(Previously known as Trustwave SEG)
Last Revision:
June 21, 2021
These notes are additional to the MailMarshal User Guide and supersede information supplied in that Guide.
The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21075.
New Features
System Requirements
Upgrade Instructions
Uninstalling
Release History
For more information about additional minor features and bug fixes, see the release history.
The following system requirements are the minimum levels required for a typical installation of the Trustwave MailMarshal Array Manager and selected database.
Category | Requirements |
---|---|
Processor | Core i5 or similar performance |
Disk Space | 20GB (NTFS), and additional space to support email archiving |
Memory | 4GB (3GB available to MailMarshal plus 1GB for operating system). Allow an additional 2GB if SQL Express is installed locally. |
Supported Operating System |
|
Network Access |
|
Software |
|
Port Access |
|
Please review the MailMarshal User Guide before upgrading.
Trustwave MailMarshal 10.0.2 supports a direct upgrade from MailMarshal/Trustwave SEG 8.2.3 and above, including the public release of SEG 10.0.0. (Upgrade from SEG 10 Beta releases is not supported).
If your installed version does not support direct upgrade, you can upgrade in steps.
A standalone tool is available to check prerequisites and potential configuration issues before upgrade. See the product download page.
To upgrade a single MailMarshal server from any version supporting direct upgrade, install the new version on the existing server. You do not need to uninstall your existing version. The database will be upgraded in place, if necessary.
You must upgrade each server by logging on locally. The remote upgrade feature that was present in earlier versions will not be available in MailMarshal 10.X.
In the MailMarshal Server Tool, if you select a database that can be upgraded (version 8.2.3 or later 8.2.X), you will be given the option to upgrade and use the database.
After installing MailMarshal 10.X, you can import a configuration backup from version 8.2.3 or later 8.2 version.
Convert the backup to the 10.X backup format (zip file) using the MMConvConfig
command line tool found
in the MailMarshal 10.X installation folder.
Import the converted configuration zip file using the Restore function in
the Management Interface, or the MMExportConfig
command line
tool.
For full information about these tools see the User Guide.
To upgrade from a version prior to 8.2.3, first upgrade to version 8.2.3 (or later 8.2.X). Full details about upgrading from older versions can be found in the documentation for the target version.
Note: The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21075.
Read the notes for all versions newer than your installed version. This list only includes information about version 10.0. For upgrade changes in earlier versions, see the release notes of each version.
MailMarshal can be installed in a variety of scenarios. For full information on uninstalling MailMarshal from a production environment, see the Trustwave MailMarshal User Guide.
To uninstall a trial installation on a single computer:
The following additional items have been changed or updated in the specific build versions of Trustwave MailMarshal (previously Trustwave SEG) listed.
Note: The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21075.
MM-9761 | In earlier 10.X releases, if the database location was changed, the installer did not correctly determine the database to be upgraded. Fixed. |
MM-9776 | Validation of group names on upgrade is improved. |
MM-9802 | The Management Console message view now includes a view of raw HTML source for HTML email bodies. |
MM-9893 | The Receiver could stop unexpectedly due to improper TLS renegotiation. Fixed. |
MM-9897 | In version 10.0.2, changing Reporting Groups in the Management Console prevented further configuration changes. Fixed. |
MM-9914 | In earlier 10.X releases, servers could show as offline in the Console because the status check timed out immediately. Fixed: the check waits 10 seconds for a response. |
MM-7052 | In earlier 10.X releases, new folder and classification names were not checked for duplicates of existing items. Fixed. |
MM-7078 | LZH unpacking now uses 7zip. |
MM-7424 | Display of the DMARC DNS records on the Management Console Local Domains page was incomplete and inconsistent. Fixed. |
MM-7435 | When an array had no processing nodes, the Management Console Dashboard raised an error for each auto-refresh. Fixed. |
MM-7518 | The Marshal IP Reputation Service test function always reported invalid activation code. Fixed. |
MM-7533 | Rules can now be enabled or disabled from the list in the Management Console. |
MM-7595 | Reporting Groups can be configured in the Management Console. |
MM-8994 | With filtered lists, the detail pane could show details of the wrong item. Fixed. |
MM-9081 | Upgrade of 8.X Registry entries to the 10.X database was incorrectly case sensitive. Fixed. |
MM-9087 | The installer code has been cleaned of unused functions. |
MM-9141 | In the Management Console rule group selector, the preview feature hid the IP group selection. Fixed. |
MM-9194 | Management Console user preferences now allow the user to set the period for which messages in Archive folders are visible. The default is 36 months. |
MM-9383 | The version of the MSOLEDB driver included has been updated. |
MM-9392 | Authorized User entries with no name or email address entry could not be blocked/unblocked or deleted/undeleted. Fixed. |
MM-9466 | Rendering of complex HTML email bodies in the message view is improved. |
MM-9473 | The Management Console did not show all items in Archive folders if the retention was set to never expire. Fixed. |
MM-9477 | On the Management Console Edit User page, unnecessary radio button controls are removed. |
MM-9502 | CRL lookups results are cached in memory for up to an hour to reduce load caused by extremely large CRLs. |
MM-9511 | References to "black" lists and "white" lists have been changed to "block" and "allow". |
MM-9532 | The Engine service experienced excessive memory usage and file handle usage in some circumstances. Fixed. |
MM-9539 | In earlier 10.0 releases, CSS stylesheets displayed as text in the message view. Fixed. |
MM-9540 | In earlier 10.0 releases, HTML bodies of attached messages were not correctly rendered. Fixed. |
MM-9542 | SQL performance when purging DMARC data is improved. |
MM-9546 | The Receiver service no longer uses ANY queries when querying DNS based Reputation Services. |
MM-9553 | In the Management Console folder view, refreshing the list of dated folders updates the folder tree and retrieves any new folders. |
MM-9554 | A button to commit configuration on demand (even if no changes are pending) has been added to the Management Console under System Configuration > Array >General. |
MM-9555 | In the Management Console message details tab, the item size was not displayed. Fixed. |
MM-9556 | In the Management Console folder view, day folder dates in left and right panes could differ. Fixed. |
MM-9559 | In earlier 10.0 releases, the Array Statistics API call returned no data. Fixed. |
MM-9561 | After deleting a message in Folders or Message History, the view was not refreshed and browsers could report errors. Fixed. |
MM-9599 | The installer check for WebDAV could fail due to missing prerequisite DLLs. Fixed. |
MM-9602 | The Reporting settings page incorrectly required the MRC URL field to be completed. Fixed. |
MM-9609 | The installer provides provides better information about how to resolve installation issues. |
MM-9612 | Config Service database connection with Windows credentials enforced "log on locally" permission to the Array Manager but this was not needed. Fixed. |
MM-9616 | The Receiver service no longer uses ANY queries when querying the Marshal Reputation Service. |
MM-9617 | The Receiver service no longer uses ANY queries when querying DNS based block lists. |
MM-9618 | The Syslog service continued to retry sending and made excessive requests to the database when the target Syslog server refused connections. Fixed. |
MM-9619 | Usergroup pruning settings were not saved in the configuration backup. Fixed. |
MM-9621 | DMARC Reporting activity could consume excessive database connections. This issue has been addressed with changes to the connection logic. |
MM-9622 | The Management Console provides better information when a user cannot be logged on due to system error. |
MM-9627 | The message stamp and template editor used LF instead of CRLF for line endings. Email with this format is rejected by some servers. Fixed. |
MM-9630 | Addresses could not be added to user groups when duplicate group names existed in the list (for example, from multiple Connectors). Fixed. |
MM-9636 | Fields to select the single recipient address and "subscribed by default" were missing from the Management Console Digest configuration page. Fixed. |
MM-9644 | Retrieval of Group information by the Management Console has been optimized. |
MM-9658 |
The Management Console uses an updated version of the site
framework.
|
MM-9667 | Management Console list columns with numeric data were sorted as text. Fixed: these columns are now sorted numerically. |
MM-9672 | Failed DNS lookups for A records would not be retried for 24 hours. Fixed: Lookups that fail for transient reasons can be retried after 1 minute. |
MM-9675 | The Receiver service no longer uses ANY queries when querying the Marshal IP Reputation Service. |
MM-9702 | When lists in the Management Console were filtered, action buttons could apply to the wrong item. Fixed. |
MM-9737 | Connection Policy groups could not be disabled. Fixed. |
MM-9739 | Management Console error messages related to deleting or disabling rules and groups are improved. |
MM-9757 | The release of OpenSSL included with the product has been updated. |
MM-9779 | Import of configuration could fail if it included rules created in some earlier versions that allowed duplicate GUIDs. Fixed. |
MM-9782 | The version of .NET Core installed is updated to the latest 3.1 (long term support) release. |
MM-3361 | Paged views of folders and history in the Console could miss items at the page boundary if they were received within the same second. Fixed. |
MM-6288 | Outgoing DMARC Report emails are now DKIM signed if DKIM is available for the domain. |
MM-7029 | The installer checks that requested website ports are available. |
MM-7189 | Management Console validation of rule user matching is improved (semi-colons are not allowed in email addresses). |
MM-7194 | Installation requires .NET 3.5 to be pre-installed (automatic installation in-line is not possible in supported Windows versions). |
MM-7205 | Entering a new license key requires commit of configuration, but the commit button was not enabled in this case. Fixed. |
MM-7271 | Un-installation now removes the Management Console and Config Service websites from IIS. |
MM-7357 | If configuration commit requires service restarts, the console user is notified. This notification was present in 8.X but was not available in 10.0.0. |
MM-7411 | Attempting to view a Message History record (with no message body information) could return an error in the Mail History view of the Console. Fixed. |
MM-7534 | Maintenance expiry is show on the license details page. |
MM-7598 | Version information ("About") is available in the Profile section of the Management Console. |
MM-8477 | When services restart, the Receiver service is started first to improve responsiveness where the Engine loads a large configuration. |
MM-8632 | DMARC results reported by MailMarshal for local domains were not sent to an external RUA. Fixed. |
MM-8733 | For MailMarshal Service Provider Edition installations, additional checking of the Customer ID is performed when a user attempts to view a message. |
MM-8871 | Logging could show an incorrect rule name for a Pass to Rule action if the action had been edited. Processing was not affected. Fixed. |
MM-8875 | If a MailMarshal 8.2 database is selected for use, User Group and Connectors information is checked. Groups must match the groups available in MailMarshal 10. If the groups do not match, the database will not be accepted. |
MM-8876 | When a new MailMarshal database is created in the server tool, user groups are populated from the Configuration Service database. |
MM-8938 | For MailMarshal Service Provider Edition installations, Receiver SPF checking for local addresses could cause some notification messages to fail. Fixed. |
MM-8955 | Status of manual configuration restore is better presented in the Management Console. |
MM-8974 | Upgrade is blocked if an invalid "pass to rule" action is found in the previous version configuration. |
MM-8982 | Scheduled automatic backups were run at the time entered even if the "back up at" option was not selected. Fixed. |
MM-8993 | Filtering in Message History and Folders views was not effective. Fixed. Note that filtering only affects the currently displayed page. To search over all messages use the message search. |
MM-9027 | Setting of the physical path for each folder is supported. |
MM-9028 | A "task was cancelled" message displayed if a manual check for updates took a long time. Fixed. |
MM-9033 | Management Console logs are deleted after 30 days by default. |
MM-9042 | For new installations or upgrades from 8.2, the Management Console SSL certificate matches the local server name. |
MM-9043 | In release 10.0.0, the Folders view of email did not open in certain timezones at certain times of day. Fixed. |
MM-9044 | In release 10.0.0, SQL Server 2017 or 2019 was not detected as a permitted version. Fixed. |
MM-9093 | The release of OpenSSL included with the product has been updated. |
MM-9094 | In release 10.0.0, rule user matching did not display the user list for editing when more than one individual user entry was present. Fixed. |
MM-9122 | In release 10.0.0, creating a user group with wide characters in the name or description returned an error. The group was created but the name was not correctly displayed. Fixed. |
MM-9123 | In release 10.0.0, the calendar control display in Mail History Search showed incorrect weekdays for dates. Fixed. |
MM-9127 | In release 10.0.0, some entries in Advanced Settings were incorrectly treated as case sensitive, and services could stop as a result. Fixed. |
MM-9129 | TLS version limits can now be set in Advanced Settings. For details see Trustwave Knowledgebase article Q21147. Upgrade now imports the settings made in Registry in version 8.X. |
MM-9131 | The version of .NET Core installed is updated to the current 3.1 (long term support) release. |
MM-9132 | Upgrade prerequisite checks could fail due to case sensitive checking of AD connector prefixes. Fixed. |
MM-9136 | An additional SQL table index is added for User Groups to enhance Array Manager performance. |
MM-9146 | Upgrade from 8.X could not proceed if the System account was the Operational User of the MailMarshal database and the logged on user did not have database access. Fixed. |
MM-9147 | Editing an IP group did not correctly populate the form and the group could not be updated. Fixed. |
MM-9149 | The installer checks availability of website ports. |
MM-9156 | To enhance performance on very busy systems, the maximum values for sender threads configurable in the user interface have been increased and the sender check for processed messages is more frequent. |
MM-9181 | In release 10.0.0, upgrade or import of connectors did not handle names or descriptions that included certain extended characters. Fixed: German and Nordic characters are supported. |
MM-9189 | In release 10.0.0, the last user group in the list in the Console could not be opened by double-clicking. Fixed. |
MM-9200 | In release 10.0.0, the display of the message component tree in the Console was incorrect for identically named children of different attachments. Fixed. |
MM-9218 | Rejected message records in the database did not correctly translate IPv4 addresses stored in the IPv6 column. Fixed. |
MM-9221 | In release 10.0.0, upgrade could un-populate membership of connector based groups. Fixed. |
MM-9222 | The database record for a message could show an incorrect subject where multiple messages were received on the same connection. Fixed. |
MM-9249 | In release 10.0.0, high ASCII characters in subjects and filenames did not display correctly in the Console. Fixed. |
MM-9255 | After upgrade to 10.0.0 on a single server system, virus scanner updates could fail because a copy of an old license key was not removed. Fixed. |
MM-9261 | In release 10.0.0, files named with certain characters could not be viewed or downloaded in the Console. Fixed. |
MM-9264 | The listing of Top Level Domains included in the installation is updated (used by Blended Threat rewriting, DMARC, and SpamSURBL functions). |
MM-9306 | The SpamProfiler cartridge (executable) included in the release has been updated. |
MM-9326 | On upgrade to release 10.0.0, configuration import failed if disabled rules referenced non-existent user groups. Fixed: the offending disabled rules will not be imported. |
MM-9347 | Deleted Management Console users can be undeleted on the Authorized Users page. |
MM-9397 | Connector refresh times were not correctly set on restart of the Array Manager (UTC offset not applied). Delay to the next refresh could result. Fixed. |
MM-9430 | The version of Libtet (PDF unpacking) that is included in the installation has been updated. |
MM-4077 | Certificate Revocation List retrieval is improved: retrieval stops after the first successful download and information about failed sources is cached. |
MM-5741 | In SpamCensor attachment checking, search limits now allow ranges. Details are available in the Advanced Anti-spam document. |
MM-6645 | Category script evaluation was not performed on a RTF email body contained in "winmail.dat". Fixed. |
MM-6685 | In Category Scripts, TextCensor rules with a score of zero (used in combinations of rules) did not trigger. Fixed. |
MM-6697 | Specific complex email address local parts could cause the Receiver to stop. Fixed. |
MM-6797 | The Header Rewrite action "insert if missing" replaced an existing header value. Fixed: the action does not change an existing header. |
MM-6847 | Elliptic Curves "X25519" and "X448" are supported for key exchange. "secp256k1" is no longer supported because it cannot be used with TLSv1.3. At least one Elliptic Curve will always be selected in the Configurator. "X25519" is the default choice. |
MM-6853 | DMARC evaluation did not correctly check domain alignment of the DKIM or SPF pass. Fixed. |
MM-6900 | The REST API did not handle large volumes of concurrent requests. Fixed. |
MM-7209 | In version 8.2.3 and 8.2.4, the "last seen" date for user group entries was not updated as expected. Fixed. |
MM-7280 | In version 8.2.2 through 8.2.4, DMARC validation failed when SPF was validated but an invalid DKIM key was retrieved. Fixed. |
MM-8439 | The Category Script "filter by types" selection has been removed from the user interface. |
MM-8919 | DMARC report generation deleted unrelated configuration files from the Unpacking\Temp subfolder. In some cases the Engine service stopped as a result. Also, invalid DMARC report messages were never deleted. Both issues fixed. |
MM-8921 | Expired day folders within the DMARC Reports folder were never deleted. Fixed. |
MM-6770 | SEG supports verification of DKIM signatures signed with Ed25519-SHA256 (RFC-8463). |
MM-8477 | When services restart, the Receiver service is started first to improve responsiveness where the Engine loads a large configuration. |
MM-8698 | Some URL validation issues were not covered by the fix in MM-7191 (release 8.2.4). Fixed. |
MM-8733 | For SEG Service Provider Edition installations, additional checking of the Customer ID is performed when a user attempts to view a message. |
MM-8757 | In version 8.2.2 and above, DMARC validation failed when SPF was validated but an invalid DKIM key was retrieved. Fixed. |
MM-8781 | The cloud archiving service could stop delivering messages to the archive (messages were queued at the SEG server). Fixed. |
MM-8823 | When AD Authentication is used in the Receiver, the sender address can be validated against the user's email addresses retrieved from AD. |
MM-8902 | For SEG Service Provider Edition installations, the domain part of Reputation Service results is not shown in logs so that paid domain keys are not visible. |
MM-8910 | DMARC report generation deleted unrelated configuration files from the Unpacking\Temp subfolder. In some cases the Engine service stopped as a result. Also, invalid DMARC report messages were never deleted. Both issues fixed. |
MM-8917 | Expired day folders within the DMARC Reports folder were never deleted. Fixed. |
MM-8938 | For SEG Service Provider Edition installations, Receiver SPF checking for local addresses could cause some notification messages to fail. Fixed. |
MM-8942 | In version 8.2.3 and above, the "last seen" date for user group entries was not updated as expected. Fixed. |
MM-9089 | For SEG Service Provider Edition installations, DMARC can be evaluated even if the destination customer has not enabled DMARC. |
MM-9102 | The database record for a message could show an incorrect subject where multiple messages were received on the same connection. Fixed. |
MM-9139 | The version of OpenSSL used by SEG has been updated. |
MM-9142 | Removing child IP groups caused the Array Manager to stop. Fixed. |
MM-9156 | To enhance performance on very busy systems, the maximum values for sender threads configurable in the user interface have been increased and the sender check for processed messages is more frequent. |
MM-9209 | DMARC Reporting activity could consume excessive database connections. This issue has been addressed with changes to the connection logic. |
MM-9218 | Rejected message records in the database did not correctly translate IPv4 addresses stored in the IPv6 column. Fixed. |
MM-9246 | The REST API could not retrieve mail component files with specific characters in the file name. Fixed: the API call has been updated to use the POST method. |
MM-9262 | In SURBL category lookups, the domain part of Reputation Service results can be hidden in logs so that paid domain keys are not visible. |
MM-9435 | CRL lookups results are cached in memory for up to an hour to reduce load caused by extremely large CRLs. |
MM-9449 | The Syslog service continued to retry sending and made excessive requests to the database when the target Syslog server refused connections. Fixed. |
MM-9456 | If the directory referenced by the Cloud Archiving service was not present, messages for archiving were deadlettered. Fixed: the directory is re-created if necessary. |
MM-9510 | The Engine service experienced excessive memory usage and file handle usage in some circumstances. Fixed. |
MM-9534 | Usergroup pruning settings were not saved in the configuration backup. Fixed. |
MM-9544 | The Receiver service no longer uses ANY queries when querying DNS based block lists. |
MM-9547 | The Receiver service no longer uses ANY queries when querying the Marshal Reputation Service. |
MM-9573 | For SEG Service Provider Edition installations, temporary files for messages that were split based on recipients were not deleted in some cases. Fixed. |
MM-9567 | The Syslog service could stop due to a race condition when invoked from multiple threads. Fixed. |
MM-9569 | User group pruning did not delete entries containing upper case letters. Fixed. |
MM-6570 | For MailMarshal Service Provider Edition installations, email between customers on the same system retains the external sender IP for policy evaluation. |
MM-6764 | For MailMarshal Service Provider Edition installations, client authentication did not override relay table checking. Fixed. |
MM-6848 | MMReleaseMessage checking of recipient addresses was case sensitive. Fixed. |
MM-7124 | For MailMarshal Service Provider Edition installations, visibility of messages in the SQM did not match the retention period for the containing folder. Fixed. |
MM-7139 | MailMarshal attempts to load a header rewrite map file from additional locations including the installation, Config and NodeConfig folders. |
MM-7147 | DMARC evaluation did not correctly check domain alignment of the DKIM result. Fixed. |
MM-7176 | The default retention period for service logs is increased to 14 days. |
MM-7191 | Reputation Services could return a TEMPFAIL for an indefinite time due to submission of URLs with a trailing . character. Fixed: the URLs are truncated correctly before submission. |
MM-7254 | In 8.1 and 8.2 releases, the User Filter function of the Console Recycle Bin returned an error. Fixed. |
MM-7291 | The DKIM signature header is added above existing headers (previously was at the end of headers). |
MM-7297 | Moving of temporary files during Receiver processing could fail. Fixed: moving is retried for a limited time. |
MM-7298 | Notification message names are logged to the Engine text log, for events such as dead letters. |
MM-7317 | DKIM header signing now only includes the headers recommended in the DKIM RFC. |
MM-7603 | The SpamProfiler "bulk" response attribute is captured for further processing. |
MM-6447 | In version 8.1 and above, the SQM Mail Search in "all folders" returned no results. Fixed. |
MM-6759 | The Engine stopped when the Executive Names list contained Unicode characters. Fixed. |
MM-6790 | For MailMarshal Service Provider Edition installations, messages were incorrectly marked as having an external sender in specific cases. Fixed. |
MM-6835 | The Trustwave Email Archiving rule action could queue messages for archiving when the feature was not configured or the license was expired. Fixed. |
MM-6849 | The JSON structure returned from the API quarantine folders call has been improved. |
MM-6850 | The Engine now continues to run when incorrect Azure Information Protection credentials are provided. Affected messages will be deadlettered. |
MM-6852 | Azure Information Protection is added to the REST API. |
MM-6856 | ACE archive unpacking executables are removed from the product on install and upgrade. |
MM-6865 | Azure SQL Managed Instances are detected for feature support. |
MM-6876 | For MailMarshal Service Provider Edition installations, caching of AIP RMS credentials is improved. |
MM-6878 | For MailMarshal Service Provider Edition installations, per-customer use of AIP RMS credentials is enabled. |
MM-6892 | Adding users to groups in the database could cause delays for email logging. Fixed. |
MM-6904 | Unpack exceptions did not log the file name. Fixed. |
MM-6909 | In earlier 8.2 releases, HTML message stamps configured for the bottom of a message were placed at the top of certain poorly formatted messages. Fixed. |
MM-6917 | Insertion of Receiver logs to the database could be slow, resulting in deadlocks. Fixed. |
MM-6919 | Insertion of Receiver logs to the database could be slow, resulting in deadlocks. Fixed. |
MM-6924 | For MailMarshal Service Provider Edition installations, the Customer ID is included with Syslog Quarantine Audit records. |
MM-6925 | Database log processing could be slow on installations with very large user groups while the "last seen" data was updated. Fixed. |
MM-6938 | Certain header field variable additions included an extra carriage return character. Fixed. |
MM-6973 | Syslog service reloading has been updated to work with MailMarshal Service Provider Edition installations. |
MM-6982 | On upgrade to previous versions, some new SQL table indexes were not created. Fixed. |
MM-6986 | Additional indexes are created on SQL DMARC tables. |
MM-6990 | The Receiver could stop unexpectedly when processing a malformed DMARC record. Fixed. |
MM-6991 | The "do not NDR" rule action was not applied to BCC copies of the original message. Fixed. |
MM-6999 | The Routing Table format has been modified to support MailMarshal Service Provider Edition scenarios. |
MM-7007 | Checking of receiver "time behind" and engine throttling is improved. |
MM-7065 | Array Manager file operations could fail due to the DMARC report generator not releasing some files when an exception occurred. Fixed. |
MM-6700 | Some installations affected by the issue fixed in MM-4324 required a manual update to stored procedures after every upgrade. Fixed. |
MM-6763 | When Syslog processing was enabled, the Array Manager could stop unexpectedly. Fixed. |
MM-6771 | In earlier 8.2 releases, folded Subject lines were not correctly populated by the Receiver. Fixed. |
MM-6772 | In earlier 8.2 releases, DKIM signing and verification did not correctly handle folded headers. Fixed. |
MM-6783 | In version 8.1 and above, the repacking flags for external commands were incorrectly set. Fixed. |
MM-6785 | Syslog processing caused the Array Manager to stop with certain system date formats. Fixed. |
MM-6787 | The Array Manager log now includes more details of DBLog file processing. |
MM-6788 | The default settings for update of the "last seen" value (user group pruning) have been adjusted to improve database performance on large sites. |
MM-6789 | In some cases the Engine did not deadletter a message when an exception occurred in unpacking. Fixed. |
MM-6795 | In version 8.1 and above, slow processing of rule profiling data at the Array Manager could cause DBLog files to be queued at the processing servers. Fixed. |
MM-6799 | Rule profiler usage statistics were incorrect when a rule was copied. Fixed. |
MM-6802 | Routing table entries containing high ASCII characters such as umlaut characters could not be edited in the Configurator. Fixed. |
MM-6804 | Gathering of Product Improvement Program (telemetry) data caused services to fail when the SQL server was unavailable. Fixed. |
MM-6807 | The SpamProfiler cartridge (executable) included in the release has been updated. |
MM-6731 | Messages deadlettered due to rejection by the Archiver server were incorrectly classified as "deadletter - routing". Fixed: these messages are classified as "deadletter - archiving" |
MM-6736 | The Receiver incorrectly skipped DKIM/DMARC evaluation for inbound messages. Fixed. |
MM-1717 | SpamCensor and SpamProfiler results are added to message headers for easier analysis. |
MM-4324 | Merging a configuration allowed duplicate classification codes. Fixed: Classifications are made unique when merging. Upgrade to 8.2 or above resolves existing duplicates. |
MM-4842 | IP allow list updates are improved to ensure that pruned addresses are not restored by an update. |
MM-5007 | DKIM keys can now be included in the configuration backup. |
MM-5125 | Message subjects written to the database by the Receiver and Sender now support wide characters. |
MM-5132 | For MailMarshal Service Provider Edition installations, the Customer Name is available in Templates and Digests with the variable {CustomerName}. |
MM-5554 | Global TLD information consumed by all feature is retrieved from a file that can be updated through the product update service. An updated file is also included in this release. |
MM-5634 | When a message is temporarily undeliverable, the failure reason or code is logged to the message table. |
MM-5635 | A new rule action provides the ability to insert text at the beginning of a message subject. |
MM-5740 | SpamCensor attachment evaluation now allows multiple entries in the FileType parameter. |
MM-5776 | The version of the ChartDirector charting software included in the installation has been updated. |
MM-5895 | The DMARC DNS record check from the Configurator now uses Google DNS or a DNS server set with a registry key. |
MM-6251 | The version of DKIM processing (LibOpenDKIM) included is updated. |
MM-6277 | A new rule action allows MailMarshal to not return an NDR when onward message delivery is refused. This action is logged. |
MM-6290 | The Sender service could stop unexpectedly in rare cases due to routing issues. Fixed. |
MM-6314 | The version of DMARC processing (LibOpenDMARC) included is updated. |
MM-6316 | Badly formatted DMARC reports were never deleted from folders. Fixed. |
MM-6339 | The version of the Yara Analysis Engine included is updated. |
MM-6341 | For MailMarshal Service Provider Edition installations, messages are rejected by default if the SPE Customer ID cannot be determined. |
MM-6369 | The Configurator now allows selection of more than one Elliptic Curve for key exchange. |
MM-6399 | Shutdown of the SpamProfiler service has been improved. |
MM-6408 | The included default database provider driver is MSOLEDBSQL (supporting TLS v1.2 secured connections). |
MM-6435 | The version of Libcurl included with the product is updated. |
MM-6449 | Image Analyzer has been updated to version 7. |
MM-6450 | Subfolders of the Config folder are now included in the configuration commit from Array Manager to processing servers. |
MM-6501 | For outbound messages, SPF, DKIM, and DMARC evaluation is now only performed if explicitly required by rules. Internal servers sending through MailMarshal are not expected to have entries that allow DMARC validation. The previous behavior (evaluating all messages) can be set if required. |
MM-6522 | Message stamping uses in-memory files to improve performance. |
MM-6567 | The DMARC Report Import service now only runs if required by configuration settings. |
MM-6572 | Releasing of messages to multiple recipients by the Controller service is more efficient. |
MM-6585 | SQM now correctly displays Unicode characters in message subjects. |
MM-6586 | In earlier versions, encoding tags in the subject line (such as UTF-8) could be ignored if presented in uppercase. Fixed. |
MM-6590 | The Server Tool now allows explicit configuration of separate Server, Database, and Operational User for the Syslog database. |
MM-6567 | The DMARC Report Import service runs only when DMARC is enabled for a local domain. |
MM-6601 | DKIM key generation now allows selection of the key length (1024, 2048, or 4096). |
MM-6602 | Message stamps now allow CSS STYLE tags to be defined and merged into the styles for the stamped message. |
MM-6603 | DMARC policy processing now honors the optional "PCT" value. |
MM-6608 | For MailMarshal Service Provider Edition installations, DMARC settings were not correctly applied for each customer. Fixed. |
MM-6609 | DMARC validation of incoming DMARC reports has been updated to be independent of other rules. |
MM-6611 | SpamProfiler holds some suspect messages briefly for rescanning to improve accuracy. |
MM-6618 | Enabling Syslog in the Configurator no longer checks for a Syslog database. This change allows configuration of the service when the Windows user does not have permission to connect to the database. |
MM-6629 | Named Expressions in TextCensor scripts could not be edited. Fixed. |
MM-6632 | MailMarshal now collects anonymized summary system data for the MailMarshal Product Improvement Program by default. For details, see Trustwave Knowledge Base article Q21064. |
MM-6643 | Message data submitted for SpamProfiler for evaluation is limited in size for performance reasons. |
MM-6649 | The timestamp of Syslog records was converted to Array Manger local time instead of UTC. Fixed. |
MM-6651 | When editing or creating a TextCensor script, the presence of named expressions was not correctly checked. Fixed. |
MM-6660 | The TextCensor DLL included with the installation has been updated. |
MM-6692 | DMARC tables are indexed for performance improvement. |
MM-6695 | The Block Malware - Outbreak Detection rules are removed. These rules depend on a sub-category in SpamProfiler that is not currently implemented. |
To review Release History prior to version 8.2, please see the Release Notes for the specific versions.
Copyright © 2021 Trustwave Holdings, Inc.
All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
The authors make no representation or warranties with respect to the accuracy or
completeness of the contents of this document and specifically disclaim any
implied warranties of merchantability or fitness for a particular purpose. No
warranty may be created or extended by sales representatives or written sales
materials. The advice and strategies contained herein may not be suitable for
your situation. You should consult with a professional where appropriate.
Neither the author nor Trustwave shall be liable for any loss of profit or any
commercial damages, including but not limited to direct, indirect, special,
incidental, consequential, or other damages.
Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.
Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave
, visit https://www.trustwave.com.