Trustwave SPE 4.2 Release Notes

Last Revision: December 04, 2020


The information in this document is current as of the date of publication. To check for any later information about this release, please see Trustwave Knowledge Base article Q20992.

For the latest product documentation, please see the Trustwave SPE Support website: https://www.trustwave.com/support/SEG-Service-Provider-Edition/.

Table of Contents

New Features
System Requirements
Upgrade Instructions
Uninstalling
Release History

New Features

For more information about additional minor features and bug fixes, see the release history.

Features New in Release 4.2.4

Features New in Release 4.2.0

Features New in Release 4.0.3

Features New in Release 4.0.2

Features New in Release 4.0.1

Features New in Release 4.0.0

Features New in Release 3.8.1

Features New in Release 3.8.0

Features New in Release 3.7.5

Features New in Release 3.7

Features New in Release 3.6.5

Features New in Release 3.6.2

Features New in Release 3.6

Features New in Release 3.5

Features New in Release 3.2

Features New in Release 3.1

Features New in Release 3.0

For feature enhancements in earlier releases, please refer to the Release Notes for the specific release.

System Requirements

Trustwave SPE 4.2 requires you to install the latest Trustwave SEG 8.2 release (8.2.3 or later; please see Trustwave Knowledge Base article Q20992 for the most current information).

For a detailed list of requirements, see the Administrator Guide. Note in particular:

Upgrade Instructions

This release supports direct upgrade from version 3.7.0 and above. To upgrade from earlier released versions, first upgrade the earlier version to at least version 3.7.0 (for details, see the release notes for version 3.7.0).

Before upgrading, review the upgrade notes (below) for all versions later than the version you are upgrading from. Check system requirements.

To upgrade from version 3.7.0 or above:

  1. Upgrade each server where Trustwave SEG components are installed to the latest supported Trustwave SEG 8.0 release, as advised by Trustwave.
  2. Run the Trustwave SPE product installer on each server where Trustwave SPE components are installed.

Note: For more details of recommended steps, see Trustwave Knowledge Base article 12201.

To upgrade the Connector Agent at customer sites, run the Connector Agent installer on each Customer server.

Upgrade Notes 4.2.0

Note: Be sure to review upgrade notes for all versions later than the installed version!

Upgrade Notes 4.0.0

Upgrade Notes 3.8.0

Upgrade notes 3.7.5

Upgrade notes 3.7.0

For upgrade notes affecting earlier releases, please refer to the Release Notes for the specific release.

Uninstalling

For full details of the uninstall process, see the Administrator Guide. In general, uninstallation can be completed as follows:

  1. Stop all components on all servers.
  2. Use Add/Remove Programs from the Windows Control Panel to remove Trustwave SPE on all servers.
  3. Remove the Trustwave SPE configuration database.

Uninstallation leaves Trustwave SEG servers and databases intact. However, the configuration left in place may not be suitable for use outside the Trustwave SPE environment.

Release History

The following items have been changed or updated in the specific build versions of Trustwave SPE listed. To check for any later information about the current release, please see Trustwave Knowledge Base article Q20992.

Note: For additional information about changed items, review the Release Notes for your installed version of Trustwave SEG.

4.2.4 (December 04, 2020)

SPE-4432 Archived messages were included in the "Top sources of blocked messages" report. Fixed.
SPE-4433 Messages between customers, that were classified by the sending customer, could appear in the receiving customer's classification reports. Fixed.
SPE-4585 SSO login resiliency and logging are improved.
SPE-4728 When "Reject Unknown Domains" was selected, mail for expired trial customers was rejected. Updated behavior: Mail for expired trial customers is passed through without processing even if "Reject Unknown Domains" is selected.
SPE-4745 The Customer Console now provides the "prepend to subject" rule action.
SPE-4768 A Category Script can be restricted to a specific customer.
SPE-4960 In previous 4.X versions, newly added classifications were not visible to customer administrators. Fixed.
SPE-5004 In the Customer Console, message retrieval security is enhanced.
SPE-5125 In the Admin Console, the Apply DKIM rule action option for failed signing did not show all available folders (standard outbound folders). Fixed.
SPE-5144 Excessive logging in MIA file updates has been removed.
SPE-5147 In version 4.2.0, reports and other long running processes could time out after 100 seconds. Fixed.
SPE-5189 Configuration updates are now checked for referential integrity before being applied. Backups of the SEG Registry keys are automatically maintained to support this feature.
SPE-5216 In earlier 4.2 releases, the Scheduled Reports page in the Customer Console did not work from Internet Explorer. Fixed.
SPE-5217 SQM SSO could cause synchronization issues doe to very long internal random user passwords. Fixed.
SPE-5245 All user groups could be reloaded unnecessarily in rare cases. Fixed.
SPE-5247 In release 4.2.0, replication of rule criteria could be incorrect for certain values of the SPE module licensing.
SPE-5275 A customer with SQM SSO configured could not be deleted. Fixed.
SPE-5277 Reports could fail with a JSON length error. Fixed.
SPE-5299 In the Customer Console, text entered in the email history search is now trimmed to reduce issues with pasted values.
SPE-5337 In the Customer Console, minimum password length was not properly enforced in some cases. Fixed.
SPE-5341 Installation includes the MSOLEDBSQL database driver (supporting TLS v1.2 secured connections).
SPE-5349 CSV export files now include the UTF-8 Byte Order Mark for ease of use with Microsoft Excel.
SPE-5387 The upgrade process for XSP-4283 (Connector Agent groups not used directly in rules) updated the groups but not rules. Fixed.
SPE-5389 Marshal Agent code is updated to use .NET Core.
SPE-5392 SQL scripts needed by SPE are updated in the SEG database only for new arrays or if explicitly requested.
SPE-5453 In some cases selecting "Force Reload" or "Apply Configuration" in the Admin Console did not trigger the required action. Fixed.
SPE-5515 Marshal Agent is more resilient to errors in worker threads.
SPE-5529 Preset user groups were re-synchronized unnecessarily when a customer was deleted. Fixed.
SPE-5626 The Database Wizard now uses the MSOLEDBSQL driver for enhanced TLS compatibility.

4.2.0 (October 31, 2019)

SPE-4213 Scheduled Report logging and error logging have been improved.
SPE-4445 HTML to plain text conversion uses an updated solution.
SPE-4472 Rules and policies are now identified with a GUID to assist with replication and upgrades.
SPE-4473 A new Admin Console report shows customer packages for each customer.
SPE-4494 In the Admin Console, Relay groups IP entries ending in 0 were not allowed. Fixed.
SPE-4504 Scheduled report parameters are stored in JSON format.
SPE-4527 In version 4.0, the buttons on the SQM Welcome page did not function correctly. Fixed.
SPE-4531 The URL for SQM is written to SEG node configuration for use in notifications.
SPE-4533 Routing Tables replicated to SEG use the new required format.
SPE-4565 The Customer Console Message Template editor better handles cancellations and changes.
SPE-4566 In the Admin Console, validation of TLS domain entries did not correctly handle subdomains. Fixed.
SPE-4567 TextCensor scripts saved in the Customer Console were not correctly replicated due to an incorrect parameter. Fixed.
SPE-4578 In the Customer Console, users with appropriate privileges can choose which login is "primary" for the customer.
SPE-4590 The Marshal Interface Agent now exposes a REST interface which is used for communication by other SPE components.
SPE-4603 Outbound customer package rules no longer allow IP groups.
SPE-4615 The Customer Console User Groups page did not work correctly when a total of more than 100,000 users was imported. Fixed.
SPE-4619 In the Customer Console, the CSV Message History export now includes the "Type" column.
SPE-4625 In the Admin Console, templates used in Array Templates were marked as "not used". Fixed.
SPE-4628 In the Customer Console, refreshing while editing templates did not work as expected. Fixed.
SPE-4637 Scheduled reports were generated for inactive customers. Fixed.
SPE-4638 In the Customer Console, Message Template editing did not always show the correct tabs or convert between Plain and HTML as expected. Fixed.
SPE-4657 In release 4.0.3, Visual C++ 2010 (required for TextCensor administration) was not installed on an Admin Console-only server. Fixed.
SPE-4671 The Admin Console supports selection of key length for DKIM keys.
SPE-4672 In the Admin Console, performance of the Domains page is improved.
SPE-4687 In the Customer Console, From IP is included in Message history export.
SPE-4695 Preset Rule user groups were not correctly written in specific cases. Fixed.
SPE-4699 Preset IP Groups are only available for inbound rules.
SPE-4700 In the Customer Console, loading time for the Package Policies page is improved.
SPE-4705 DMARC evaluation rules support ignoring the PCT keyword.
SPE-4718 In the Admin Console, a Reseller could set the Customer Host to be the same URL as the global host. Fixed.
SPE-4723 In the Admin Console, editing usage of a Customer Package altered IP Group user matching on the package for other customers. Fixed.
SPE-4725 The PDF generation module is update to the latest version to support Windows Server 2016.
SPE-4729 The Customer Console message viewer allows the entire message to be downloaded.
SPE-4730 The Customer Console message viewer allows message logs to be easily copied to the clipboard.
SPE-4736 The Customer Console report "Messages per classification per user" returned multiple lines for Classification Group members. Fixed.
SPE-4737 Message Templates and Message Stamps could include bare Linefeeds. Fixed: Linefeeds are corrected to CRLF.

4.0.3 (February 12, 2019)

SPE-4574 Duplicate checking for Array TLS settings was incorrect. Fixed.
SPE-4575 In version 4.0.2, TextCensor Scripts added in the Customer Console caused a replication failure. Fixed.
SPE-4576 Hostnames with parts consisting entirely of digits could not be added for domain delivery. Fixed.
SPE-4594 A Preset User Group or Preset IP Group is only visible in the Customer Console if it is used in a rule that is available to the customer.
SPE-4597 Preset IP Groups were not created for new customers. Fixed.
SPE-4599 Customer copies of Preset IP Groups were not correctly removed when the customer was deleted. Fixed.
SPE-4601 In earlier 4.0 releases, TextCensor script validation did not accept some valid items. Fixed.
SPE-4602 IP group exceptions were not correctly applied to customer package policies and rules. Fixed.
SPE-4603 IP group exceptions are not allowed for outgoing customer package policies.
SPE-4604 In the Customer Console, performance of Rule Summary and Package Policy display is improved.
SPE-4606 On earlier 4.0 installations upgraded from version 3.8.2, Customer Package Rules could not be created in a disabled state. Fixed.
SPE-4608 In earlier 4.0 releases, attempting to forward a message from the Message Viewer window failed. Fixed.
SPE-4609 Additional indexes have been added to the SPE User Group tables to improve performance.
SPE-4610 Disabled rules that did not have the "allow customer to disable" setting were applied to processing incorrectly. Fixed.
SPE-4611 In the Admin Console, clicking "Disable" for a disabled customer package applied additional exceptions to the running policy. Fixed.
SPE-4616 In the Admin Console Reseller view, saving changes to a customer with SQM users raised an incorrect warning dialog. The "demo customer" setting could also be unexpectedly enabled in a specific case. Fixed.
SPE-4617 A customer could not be deleted when notifications existed. Fixed.
SPE-4618 Arrays could not be deleted if IP Groups existed. Fixed.
SPE-4620 Delivery server status was validated when setting a domain to inactive. Fixed.
SPE-4621 Selection of the theme to use for each SQM user on login is improved.
SPE-4623 The initial login created for a new customer did not see notifications created before the login was created. Fixed.
SPE-4627 The Diagnostics page now tests connectivity by hostname if a FQDN is entered and does not return MX records.
SPE-4630 In the Customer Console, the single quote character could not be entered in the Executive Names List. Fixed.
SPE-4632 Validation of TextCensor scripts on upgrade is improved.
SPE-4633 In the Admin Console, the initial login for a customer could be created with the reserved names "sitelogin" or "supportlogin". Fixed.
SPE-4636 In release 4.0.2, Admin Console editing of System TextCensors displayed incorrect information. Fixed.
SPE-4640 In the Customer Console, the Rule Summary could display incorrect cached details. Fixed.
SPE-4642 In earlier 4.0 releases, editing the first expression in a System TextCensor script returned an error. Fixed.

4.0.2 (May 25, 2018; no public release)

SPE-3426 Some Customer Console features did not work correctly in Google Chrome due to incorrect browser detection. Fixed.
SPE-4520 In the Customer Console, when editing a scheduled report the configured list of domains was not selected. Fixed.
SPE-4534 Reseller Site and Support logins did not have Customer Console Menu Security settings. Fixed: Menu Security for these logins can be set in the Admin Console.
SPE-4545 The Customer User Variance Summary report failed if a user with the same primary address and same alias address was found in two LDAP groups. Fixed.
SPE-4558 The Customer Console login page password field is now cleared if login fails.

4.0.1 (March 6, 2018)

SPE-4305 In the Admin Console, IPv6 ranges in IP Groups could have an end address lower than the start address. Fixed.
SPE-4307 In the Admin Console, IPv6 ranges in Relay Groups could have an end address lower than the start address. Fixed.
SPE-4374 In some earlier releases, users could not unsubscribe from digests created in the Admin Console. Fixed.
SPE-4459 Templates were replicated to arrays where they were not used. Fixed.
SPE-4467 In release 4.0, the SAML Identity Provider name was not required to be unique. Fixed.
SPE-4468 In release 4.0, using the Enter key to save a form resulted in a double submission. Fixed.
SPE-4475 MIA now makes an entry in the text log if it cannot start because another registered instance is running.
SPE-4476 When the primary MIA instance is uninstalled and unregistered, another registered instance is set as primary if possible so that it can be started immediately.
SPE-4479 Rule names entered in the Customer Console could contain leading and trailing spaces. Fixed: spaces are trimmed in Customer Console validation and in replication.
SPE-4487 TextCensor update preview did not work because required Visual C++ runtimes were not installed. Fixed.
SPE-4489 The Admin Console now provides a Diagnostics page to check DNS and email connectivity.
SPE-4495 Marshal Agent did not correctly detect that an Array Manger had already been registered with SPE in some cases. Fixed.
SPE-4526 In release 4.0, alias addresses were not imported in Connector Agent groups. Fixed.
SPE-4528 In release 4.0, imported user groups with aliases were displayed with incorrect sorting in the Customer Console. Fixed.
SPE-4530 In release 4.0, binary files downloaded through the Admin Console or Customer Console message viewer were corrupt. Fixed.

4.0.0 (December 12, 2017)

SPE-3318 The Admin Console message viewer now shows the message envelope information in a new tab (only for Service Provider logins).
SPE-3338 Validation of domain/hostname entries now allows new global TLDs.
SPE-3848 More than one instance of MIA could be running in the same installation, causing duplicate reports and other unwanted behavior. Fixed: only one registered instance of MIA can be running.
SPE-3670 Validation of email address entries now allows new global TLDs.
SPE-3882 Unused Message Templates are not replicated, to reduce configuration size.
SPE-3976 Array relay hostname entries were not correctly validated for a maximum of 255 characters. Fixed.
SPE-3982 New arrays have the "reject unknown domains" setting enabled by default.
SPE-4024 In the Customer Console, messages delivered over TLS were never shown as "delivered successfully". Fixed.
SPE-4115 The Customer Console Distinct Users count was calculated incorrectly. Fixed.
SPE-4117 Spam Quarantine logins with the Admin privilege could not be disabled. Fixed.
SPE-4200 The Customer Console now provides a read-only display of domain delivery details, for users who do not have edit permission.
SPE-4204 In Admin Console audit history searches with multiple pages of results, the customer filter was not retained. Fixed.
SPE-4214 In the Admin Console, when a hostname is entered for relay or delivery, it is checked in DNS before being accepted.
SPE-4220 The Customer Console now validates relay entries. Entries that duplicate or closely match enabled Relay Group items are not permitted. Entries that partially match enabled items or closely match available items raise a notification.
SPE-4234 Installation checked for ASP.NET when it was not required. Fixed.
SPE-4236 The SEG License Key report has been updated to reflect currently available modules.
SPE-4253 SEG service threads can be set for each processing server.
SPE-4254 The default installation path for new installations is updated to Program Files\Trustwave\Trustwave SPE. Upgrade does not move existing installations.
SPE-4266 Error messages that are logged by MIA when an array cannot be contacted have been improved.
SPE-4274 TextCensor is updated with new features including Regular Expression support.
SPE-4277 Import of TextCensor v1 scripts (the format used prior to SPE 3.6) is no longer supported.
SPE-4282 SPE can now retrieve larger message log files from SEG.
SPE-4283 Connector Agent groups can no longer be directly used in policy, but must be included in Internal groups. For behavior on upgrade, see the Upgrade Notes.
SPE-4285 Message digest schedule setting in the Admin Console and Customer Console now uses a weekly grid control.
SPE-4286 The Client Settings utility when run outside the installation process now registers an agent.
SPE-4287 Message digest templates on new installations use full HTML link tags for the unsubscribe links.
SPE-4294 Messages could not be released from SQM when the addresses contained certain characters. Fixed.
SPE-4295 All Scheduled Reports for a customer are now visible to all Customer Console users with the Report permission.
SPE-4299 TextCensor scripts that are not in use are not written to SEG arrays.
SPE-4301 The Admin Console now validates relay entries. Entries that duplicate or closely match enabled Relay Group items are not permitted. Entries that partially match enabled items or closely match available items raise a notification.
SPE-4303 In the Customer Console, message queues are grouped by domain (including queues from all servers).
SPE-4319 SQM returns better messages to the user when a "trust" action (add to safe senders) cannot be completed from a digest click due to licensing restrictions.
SPE-4320 In the Customer Console mail history, searching for Dead Letter folders did not return the expected classifications and messages. Fixed.
SPE-4324 Preset User Groups cannot be given the reserved names "Licensed Users" or "All Domains".
SPE-4331 SQM passwords containing certain characters returned a "potentially dangerous request" error. Fixed.
SPE-4332 In earlier versions, when inactive trial customers were present an array was reloaded each hour. Fixed.
SPE-4335 In earlier versions, outbound customer package rules with a user matching condition were applied even if disabled. Fixed.
SPE-4336 Storage of menu security settings has been simplified. This change does not affect available options or configured settings.
SPE-4338 User and group logic has been updated to remove limits on the number of user entries.
SPE-4340 Rule user matching was not applied correctly for customer package rules when certain inclusions were present. Fixed.
SPE-4346 Disallowing Message Digests for a managed customer from the Admin Console did not disable digest generation. Fixed.
SPE-4355 Storage of group user settings has been improved. This change does not affect available options or configured settings.
SPE-4371 In release 3.8, new folders were not correctly replicated with rules. Fixed.
SPE-4372 SQM passwords containing certain characters returned a "dangerous request" error. Fixed.
SPE-4375 Performance of the TextCensor expression validator has been enhanced particularly for large scripts.
SPE-4376 Customer can be given the permission to mark a domain as "up" or "down" for delivery.
SPE-4383 Storage of customer and domain auditing information has been improved.
SPE-4384 The graphing package used for SPE reports has been updated.
SPE-4386 The Database Wizard re-created table indexes unnecessarily. Fixed.
SPE-4405 In the Admin Console, the server status display returns more quickly.
SPE-4416 Audit Trail records are now retained for a limited time. The default retention is two years. Retention can be set in the Admin Console (Retention tab of System Settings).
SPE-4442 In the Admin Console, when a customer domain is added or edited, the system verifies that at least one delivery server can be reached by all processing nodes in the assigned array.
SPE-4446 SQM login could incorrectly return the error "failed to connect to array manager". Fixed.
SPE-4457 Custom templates selected in Array Advanced properties were not correctly replicated, causing SEG services to stop. Fixed.
SPE-4470 In release 3.8.2, a user request to unsubscribe from a digest was not saved to the SEG server. Fixed.

3.8.2 (November 17, 2016)

SPE-4157 Reference to an outdated browser capability site has been removed.
SPE-4194 In the Admin Console, the list of items reported on the Array License Details window has been updated.
SPE-4198 The license enforcement action "Yes and pass through" now applies to Content rules only (connection rules are applied for "passed through" users).
SPE-4199 In the Admin Console, a new Audit tab is present for each Customer and Domain showing the date created, admin user, and internal ID information.
SPE-4202 Performance of the validation check on user group replication is improved.
SPE-4216 In earlier 3.8 releases, IP Reputation Service credentials were not updated when required by a change in SEG key. Fixed.
SPE-4219 In the Customer Console, System message templates were not sorted alphabetically. Fixed.
SPE-4221 In earlier 3.8 releases, SEG configuration was reloaded in every cycle after Force Reload was requested. Fixed.
SPE-4231 In earlier 3.8 releases, changes in the order of policy groups were not replicated. Fixed.
SPE-4232 A Registry entry is available to optimize relaying lookups by excluding specified common domains that may be covered by other relay groups or entries (such as Office 365). See Trustwave Knowledgebase article Q20723.
SPE-4235 In the Admin Console list of customers, the Customer ID is added to the fields searched by the filter function.

3.8.1 (September 29, 2016)

SPE-3554 If run from the Admin Console server (note: not a standalone MIA server), the database wizard re-creates database functions and stored procedures.
SPE-3585 Array reload history reports show additional status information.
SPE-3588 Array reload history tables in the database are pruned of old data.
SPE-4004 The Customer Console report "Overall Message Summary" better counts messages actually delivered. Help for summary reports has been updated to explain how messages are counted.
SPE-4033 In the Customer Console history and reporting pages date selectors, after selecting a year you could not select a later year. Fixed.
SPE-4116 In earlier versions, releasing an outbound message through SQM did not delete the message. Fixed.
SPE-4118 In the Customer Console, display of messages queued outbound for a domain was case-sensitive. Fixed.
SPE-4120 Order of rule conditions varied in different displays. Fixed. Processing is not affected.
SPE-4122 Order of rule actions varied in different displays. Fixed. Processing is not affected.
SPE-4123 Some DLL files were not digitally signed as required. Fixed.
SPE-4126 "Time taken to update object" lines in text logs are now recorded only when log level is set to Debug.
SPE-4128 The "all domains" user group for a customer was not renamed when the customer was renamed. Fixed.
SPE-4129 In release 3.8.0, a standalone Marshal Interface Agent server did not include the required MMInterfaceVB DLL. Fixed.
SPE-4142 In release 3.8.0, text logging of completed replication of Message Digests and Stamps had incorrect wording. Fixed.
SPE-4143 Replication of message digests is handled more efficiently.
SPE-4145 A new Customer Console report is available: "Messages Detail by Classification." This report is available only as a scheduled report.
SPE-4146 In previous versions, Marshal Interface Agent wrote copies of log messages to the database. This behavior has been disabled.
SPE-4148 Use of Internet Explorer in Compatibility Mode for the Admin Console is now enforced.
SPE-4149 Delivery hostnames are standardized to lower case.
SPE-4151 Audit logs now include the name of a reseller that was added or updated.
SPE-4153 Validation of TextCensor items is no longer performed during replication by default. Items are validated when added, edited, or imported.
SPE-4154 Validation of TextCensor items is performed on import.
SPE-4156 Audit logs for the Admin Console showed incorrect information when a rule was moved up or down in the order. Fixed.
SPE-4167 Connector Agent audit history paging could return an error due to certain values not being HTML encoded. Fixed.
SPE-4168 Uninformative audit trail entries from Marshal Interface Agent have been removed.
SPE-4170 In release 3.8.0, if a customer created a "where addressed from" condition for a package rule using an external group, the rule would not be applied for other customers. Fixed.
SPE-4171 Replication of the enforced user group conditions has been made more efficient.
SPE-4172 In release 3.8.0, the array reload history report times did not include seconds in some columns. Fixed.
SPE-4173 In release 3.8.0, package change auditing could be falsely triggered due to the order of data returned from SQL. Fixed.
SPE-4174 In release 3.8.0, customer created user group exclusions for package rules were not correctly applied. Fixed.
SPE-4175 In release 3.8.0, array configuration could be reloaded constantly and unnecessarily. Fixed.
SPE-4178 Relay Groups can be based on SPF records and dynamically updated.
SPE-4179 Relay Groups can be marked as inactive (useful to allow SPF based groups to populate).
SPE-4180 The Customer Console report Top Source of Blocked Messages is now limited to a maximum of 500 records and returns a graphical output for 25 records or fewer.
SPE-4187 In release 3.8.0, configuration changes might not be reloaded after the agents had run for 7 days. Fixed.
SPE-4188 Changes in configuration that were made during a reload could fail to set the "reload required" flag. Fixed.
SPE-4190 The Policy Backup tool has been updated to work with new features of versions 3.8.0 and 3.8.1.
SPE-4191 The Marshal Interface Agent could stop after a server start due to unavailability of SQL Server. Fixed.
SPE-4192 The Customer Console features portlet displays Trial, Archiving and Message Retention information only when these features are valid for the customer, to avoid confusion.
SPE-4196 In release 3.8.0, the Array Policy Enforce Domains option was not honored. Fixed.
SPE-4197 A TextCensor script would never trigger if it contained carriage return characters. Fixed.

3.8.0 (June 30, 2016)

SPE-3356 In the Customer Console when editing a Digest, the "All Domains" group was always included in the list displayed and would be added to the Digest if not manually removed. Fixed.
SPE-3524 Policy replication to arrays has been refactored.
SPE-3667 When a new message classification is added, the customer "administrator" login (marked with a *) is immediately granted access to the classification in Message History.
SPE-3874 In rare cases user group membership on processing nodes can be out of sync with the console view. The Customer Console now provides the ability to force refresh of user group membership to the processing nodes.
SPE-3880 Spam and Not Spam report emails are now sent "from" the customer admin email (when sent from the Customer Console) or the logged in user email (when sent from the Admin Console) to assist tracking of requests.
SPE-3929 IP Reputation Service configuration was set incorrectly when not enabled, causing the SEG Receiver to not start. Fixed.
SPE-3930 Domain delivery addresses and relay hostnames are made lower case for consistency.
SPE-3945 The SQM user list can lose synchronization with the SPE data in certain cases. Addressed with more frequent updates of the data.
SPE-3946 On an Array Manager only installation the Marshal Agent logged confusing messages about processing services. Fixed.
SPE-3947 The Marshal Agent could not register a node that had been uninstalled and reinstalled. Fixed.
SPE-3963 Visual C++ 2010 runtimes are installed on any server where Marshal Interface Agent is installed.
SPE-3969 Customer name and time zone information is now provided to the SEG database for use in customer facing output.
SPE-3971 A customer of a reseller could be assigned to an array other than the array configured for the reseller. Fixed. Note that if the array setting of a Reseller is changed, customers will not be moved automatically. Email processing is not affected. The customer must be moved manually when next edited in the Admin Console.
SPE-3977 The default "Scams" TextCensor script for new installations has been updated.
SPE-3978 The Array Status page returned an error when an Array Manager was not running. Fixed: the page loads correctly and reports the Array Manager is not running.
SPE-3983 User group import now allows the imported users to be merged rather than overwriting the existing items.
SPE-3999 In the Customer Console, customers can search packages for rules with specific text in the name or description.
SPE-4002 "Reseller: None" is available as a selection when running Admin Console reports Reseller Detail, Reseller Summary, and Customer User Variance Summary.
SPE-4003 The Customer Console Mail Search form now includes a Reset Form button.
SPE-4010 Customer Policy Summary, Billing Configured, and Reseller Summary reports display information about Active customers. Customer Policy Summary and Billing Configured can be limited to Active customers only.
SPE-4013 Editing array advanced delivery settings reset the mechanism to CRAM-MD5. Fixed.
SPE-4014 The Customer Console rule summary for Spoofing Analysis did not show the correct conditions. Fixed.
SPE-4020 Changing packages for a customer in the Admin Console is now logged for auditing.
SPE-4021 In the Customer Console Audit History, visibility of logins is limited to those with permission to log in as the specific customer.
SPE-4022 In the Admin Console customer edit dialog, selecting a reseller with an internal ID over 255 failed. Fixed.
SPE-4031 In version 3.7.7, customers could not be deleted in some cases due to relay group entries and rules not being completely removed. Fixed.
SPE-4032 In version 3.7.7, groups for inactive customers were incorrectly added to a rule and could cause configuration to not load. Fixed.
SPE-4035 In an installation with multiple arrays, user group inclusions for a customer package rule were not filtered to members on the particular array, causing an invalid configuration to be written. Fixed.
SPE-4042 Scheduled reports generated in time zones with a half hour value in -UTC displayed an incorrect offset in the report header. Fixed.
SPE-4045 Distributed files created after January 1, 2016 are signed with a SHA-2 certificate.
SPE-4053 The Domain Traffic reporting snapshot was not always generated. Fixed.
SPE-4054 The Client Settings tool now allows manual setting of the client ID as required for API clients.
SPE-4059 Incorrect licensing checks for the IP Reputation Service could cause the Receiver to stop. Fixed.
SPE-4064 The Admin Console dashboard showed an error in a menu when a processing node had been removed from an array. Fixed.
SPE-4065 The Admin Console Service Level report incorrectly showed deleted processing nodes with no available data. Fixed.
SPE-4084 The Customer Console Audit History did not display prior values of changed items. Fixed.
SPE-4090 DKIM detection is now available in SPE Rules.

3.7.7 (December 7, 2015)

SPE-3980 In the Customer Console, entering subdomains as exclusions from Blended Threats rewriting was not permitted. Fixed.
SPE-3981 The TLS version rule condition in the Customer Console now supports selection of TLSv1.1 and TLSv1.2.
SPE-3984 The TLS version rule condition in the Admin Console now supports selection of TLSv1.1 and TLSv1.2.
SPE-3985 Scheduled report output could include data for incorrect dates (one day older than requested) depending on server and customer time zones. Fixed.
SPE-3998 In the Customer Console, "Rules Allowed" is no longer shown for Managed customers because they do not have permission to create rules.

3.7.6 (August 5, 2015)

SPE-3916 A Reseller or Customer could specify a custom branding URL for the Customer Console that was the same as the global URL. Fixed.
SPE-3926 Pruning of a large number of domain traffic records could cause the Marshal Interface Agent to stop. Fixed.
SPE-3929 In release 3.7.5, replication of configuration to the arrays could incorrectly affect the IP Reputation Service credentials, causing the Receiver to stop. Fixed.
SPE-3931 The Transaction Isolation Level used for database upgrades has been changed to be compatible with replicated tables.
SPE-3944 In release 3.7.5, making a copy of Array Policy rules or policies to a disabled state did not work as expected. Fixed.

3.7.5 (July 9, 2015)

SPE-3316 By default messages sent to a customer on the same SPE array are delivered by local loopback rather than by MX lookup. This option can be set for each customer and excluded for individual domains. On upgrade the previous behavior (MX lookup) is not changed.
SPE-3671 Global (system) digest templates can be made available to customers, and customers can be restricted to using these digest templates only.
SPE-3691 In the Customer Console, logging out did not clear the .NET session information. Fixed.
SPE-3758 The SQM provides improved information when a user attempts to release a message that was already processed.
SPE-3767 Message view from mail history results more clearly indicates that the message content is not available for viewing.
SPE-3776 The Enable Relay Entries and Enable Relay Groups settings in customer properties are now found on the General tab.
SPE-3783 Service executable paths were not quoted. Fixed.
SPE-3819 SQM log files were not purged on the expected schedule. Fixed.
SPE-3839 A new option in the Customer Console Message History allows action to be taken on all results over multiple display screens.
SPE-3840 In the Admin Console, when a rule or policy is copied or duplicated, the state can be specified (enabled, disabled, or deactivated).
SPE-3846 The Replication Agent could stop responding after repeated calls to the array manager due to unreleased memory. Fixed.
SPE-3858 In earlier 3.7 versions, email delivery of on-screen reports failed. Fixed.
SPE-3860 In Customer Console Audit History, paging failed when certain characters were found in hidden fields. Fixed.
SPE-3861 Customer packages and customer package rules can now be enabled or disabled for all customers currently assigned the package.
SPE-3863 Changing the text of a message stamp in the Customer Console did not always cause a reload of the policy. Fixed.
SPE-3865 Customer deletion is moved to a stored procedure for maintainability.
SPE-3866 In Customer Console message history search results, messages can now be deleted individually or in bulk as a separate action.
SPE-3870 Forced reload of an array could generate a false notification of failure due to a timing issue. Fixed.
SPE-3871 The Reseller view of the Admin Console now shows help only for the pages and features available to resellers.
SPE-3872 In the Admin Console message viewer, hex encoded HTML characters caused a fault. Fixed.
SPE-3888 Admin Console Audit History search menus are sorted and logins are tagged for the customer, reseller or provider they belong to.
SPE-3891 The News Feeds feature has been removed from the Admin Console.
SPE-3905 By default "bare" CR or LF characters in messages are changed to CRLF.
SPE-3910 Password hash values are no longer written in audit records.

3.7.0 (March 4, 2015)

SPE-2329 SQM registration requests that have not been completed by the user are purged periodically.
SPE-3518Notifications using plain text templates created in the Customer Console could incorrectly attempt to attach a file when none was selected or required. Fixed.
SPE-3558The utility email sender (EASendMail) has been updated to resolve a timeout issue.
SPE-3660User Group information was not refreshed every minute as expected in some circumstances. Fixed.
SPE-3708The Customer Console policy User Matching dialog would not load for policies whose content was hidden from the customer. Fixed.
SPE-3722Weekly scheduled reports did not honor the scheduled day. Data could be blank or doubled in some cases for some days. Time zones were not correctly calculated. Fixed.
SPE-3723Where SQM auto-provisioning is enabled, clicking the "trust" link in a digest creates the SQM user if necessary.
SPE-3736Names of TextCensor scripts and templates entered in the Customer Console did not have extra whitespace removed, causing issues when the items were applied. Fixed.
SPE-3771 The Marshal Agent was logging many irrelevant "route not found" messages. Fixed.
SPE-3772 The Domain Traffic scheduled report could fail with a duplicate key error. Fixed.
SPE-3794 The .NET version in the installer is updated to 4.0 and application pools are created with ASP.NET 4.0.
SPE-3806 The Visual C++ 2013 redistributables are now included in the installer. Visual C++ 2005 redistributables are removed.
SPE-3808 The From address for password reset confirmation email could be incorrect or missing. Fixed.
SPE-3810 Background database procedures could fail on a large database due to short timeout settings. Fixed.
SPE-3811User Group information is loaded more efficiently to the SEG arrays.
SPE-3815A database stored procedure did not correctly handle the case of deleted customers. Fixed.
SPE-3816The Marshal Interface Agent now sends email to the administrator if it cannot connect to the web licensing site.
SPE-3818SQM logs could be created with naming in the language set by the client browser. Fixed.
SPE-3834Enabling or disabling TLS for a domain from the Customer Console did not work. Fixed.

To review Release History prior to version 3.7, please see the Release Notes for the specific versions.

Legal Notice

Copyright © 2020 Trustwave Holdings, Inc.

All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. While every precaution has been taken in the preparation of this document, Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.

While the authors have used their best efforts in preparing this document, they make no representation or warranties with respect to the accuracy or completeness of the contents of this document and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the author nor Trustwave shall be liable for any loss of profit or any commercial damages, including but not limited to direct, indirect, special, incidental, consequential, or other damages.

Trademarks

Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.

About Trustwave®

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.