Trustwave SPE 5.3 Release Notes

Last Revision: November 24, 2025

The information in this document is current as of the date of publication. To check for any later information about this release, please see Trustwave Knowledge Base article Q21248.

For the latest product documentation, please see the Trustwave SPE Support website: https://support.trustwave.com/Trustwave-SPE/.

New Features
System Requirements
Upgrade Instructions
Uninstalling
Release History

New Features

For more information about additional minor features and bug fixes, see the release history.

Features New in Release 5.3.0

Customer Package Groups allow easier assignment of multiple Packages to customers.
More rule conditions now include an option for "is/is not matched".
Trustwave SPE 5.3 works with Trustwave MailMarshal 11.3 and later versions.
SQL Server 2016 is no longer supported.

Features New in Release 5.2.0

Trustwave SPE 5.2 works with Trustwave MailMarshal 11.2 and later versions.
The MailMarshal Configurator and Console applications are no longer used. All configuration is through the Management Interface website.
The Marshal Agent service is no longer required on any servers in the installation.
The Cloud Email Archive Service is no longer supported.
Operating system support: Windows Server 2025 is supported.
Trustwave SEG and SPE databases can be hosted on SQL Server 2025, SQL Server 2022, SQL Server 2019, and SQL Server 2017, and SQL Server 2016.
Advanced customers can be granted permission to manage their own SMTP Authentication accounts and rules.

Features New in Release 4.4.0

IPv6 is supported in all locations where IP addresses can be configured.
Single Sign On is available for Provider, Distributor, and Reseller logins.
Customers can configure the Entra Connector to retrieve user and group information directly from Entra ID (Azure AD).
Trustwave SPE 4.4.0 uses .NET 8.0.

For feature enhancements in earlier releases, please refer to the Release Notes for the specific release.

System Requirements

Trustwave SPE 5.3.0 requires you to install a supported Trustwave SEG 11.X release (11.3.0 or later; please see Trustwave Knowledge Base article Q21248 for the most current information).

For a detailed list of requirements, see the Administrator Guide. Note in particular:

Trustwave SEG and SPE databases can be hosted on SQL Server 2025, SQL Server 2022, SQL Server 2019, or SQL Server 2017.
- SQL Express is NOT supported.
TCP/IP connection to the database is required.
Mixed Mode (SQL authentication) is required. NTLM authentication to SQL is not supported.
Distributed Transaction Coordinator may be required; see Trustwave Knowledge Base article Q13797.
Trustwave SEG and SPE components can be installed on Windows Server 2016, Server 2019, Server 2022, or Server 2025.
The Trustwave SPE and Trustwave SEG servers require .NET 8.0. For IIS role service requirements, see Trustwave Knowledge Base article Q13814.
To access the Management Interface, Customer Web Console and SQM, use a current supported version of a major browser. Basic testing has been performed with Edge, Firefox, Chrome, and Safari.
The Trustwave SPE and SEG services communicate over a number of ports for administration. Review the firewall port and authentication requirements carefully.
All Trustwave SPE and Trustwave SEG services must use the US English locale. For details see Trustwave Knowledge Base article Q15032.

Upgrade Instructions

This release supports direct upgrade from version 5.2.0. To upgrade from earlier released versions, first upgrade the earlier version to version 5.2.0.

Before upgrading, review the upgrade notes (below) for all versions later than the version you are upgrading from. Check system requirements.

To upgrade from version 5.2.0:

Upgrade each server where Trustwave MailMarshal/SEG components are installed to the latest supported MailMarshal 11.3 release, as advised by Trustwave.
Run the Trustwave SPE product installer on each server where Trustwave SPE components are installed.
Upgrade pauses replication for all arrays. After upgrade is complete, resume replication from the Server Configuration page.

Note: For more details of recommended steps, see Trustwave Knowledge Base article 12201.

To upgrade the Connector Agent at customer sites, run the Connector Agent installer on each Customer server.

Upgrade Notes

Note: Be sure to review upgrade notes for all versions later than the installed version!

Upgrade Notes 5.3.0

SQL 2017 or above must be used for the SPE and SEG databases.

Upgrade Notes 5.2.0

The Marshal Agent service is no longer required and will be removed from all servers.
- The subfolder "agent-temp" can be manually removed from all servers once upgrade is complete.

Upgrade Notes 4.4.0

SQL 2016 or above must be used for the SPE and SEG databases.
The minimum supported Operating System is Windows 2016
The Management Interface replaces the legacy Administration Console. Any redirection of existing URLs must be set manually on the web server.
The Management Interface replaces the legacy Customer Console including the SQM. Any redirection of existing URLs must be set manually on the web server.

For upgrade notes affecting earlier releases, please refer to the Release Notes for the specific release.

Uninstalling

For full details of the uninstall process, see the Administrator Guide. In general, uninstallation can be completed as follows:

Stop all components on all servers.
Use Add/Remove Programs from the Windows Control Panel to remove Trustwave SPE on all servers.
Remove the Trustwave SPE configuration database.
Uninstall Trustwave MailMarshal/SEG on all servers. Note that SPE specific installations of the MailMarshal Array Manager cannot be used without SPE.

Release History

The following items have been changed or updated in the specific build versions of Trustwave SPE listed. To check for any later information about the current release, please see Trustwave Knowledge Base article Q21248.

Note: For additional information about changed items, review the Release Notes for your installed version of Trustwave SEG.

5.3.0 (November 24, 2025)

SPE-6357	Customer Package Groups are available to allow easier assignment of multiple Packages to customers..
SPE-7571	Deleting Classifications did not remove all references, causing incorrect options to be presented. Fixed.
SPE-7590	Message History searching has been updated to improve performance and ensure visibility of system classifications in results.
SPE-7600	Customer Console users could not access the "view" function for deadletter emails. Fixed.
SPE-7605	Message History search criteria no longer include a domain list. Domains can still be entered in the address fields. This change enhances performance.
SPE-7633	Customer Console users could not access some items in Message History. Fixed.
SPE-7635	Message Search performance is enhanced.
SPE-7636	Validation of entered domain names is improved.
SPE-7639	The password reset confirmation page now includes a confirmation link to avoid issues wiith link validators.
SPE-7646	After upgrade the Management Interface was unresponsive until the browser cache was refreshed. Fixed.
SPE-7656	Changing customer group settings could clear any relay groups for the customer. Fixed.
SPE-7664	More rule condition support negative options.
SPE-7672	Rejected message search criteria were incorrectly validated as case sensitive. Fixed.
SPE-7681	SQM SSO did not correctly handle the case of different IdPs for different domains of a customer. Fixed.
SPE-7698	Executive Name entries that contained certain characters caused the MailMarshal Engine to stop unexpectedly. Fixed.

5.2.0 (September 4, 2025)

SPE-7048	Category script rule conditions include the AND/OR option (trigger if any, or all of multiple selected scripts match).
SPE-7049	TextCensor script rule conditions include the AND/OR option (trigger if any, or all of multiple selected scripts match).
SPE-7050	External Command rule conditions include the AND/OR option (trigger if any, or all of multiple selected commands match).
SPE-7053	The unused SpamCensor Types feature is removed from the user interface.
SPE-7082	SPE supports the Advanced Settings functionality of MailMarshal 11 (replacing Registry configuration).
SPE-7082	The Rejected Messages search did not correctly apply time zone settings. Some results might not be returned. Fixed.
SPE-7166	Rejected Messages search did not capture some very recent items. Fixed.
SPE-7168	MailMarshal license keys are added through the SPE Management Interface.
SPE-7180	Excessive logging to text logs regarding CSS files has been removed.
SPE-7183	Rule move and delete actions now support the Message Category entry for better reporting.
SPE-7185	Virus scanners used in the "all scanners" option did not show as "in use" in the Management Interface. Fixed.
SPE-7189	A new content rule action to ignore DANE validation is available in outbound rules.
SPE-7191	The Dashboard pages for arrays and mail servers are removed.
SPE-7203	In the Management Interface message viewer, hovering or clicking a hyperlink displays the original link target text.
SPE-7215	SPE is more resilient to database connectivity failures.
SPE-7216	Email templates can now include a display name for the sender.
SPE-7241	The Cloud Email Archive functionality is removed.
SPE-7247	Maximum values for sender and receiver threads are increased.
SPE-7275	SPF based relay groups now capture IPv6 addresses.
SPE-7286	DKIM selector entry is now validated to permit only allowed characters.
SPE-7290	The Entra connector failed when processing a change to both display name and email address. Fixed.
SPE-7302	It is no longer possible to assign an existing domain entry to a different customer.
SPE-7321	The installer no longer checks for .NET Framework 3.5. SPE no longer requires this package.
SPE-7336	Customer Console IP access defaults to allow all IPv4 and IPv6 addresses.
SPE-7372	DKIM record checking validates the retrieved record against the expected value.
SPE-7450	In some earlier versions, the displayed Mail Security permissions list for customer logins was incorrect for new classifications. Fixed.
SPE-7467	When deleting a single customer, you can choose to delete the associated domains.
SPE-7471	Search options and performance of the Rejected Messages search have been optimized.
SPE-7485	SQM log files were not pruned. Fixed.
SPE-7487	Pruning of replication records in the database is optimized.
SPE-7488	Storage of replication history in the database is optimized.
SPE-7511	In earlier 5.X versions, the user groups for licensed address enforcement were not correctly populated. Fixed.
SPE-7516	After upgrade, the websites were unresponsive in browsers until a CTRL F5 full refresh was issued. Fixed.
SPE-7526	Disabled packages were included in the customer console rules summary. Fixed.
SPE-7537	The SHA256 hash of content files is logged to the database and available in Syslog templates.
SPE-7551	Customers can be granted access to manage SMTP Authentication accounts.
SPE-7552	Customers can manage SMTP Authentication if permitted.
SPE-7553	The Message Viewer incorrectly offered the option to view attachments from delivered messages (history records). Fixed.
SPE-7555	Messages with deeply nested attachments could not be viewed. Fixed.
SPE-7561	Default security of system logins is enhanced.

4.4.0 (July 7, 2024)

SPE-5535	Changes to IP Group members were not correctly saved for IPv6 entries. Fixed.
SPE-6941	Message queue route details did not show the processing node ID in some cases. Fixed.
SPE-7022	The Message Processing (release) panel text could not be read when Light theme was selected. Fixed.
SPE-7070	In some earlier releases, certain files could not be downloaded from the Console due to recent browser security changes. Fixed.
SPE-7071	In some earlier releases, large files could not be downloaded from the Console. Fixed.
SPE-7072	In earlier 4.3 releases, editing of the To field on Message Digest Templates was allowed. Fixed: the recipient of digests must be set on the Message Digest not the Template.
SPE-7073	In earlier 4.3 releases, de-selecting the Message Digest "send to one recipient" option was not honored. Fixed.
SPE-7080	Console IP Access limitation now supports IPv6 entries.
SPE-7086	SSO is available for Provider, Distributor, and Reseller logins.
SPE-7110	.NET runtimes bundled with the installer are updated.

To review Release History for earlier versions, please see the Release Notes for the specific versions.

Legal Notice

All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.

The authors make no representation or warranties with respect to the accuracy or completeness of the contents of this document and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the author nor Trustwave shall be liable for any loss of profit or any commercial damages, including but not limited to direct, indirect, special, incidental, consequential, or other damages.

Trademarks

Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.

About Trustwave®

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave Fusion® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.