(Previously known as Trustwave SEG)
Last Revision:
March 15, 2024
These notes are additional to the MailMarshal User Guide and supersede information supplied in that Guide.
The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21210.
New Features
System Requirements
Upgrade Instructions
Uninstalling
Release History
For more information about additional minor features and bug fixes, see the release history.
The following system requirements are the minimum levels required for a typical installation of the Trustwave MailMarshal Array Manager and selected database.
Category | Requirements |
---|---|
Processor | Core i5 or similar performance |
Disk Space | 20GB (NTFS), and additional space to support email archiving |
Memory | 8GB (6GB available to MailMarshal plus 2GB for operating system). Allow an additional 2GB if SQL Express is installed locally. |
Supported Operating System |
|
Network Access |
|
Software |
|
Port Access |
|
Please review the MailMarshal User Guide before upgrading.
Trustwave MailMarshal 10.1 supports a direct upgrade from MailMarshal/Trustwave SEG 8.3.2, and MailMarshal 10.0.3 and above.
If your installed version does not support direct upgrade, you can upgrade in steps.
A standalone tool is available to check prerequisites and potential configuration issues before upgrade. See the product download page.
To upgrade a single MailMarshal server from any version supporting direct upgrade, install the new version on the existing server. You do not need to uninstall your existing version. The database will be upgraded in place, if necessary.
You must upgrade each server by logging on locally. The remote upgrade feature that was present in earlier versions will not be available in MailMarshal 10.X.
In the MailMarshal Server Tool, if you select a database that can be upgraded (version 8.2.3 or later 8.2.X), you will be given the option to upgrade and use the database.
After installing MailMarshal 10.X, you can import a configuration backup from version 8.2.3 or later 8.2 version.
Convert the backup to the 10.X backup format (zip file) using the MMConvConfig
command line tool found
in the MailMarshal 10.X installation folder.
Import the converted configuration zip file using the Restore function in
the Management Interface, or the MMExportConfig
command line
tool.
For full information about these tools see the User Guide.
To upgrade from a version prior to 8.3.2, first upgrade to version 8.3.2. To upgrade from 10.0.2 or below, first upgrade to 10.0.7. Full details about upgrading from older versions can be found in the documentation for the target version.
Note: The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21210.
Read the notes for all versions newer than your installed version. This list only includes information about version 10.0. For upgrade changes in earlier versions, see the release notes of each version.
TLSCipherList
Registry or Advanced setting,
you must modify the manual cipher lists due to changes in the TLS/SSL library.
See Trustwave Knowledge Base article
Q21203.MailMarshal can be installed in a variety of scenarios. For full information on uninstalling MailMarshal from a production environment, see the Trustwave MailMarshal User Guide.
To uninstall a trial installation on a single computer:
The following additional items have been changed or updated in the specific build versions of Trustwave MailMarshal (previously Trustwave SEG) listed.
Note: The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21210.
MM-7272 | In previous 10.X releases, the Management Console did not correctly display DKIM record status. Fixed. |
MM-7413 | Image Analyzer rules could be created when the feature was not licensed. Fixed. |
MM-10759 | The location of the Controller Temp folder can be configured with an entry in the JSON configuration file. |
MM-10822 | The limit on length of folder descriptions was not validated on entry in the Management Console. Fixed. |
MM-10843 | Certain values of Marshal Reputation Service credentials were not recognized as valid by the test in the Management Console. Fixed. |
MM-10920 | The FolderRetention variable is now available for use in notification templates as well as in digest templates. |
MM-10955 | The Receiver could stop unexpectedly when evaluating certain badly formed DKIM signatures. Fixed. |
MM-10961 | Logic to throttle message acceptance under high load is improved. |
MM-10983 | The version of .NET installed is updated. |
MM-10984 | For Service Provider Edition installations, the Syslog service uses the globally configured certificate for all customers. |
MM-10985 | Array Manager retry behavior during transient database errors is improved. |
MM-11031 | For Service Provider Edition installations, an option is provided to reject messages addressed with a domain part that is a non-routable IP address. |
MM-11036 | When editing the "Skip to specific rule" action it was possible to select a rule in a disabled policy group. Fixed. |
MM-11037 | Handling of failed Active Directory based authentication attempts in the Receiver is improved. |
MM-11038 | Validation of HTML entry in stamp and template editors disallowed the text "start". Fixed. |
MM-11041 | In release 10.0.7, if update of Visual C++ executables required a system restart, the installer exited with no warning. Fixed. |
MM-11042 | Parameters used to generate the certificate for the REST server have been updated for compatibility with current operating systems. |
MM-11044 | Management of unexpected conditions in Syslog record processing is improved. |
MM-11049 | The "last seen" column is removed from the IP Groups member detail listing. "Last seen" is not implemented for IP addresses. |
MM-11097 | DNS lookup supports DNSSEC. |
MM-11108 | The database connection string includes the "ApplicationName" attribute for better tracking. |
MM-11160 | Saving changes to Connector definitions did not correctly validate unchanged passwords. Fixed. |
MM-11169 | In rare cases, changes in user group membership were not propagated to processing nodes. Fixed. |
MM-11210 | The message move and delete actions now require selection of a "category" (malware, phishing, spam, or none) for use in the Dashboard. |
MM-11232 | Export of files from the Management Console failed with a "network issue" error in some recent client browser versions. Fixed. |
MM-11242 | Release 10.0.7 did not allow upgrade from 8.3.X releases. Fixed. |
MM-11250 | Image Analyzer now offers detection of many types of image content. |
MM-11280 | Outbound email delivery supports DANE. |
MM-11359 | The SpamProfiler cartridge (executable) included in the release has been updated. HTTPS communication with the SpamProfiler updater is enforced by default. |
MM-11360 | The version of Visual C++ redistributable included in the install is updated. |
MM-7326 | Quarantine Audit history can be viewed and searched from the Management Console. |
MM-7416 | In earlier 10.X versions, node servers could not be deleted from the installation through the Console. Fixed. |
MM-8657 | Specific formatting of IP address values in the HELO string caused SPF evaluation to fail. Fixed. |
MM-10504 | In earlier 10.X versions, some log lines were omitted from the Receiver logs. Fixed. |
MM-10687 | Outbound digests were not generated when the "operational user" was used for SQL connection. Fixed. |
MM-10813 | In the Management Console, selecting from a checkbox list with hundreds of entries returned the wrong item. Fixed. |
MM-10830 | SPF evaluation over-counted the number of DNS lookups required. Fixed. |
MM-10845 | SPF record macro expansion did not correctly expand IPv6 addresses. Fixed. |
MM-10850 | Import of configurations could fail if some specific values were included, due to an issue with parsing XML paths. Fixed. |
MM-10909 | MailMarshal uses an updated version of the TLS/SSL library. |
MM-10926 | Links containing querystrings in the text of a HTML message body (not within a HREF tag) were treated incorrectly by the BTM rewriter. Fixed. |
MM-10954 | Text logs showed an incorrect delay time on Syslog queue inserts for some actions. Fixed. |
MM-10967 | IP group membership was not correctly propagated to processing servers after complete refresh of the group with some continuing members. Fixed. |
MM-10983 | The version of .NET installed is updated to the current .NET 6 release 6.0.20 |
MM-10988 | The SpamProfiler cartridge (executable) included in the release has been updated. |
MM-10991 | The version of Visual C++ redistributable included in the install is updated. |
MM-10992 | Universal C runtime updating is removed from the installer (not required by supported OS versions). |
MM-10540 | In earlier 10.X versions, the message release "keep message" option was not correctly selected when the console user did not have permission to delete the message. Fixed. |
MM-10572 | The Array Manager REST API now supports only TLS 1.2 or 1.3 connections. |
MM-10605 | In some earlier 10.X versions, it was not possible to select another message from the message history when the details pane was open. Fixed. |
MM-10611 | In some earlier 10.X versions, the message viewer incorrectly remove the word "start" from the message text. Fixed. |
MM-10644 | After upgrade from 8.X, custom routing or relay entries were not reflected in the Management Console. Fixed. |
MM-10704 | Message stamp editing removed HTML entities, required for correct display of accented characters in stamps. Fixed: for details of how to save HTML stamps with entities for accented characters, see Trustwave Knowledgebase article Q21195. |
MM-10711 | After upgrade or configuration import, membership of connector groups was lost until the next scheduled synchronization. Fixed. |
MM-10718 | The header "insert if missing" action requires the value to start with a space, but leading spaces were trimmed from entered text. Fixed. |
MM-10720 | Controller retrieval of user groups is now batched for efficiency. |
MM-10748 | In earlier 10.X releases, the Quarantine Audit did not record the user name for actions taken in the Management Console. Fixed. |
MM-10749 | Upgrade from version 8.X failed if a TLS certificate had been configured for Syslog. Fixed. |
MM-10753 | Attempting to view a large message (for example 50 MB) in the Management Console returned an error. Addressed by increasing the timeout for retrieving and displaying messages. |
MM-10772 | The version of .NET installed is updated to the current .NET 6 release (replacing .NET Core 3.1). |
MM-10800 | Subfolder dates shown in the Folders view in the Management Console could be one day off depending on Daylight Saving Time. Fixed. |
MM-10806 | Management Console tree views with a large number of nodes such as folder views could cause browser slowness and out of memory errors. Fixed. |
MM-10812 | Validation of group names on upgrade used incorrect criteria and could cause the installer to exit unexpectedly. Fixed. |
MM-8598 | The Policy Group Schedule page includes a Set Default Schedule option. |
MM-9304 | Timezones used in DMARC reporting were made consistent. |
MM-9818 | The DMARC library included is updated. |
MM-10136 | The Archiver service used to connect to Cloud Archiving could stop in a specific case. Fixed. |
MM-10154 | Advanced Settings for individual processing servers can be managed from the Mail Servers area in the Console. |
MM-10339 | In release 10.0.4, the rule editor for condition "sender authenticated successfully" did not work correctly. Fixed. |
MM-10346 | In release 10.0.4, mail server Receiver and Sender statistics were not visible when the queue list was empty. Fixed. |
MM-10391 | Connectivity between Array Manager and Nodes is more reliable in distributed installations. |
MM-10403 | It is now possible to specific the IP address binding for the API deliveryserver/check function. |
MM-10404 | For Service Provider Edition installations, messages from an authenticated connection must be from or to domains belonging to the authenticated customer. |
MM-10405 | For Service Provider Edition installations, the local loopback target IP address can be specified. |
MM-10420 | Group Manager querying of Connector groups is more efficient. |
MM-10443 | When editing file type conditions, a type found in more than one of the groups was not correctly displayed or removed. Fixed. |
MM-10445 | The version of the Regular Expression library included has been updated. |
MM-10448 | When editing the deadletter spam rule, conditions were not shown correctly. Fixed. |
MM-10459 | On upgrade, obsolete versions of some third party modules are removed from the Config and NodeConfig folders. |
MM-10499 | In release 10.0.4, the Light theme setting was not persisted for Windows authentication users. Fixed. |
MM-10500 | In release 10.0.4, the password entered in the TLS Wizard for p12 export was not applied to the file. Fixed. |
MM-10507 | The version of Image Analyzer included is updated to resolve a memory leak issue. |
MM-10509 | In release 10.0.4, User Matching entry for rules did not allow entries with only wildcards (such as *@*.*). Fixed. |
MM-10513 | In release 10.0.4, sorting of the user group Last Seen column was incorrect. Fixed. |
MM-10515 | DMARC Aggregate Reports could include data from multiple days. Fixed. |
MM-10566 | In release 10.0.4, the rule condition "sender authenticated successfully" was written to configuration incorrectly by the editor. Fixed. |
MM-10569 | New PhishFilter rules are included in the default rules for new installations and supporting files are provided. |
MM-10570 | Tensorflow.dll is installed to the Config folder and removed from the main install folder. |
MM-10571 | In version 10.0.4, the database connection string for the Configuration Service database did not include the Multi-Subnet Failover keyword when selected. Fixed. |
MM-10574 | In some earlier versions, quoted commas in the From: header were not correctly parsed. Fixed. |
MM-10586 | In release 10.0.4, the Message Viewer truncated forwarded message content in the message body. Fixed. |
MM-10592 | Certain messages delivered to the Cloud Email Archive Service were corrupted in transmission. Fixed. |
TUI-459 | In release 10.0.4, the Management Console did not display when the browser language was set to Swedish. Fixed. |
MM-6025 | Deletion of long unpacking paths is improved. |
MM-7162 | User input validation has been improved for many fields. |
MM-7346 | In earlier 10.X releases, DNS server selection for Mail Servers did not allow IPv6 addresses. Fixed. |
MM-7353 | In earlier 10.X releases, validation of element names did not exclude problem characters (; , \ /). Fixed. |
MM-7434 | Console Executive Name List entry supports pasting multiple lines from the clipboard. |
MM-8995 | On upgrade, upgrade preview, and import of 8.X backups, if digests contain references to deleted user groups the error is logged and action stops. |
MM-9150 | Installations check for available product upgrades and raise a notice in the Console. |
MM-9225 | API calls are provided to update and delete "usermaintained" user groups in bulk. |
MM-9381 | The included REST SDK has been updated. |
MM-9568 | For Service Provider Edition installations, the flag to allow "no tenant" messages could be ignored when multiple messages were sent on a connection. Fixed. |
MM-9778 | Backups made by earlier 10.X releases could not be restored if a rule made direct reference to Connector User Groups (error "invalid property bag"). Backup behavior is fixed. |
MM-9791 | The included DMARC library has been updated. |
MM-9794 | The included Regular Expression library has been updated. |
MM-9806 | In release 10.0.2 and 10.0.3, the Management Console Mail Server General page was not correctly populated by default. Fixed. |
MM-9807 | HTML Message stamps and templates now allow CSS styling attributes directly on elements. |
MM-9834 | Date and time format in the Management Console follows Windows System format settings on the Array Manager. For details of how to apply changes, see Trustwave Knowledgebase article Q21174. |
MM-9836 | Time zone adjustment for the Dashboard component was incorrect. Fixed. |
MM-9847 |
DMARC evaluation now considers multiple domains in the From:
header and applies the most restrictive result. DKIM signing is attempted for the first domain in the From: header that belongs to a local domain with DKIM enabled. |
MM-9849 | Management Console user preferences now include a Time Zone setting (defaults to the Array Manager time zone). |
MM-9876 | Default Digest templates are updated to ensure the Release link displays on narrow screens. |
MM-9902 | SQM website headers are updated for better framing security. |
MM-9904 | SQM website error display is improved. |
MM-9905 | Management Console website headers are updated for better framing security. |
MM-9906 | Management Console cookies use the "Secure" setting when HTTPS is active. |
MM-9916 | Message extraction for DKIM signing uses a larger buffer for improved performance. |
MM-9939 | Certain characters in subject lines could cause the Message History display to fail. Fixed. |
MM-9944 | A new version of the Management Console UI framework is included. |
MM-9952 | DMARC evaluation now considers results of checking all DKIM signatures present in the message. |
MM-9961 | A new REST API request type is available to retrieve a MML file without unpacking. |
MM-10119 | The MMUpgradeToX prerequisite checker exited unexpectedly on node-only installs where IIS had been uninstalled. Fixed. |
MM-10141 | Rule Profiler data provided through the REST API was invalid. Fixed. |
MM-10164 | DeepEvals scores are cached to enhance performance. |
MM-10171 | The File Update notification email is reformatted and more informative. |
MM-10190 | Detail and formatting of the file update notification email has been enhanced. |
MM-10192 | Email messages with the ! character in the local part are no longer blocked by the "suspicious local part" setting. |
MM-10195 | BTM statistics retrieval is limited to the last 7 days. |
MM-10211 | The Config Service did not support Unicode characters in the SQL database password. Fixed. |
MM-10216 | Attempting to view an empty Change Set returned an error. Fixed. |
MM-10217 | PolicyGroup enabled times could change unexpectedly when edited. Fixed. |
MM-10218 | Upgrade could fail where the Config Service DB connection used the IIS application pool account. Fixed. |
MM-10239 | Syslog record insertion to the local database could drop records on service shutdown. Fixed. |
MM-10257 | When deleted rules were shown in an email policy view, invalid action buttons were enabled. Fixed. |
MM-10263 | Display pagination issues for the Folder view are corrected. |
MM-10270 | Display pagination issues for the Message History view are corrected. |
MM-10281 | Deleted Reputation Services were available for selection. Fixed. |
MM-10303 | The Reporting Retention Days setting from the interface was not applied. Fixed. |
MM-10307 | The Server Tool removes any double backslash from path entries to avoid possible issues when services use the path. |
MM-10326 | For Sent History items, the API did not return a usable reference to the original MML content. Fixed. |
MM-10344 | The header From: value was not properly populated when the value contained a comma. DKIM would fail due to the empty value. Fixed. |
MM-10345 |
Content-Transfer-Encoding x-uue is
recognized (treated as x-uuencode ) |
MM-10353 | For Service Provider Edition installations, the "LHASH" parameter for delivery between nodes is ignored if it cannot be decoded. |
MM-10370 | The size of the Receiver in-memory CRL cache is increased. |
MM-10376 | The logic for checking user groups for retrieval is improved. |
MM-10397 | User Groups could not be added from Active Directory when the OU included non-ASCII characters. Fixed. |
MM-10401 | Delivery of Syslog records to the remote server is multi-threaded to cater for much higher volume. |
MM-10411 | Message history search by message name ignores all other parameters. |
MM-10407 | Visual C++ 2010 redistributable or DLLS are no longer required. |
MM-10413 | All Database connectivity supports SQL Multi-Subnet Failover. |
MM-10434 | The release of TLS/SSL libraries included with the product has been updated. |
MM-9761 | In earlier 10.X releases, if the database location was changed, the installer did not correctly determine the database to be upgraded. Fixed. |
MM-9776 | Validation of group names on upgrade is improved. |
MM-9802 | The Management Console message view now includes a view of raw HTML source for HTML email bodies. |
MM-9893 | The Receiver could stop unexpectedly due to improper TLS renegotiation. Fixed. |
MM-9897 | In version 10.0.2, changing Reporting Groups in the Management Console prevented further configuration changes. Fixed. |
MM-9914 | In earlier 10.X releases, servers could show as offline in the Console because the status check timed out immediately. Fixed: the check waits 10 seconds for a response. |
MM-7052 | In earlier 10.X releases, new folder and classification names were not checked for duplicates of existing items. Fixed. |
MM-7078 | LZH unpacking now uses 7zip files. |
MM-7424 | Display of the DMARC DNS records on the Management Console Local Domains page was incomplete and inconsistent. Fixed. |
MM-7435 | When an array had no processing nodes, the Management Console Dashboard raised an error for each auto-refresh. Fixed. |
MM-7518 | The Marshal IP Reputation Service test function always reported invalid activation code. Fixed. |
MM-7533 | Rules can now be enabled or disabled from the list in the Management Console. |
MM-7595 | Reporting Groups can be configured in the Management Console. |
MM-8994 | With filtered lists, the detail pane could show details of the wrong item. Fixed. |
MM-9081 | Upgrade of 8.X Registry entries to the 10.X database was incorrectly case sensitive. Fixed. |
MM-9087 | The installer code has been cleaned of unused functions. |
MM-9141 | In the Management Console rule group selector, the preview feature hid the IP group selection. Fixed. |
MM-9194 | Management Console user preferences now allow the user to set the period for which messages in Archive folders are visible. The default is 36 months. |
MM-9383 | The version of the MSOLEDB driver included has been updated. |
MM-9392 | Authorized User entries with no name or email address entry could not be blocked/unblocked or deleted/undeleted. Fixed. |
MM-9466 | Rendering of complex HTML email bodies in the message view is improved. |
MM-9473 | The Management Console did not show all items in Archive folders if the retention was set to never expire. Fixed. |
MM-9477 | On the Management Console Edit User page, unnecessary radio button controls are removed. |
MM-9502 | CRL lookups results are cached in memory for up to an hour to reduce load caused by extremely large CRLs. |
MM-9511 | References to "black" lists and "white" lists have been changed to "block" and "allow". |
MM-9532 | The Engine service experienced excessive memory usage and file handle usage in some circumstances. Fixed. |
MM-9539 | In earlier 10.0 releases, CSS stylesheets displayed as text in the message view. Fixed. |
MM-9540 | In earlier 10.0 releases, HTML bodies of attached messages were not correctly rendered. Fixed. |
MM-9542 | SQL performance when purging DMARC data is improved. |
MM-9546 | The Receiver service no longer uses ANY queries when querying DNS based Reputation Services. |
MM-9553 | In the Management Console folder view, refreshing the list of dated folders updates the folder tree and retrieves any new folders. |
MM-9554 | A button to commit configuration on demand (even if no changes are pending) has been added to the Management Console under System Configuration > Array >General. |
MM-9555 | In the Management Console message details tab, the item size was not displayed. Fixed. |
MM-9556 | In the Management Console folder view, day folder dates in left and right panes could differ. Fixed. |
MM-9559 | In earlier 10.0 releases, the Array Statistics API call returned no data. Fixed. |
MM-9561 | After deleting a message in Folders or Message History, the view was not refreshed and browsers could report errors. Fixed. |
MM-9599 | The installer check for WebDAV could fail due to missing prerequisite DLLs. Fixed. |
MM-9602 | The Reporting settings page incorrectly required the MRC URL field to be completed. Fixed. |
MM-9609 | The installer provides provides better information about how to resolve installation issues. |
MM-9612 | Config Service database connection with Windows credentials enforced "log on locally" permission to the Array Manager but this was not needed. Fixed. |
MM-9616 | The Receiver service no longer uses ANY queries when querying the Marshal Reputation Service. |
MM-9617 | The Receiver service no longer uses ANY queries when querying DNS based block lists. |
MM-9618 | The Syslog service continued to retry sending and made excessive requests to the database when the target Syslog server refused connections. Fixed. |
MM-9619 | Usergroup pruning settings were not saved in the configuration backup. Fixed. |
MM-9621 | DMARC Reporting activity could consume excessive database connections. This issue has been addressed with changes to the connection logic. |
MM-9622 | The Management Console provides better information when a user cannot be logged on due to system error. |
MM-9627 | The message stamp and template editor used LF instead of CRLF for line endings. Email with this format is rejected by some servers. Fixed. |
MM-9630 | Addresses could not be added to user groups when duplicate group names existed in the list (for example, from multiple Connectors). Fixed. |
MM-9636 | Fields to select the single recipient address and "subscribed by default" were missing from the Management Console Digest configuration page. Fixed. |
MM-9643 | Certain plain text strings in message subjects were mis-interpreted as UTF-7 encoded in the Console display. Fixed. |
MM-9644 | Retrieval of Group information by the Management Console has been optimized. |
MM-9658 |
The Management Console uses an updated version of the site
framework.
|
MM-9667 | Management Console list columns with numeric data were sorted as text. Fixed: these columns are now sorted numerically. |
MM-9672 | Failed DNS lookups for A records would not be retried for 24 hours. Fixed: Lookups that fail for transient reasons can be retried after 1 minute. |
MM-9675 | The Receiver service no longer uses ANY queries when querying the Marshal IP Reputation Service. |
MM-9702 | When lists in the Management Console were filtered, action buttons could apply to the wrong item. Fixed. |
MM-9737 | Connection Policy groups could not be disabled. Fixed. |
MM-9739 | Management Console error messages related to deleting or disabling rules and groups are improved. |
MM-9757 | The release of TLS/SSL libraries included with the product has been updated. |
MM-9779 | Import of configuration could fail if it included rules created in some earlier versions that allowed duplicate GUIDs. Fixed. |
MM-9782 | The version of .NET Core installed is updated to the latest 3.1 (long term support) release. |
MM-3361 | Paged views of folders and history in the Console could miss items at the page boundary if they were received within the same second. Fixed. |
MM-6288 | Outgoing DMARC Report emails are now DKIM signed if DKIM is available for the domain. |
MM-7029 | The installer checks that requested website ports are available. |
MM-7189 | Management Console validation of rule user matching is improved (semi-colons are not allowed in email addresses). |
MM-7194 | Installation requires .NET 3.5 to be pre-installed (automatic installation in-line is not possible in supported Windows versions). |
MM-7205 | Entering a new license key requires commit of configuration, but the commit button was not enabled in this case. Fixed. |
MM-7271 | Un-installation now removes the Management Console and Config Service websites from IIS. |
MM-7357 | If configuration commit requires service restarts, the console user is notified. This notification was present in 8.X but was not available in 10.0.0. |
MM-7411 | Attempting to view a Message History record (with no message body information) could return an error in the Mail History view of the Console. Fixed. |
MM-7534 | Maintenance expiry is show on the license details page. |
MM-7598 | Version information ("About") is available in the Profile section of the Management Console. |
MM-8477 | When services restart, the Receiver service is started first to improve responsiveness where the Engine loads a large configuration. |
MM-8632 | DMARC results reported by MailMarshal for local domains were not sent to an external RUA. Fixed. |
MM-8733 | For MailMarshal Service Provider Edition installations, additional checking of the Customer ID is performed when a user attempts to view a message. |
MM-8871 | Logging could show an incorrect rule name for a Pass to Rule action if the action had been edited. Processing was not affected. Fixed. |
MM-8875 | If a MailMarshal 8.2 database is selected for use, User Group and Connectors information is checked. Groups must match the groups available in MailMarshal 10. If the groups do not match, the database will not be accepted. |
MM-8876 | When a new MailMarshal database is created in the server tool, user groups are populated from the Configuration Service database. |
MM-8938 | For MailMarshal Service Provider Edition installations, Receiver SPF checking for local addresses could cause some notification messages to fail. Fixed. |
MM-8955 | Status of manual configuration restore is better presented in the Management Console. |
MM-8974 | Upgrade is blocked if an invalid "pass to rule" action is found in the previous version configuration. |
MM-8982 | Scheduled automatic backups were run at the time entered even if the "back up at" option was not selected. Fixed. |
MM-8993 | Filtering in Message History and Folders views was not effective. Fixed. Note that filtering only affects the currently displayed page. To search over all messages use the message search. |
MM-9027 | Setting of the physical path for each folder is supported. |
MM-9028 | A "task was cancelled" message displayed if a manual check for updates took a long time. Fixed. |
MM-9033 | Management Console logs are deleted after 30 days by default. |
MM-9042 | For new installations or upgrades from 8.2, the Management Console SSL certificate matches the local server name. |
MM-9043 | In release 10.0.0, the Folders view of email did not open in certain timezones at certain times of day. Fixed. |
MM-9044 | In release 10.0.0, SQL Server 2017 or 2019 was not detected as a permitted version. Fixed. |
MM-9093 | The release of TLS/SSL libraries included with the product has been updated. |
MM-9094 | In release 10.0.0, rule user matching did not display the user list for editing when more than one individual user entry was present. Fixed. |
MM-9122 | In release 10.0.0, creating a user group with wide characters in the name or description returned an error. The group was created but the name was not correctly displayed. Fixed. |
MM-9123 | In release 10.0.0, the calendar control display in Mail History Search showed incorrect weekdays for dates. Fixed. |
MM-9127 | In release 10.0.0, some entries in Advanced Settings were incorrectly treated as case sensitive, and services could stop as a result. Fixed. |
MM-9129 | TLS version limits can now be set in Advanced Settings. For details see Trustwave Knowledgebase article Q21147. Upgrade now imports the settings made in Registry in version 8.X. |
MM-9131 | The version of .NET Core installed is updated to the current 3.1 (long term support) release. |
MM-9132 | Upgrade prerequisite checks could fail due to case sensitive checking of AD connector prefixes. Fixed. |
MM-9136 | An additional SQL table index is added for User Groups to enhance Array Manager performance. |
MM-9146 | Upgrade from 8.X could not proceed if the System account was the Operational User of the MailMarshal database and the logged on user did not have database access. Fixed. |
MM-9147 | Editing an IP group did not correctly populate the form and the group could not be updated. Fixed. |
MM-9149 | The installer checks availability of website ports. |
MM-9156 | To enhance performance on very busy systems, the maximum values for sender threads configurable in the user interface have been increased and the sender check for processed messages is more frequent. |
MM-9181 | In release 10.0.0, upgrade or import of connectors did not handle names or descriptions that included certain extended characters. Fixed: German and Nordic characters are supported. |
MM-9189 | In release 10.0.0, the last user group in the list in the Console could not be opened by double-clicking. Fixed. |
MM-9200 | In release 10.0.0, the display of the message component tree in the Console was incorrect for identically named children of different attachments. Fixed. |
MM-9218 | Rejected message records in the database did not correctly translate IPv4 addresses stored in the IPv6 column. Fixed. |
MM-9221 | In release 10.0.0, upgrade could un-populate membership of connector based groups. Fixed. |
MM-9222 | The database record for a message could show an incorrect subject where multiple messages were received on the same connection. Fixed. |
MM-9249 | In release 10.0.0, high ASCII characters in subjects and filenames did not display correctly in the Console. Fixed. |
MM-9255 | After upgrade to 10.0.0 on a single server system, virus scanner updates could fail because a copy of an old license key was not removed. Fixed. |
MM-9261 | In release 10.0.0, files named with certain characters could not be viewed or downloaded in the Console. Fixed. |
MM-9264 | The listing of Top Level Domains included in the installation is updated (used by Blended Threat rewriting, DMARC, and SpamSURBL functions). |
MM-9306 | The SpamProfiler cartridge (executable) included in the release has been updated. |
MM-9326 | On upgrade to release 10.0.0, configuration import failed if disabled rules referenced non-existent user groups. Fixed: the offending disabled rules will not be imported. |
MM-9347 | Deleted Management Console users can be undeleted on the Authorized Users page. |
MM-9397 | Connector refresh times were not correctly set on restart of the Array Manager (UTC offset not applied). Delay to the next refresh could result. Fixed. |
MM-9430 | The version of the PDF unpacker that is included in the installation has been updated. |
MM-4077 | Certificate Revocation List retrieval is improved: retrieval stops after the first successful download and information about failed sources is cached. |
MM-5741 | In SpamCensor attachment checking, search limits now allow ranges. Details are available in the Advanced Anti-spam document. |
MM-6645 | Category script evaluation was not performed on a RTF email body contained in "winmail.dat". Fixed. |
MM-6685 | In Category Scripts, TextCensor rules with a score of zero (used in combinations of rules) did not trigger. Fixed. |
MM-6697 | Specific complex email address local parts could cause the Receiver to stop. Fixed. |
MM-6797 | The Header Rewrite action "insert if missing" replaced an existing header value. Fixed: the action does not change an existing header. |
MM-6847 | Elliptic Curves "X25519" and "X448" are supported for key exchange. "secp256k1" is no longer supported because it cannot be used with TLSv1.3. At least one Elliptic Curve will always be selected in the Configurator. "X25519" is the default choice. |
MM-6853 | DMARC evaluation did not correctly check domain alignment of the DKIM or SPF pass. Fixed. |
MM-6900 | The REST API did not handle large volumes of concurrent requests. Fixed. |
MM-7209 | In version 8.2.3 and 8.2.4, the "last seen" date for user group entries was not updated as expected. Fixed. |
MM-7280 | In version 8.2.2 through 8.2.4, DMARC validation failed when SPF was validated but an invalid DKIM key was retrieved. Fixed. |
MM-8439 | The Category Script "filter by types" selection has been removed from the user interface. |
MM-8919 | DMARC report generation deleted unrelated configuration files from the Unpacking\Temp subfolder. In some cases the Engine service stopped as a result. Also, invalid DMARC report messages were never deleted. Both issues fixed. |
MM-8921 | Expired day folders within the DMARC Reports folder were never deleted. Fixed. |
MM-6770 | SEG supports verification of DKIM signatures signed with Ed25519-SHA256 (RFC-8463). |
MM-8477 | When services restart, the Receiver service is started first to improve responsiveness where the Engine loads a large configuration. |
MM-8698 | Some URL validation issues were not covered by the fix in MM-7191 (release 8.2.4). Fixed. |
MM-8733 | For SEG Service Provider Edition installations, additional checking of the Customer ID is performed when a user attempts to view a message. |
MM-8757 | In version 8.2.2 and above, DMARC validation failed when SPF was validated but an invalid DKIM key was retrieved. Fixed. |
MM-8781 | The cloud archiving service could stop delivering messages to the archive (messages were queued at the SEG server). Fixed. |
MM-8823 | When AD Authentication is used in the Receiver, the sender address can be validated against the user's email addresses retrieved from AD. |
MM-8902 | For SEG Service Provider Edition installations, the domain part of Reputation Service results is not shown in logs so that paid domain keys are not visible. |
MM-8910 | DMARC report generation deleted unrelated configuration files from the Unpacking\Temp subfolder. In some cases the Engine service stopped as a result. Also, invalid DMARC report messages were never deleted. Both issues fixed. |
MM-8917 | Expired day folders within the DMARC Reports folder were never deleted. Fixed. |
MM-8938 | For SEG Service Provider Edition installations, Receiver SPF checking for local addresses could cause some notification messages to fail. Fixed. |
MM-8942 | In version 8.2.3 and above, the "last seen" date for user group entries was not updated as expected. Fixed. |
MM-9089 | For SEG Service Provider Edition installations, DMARC can be evaluated even if the destination customer has not enabled DMARC. |
MM-9102 | The database record for a message could show an incorrect subject where multiple messages were received on the same connection. Fixed. |
MM-9139 | The TLS/SSL library used by SEG has been updated. |
MM-9142 | Removing child IP groups caused the Array Manager to stop. Fixed. |
MM-9156 | To enhance performance on very busy systems, the maximum values for sender threads configurable in the user interface have been increased and the sender check for processed messages is more frequent. |
MM-9209 | DMARC Reporting activity could consume excessive database connections. This issue has been addressed with changes to the connection logic. |
MM-9218 | Rejected message records in the database did not correctly translate IPv4 addresses stored in the IPv6 column. Fixed. |
MM-9246 | The REST API could not retrieve mail component files with specific characters in the file name. Fixed: the API call has been updated to use the POST method. |
MM-9262 | In SURBL category lookups, the domain part of Reputation Service results can be hidden in logs so that paid domain keys are not visible. |
MM-9435 | CRL lookups results are cached in memory for up to an hour to reduce load caused by extremely large CRLs. |
MM-9449 | The Syslog service continued to retry sending and made excessive requests to the database when the target Syslog server refused connections. Fixed. |
MM-9456 | If the directory referenced by the Cloud Archiving service was not present, messages for archiving were deadlettered. Fixed: the directory is re-created if necessary. |
MM-9510 | The Engine service experienced excessive memory usage and file handle usage in some circumstances. Fixed. |
MM-9534 | Usergroup pruning settings were not saved in the configuration backup. Fixed. |
MM-9544 | The Receiver service no longer uses ANY queries when querying DNS based block lists. |
MM-9547 | The Receiver service no longer uses ANY queries when querying the Marshal Reputation Service. |
MM-9573 | For SEG Service Provider Edition installations, temporary files for messages that were split based on recipients were not deleted in some cases. Fixed. |
MM-9567 | The Syslog service could stop due to a race condition when invoked from multiple threads. Fixed. |
MM-9569 | User group pruning did not delete entries containing upper case letters. Fixed. |
To review Release History prior to version 8.2.6, please see the Release Notes for the specific versions.
Copyright © 2024 Trustwave Holdings, Inc.
All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
The authors make no representation or warranties with respect to the accuracy or
completeness of the contents of this document and specifically disclaim any
implied warranties of merchantability or fitness for a particular purpose. No
warranty may be created or extended by sales representatives or written sales
materials. The advice and strategies contained herein may not be suitable for
your situation. You should consult with a professional where appropriate.
Neither the author nor Trustwave shall be liable for any loss of profit or any
commercial damages, including but not limited to direct, indirect, special,
incidental, consequential, or other damages.
Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.
Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave
, visit https://www.trustwave.com.