option may be most useful for Managed customers who do not have access to the full TextCensor abilities in advanced rules.

Features New in Release 4.0.1

Trustwave SPE 4.0.1 works with Trustwave SEG 8.0.6 and later versions.
A new page in the Admin Console allows you to check DNS resolution and email connectivity for any domain from processing servers.

Features New in Release 4.0.0

Trustwave SPE 4.0 works with Trustwave SEG 8.0.5 and later versions (64-bit SEG architecture).
Trustwave SPE now supports checking and reporting of DMARC information.
DKIM setting management in the Administration Console is enhanced.
Trustwave SPE now supports IP groups for policy matching, including "Preset" IP Groups.
Communication between SPE and SEG uses the SEG REST interface instead of RPC calls.
Digests of quarantined outgoing messages can now be sent to the internal sender.
The SQM site supports Single Sign On using SAML. Customers can configure multiple SAML services. For more information see Trustwave Knowledge Base article Q20946.
Messages queued for sending can be selected for deletion by subject, sender, and/or recipient, from all servers and routes.
The default installation path is updated to Program Files\Trustwave\Trustwave SPE. Upgrade does not move existing installations.
Trustwave SPE now supports a per-customer "Executive Names List" that can be used to help with BEC Fraud detection in Category scripts.

Features New in Release 3.8.1

Relay groups can be based on a SPF record (useful to configure relaying from other cloud services).
Customer Package Rules have a new possible state, "Require Members".
- When you select this state, the rule is available to customers and by default does not apply to messages. Each customer must set User Matching conditions for the rule (at least one group containing one user) before they can apply it to messages.
- When used with the new Preset User Group rules, this state helps to simplify customer configuration of policy.

Features New in Release 3.8.0

Trustwave SPE 3.8.0 works with Trustwave SEG 7.5.6 and later 7.5.X versions.
Replication to the Array Manager is performed by the Marshal Agent. The separate Replication Agent is no longer used.
Yara Analysis Engine scripts for anti-malware are supported.
URL Categorization to check for malicious URLs is supported.
Disclaimers are available to Advanced customers as well as Managed customers.
Preset User Groups and Preset Group Rules allow the Service Provider to more easily create template rules for all customers.

Features New in Release 3.7.5

Replication to arrays can be paused (useful if many changes are being made).
Customer Console Mail History now offers the ability to apply a bulk action to multiple pages of returned messages.
Customer Console Mail History now offers the ability to delete one or more messages with no other action.
Global (system) digest templates can be made available directly to customers, and customers can be limited to using these templates only. The default for new customers can be set.
Customer packages and customer package rules can now be enabled or disabled for all customers currently assigned the package.
A Customer Group can be set for all customers of a Reseller.
The Marshal IP Reputation Service is automatically provisioned.
SQL 2014 is fully tested and supported.
Trustwave SPE 3.7.5 works with Trustwave SEG 7.3.5 and later 7.3.X versions.

Features New in Release 3.7

Trustwave SPE 3.7 works with Trustwave SEG 7.3.
SpamProfiler is updated to the new technology used in SEG 7.3.

Features New in Release 3.6.5

Customers can now update administrative email addresses and contact information (if permitted)
Customers can now update local domain delivery routes (if permitted)
Customers can now update servers allowed to relay (if permitted)
Additional groups of servers allowed to relay can be created and specified for customers
DNS servers can be configured for individual MailMarshal SEG processing servers.
Resellers now have access to the Customer User Variance Summary report for their customers.

Features New in Release 3.6.2

Customer package policy and rule user matching now allows user group inclusions as well as exclusions. The selection dialog clarifies how exceptions apply to senders and recipients.
Several Customer Console searches can now be filtered on multiple conditions: Message History, Audit History, SQM Audit History, Connector Agent History, User Groups.
Customer Console lists of Logins and Domains can be filtered.
The User Groups page of the customer console has been updated with tabs for each type of group.

Features New in Release 3.6

MailMarshal SPE 3.6 works with MailMarshal SEG 7.2.
IPv6 is supported for email delivery, array and agent communications. For details of configuration options and limitations, see Trustwave Knowledge Base article Q16214.
The Customer Console supports multiple branding themes on the same web server.
The TextCensor facility now works with Unicode characters and non-alphabetic languages. A number of other enhancements are included. For details see the Administrator Guide and Help. For details of minor changes in matching behavior, see Trustwave Knowledge Base article Q14720.
The SPE agent architecture has been updated. Processing nodes now communicate with a new Marshal Interface Agent (referred to as 'MIA') over HTTPS.

Features New in Release 3.5

MailMarshal SPE 3.5 works with MailMarshal SEG 7.1.
Disclaimer (message stamp) functionality can be granted to Managed customers.
System message templates can be used directly in rules.
Blended Threats scanning is now implemented using URL rewriting. URLs are checked at the time of browsing. Statistics are available on the Console dashboards. See the Upgrade Notes for required configuration changes.
Rule conditions for TLS are available (these require Inbound TLS to be configured on each MailMarshal SEG processing node)
Report spam/not spam functionality can be granted to Admin Console and Customer Console users and is enabled by default for some users. See the Upgrade Notes.

Features New in Release 3.2

MailMarshal SPE 3.2 works with MailMarshal SEG 7.0.
Resellers can now be given access to the Admin Console to provision customers, create additional logins, manage customer mail and manage some customer configuration.
Dead Letter Rules allow you to automate management of messages that cause errors in unpacking or processing. Dead Letter Rules can be created by Admin Console users and Advanced customers.
The dashboards and reports of the Admin and Customer Consoles now include statistics for items blocked at the Receiver.

Features New in Release 3.1

MailMarshal SPE 3.1.5 works with MailMarshal SMTP 6.9.5.
"Receiver" and "Standard" rules are renamed as Connection Rules and Content Rules for clarity in the user interfaces. Filtering functionality is not affected.
Dead Letter folders have been reorganized.
The Connector Agent software can now be updated automatically from Trustwave to the MailMarshal SPE installation, and from MailMarshal SPE to customer installations.
Accounts (used for SMTP authentication) are now assigned to individual Customers (not to Arrays).
The Console displays message logs in separate tabs for each service.
License enforcement by user count is no longer enforced by the Connector Agent. You can still configure enforced licensing per email address for customers based on addresses actually used.
A new Customer User Variance report allows you to review Active Directory alias usage, and provides an estimated actual user count based on heuristic analysis of email addresses used.

Features New in Release 3.0

MailMarshal SPE 3.0 works with MailMarshal SMTP 6.8.3 and supports new functionality. Major new features include:
- Marshal IP Reputation Service
- SpamBotCensor
- SpamProfiler as a standard rule condition
- Skip to Rule action (some restrictions apply)
- Message release processing options set for each rule
- SMTP Authentication options
- Maximum recipients settings
MailMarshal SPE and MailMarshal SMTP support installation on Windows Server 2008 SP2 (32 and 64 bit) and Windows Server 2008 R2. (Installation on 64 bit systems is as a 32 bit application.)
The Customer Web Console is now a separate application. If you are upgrading, see upgrade notes.
The SQM administrator can enable and disable end user email address management, folder counts, and "all folders" view.
The Web Consoles fully support Internet Explorer 8.

For feature enhancements in earlier releases, please refer to the Release Notes for the specific release.

System Requirements

Trustwave SPE 4.2 requires you to install the latest Trustwave SEG 8.2 release (8.2.3 or later; please see Trustwave Knowledge Base article Q20992 for the most current information).

For a detailed list of requirements, see the Administrator Guide. Note in particular:

Trustwave SEG and SPE databases can be hosted on SQL Server 2017, SQL Server 2016, SQL Server 2014, or SQL Server 2012.
- SQL Express is NOT supported.
TCP/IP connection to the database is required.
Mixed Mode (SQL authentication) is required. NTLM authentication to SQL is not supported.
Distributed Transaction Coordinator may be required; see Trustwave Knowledge Base article Q13797.
Trustwave SEG and SPE components can be installed on Windows Server 2008 R2 (SP1), Server 2012, Server 2012 R2, or Server 2016.
The Trustwave SPE and Trustwave SEG servers require .NET 3.5 SP1 and .NET 4.7. For IIS 7.X role service requirements, see Trustwave Knowledge Base article Q13814.
To access the Admin Web Console, you MUST use a current supported version of Internet Explorer. For IE 10 and IE 11, Compatibility Mode is required and enabled by default. IE11 requires the Admin Console to be in the Trusted Sites zone.
To access the Customer Web Console and SQM, use a current supported version of a major browser. Basic testing has been performed with Internet Explorer, Firefox, Chrome, and Safari.
The Trustwave SPE and SEG services communicate over a number of ports for administration. Review the firewall port and authentication requirements carefully.
All Trustwave SPE and Trustwave SEG services must use the US English locale. For details see Trustwave Knowledge Base article Q15032.

Upgrade Instructions

This release supports direct upgrade from version 3.7.0 and above. To upgrade from earlier released versions, first upgrade the earlier version to at least version 3.7.0 (for details, see the release notes for version 3.7.0).

Before upgrading, review the upgrade notes (below) for all versions later than the version you are upgrading from. Check system requirements.

To upgrade from version 3.7.0 or above:

Upgrade each server where Trustwave SEG components are installed to the latest supported Trustwave SEG 8.0 release, as advised by Trustwave.
Run the Trustwave SPE product installer on each server where Trustwave SPE components are installed.

Note: For more details of recommended steps, see Trustwave Knowledge Base article 12201.

To upgrade the Connector Agent at customer sites, run the Connector Agent installer on each Customer server.

Upgrade Notes 4.2.0

Note: Be sure to review upgrade notes for all versions later than the installed version!

SQL 2012 or above must be used for the SPE and SEG databases. This release uses functionality that is not present in earlier SQL versions. Note also that SQL 2008 R2 is no longer supported by Microsoft as of July 2019.
On upgrade a default Distributor is created and all existing Resellers are assigned to this Distributor. You can create additional Distributors and re-assign Resellers.
In this version, use of Preset IP Groups is limited to inbound rules (consistent with allowed use of normal IP Groups). Any existing outbound rules using Preset IP Groups must be updated after upgrade. Rules that are not updated generate an error in the Marshal Agent log when replicated to arrays.
Before enabling Syslog for an array, create a Syslog database for the array using the SEG Server Tool.

Upgrade Notes 4.0.0

SPE communicates with SEG using the REST interface on the Array Manager (port 19006 by default) instead of the port 19001 RPC interface.
- Ensure that the Admin Console, Customer Console, and Marshal Interface Agent can connect to all Array Managers over HTTPS on port 19006 (or another port if configured using the SEG Server Tool). The account used for each array must have the Log on as a batch job permission on the Array Manager (true by default for Administrator users).
Connector Agent groups can no longer be used directly in policy, but must be included in Internal groups. On upgrade:
- For each existing Connector Agent group a new Internal group is created (named Master-[groupname]), and the Connector Agent group is added as a child group.
- Any User Matching that referred to the Connector Agent group is updated to use the new Master group.
In this release, all Scheduled Report settings for a customer can be viewed and edited by any Customer Console user. If existing scheduled reports have identical names, the upgrade process adds the name of the creator user to each.
TextCensor has been updated. Upgrade validates existing scripts. All scripts must be valid in the new version before upgrade will proceed.
The SQM login page has been updated to support SAML authentication. If you use a custom theme for SQM you must update the theme.
Minor additions have been made to the Customer Console theme to support new features. If you use a custom theme for the Customer Console, you should review changes in the theme.

Upgrade Notes 3.8.0

The Replication Agent is no longer required and will be uninstalled from Array Managers. Connection from the Array Manager to the SPE database is no longer required (the Marshal Agent connects over HTTPS to the Marshal Interface Agent).
On upgrade, Disclaimers are made available to all advanced customers but are not applied to email.

Upgrade notes 3.7.5

This version allows more efficient local delivery to a customer from other customers hosted on the same array, using loopback instead of MX lookup (see SPE-3316). On upgrade, existing customer delivery options are not changed, to avoid any possible issues. Consider enabling this option for each customer. You can exclude specific domains.
Bare CR/LF change: On upgrade, if the behavior for "bare" CR or LF characters was set to "ignore", it is changed to "fix". This change helps to detect and block malware or spam messages with invalid formatting. Ignore was the default in earlier versions.

Upgrade notes 3.7.0

SPE application pools are upgraded from ASP.NET 2.0 to ASP.NET 4.0.

For upgrade notes affecting earlier releases, please refer to the Release Notes for the specific release.

Uninstalling

For full details of the uninstall process, see the Administrator Guide. In general, uninstallation can be completed as follows:

Stop all components on all servers.
Use Add/Remove Programs from the Windows Control Panel to remove Trustwave SPE on all servers.
Remove the Trustwave SPE configuration database.

Uninstallation leaves Trustwave SEG servers and databases intact. However, the configuration left in place may not be suitable for use outside the Trustwave SPE environment.

Release History

The following items have been changed or updated in the specific build versions of Trustwave SPE listed. To check for any later information about the current release, please see Trustwave Knowledge Base article Q20992.

Note: For additional information about changed items, review the Release Notes for your installed version of Trustwave SEG.

4.2.4 (December 04, 2020)

SPE-4432	Archived messages were included in the "Top sources of blocked messages" report. Fixed.
SPE-4433	Messages between customers, that were classified by the sending customer, could appear in the receiving customer's classification reports. Fixed.
SPE-4585	SSO login resiliency and logging are improved.
SPE-4728	When "Reject Unknown Domains" was selected, mail for expired trial customers was rejected. Updated behavior: Mail for expired trial customers is passed through without processing even if "Reject Unknown Domains" is selected.
SPE-4745	The Customer Console now provides the "prepend to subject" rule action.
SPE-4768	A Category Script can be restricted to a specific customer.
SPE-4960	In previous 4.X versions, newly added classifications were not visible to customer administrators. Fixed.
SPE-5004	In the Customer Console, message retrieval security is enhanced.
SPE-5125	In the Admin Console, the Apply DKIM rule action option for failed signing did not show all available folders (standard outbound folders). Fixed.
SPE-5144	Excessive logging in MIA file updates has been removed.
SPE-5147	In version 4.2.0, reports and other long running processes could time out after 100 seconds. Fixed.
SPE-5189	Configuration updates are now checked for referential integrity before being applied. Backups of the SEG Registry keys are automatically maintained to support this feature.
SPE-5216	In earlier 4.2 releases, the Scheduled Reports page in the Customer Console did not work from Internet Explorer. Fixed.
SPE-5217	SQM SSO could cause synchronization issues doe to very long internal random user passwords. Fixed.
SPE-5245	All user groups could be reloaded unnecessarily in rare cases. Fixed.
SPE-5247	In release 4.2.0, replication of rule criteria could be incorrect for certain values of the SPE module licensing.
SPE-5275	A customer with SQM SSO configured could not be deleted. Fixed.
SPE-5277	Reports could fail with a JSON length error. Fixed.
SPE-5299	In the Customer Console, text entered in the email history search is now trimmed to reduce issues with pasted values.
SPE-5337	In the Customer Console, minimum password length was not properly enforced in some cases. Fixed.
SPE-5341	Installation includes the MSOLEDBSQL database driver (supporting TLS v1.2 secured connections).
SPE-5349	CSV export files now include the UTF-8 Byte Order Mark for ease of use with Microsoft Excel.
SPE-5387	The upgrade process for XSP-4283 (Connector Agent groups not used directly in rules) updated the groups but not rules. Fixed.
SPE-5389	Marshal Agent code is updated to use .NET Core.
SPE-5392	SQL scripts needed by SPE are updated in the SEG database only for new arrays or if explicitly requested.
SPE-5453	In some cases selecting "Force Reload" or "Apply Configuration" in the Admin Console did not trigger the required action. Fixed.
SPE-5515	Marshal Agent is more resilient to errors in worker threads.
SPE-5529	Preset user groups were re-synchronized unnecessarily when a customer was deleted. Fixed.
SPE-5626	The Database Wizard now uses the MSOLEDBSQL driver for enhanced TLS compatibility.

4.2.0 (October 31, 2019)

SPE-4213	Scheduled Report logging and error logging have been improved.
SPE-4445	HTML to plain text conversion uses an updated solution.
SPE-4472	Rules and policies are now identified with a GUID to assist with replication and upgrades.
SPE-4473	A new Admin Console report shows customer packages for each customer.
SPE-4494	In the Admin Console, Relay groups IP entries ending in 0 were not allowed. Fixed.
SPE-4504	Scheduled report parameters are stored in JSON format.
SPE-4527	In version 4.0, the buttons on the SQM Welcome page did not function correctly. Fixed.
SPE-4531	The URL for SQM is written to SEG node configuration for use in notifications.
SPE-4533	Routing Tables replicated to SEG use the new required format.
SPE-4565	The Customer Console Message Template editor better handles cancellations and changes.
SPE-4566	In the Admin Console, validation of TLS domain entries did not correctly handle subdomains. Fixed.
SPE-4567	TextCensor scripts saved in the Customer Console were not correctly replicated due to an incorrect parameter. Fixed.
SPE-4578	In the Customer Console, users with appropriate privileges can choose which login is "primary" for the customer.
SPE-4590	The Marshal Interface Agent now exposes a REST interface which is used for communication by other SPE components.
SPE-4603	Outbound customer package rules no longer allow IP groups.
SPE-4615	The Customer Console User Groups page did not work correctly when a total of more than 100,000 users was imported. Fixed.
SPE-4619	In the Customer Console, the CSV Message History export now includes the "Type" column.
SPE-4625	In the Admin Console, templates used in Array Templates were marked as "not used". Fixed.
SPE-4628	In the Customer Console, refreshing while editing templates did not work as expected. Fixed.
SPE-4637	Scheduled reports were generated for inactive customers. Fixed.
SPE-4638	In the Customer Console, Message Template editing did not always show the correct tabs or convert between Plain and HTML as expected. Fixed.
SPE-4657	In release 4.0.3, Visual C++ 2010 (required for TextCensor administration) was not installed on an Admin Console-only server. Fixed.
SPE-4671	The Admin Console supports selection of key length for DKIM keys.
SPE-4672	In the Admin Console, performance of the Domains page is improved.
SPE-4687	In the Customer Console, From IP is included in Message history export.
SPE-4695	Preset Rule user groups were not correctly written in specific cases. Fixed.
SPE-4699	Preset IP Groups are only available for inbound rules.
SPE-4700	In the Customer Console, loading time for the Package Policies page is improved.
SPE-4705	DMARC evaluation rules support ignoring the PCT keyword.
SPE-4718	In the Admin Console, a Reseller could set the Customer Host to be the same URL as the global host. Fixed.
SPE-4723	In the Admin Console, editing usage of a Customer Package altered IP Group user matching on the package for other customers. Fixed.
SPE-4725	The PDF generation module is update to the latest version to support Windows Server 2016.
SPE-4729	The Customer Console message viewer allows the entire message to be downloaded.
SPE-4730	The Customer Console message viewer allows message logs to be easily copied to the clipboard.
SPE-4736	The Customer Console report "Messages per classification per user" returned multiple lines for Classification Group members. Fixed.
SPE-4737	Message Templates and Message Stamps could include bare Linefeeds. Fixed: Linefeeds are corrected to CRLF.

4.0.3 (February 12, 2019)

SPE-4574	Duplicate checking for Array TLS settings was incorrect. Fixed.
SPE-4575	In version 4.0.2, TextCensor Scripts added in the Customer Console caused a replication failure. Fixed.
SPE-4576	Hostnames with parts consisting entirely of digits could not be added for domain delivery. Fixed.
SPE-4594	A Preset User Group or Preset IP Group is only visible in the Customer Console if it is used in a rule that is available to the customer.
SPE-4597	Preset IP Groups were not created for new customers. Fixed.
SPE-4599	Customer copies of Preset IP Groups were not correctly removed when the customer was deleted. Fixed.
SPE-4601	In earlier 4.0 releases, TextCensor script validation did not accept some valid items. Fixed.
SPE-4602	IP group exceptions were not correctly applied to customer package policies and rules. Fixed.
SPE-4603	IP group exceptions are not allowed for outgoing customer package policies.
SPE-4604	In the Customer Console, performance of Rule Summary and Package Policy display is improved.
SPE-4606	On earlier 4.0 installations upgraded from version 3.8.2, Customer Package Rules could not be created in a disabled state. Fixed.
SPE-4608	In earlier 4.0 releases, attempting to forward a message from the Message Viewer window failed. Fixed.
SPE-4609	Additional indexes have been added to the SPE User Group tables to improve performance.
SPE-4610	Disabled rules that did not have the "allow customer to disable" setting were applied to processing incorrectly. Fixed.
SPE-4611	In the Admin Console, clicking "Disable" for a disabled customer package applied additional exceptions to the running policy. Fixed.
SPE-4616	In the Admin Console Reseller view, saving changes to a customer with SQM users raised an incorrect warning dialog. The "demo customer" setting could also be unexpectedly enabled in a specific case. Fixed.
SPE-4617	A customer could not be deleted when notifications existed. Fixed.
SPE-4618	Arrays could not be deleted if IP Groups existed. Fixed.
SPE-4620	Delivery server status was validated when setting a domain to inactive. Fixed.
SPE-4621	Selection of the theme to use for each SQM user on login is improved.
SPE-4623	The initial login created for a new customer did not see notifications created before the login was created. Fixed.
SPE-4627	The Diagnostics page now tests connectivity by hostname if a FQDN is entered and does not return MX records.
SPE-4630	In the Customer Console, the single quote character could not be entered in the Executive Names List. Fixed.
SPE-4632	Validation of TextCensor scripts on upgrade is improved.
SPE-4633	In the Admin Console, the initial login for a customer could be created with the reserved names "sitelogin" or "supportlogin". Fixed.
SPE-4636	In release 4.0.2, Admin Console editing of System TextCensors displayed incorrect information. Fixed.
SPE-4640	In the Customer Console, the Rule Summary could display incorrect cached details. Fixed.
SPE-4642	In earlier 4.0 releases, editing the first expression in a System TextCensor script returned an error. Fixed.

4.0.2 (May 25, 2018; no public release)

SPE-3426	Some Customer Console features did not work correctly in Google Chrome due to incorrect browser detection. Fixed.
SPE-4520	In the Customer Console, when editing a scheduled report the configured list of domains was not selected. Fixed.
SPE-4534	Reseller Site and Support logins did not have Customer Console Menu Security settings. Fixed: Menu Security for these logins can be set in the Admin Console.
SPE-4545	The Customer User Variance Summary report failed if a user with the same primary address and same alias address was found in two LDAP groups. Fixed.
SPE-4558	The Customer Console login page password field is now cleared if login fails.

4.0.1 (March 6, 2018)

SPE-4305	In the Admin Console, IPv6 ranges in IP Groups could have an end address lower than the start address. Fixed.
SPE-4307	In the Admin Console, IPv6 ranges in Relay Groups could have an end address lower than the start address. Fixed.
SPE-4374	In some earlier releases, users could not unsubscribe from digests created in the Admin Console. Fixed.
SPE-4459	Templates were replicated to arrays where they were not used. Fixed.
SPE-4467	In release 4.0, the SAML Identity Provider name was not required to be unique. Fixed.
SPE-4468	In release 4.0, using the Enter key to save a form resulted in a double submission. Fixed.
SPE-4475	MIA now makes an entry in the text log if it cannot start because another registered instance is running.
SPE-4476	When the primary MIA instance is uninstalled and unregistered, another registered instance is set as primary if possible so that it can be started immediately.
SPE-4479	Rule names entered in the Customer Console could contain leading and trailing spaces. Fixed: spaces are trimmed in Customer Console validation and in replication.
SPE-4487	TextCensor update preview did not work because required Visual C++ runtimes were not installed. Fixed.
SPE-4489	The Admin Console now provides a Diagnostics page to check DNS and email connectivity.
SPE-4495	Marshal Agent did not correctly detect that an Array Manger had already been registered with SPE in some cases. Fixed.
SPE-4526	In release 4.0, alias addresses were not imported in Connector Agent groups. Fixed.
SPE-4528	In release 4.0, imported user groups with aliases were displayed with incorrect sorting in the Customer Console. Fixed.
SPE-4530	In release 4.0, binary files downloaded through the Admin Console or Customer Console message viewer were corrupt. Fixed.

4.0.0 (December 12, 2017)

SPE-3318	The Admin Console message viewer now shows the message envelope information in a new tab (only for Service Provider logins).
SPE-3338	Validation of domain/hostname entries now allows new global TLDs.
SPE-3848	More than one instance of MIA could be running in the same installation, causing duplicate reports and other unwanted behavior. Fixed: only one registered instance of MIA can be running.
SPE-3670	Validation of email address entries now allows new global TLDs.
SPE-3882	Unused Message Templates are not replicated, to reduce configuration size.
SPE-3976	Array relay hostname entries were not correctly validated for a maximum of 255 characters. Fixed.
SPE-3982	New arrays have the "reject unknown domains" setting enabled by default.
SPE-4024	In the Customer Console, messages delivered over TLS were never shown as "delivered successfully". Fixed.
SPE-4115	The Customer Console Distinct Users count was calculated incorrectly. Fixed.
SPE-4117	Spam Quarantine logins with the Admin privilege could not be disabled. Fixed.
SPE-4200	The Customer Console now provides a read-only display of domain delivery details, for users who do not have edit permission.
SPE-4204	In Admin Console audit history searches with multiple pages of results, the customer filter was not retained. Fixed.
SPE-4214	In the Admin Console, when a hostname is entered for relay or delivery, it is checked in DNS before being accepted.
SPE-4220	The Customer Console now validates relay entries. Entries that duplicate or closely match enabled Relay Group items are not permitted. Entries that partially match enabled items or closely match available items raise a notification.
SPE-4234	Installation checked for ASP.NET when it was not required. Fixed.
SPE-4236	The SEG License Key report has been updated to reflect currently available modules.
SPE-4253	SEG service threads can be set for each processing server.
SPE-4254	The default installation path for new installations is updated to `Program Files\Trustwave\Trustwave SPE`. Upgrade does not move existing installations.
SPE-4266	Error messages that are logged by MIA when an array cannot be contacted have been improved.
SPE-4274	TextCensor is updated with new features including Regular Expression support.
SPE-4277	Import of TextCensor v1 scripts (the format used prior to SPE 3.6) is no longer supported.
SPE-4282	SPE can now retrieve larger message log files from SEG.
SPE-4283	Connector Agent groups can no longer be directly used in policy, but must be included in Internal groups. For behavior on upgrade, see the Upgrade Notes.
SPE-4285	Message digest schedule setting in the Admin Console and Customer Console now uses a weekly grid control.
SPE-4286	The Client Settings utility when run outside the installation process now registers an agent.
SPE-4287	Message digest templates on new installations use full HTML link tags for the unsubscribe links.
SPE-4294	Messages could not be released from SQM when the addresses contained certain characters. Fixed.
SPE-4295	All Scheduled Reports for a customer are now visible to all Customer Console users with the Report permission.
SPE-4299	TextCensor scripts that are not in use are not written to SEG arrays.
SPE-4301	The Admin Console now validates relay entries. Entries that duplicate or closely match enabled Relay Group items are not permitted. Entries that partially match enabled items or closely match available items raise a notification.
SPE-4303	In the Customer Console, message queues are grouped by domain (including queues from all servers).
SPE-4319	SQM returns better messages to the user when a "trust" action (add to safe senders) cannot be completed from a digest click due to licensing restrictions.
SPE-4320	In the Customer Console mail history, searching for Dead Letter folders did not return the expected classifications and messages. Fixed.
SPE-4324	Preset User Groups cannot be given the reserved names "Licensed Users" or "All Domains".
SPE-4331	SQM passwords containing certain characters returned a "potentially dangerous request" error. Fixed.
SPE-4332	In earlier versions, when inactive trial customers were present an array was reloaded each hour. Fixed.
SPE-4335	In earlier versions, outbound customer package rules with a user matching condition were applied even if disabled. Fixed.
SPE-4336	Storage of menu security settings has been simplified. This change does not affect available options or configured settings.
SPE-4338	User and group logic has been updated to remove limits on the number of user entries.
SPE-4340	Rule user matching was not applied correctly for customer package rules when certain inclusions were present. Fixed.
SPE-4346	Disallowing Message Digests for a managed customer from the Admin Console did not disable digest generation. Fixed.
SPE-4355	Storage of group user settings has been improved. This change does not affect available options or configured settings.
SPE-4371	In release 3.8, new folders were not correctly replicated with rules. Fixed.
SPE-4372	SQM passwords containing certain characters returned a "dangerous request" error. Fixed.
SPE-4375	Performance of the TextCensor expression validator has been enhanced particularly for large scripts.
SPE-4376	Customer can be given the permission to mark a domain as "up" or "down" for delivery.
SPE-4383	Storage of customer and domain auditing information has been improved.
SPE-4384	The graphing package used for SPE reports has been updated.
SPE-4386	The Database Wizard re-created table indexes unnecessarily. Fixed.
SPE-4405	In the Admin Console, the server status display returns more quickly.
SPE-4416	Audit Trail records are now retained for a limited time. The default retention is two years. Retention can be set in the Admin Console (Retention tab of System Settings).
SPE-4442	In the Admin Console, when a customer domain is added or edited, the system verifies that at least one delivery server can be reached by all processing nodes in the assigned array.
SPE-4446	SQM login could incorrectly return the error "failed to connect to array manager". Fixed.
SPE-4457	Custom templates selected in Array Advanced properties were not correctly replicated, causing SEG services to stop. Fixed.
SPE-4470	In release 3.8.2, a user request to unsubscribe from a digest was not saved to the SEG server. Fixed.

3.8.2 (November 17, 2016)

SPE-4157	Reference to an outdated browser capability site has been removed.
SPE-4194	In the Admin Console, the list of items reported on the Array License Details window has been updated.
SPE-4198	The license enforcement action "Yes and pass through" now applies to Content rules only (connection rules are applied for "passed through" users).
SPE-4199	In the Admin Console, a new Audit tab is present for each Customer and Domain showing the date created, admin user, and internal ID information.
SPE-4202	Performance of the validation check on user group replication is improved.
SPE-4216	In earlier 3.8 releases, IP Reputation Service credentials were not updated when required by a change in SEG key. Fixed.
SPE-4219	In the Customer Console, System message templates were not sorted alphabetically. Fixed.
SPE-4221	In earlier 3.8 releases, SEG configuration was reloaded in every cycle after Force Reload was requested. Fixed.
SPE-4231	In earlier 3.8 releases, changes in the order of policy groups were not replicated. Fixed.
SPE-4232	A Registry entry is available to optimize relaying lookups by excluding specified common domains that may be covered by other relay groups or entries (such as Office 365). See Trustwave Knowledgebase article Q20723.
SPE-4235	In the Admin Console list of customers, the Customer ID is added to the fields searched by the filter function.

3.8.1 (September 29, 2016)

SPE-3554	If run from the Admin Console server (note: not a standalone MIA server), the database wizard re-creates database functions and stored procedures.
SPE-3585	Array reload history reports show additional status information.
SPE-3588	Array reload history tables in the database are pruned of old data.
SPE-4004	The Customer Console report "Overall Message Summary" better counts messages actually delivered. Help for summary reports has been updated to explain how messages are counted.
SPE-4033	In the Customer Console history and reporting pages date selectors, after selecting a year you could not select a later year. Fixed.
SPE-4116	In earlier versions, releasing an outbound message through SQM did not delete the message. Fixed.
SPE-4118	In the Customer Console, display of messages queued outbound for a domain was case-sensitive. Fixed.
SPE-4120	Order of rule conditions varied in different displays. Fixed. Processing is not affected.
SPE-4122	Order of rule actions varied in different displays. Fixed. Processing is not affected.
SPE-4123	Some DLL files were not digitally signed as required. Fixed.
SPE-4126	"Time taken to update object" lines in text logs are now recorded only when log level is set to Debug.
SPE-4128	The "all domains" user group for a customer was not renamed when the customer was renamed. Fixed.
SPE-4129	In release 3.8.0, a standalone Marshal Interface Agent server did not include the required MMInterfaceVB DLL. Fixed.
SPE-4142	In release 3.8.0, text logging of completed replication of Message Digests and Stamps had incorrect wording. Fixed.
SPE-4143	Replication of message digests is handled more efficiently.
SPE-4145	A new Customer Console report is available: "Messages Detail by Classification." This report is available only as a scheduled report.
SPE-4146	In previous versions, Marshal Interface Agent wrote copies of log messages to the database. This behavior has been disabled.
SPE-4148	Use of Internet Explorer in Compatibility Mode for the Admin Console is now enforced.
SPE-4149	Delivery hostnames are standardized to lower case.
SPE-4151	Audit logs now include the name of a reseller that was added or updated.
SPE-4153	Validation of TextCensor items is no longer performed during replication by default. Items are validated when added, edited, or imported.
SPE-4154	Validation of TextCensor items is performed on import.
SPE-4156	Audit logs for the Admin Console showed incorrect information when a rule was moved up or down in the order. Fixed.
SPE-4167	Connector Agent audit history paging could return an error due to certain values not being HTML encoded. Fixed.
SPE-4168	Uninformative audit trail entries from Marshal Interface Agent have been removed.
SPE-4170	In release 3.8.0, if a customer created a "where addressed from" condition for a package rule using an external group, the rule would not be applied for other customers. Fixed.
SPE-4171	Replication of the enforced user group conditions has been made more efficient.
SPE-4172	In release 3.8.0, the array reload history report times did not include seconds in some columns. Fixed.
SPE-4173	In release 3.8.0, package change auditing could be falsely triggered due to the order of data returned from SQL. Fixed.
SPE-4174	In release 3.8.0, customer created user group exclusions for package rules were not correctly applied. Fixed.
SPE-4175	In release 3.8.0, array configuration could be reloaded constantly and unnecessarily. Fixed.
SPE-4178	Relay Groups can be based on SPF records and dynamically updated.
SPE-4179	Relay Groups can be marked as inactive (useful to allow SPF based groups to populate).
SPE-4180	The Customer Console report Top Source of Blocked Messages is now limited to a maximum of 500 records and returns a graphical output for 25 records or fewer.
SPE-4187	In release 3.8.0, configuration changes might not be reloaded after the agents had run for 7 days. Fixed.
SPE-4188	Changes in configuration that were made during a reload could fail to set the "reload required" flag. Fixed.
SPE-4190	The Policy Backup tool has been updated to work with new features of versions 3.8.0 and 3.8.1.
SPE-4191	The Marshal Interface Agent could stop after a server start due to unavailability of SQL Server. Fixed.
SPE-4192	The Customer Console features portlet displays Trial, Archiving and Message Retention information only when these features are valid for the customer, to avoid confusion.
SPE-4196	In release 3.8.0, the Array Policy Enforce Domains option was not honored. Fixed.
SPE-4197	A TextCensor script would never trigger if it contained carriage return characters. Fixed.

3.8.0 (June 30, 2016)

SPE-3356	In the Customer Console when editing a Digest, the "All Domains" group was always included in the list displayed and would be added to the Digest if not manually removed. Fixed.
SPE-3524	Policy replication to arrays has been refactored.
SPE-3667	When a new message classification is added, the customer "administrator" login (marked with a *) is immediately granted access to the classification in Message History.
SPE-3874	In rare cases user group membership on processing nodes can be out of sync with the console view. The Customer Console now provides the ability to force refresh of user group membership to the processing nodes.
SPE-3880	Spam and Not Spam report emails are now sent "from" the customer admin email (when sent from the Customer Console) or the logged in user email (when sent from the Admin Console) to assist tracking of requests.
SPE-3929	IP Reputation Service configuration was set incorrectly when not enabled, causing the SEG Receiver to not start. Fixed.
SPE-3930	Domain delivery addresses and relay hostnames are made lower case for consistency.
SPE-3945	The SQM user list can lose synchronization with the SPE data in certain cases. Addressed with more frequent updates of the data.
SPE-3946	On an Array Manager only installation the Marshal Agent logged confusing messages about processing services. Fixed.
SPE-3947	The Marshal Agent could not register a node that had been uninstalled and reinstalled. Fixed.
SPE-3963	Visual C++ 2010 runtimes are installed on any server where Marshal Interface Agent is installed.
SPE-3969	Customer name and time zone information is now provided to the SEG database for use in customer facing output.
SPE-3971	A customer of a reseller could be assigned to an array other than the array configured for the reseller. Fixed. Note that if the array setting of a Reseller is changed, customers will not be moved automatically. Email processing is not affected. The customer must be moved manually when next edited in the Admin Console.
SPE-3977	The default "Scams" TextCensor script for new installations has been updated.
SPE-3978	The Array Status page returned an error when an Array Manager was not running. Fixed: the page loads correctly and reports the Array Manager is not running.
SPE-3983	User group import now allows the imported users to be merged rather than overwriting the existing items.
SPE-3999	In the Customer Console, customers can search packages for rules with specific text in the name or description.
SPE-4002	"Reseller: None" is available as a selection when running Admin Console reports Reseller Detail, Reseller Summary, and Customer User Variance Summary.
SPE-4003	The Customer Console Mail Search form now includes a Reset Form button.
SPE-4010	Customer Policy Summary, Billing Configured, and Reseller Summary reports display information about Active customers. Customer Policy Summary and Billing Configured can be limited to Active customers only.
SPE-4013	Editing array advanced delivery settings reset the mechanism to CRAM-MD5. Fixed.
SPE-4014	The Customer Console rule summary for Spoofing Analysis did not show the correct conditions. Fixed.
SPE-4020	Changing packages for a customer in the Admin Console is now logged for auditing.
SPE-4021	In the Customer Console Audit History, visibility of logins is limited to those with permission to log in as the specific customer.
SPE-4022	In the Admin Console customer edit dialog, selecting a reseller with an internal ID over 255 failed. Fixed.
SPE-4031	In version 3.7.7, customers could not be deleted in some cases due to relay group entries and rules not being completely removed. Fixed.
SPE-4032	In version 3.7.7, groups for inactive customers were incorrectly added to a rule and could cause configuration to not load. Fixed.
SPE-4035	In an installation with multiple arrays, user group inclusions for a customer package rule were not filtered to members on the particular array, causing an invalid configuration to be written. Fixed.
SPE-4042	Scheduled reports generated in time zones with a half hour value in -UTC displayed an incorrect offset in the report header. Fixed.
SPE-4045	Distributed files created after January 1, 2016 are signed with a SHA-2 certificate.
SPE-4053	The Domain Traffic reporting snapshot was not always generated. Fixed.
SPE-4054	The Client Settings tool now allows manual setting of the client ID as required for API clients.
SPE-4059	Incorrect licensing checks for the IP Reputation Service could cause the Receiver to stop. Fixed.
SPE-4064	The Admin Console dashboard showed an error in a menu when a processing node had been removed from an array. Fixed.
SPE-4065	The Admin Console Service Level report incorrectly showed deleted processing nodes with no available data. Fixed.
SPE-4084	The Customer Console Audit History did not display prior values of changed items. Fixed.
SPE-4090	DKIM detection is now available in SPE Rules.

3.7.7 (December 7, 2015)

SPE-3980	In the Customer Console, entering subdomains as exclusions from Blended Threats rewriting was not permitted. Fixed.
SPE-3981	The TLS version rule condition in the Customer Console now supports selection of TLSv1.1 and TLSv1.2.
SPE-3984	The TLS version rule condition in the Admin Console now supports selection of TLSv1.1 and TLSv1.2.
SPE-3985	Scheduled report output could include data for incorrect dates (one day older than requested) depending on server and customer time zones. Fixed.
SPE-3998	In the Customer Console, "Rules Allowed" is no longer shown for Managed customers because they do not have permission to create rules.

3.7.6 (August 5, 2015)

SPE-3916	A Reseller or Customer could specify a custom branding URL for the Customer Console that was the same as the global URL. Fixed.
SPE-3926	Pruning of a large number of domain traffic records could cause the Marshal Interface Agent to stop. Fixed.
SPE-3929	In release 3.7.5, replication of configuration to the arrays could incorrectly affect the IP Reputation Service credentials, causing the Receiver to stop. Fixed.
SPE-3931	The Transaction Isolation Level used for database upgrades has been changed to be compatible with replicated tables.
SPE-3944	In release 3.7.5, making a copy of Array Policy rules or policies to a disabled state did not work as expected. Fixed.

3.7.5 (July 9, 2015)

SPE-3316	By default messages sent to a customer on the same SPE array are delivered by local loopback rather than by MX lookup. This option can be set for each customer and excluded for individual domains. On upgrade the previous behavior (MX lookup) is not changed.
SPE-3671	Global (system) digest templates can be made available to customers, and customers can be restricted to using these digest templates only.
SPE-3691	In the Customer Console, logging out did not clear the .NET session information. Fixed.
SPE-3758	The SQM provides improved information when a user attempts to release a message that was already processed.
SPE-3767	Message view from mail history results more clearly indicates that the message content is not available for viewing.
SPE-3776	The Enable Relay Entries and Enable Relay Groups settings in customer properties are now found on the General tab.
SPE-3783	Service executable paths were not quoted. Fixed.
SPE-3819	SQM log files were not purged on the expected schedule. Fixed.
SPE-3839	A new option in the Customer Console Message History allows action to be taken on all results over multiple display screens.
SPE-3840	In the Admin Console, when a rule or policy is copied or duplicated, the state can be specified (enabled, disabled, or deactivated).
SPE-3846	The Replication Agent could stop responding after repeated calls to the array manager due to unreleased memory. Fixed.
SPE-3858	In earlier 3.7 versions, email delivery of on-screen reports failed. Fixed.
SPE-3860	In Customer Console Audit History, paging failed when certain characters were found in hidden fields. Fixed.
SPE-3861	Customer packages and customer package rules can now be enabled or disabled for all customers currently assigned the package.
SPE-3863	Changing the text of a message stamp in the Customer Console did not always cause a reload of the policy. Fixed.
SPE-3865	Customer deletion is moved to a stored procedure for maintainability.
SPE-3866	In Customer Console message history search results, messages can now be deleted individually or in bulk as a separate action.
SPE-3870	Forced reload of an array could generate a false notification of failure due to a timing issue. Fixed.
SPE-3871	The Reseller view of the Admin Console now shows help only for the pages and features available to resellers.
SPE-3872	In the Admin Console message viewer, hex encoded HTML characters caused a fault. Fixed.
SPE-3888	Admin Console Audit History search menus are sorted and logins are tagged for the customer, reseller or provider they belong to.
SPE-3891	The News Feeds feature has been removed from the Admin Console.
SPE-3905	By default "bare" CR or LF characters in messages are changed to CRLF.
SPE-3910	Password hash values are no longer written in audit records.

3.7.0 (March 4, 2015)

SPE-2329	SQM registration requests that have not been completed by the user are purged periodically.
SPE-3518	Notifications using plain text templates created in the Customer Console could incorrectly attempt to attach a file when none was selected or required. Fixed.
SPE-3558	The utility email sender (EASendMail) has been updated to resolve a timeout issue.
SPE-3660	User Group information was not refreshed every minute as expected in some circumstances. Fixed.
SPE-3708	The Customer Console policy User Matching dialog would not load for policies whose content was hidden from the customer. Fixed.
SPE-3722	Weekly scheduled reports did not honor the scheduled day. Data could be blank or doubled in some cases for some days. Time zones were not correctly calculated. Fixed.
SPE-3723	Where SQM auto-provisioning is enabled, clicking the "trust" link in a digest creates the SQM user if necessary.
SPE-3736	Names of TextCensor scripts and templates entered in the Customer Console did not have extra whitespace removed, causing issues when the items were applied. Fixed.
SPE-3771	The Marshal Agent was logging many irrelevant "route not found" messages. Fixed.
SPE-3772	The Domain Traffic scheduled report could fail with a duplicate key error. Fixed.
SPE-3794	The .NET version in the installer is updated to 4.0 and application pools are created with ASP.NET 4.0.
SPE-3806	The Visual C++ 2013 redistributables are now included in the installer. Visual C++ 2005 redistributables are removed.
SPE-3808	The From address for password reset confirmation email could be incorrect or missing. Fixed.
SPE-3810	Background database procedures could fail on a large database due to short timeout settings. Fixed.
SPE-3811	User Group information is loaded more efficiently to the SEG arrays.
SPE-3815	A database stored procedure did not correctly handle the case of deleted customers. Fixed.
SPE-3816	The Marshal Interface Agent now sends email to the administrator if it cannot connect to the web licensing site.
SPE-3818	SQM logs could be created with naming in the language set by the client browser. Fixed.
SPE-3834	Enabling or disabling TLS for a domain from the Customer Console did not work. Fixed.

To review Release History prior to version 3.7, please see the Release Notes for the specific versions.

Legal Notice

All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. While every precaution has been taken in the preparation of this document, Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.

While the authors have used their best efforts in preparing this document, they make no representation or warranties with respect to the accuracy or completeness of the contents of this document and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the author nor Trustwave shall be liable for any loss of profit or any commercial damages, including but not limited to direct, indirect, special, incidental, consequential, or other damages.

Trademarks

Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.

About Trustwave®

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.