Version: 7.1, Last Revision: January 06, 2015
These notes are additional to the MailMarshal Exchange (ECM) User Guide and supersede information supplied in that Guide.
The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q14310.
New Features
System Requirements
Upgrade Instructions
Uninstalling
Release History
For more information about additional minor features and bug fixes, see the release history.
MailMarshal Exchange is supported in the following environments:
MailMarshal Exchange is a 32 bit application.
Note: You cannot install the MailMarshal Exchange Web components on Windows 2003 (IIS 6) together with Exchange 2007 Client Access Role (Outlook Web Access). Microsoft does not support side-by-side installation of 32 and 64 bit web applications to Windows 2003. If the MailMarshal Exchange website is required in this scenario, install it on another server.
Hardware required is dependent on Microsoft Exchange Server. Follow Microsoft recommendations. Be aware that MailMarshal Exchange processing has a noticeable impact on email throughput.
You may require additional hard disk space depending on your archiving and quarantine retention policies. For default policies on a typical 1000 user server, Trustwave recommends you allow an additional 50 GB of free disk space for text logs, quarantine and archiving folders.
To help ensure smooth functioning of MailMarshal Exchange, Trustwave recommends the following:
agents.config file, the transport
agent priorities, or the default settings for the Replay directory.MMC /32 perfmon.mscDirect upgrade is supported from MailMarshal Exchange 7.0 and above.
Direct upgrade from MailMarshal Exchange 5.X is not supported. MailMarshal Exchange version 7.X uses a different architecture to version 5.X.
MailMarshal Exchange can be installed in a variety of scenarios. For full information on uninstalling MailMarshal Exchange from a production environment, see the User Guide.
To uninstall a trial installation on a single computer:
The following additional items have been changed or updated in the specific build versions of MailMarshal Exchange (ECM) listed. To check for any later information, please see Trustwave Knowledge Base article Q14310.
| MEX-920 | A message addressed to multiple distribution groups could be delivered to a recipient twice when released from quarantine. Fixed. |
| MEX-958 | The URL for the Trustwave RSS feeds in the Console was incorrect. Fixed. |
| MEX-963 | If the Controller service could not retrieve the location of the Exchange Replay directory, it could stop unexpectedly. Fixed. |
| MEX-965 | The End User Licensing Agreement included in the product has been updated to the latest version. |
| MEX-955 | The product installer would not run on Server 2012 R2 and Windows 8.1 due to incorrect detection of the OS version. Fixed. |
| MEX-914 | Locations of the Incoming, ProcessedOK,
DeadLetter, and Sending directories set in
the Server Tool were not honored by the
Agent. Fixed.
|
| MEX-915 | In earlier versions installation with Marshal Reporting Console could fail due to a problem with prerequisite checks. Fixed. |
| MEX-918 | Message files could not be opened in the Console for processing node IDs greater than 9, due to a file naming error. Fixed for newly created files. Incorrectly named existing files must be renamed manually. |
| MEX-921 | On nodes with ID greater than 9, MML files were incorrectly named. Fixed for newly created files. |
| MEX-923 | Notification message sending could fail if the Replay folder was not in the default location. Fixed: the Controller service now periodically verifies the location of this folder. |
| MEX-925 | The Unpacker has been updated to the version supplied with SEG 7.1. |
| MEX-926 | The PDF unpacker DLL provided has been updated to 4.1.0.8 (this version was already provided through automatic updates). |
| MEX-927 | The File Type DLL has been updated to the version supplied with SEG 7.1. |
| MEX-928 | Messages with recipient address user parts over 64 characters in length could not be released from the Console. Fixed. |
| MEX-941 | The installer did not correctly detect clean installations of Exchange 2010. Fixed. |
| MEX-942 | Email sent by Exchange 2013 Health Check Monitors is not processed by default. For details and settings, see Knowledge Base article Q16478. |
| MEX-943 | The check for excessive numbers of header lines is not performed due to Exchange 2013 behaviors that can result in large numbers of header lines. |
| MEX-944 | The version of SQL Express included in installers has been updated to 2008 R2 SP2. |
| MEX-946 | The Replay directory path could not be determined correctly if more than one Exchange server was present in the AD environment. Fixed. |
| MEX-950 | New installations of Web Components bind the website to port 82 (because Exchange 2013 uses port 81). Upgrading does not change the existing binding. |
| MEX-951 | Messages affected by the issue described in MEX-883 are now processed normally by default. |
| MEX-902 | The check for email files orphaned by a system halt was checking an incorrect folder. Fixed. |
| MEX-903 | The PDF unpacker DLL provided has been updated from 4.0 (in version 7.1.0) to 4.1. |
| MEX-904 | In version 7.1.0, PDF attachments with Unicode characters in the filename were not unpacked and scanned. Fixed. |
| MEX-908 | In version 7.1.0, a message with duplicate email addresses (addressed to the same recipient more than once) would not be delivered in some cases. Fixed. |
| MEX-831 | Return of messages from the Engine to the Agent (and to Microsoft Exchange) now uses a new, faster process. |
| MEX-848 | Some information has been removed from the standard (not debug) view of service text logs, to enhance readability. |
| MEX-850 | Category Scripts that searched the message body using Regular Expressions (RegExpBody) did not check TNEF bodies. Fixed. |
| MEX-863 | Messages with attached Office 2003 documents that contained embedded Office 2007/2010 documents were deadlettered. Fixed. |
| MEX-864 | When services failed unexpectedly, some service logging information was not correctly cleaned up on restart. Fixed. |
| MEX-883 | In rare cases a message was wrongly reported as corrupt when sent between Exchange hub servers in the same domain with different Exchange versions and separate MailMarshal Exchange arrays. Fixed: Contact M86 Support for a setting to allow these messages. |
| MEX-892 | Messages with attached Office 2003 documents that contained embedded Office 2007/2010 documents were deadlettered. Fixed. |
| MM-108 | Many images are now extracted from PDF documents. |
| MM-1567 | PDF unpacking now handles Unicode. |
| MM-2236 | Some PDF files caused recursion in the Engine and could not be unpacked. Fixed. |
| MM-2363 | The version of the archive unpacker included with MailMarshal has been updated. This version handles additional compression formats. |
| MM-2834 | PDF files with limitations on printing and other functions were incorrectly identified as Encrypted PDF. Fixed. |
| MM-2837 | The image analysis library is updated. |
| MM-2859 | Binary files are now better recognized as type COM or EXE. |
| MM-2977 | PDF Xref detection is improved. |
| MM-3332 | Engine logs for each message are now stored in the message file. The Console message viewer displays the available information in a separate tab. |
| MM-3367 | Certain Office 2007 documents were not recognized due to internal structure. Fixed. |
| MM-3387 | SQL code for database creation and upgrade is now within a transaction to allow easier rollback if problems are encountered. |
| MM-3410 | DBlog files now correctly handle larger content. |
| MM-3419 | Office 2007 files generated through the OpenXML SDK were not correctly unpacked. Fixed. |
| MM-3422 | PDF unpacking has been improved, notably for Unicode and some encodings of images. |
| MM-3427 | The MailMarshal database now supports index partitioning if installed on SQL Server Enterprise Edition (for new databases only). |
| MM-3456 | User Defined and custom document properties are now unpacked and scanned in Word 2003 and Word 2007 documents. |
| MM-3472 | The Server Tool now checks the validity of the configured database on startup (this allows the database to be re-created when the SQL server has been rebuilt). |
| MM-3494 | Word documents encrypted with IRM in Word 2007 (2003 compatibility mode) were deadlettered. Fixed: these documents are correctly recognized. |
| MM-3513 | Messages quarantined with a default release action of "skip remaining rules" were not reprocessed as requested upon release. Fixed. |
| MM-3514 | Console Dashboard data was never purged from the database. Fixed. |
| MM-3538 | The certificate used to sign executable files has been updated. |
| MM-3539 | The message parking feature logged redundant messages when a message was unparked. Fixed. |
| MM-3550 | Logging of low disk space warnings has been enhanced for readability. |
| MM-3551 | The Array Manager could stop unexpectedly if a new database was created and configuration was not synchronized. Fixed. |
| MM-3598 | PDF unpacking has been enhanced. Images, attachments, and annotations are unpacked. |
| MM-3604 | Deadlettered messages can be passed through to users by rule action. |
| MM-3612 | The integration with Norman Endpoint Protection is updated. |
| MM-3613 | Retention and permissions for Deadletter folders are now set through the Configurator. |
| MM-3628 | EMF files are now correctly unpacked and the contents are scanned. See also MM-3725. |
| MM-3649 | Additional logging has been added in the Engine service for Dead Letter rule processing. |
| MM-3684 | Error messages logged to the Event Log could cause issues due to recursive substitution of variables. Fixed. |
| MM-3696 | PDF unpacking has been improved. Incorrect character strings are no longer present. |
| MM-3697 | PDF unpacking now supports "linearized" PDF. |
| MM-3699 | Selecting the default message digest template for new digests loaded additional incorrect characters. Fixed. |
| MM-3705 | The Console and Configurator now use the terms "Content Analysis Policy" or "Content Analysis Log". |
| MM-3712 | A more descriptive logging message is written by the Array Manager on shutdown when the SQL database is unavailable. |
| MM-3725 | Files unpacked from EMF files (MM-3628) are only saved and scanned if they are of a recognized type. Type BIN (unknown) files are not saved. |
| MM-3770 | Upgrade now provides more user friendly information about status during database upgrade. |
| MM-3771 | Upgrade now provides more user friendly information about status while calculating time required for database upgrade. |
| MEX-810 | Upgrade required a restart to replace the Transport Agent. Fixed - no restart will be required. |
| MEX-817 | Installation could fail because it did not correctly check that the local Exchange Server was configured with the Hub Transport role. Fixed. |
| MEX-819 | Out of Office messages and other messages with a blank Sender field could result in a .BAD file in the Replay directory. Fixed. |
| MEX-827 | Exchange Server did not generate delivery reports because MailMarshal Exchange did not copy recipient DSN data to the message envelope. Fixed. |
Copyright © 2015 Trustwave Holdings, Inc.
All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. While every precaution has been taken in the preparation of this document, Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
While the authors have used their best efforts in preparing this document, they make no representation or warranties with respect to the accuracy or completeness of the contents of this document and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the author nor Trustwave shall be liable for any loss of profit or any commercial damages, including but not limited to direct, indirect, special, incidental, consequential, or other damages.
The most current version of this document may be obtained from Trustwave
Knowledge Base article
Q15132.
Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.
Trustwave is a leading provider of compliance, Web, application, network and data security solutions delivered through the cloud, managed security services, software and appliances. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its TrustKeeper® portal and other proprietary security solutions. Trustwave has helped hundreds of thousands of organizations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices worldwide. For more information, visit https://www.trustwave.com.