Trustwave MailMarshal 10.1 Release Notes

(Previously known as Trustwave SEG)

Last Revision: March 15, 2024

These notes are additional to the MailMarshal User Guide and supersede information supplied in that Guide.

The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21210.

Table of Contents

New Features
System Requirements
Upgrade Instructions
Uninstalling
Release History

New Features

For more information about additional minor features and bug fixes, see the release history.

Features New in 10.1.0

Features New in 10.0.7

Features New in 10.0.5

Features New in 10.0.4

Features New in 10.0.2

Features New in 10.0.1

Features New in 10.0

System Requirements

The following system requirements are the minimum levels required for a typical installation of the Trustwave MailMarshal Array Manager and selected database.

Table 1: System Requirements
Category Requirements
Processor Core i5 or similar performance
Disk Space 20GB (NTFS), and additional space to support email archiving
Memory 8GB (6GB available to MailMarshal plus 2GB for operating system). Allow an additional 2GB if SQL Express is installed locally.
Supported Operating System
  • Windows Server 2016, Server 2019, Server 2022 (Essentials Edition or above)
  • Windows 10 (Allowed but not recommended)
Network Access
  • TCP/IP protocol
  • Domain structure
  • External DNS name resolution - DNS MX record to allow Trustwave MailMarshal Server to receive inbound email
Software
  • Microsoft .NET Framework 4.6.1 (or later 4.X)
    • MailMarshal will install additional software as needed, including .NET 7 and C++ Runtimes.
    • If you have installed a later release/patch version of .NET 7, you must install the identical version of the Hosting, Runtime, and Desktop packages
  • Database server (managed cloud service): Azure SQL Database
  • Database server: SQL Server 2022, SQL Server 2019, SQL Server 2017, SQL Server 2016, SQL Server 2014
  • Database server (free versions): SQL 2022 Express, SQL 2019 Express, SQL 2017 Express, SQL 2016 Express, SQL 2014 Express

    (Service packs listed are the minimum required for compatibility with all supported operating systems)

  • Web browser (for Management Console connection): Chrome, Edge, Firefox, or Safari. (Internet Explorer is not supported).
  • IIS (array manager only).
    • Windows Authentication must be enabled in IIS.
    • Note: WebDAV must not be active on the MailMarshal websites. For WebDAV removal, see Trustwave Knowledge Base article Q21096.
Port Access
  • Port 53 - for DNS external email server name resolution
  • Port 80 (HTTP) and Port 443 (HTTPS) - for SpamCensor updates
  • Port 1433 - for connection to SQL Server database and Reports console computers
  • Port 19001 - between Array Manager and Processing Nodes
    Note: Additional ports are required by the Nodes for email and updates.
  • Port 19006 and port 19007 (HTTPS) - for communication between components on the Array Manager. If the MailMarshal API is in use from other servers to the array manager, these ports must be open from the API client to the Array Manager.

 

Upgrade Instructions

Please review the MailMarshal User Guide before upgrading.  

Trustwave MailMarshal 10.1 supports a direct upgrade from MailMarshal/Trustwave SEG 8.3.2, and MailMarshal 10.0.3 and above.

If your installed version does not support direct upgrade, you can upgrade in steps.

Upgrade Preview

A standalone tool is available to check prerequisites and potential configuration issues before upgrade. See the product download page.

Database Prerequisites

Upgrading a Single Server

To upgrade a single MailMarshal server from any version supporting direct upgrade, install the new version on the existing server. You do not need to uninstall your existing version. The database will be upgraded in place, if necessary.

Upgrading an Array of Servers

You must upgrade each server by logging on locally. The remote upgrade feature that was present in earlier versions will not be available in MailMarshal 10.X.

Upgrading a Database

In the MailMarshal Server Tool, if you select a database that can be upgraded (version 8.2.3 or later 8.2.X), you will be given the option to upgrade and use the database.

Importing an 8.X Configuration Backup

After installing MailMarshal 10.X, you can import a configuration backup from version 8.2.3 or later 8.2 version.

  1. Convert the backup to the 10.X backup format (zip file) using the MMConvConfig command line tool found in the MailMarshal 10.X installation folder.

  2. Import the converted configuration zip file using the Restore function in the Management Interface, or the MMExportConfig command line tool.

For full information about these tools see the User Guide.

Upgrading From Older Versions

To upgrade from a version prior to 8.3.2, first upgrade to version 8.3.2. To upgrade from 10.0.2 or below, first upgrade to 10.0.7. Full details about upgrading from older versions can be found in the documentation for the target version.

Notes on Upgrading

Note: The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21210.

Read the notes for all versions newer than your installed version. This list only includes information about version 10.0. For upgrade changes in earlier versions, see the release notes of each version.

Uninstalling

MailMarshal can be installed in a variety of scenarios. For full information on uninstalling MailMarshal from a production environment, see the Trustwave MailMarshal User Guide.

To uninstall a trial installation on a single computer:

  1. Close all instances of the MailMarshal Management Console website and helper applications such as Server Tool.
  2. Use Add/Remove Programs from the Windows Control Panel to remove Trustwave MailMarshal.
  3. Use Add/Remove Programs from the Windows Control Panel to remove additional components you may have installed, such as Web components or the Marshal Reporting Console.
  4. If you have installed any components (such as the Web components) on other computers, uninstall them.
  5. If you have installed SQL Express specifically to support MailMarshal and no other applications are using it, uninstall SQL Express.

Release History

The following additional items have been changed or updated in the specific build versions of Trustwave MailMarshal (previously Trustwave SEG) listed.

Note: The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21210.

10.1.0 (March 15, 2024)

MM-7272 In previous 10.X releases, the Management Console did not correctly display DKIM record status. Fixed.
MM-7413 Image Analyzer rules could be created when the feature was not licensed. Fixed.
MM-10759 The location of the Controller Temp folder can be configured with an entry in the JSON configuration file.
MM-10822 The limit on length of folder descriptions was not validated on entry in the Management Console. Fixed.
MM-10843 Certain values of Marshal Reputation Service credentials were not recognized as valid by the test in the Management Console. Fixed.
MM-10920 The FolderRetention variable is now available for use in notification templates as well as in digest templates.
MM-10955 The Receiver could stop unexpectedly when evaluating certain badly formed DKIM signatures. Fixed.
MM-10961 Logic to throttle message acceptance under high load is improved.
MM-10983 The version of .NET installed is updated.
MM-10984 For Service Provider Edition installations, the Syslog service uses the globally configured certificate for all customers.
MM-10985 Array Manager retry behavior during transient database errors is improved.
MM-11031 For Service Provider Edition installations, an option is provided to reject messages addressed with a domain part that is a non-routable IP address.
MM-11036 When editing the "Skip to specific rule" action it was possible to select a rule in a disabled policy group. Fixed.
MM-11037 Handling of failed Active Directory based authentication attempts in the Receiver is improved.
MM-11038 Validation of HTML entry in stamp and template editors disallowed the text "start". Fixed.
MM-11041 In release 10.0.7, if update of Visual C++ executables required a system restart, the installer exited with no warning. Fixed.
MM-11042 Parameters used to generate the certificate for the REST server have been updated for compatibility with current operating systems.
MM-11044 Management of unexpected conditions in Syslog record processing is improved.
MM-11049 The "last seen" column is removed from the IP Groups member detail listing. "Last seen" is not implemented for IP addresses.
MM-11097 DNS lookup supports DNSSEC.
MM-11108 The database connection string includes the "ApplicationName" attribute for better tracking.
MM-11160 Saving changes to Connector definitions did not correctly validate unchanged passwords. Fixed.
MM-11169 In rare cases, changes in user group membership were not propagated to processing nodes. Fixed.
MM-11210 The message move and delete actions now require selection of a "category" (malware, phishing, spam, or none) for use in the Dashboard.
MM-11232 Export of files from the Management Console failed with a "network issue" error in some recent client browser versions. Fixed.
MM-11242 Release 10.0.7 did not allow upgrade from 8.3.X releases. Fixed.
MM-11250 Image Analyzer now offers detection of many types of image content.
MM-11280 Outbound email delivery supports DANE.
MM-11359 The SpamProfiler cartridge (executable) included in the release has been updated. HTTPS communication with the SpamProfiler updater is enforced by default.
MM-11360 The version of Visual C++ redistributable included in the install is updated.

10.0.7 (September 29, 2023)

MM-7326 Quarantine Audit history can be viewed and searched from the Management Console.
MM-7416 In earlier 10.X versions, node servers could not be deleted from the installation through the Console. Fixed.
MM-8657 Specific formatting of IP address values in the HELO string caused SPF evaluation to fail. Fixed.
MM-10504 In earlier 10.X versions, some log lines were omitted from the Receiver logs. Fixed.
MM-10687 Outbound digests were not generated when the "operational user" was used for SQL connection. Fixed.
MM-10813 In the Management Console, selecting from a checkbox list with hundreds of entries returned the wrong item. Fixed.
MM-10830 SPF evaluation over-counted the number of DNS lookups required. Fixed.
MM-10845 SPF record macro expansion did not correctly expand IPv6 addresses. Fixed.
MM-10850 Import of configurations could fail if some specific values were included, due to an issue with parsing XML paths. Fixed.
MM-10909 MailMarshal uses an updated version of the TLS/SSL library.
MM-10926 Links containing querystrings in the text of a HTML message body (not within a HREF tag) were treated incorrectly by the BTM rewriter. Fixed.
MM-10954 Text logs showed an incorrect delay time on Syslog queue inserts for some actions. Fixed.
MM-10967 IP group membership was not correctly propagated to processing servers after complete refresh of the group with some continuing members. Fixed.
MM-10983 The version of .NET installed is updated to the current .NET 6 release 6.0.20
MM-10988 The SpamProfiler cartridge (executable) included in the release has been updated.
MM-10991 The version of Visual C++ redistributable included in the install is updated.
MM-10992 Universal C runtime updating is removed from the installer (not required by supported OS versions).

10.0.6 (February 28, 2023)

MM-10540 In earlier 10.X versions, the message release "keep message" option was not correctly selected when the console user did not have permission to delete the message. Fixed.
MM-10572 The Array Manager REST API now supports only TLS 1.2 or 1.3 connections.
MM-10605 In some earlier 10.X versions, it was not possible to select another message from the message history when the details pane was open. Fixed.
MM-10611 In some earlier 10.X versions, the message viewer incorrectly remove the word "start" from the message text. Fixed.
MM-10644 After upgrade from 8.X, custom routing or relay entries were not reflected in the Management Console. Fixed.
MM-10704 Message stamp editing removed HTML entities, required for correct display of accented characters in stamps. Fixed: for details of how to save HTML stamps with entities for accented characters, see Trustwave Knowledgebase article Q21195.
MM-10711 After upgrade or configuration import, membership of connector groups was lost until the next scheduled synchronization. Fixed.
MM-10718 The header "insert if missing" action requires the value to start with a space, but leading spaces were trimmed from entered text. Fixed.
MM-10720 Controller retrieval of user groups is now batched for efficiency.
MM-10748 In earlier 10.X releases, the Quarantine Audit did not record the user name for actions taken in the Management Console. Fixed.
MM-10749 Upgrade from version 8.X failed if a TLS certificate had been configured for Syslog. Fixed.
MM-10753 Attempting to view a large message (for example 50 MB) in the Management Console returned an error. Addressed by increasing the timeout for retrieving and displaying messages.
MM-10772 The version of .NET installed is updated to the current .NET 6 release (replacing .NET Core 3.1).
MM-10800 Subfolder dates shown in the Folders view in the Management Console could be one day off depending on Daylight Saving Time. Fixed.
MM-10806 Management Console tree views with a large number of nodes such as folder views could cause browser slowness and out of memory errors. Fixed.
MM-10812 Validation of group names on upgrade used incorrect criteria and could cause the installer to exit unexpectedly. Fixed.

10.0.5 (August 31, 2022)

MM-8598 The Policy Group Schedule page includes a Set Default Schedule option.
MM-9304 Timezones used in DMARC reporting were made consistent.
MM-9818 The DMARC library included is updated.
MM-10136 The Archiver service used to connect to Cloud Archiving could stop in a specific case. Fixed.
MM-10154 Advanced Settings for individual processing servers can be managed from the Mail Servers area in the Console.
MM-10339 In release 10.0.4, the rule editor for condition "sender authenticated successfully" did not work correctly. Fixed.
MM-10346 In release 10.0.4, mail server Receiver and Sender statistics were not visible when the queue list was empty. Fixed.
MM-10391 Connectivity between Array Manager and Nodes is more reliable in distributed installations.
MM-10403 It is now possible to specific the IP address binding for the API deliveryserver/check function.
MM-10404 For Service Provider Edition installations, messages from an authenticated connection must be from or to domains belonging to the authenticated customer.
MM-10405 For Service Provider Edition installations, the local loopback target IP address can be specified.
MM-10420 Group Manager querying of Connector groups is more efficient.
MM-10443 When editing file type conditions, a type found in more than one of the groups was not correctly displayed or removed. Fixed.
MM-10445 The version of the Regular Expression library included has been updated.
MM-10448 When editing the deadletter spam rule, conditions were not shown correctly. Fixed.
MM-10459 On upgrade, obsolete versions of some third party modules are removed from the Config and NodeConfig folders.
MM-10499 In release 10.0.4, the Light theme setting was not persisted for Windows authentication users. Fixed.
MM-10500 In release 10.0.4, the password entered in the TLS Wizard for p12 export was not applied to the file. Fixed.
MM-10507 The version of Image Analyzer included is updated to resolve a memory leak issue.
MM-10509 In release 10.0.4, User Matching entry for rules did not allow entries with only wildcards (such as *@*.*). Fixed.
MM-10513 In release 10.0.4, sorting of the user group Last Seen column was incorrect. Fixed.
MM-10515 DMARC Aggregate Reports could include data from multiple days. Fixed.
MM-10566 In release 10.0.4, the rule condition "sender authenticated successfully" was written to configuration incorrectly by the editor. Fixed.
MM-10569 New PhishFilter rules are included in the default rules for new installations and supporting files are provided.
MM-10570 Tensorflow.dll is installed to the Config folder and removed from the main install folder.
MM-10571 In version 10.0.4, the database connection string for the Configuration Service database did not include the Multi-Subnet Failover keyword when selected. Fixed.
MM-10574 In some earlier versions, quoted commas in the From: header were not correctly parsed. Fixed.
MM-10586 In release 10.0.4, the Message Viewer truncated forwarded message content in the message body. Fixed.
MM-10592 Certain messages delivered to the Cloud Email Archive Service were corrupted in transmission. Fixed.
TUI-459 In release 10.0.4, the Management Console did not display when the browser language was set to Swedish. Fixed.

10.0.4 (May 17, 2022)

MM-6025 Deletion of long unpacking paths is improved.
MM-7162 User input validation has been improved for many fields.
MM-7346 In earlier 10.X releases, DNS server selection for Mail Servers did not allow IPv6 addresses. Fixed.
MM-7353 In earlier 10.X releases, validation of element names did not exclude problem characters (; , \ /). Fixed.
MM-7434 Console Executive Name List entry supports pasting multiple lines from the clipboard.
MM-8995 On upgrade, upgrade preview, and import of 8.X backups, if digests contain references to deleted user groups the error is logged and action stops.
MM-9150 Installations check for available product upgrades and raise a notice in the Console.
MM-9225 API calls are provided to update and delete "usermaintained" user groups in bulk.
MM-9381 The included REST SDK has been updated.
MM-9568 For Service Provider Edition installations, the flag to allow "no tenant" messages could be ignored when multiple messages were sent on a connection. Fixed.
MM-9778 Backups made by earlier 10.X releases could not be restored if a rule made direct reference to Connector User Groups (error "invalid property bag"). Backup behavior is fixed.
MM-9791 The included DMARC library has been updated.
MM-9794 The included Regular Expression library has been updated.
MM-9806 In release 10.0.2 and 10.0.3, the Management Console Mail Server General page was not correctly populated by default. Fixed.
MM-9807 HTML Message stamps and templates now allow CSS styling attributes directly on elements.
MM-9834 Date and time format in the Management Console follows Windows System format settings on the Array Manager. For details of how to apply changes, see Trustwave Knowledgebase article Q21174.
MM-9836 Time zone adjustment for the Dashboard component was incorrect. Fixed.
MM-9847 DMARC evaluation now considers multiple domains in the From: header and applies the most restrictive result.
DKIM signing is attempted for the first domain in the From: header that belongs to a local domain with DKIM enabled.
MM-9849 Management Console user preferences now include a Time Zone setting (defaults to the Array Manager time zone).
MM-9876 Default Digest templates are updated to ensure the Release link displays on narrow screens.
MM-9902 SQM website headers are updated for better framing security.
MM-9904 SQM website error display is improved.
MM-9905 Management Console website headers are updated for better framing security.
MM-9906 Management Console cookies use the "Secure" setting when HTTPS is active.
MM-9916 Message extraction for DKIM signing uses a larger buffer for improved performance.
MM-9939 Certain characters in subject lines could cause the Message History display to fail. Fixed.
MM-9944 A new version of the Management Console UI framework is included.
MM-9952 DMARC evaluation now considers results of checking all DKIM signatures present in the message.
MM-9961 A new REST API request type is available to retrieve a MML file without unpacking.
MM-10119 The MMUpgradeToX prerequisite checker exited unexpectedly on node-only installs where IIS had been uninstalled. Fixed.
MM-10141 Rule Profiler data provided through the REST API was invalid. Fixed.
MM-10164 DeepEvals scores are cached to enhance performance.
MM-10171 The File Update notification email is reformatted and more informative.
MM-10190 Detail and formatting of the file update notification email has been enhanced.
MM-10192 Email messages with the ! character in the local part are no longer blocked by the "suspicious local part" setting.
MM-10195 BTM statistics retrieval is limited to the last 7 days.
MM-10211 The Config Service did not support Unicode characters in the SQL database password. Fixed.
MM-10216 Attempting to view an empty Change Set returned an error. Fixed.
MM-10217 PolicyGroup  enabled times could change unexpectedly when edited. Fixed.
MM-10218 Upgrade could fail where the Config Service DB connection used the IIS application pool account. Fixed.
MM-10239 Syslog record insertion to the local database could drop records on service shutdown. Fixed.
MM-10257 When deleted rules were shown in an email policy view, invalid action buttons were enabled. Fixed.
MM-10263 Display pagination issues for the Folder view are corrected.
MM-10270 Display pagination issues for the Message History view are corrected.
MM-10281 Deleted Reputation Services were available for selection. Fixed.
MM-10303 The Reporting Retention Days setting from the interface was not applied. Fixed.
MM-10307 The Server Tool removes any double backslash from path entries to avoid possible issues when services use the path.
MM-10326 For Sent History items, the API did not return a usable reference to the original MML content. Fixed.
MM-10344 The header From: value was not properly populated when the value contained a comma. DKIM would fail due to the empty value. Fixed.
MM-10345 Content-Transfer-Encoding x-uue is recognized (treated as x-uuencode)
MM-10353 For Service Provider Edition installations, the "LHASH" parameter for delivery between nodes is ignored if it cannot be decoded.
MM-10370 The size of the Receiver in-memory CRL cache is increased.
MM-10376 The logic for checking user groups for retrieval is improved.
MM-10397 User Groups could not be added from Active Directory when the OU included non-ASCII characters. Fixed.
MM-10401 Delivery of Syslog records to the remote server is multi-threaded to cater for much higher volume.
MM-10411 Message history search by message name ignores all other parameters.
MM-10407 Visual C++ 2010 redistributable or DLLS are no longer required.
MM-10413 All Database connectivity supports SQL Multi-Subnet Failover.
MM-10434 The release of TLS/SSL libraries included with the product has been updated.

10.0.3 (July 6, 2021)

MM-9761 In earlier 10.X releases, if the database location was changed, the installer did not correctly determine the database to be upgraded. Fixed.
MM-9776 Validation of group names on upgrade is improved.
MM-9802 The Management Console message view now includes a view of raw HTML source for HTML email bodies.
MM-9893 The Receiver could stop unexpectedly due to improper TLS renegotiation. Fixed.
MM-9897 In version 10.0.2, changing Reporting Groups in the Management Console prevented further configuration changes. Fixed.
MM-9914 In earlier 10.X releases, servers could show as offline in the Console because the status check timed out immediately. Fixed: the check waits 10 seconds for a response.

10.0.2 (April 28, 2021)

MM-7052 In earlier 10.X releases, new folder and classification names were not checked for duplicates of existing items. Fixed.
MM-7078 LZH unpacking now uses 7zip files.
MM-7424 Display of the DMARC DNS records on the Management Console Local Domains page was incomplete and inconsistent. Fixed.
MM-7435 When an array had no processing nodes, the Management Console Dashboard raised an error for each auto-refresh. Fixed.
MM-7518 The Marshal IP Reputation Service test function always reported invalid activation code. Fixed.
MM-7533 Rules can now be enabled or disabled from the list in the Management Console.
MM-7595 Reporting Groups can be configured in the Management Console.
MM-8994 With filtered lists, the detail pane could show details of the wrong item. Fixed.
MM-9081 Upgrade of 8.X Registry entries to the 10.X database was incorrectly case sensitive. Fixed.
MM-9087 The installer code has been cleaned of unused functions.
MM-9141 In the Management Console rule group selector, the preview feature hid the IP group selection. Fixed.
MM-9194 Management Console user preferences now allow the user to set the period for which messages in Archive folders are visible. The default is 36 months.
MM-9383 The version of the MSOLEDB driver included has been updated.
MM-9392 Authorized User entries with no name or email address entry could not be blocked/unblocked or deleted/undeleted. Fixed.
MM-9466 Rendering of complex HTML email bodies in the message view is improved.
MM-9473 The Management Console did not show all items in Archive folders if the retention was set to never expire. Fixed.
MM-9477 On the Management Console Edit User page, unnecessary radio button controls are removed.
MM-9502 CRL lookups results are cached in memory for up to an hour to reduce load caused by extremely large CRLs.
MM-9511 References to "black" lists and "white" lists have been changed to "block" and "allow".
MM-9532 The Engine service experienced excessive memory usage and file handle usage in some circumstances. Fixed.
MM-9539 In earlier 10.0 releases, CSS stylesheets displayed as text in the message view. Fixed.
MM-9540 In earlier 10.0 releases, HTML bodies of attached messages were not correctly rendered. Fixed.
MM-9542 SQL performance when purging DMARC data is improved.
MM-9546 The Receiver service no longer uses ANY queries when querying DNS based Reputation Services.
MM-9553 In the Management Console folder view, refreshing the list of dated folders updates the folder tree and retrieves any new folders.
MM-9554 A button to commit configuration on demand (even if no changes are pending) has been added to the Management Console under System Configuration > Array >General.
MM-9555 In the Management Console message details tab, the item size was not displayed. Fixed.
MM-9556 In the Management Console folder view, day folder dates in left and right panes could differ. Fixed.
MM-9559 In earlier 10.0 releases, the Array Statistics API call returned no data. Fixed.
MM-9561 After deleting a message in Folders or Message History, the view was not refreshed and browsers could report errors. Fixed.
MM-9599 The installer check for WebDAV could fail due to missing prerequisite DLLs. Fixed.
MM-9602 The Reporting settings page incorrectly required the MRC URL field to be completed. Fixed.
MM-9609 The installer provides provides better information about how to resolve installation issues.
MM-9612 Config Service database connection with Windows credentials enforced "log on locally" permission to the Array Manager but this was not needed. Fixed.
MM-9616 The Receiver service no longer uses ANY queries when querying the Marshal Reputation Service.
MM-9617 The Receiver service no longer uses ANY queries when querying DNS based block lists.
MM-9618 The Syslog service continued to retry sending and made excessive requests to the database when the target Syslog server refused connections. Fixed.
MM-9619 Usergroup pruning settings were not saved in the configuration backup. Fixed.
MM-9621 DMARC Reporting activity could consume excessive database connections. This issue has been addressed with changes to the connection logic.
MM-9622 The Management Console provides better information when a user cannot be logged on due to system error.
MM-9627 The message stamp and template editor used LF instead of CRLF for line endings. Email with this format is rejected by some servers. Fixed.
MM-9630 Addresses could not be added to user groups when duplicate group names existed in the list (for example, from multiple Connectors). Fixed.
MM-9636 Fields to select the single recipient address and "subscribed by default" were missing from the Management Console Digest configuration page. Fixed.
MM-9643 Certain plain text strings in message subjects were mis-interpreted as UTF-7 encoded in the Console display. Fixed.
MM-9644 Retrieval of Group information by the Management Console has been optimized.
MM-9658 The Management Console uses an updated version of the site framework.
  • Large lists such as email folder lists load more quickly.
  • List scrolling behavior on small windows and low resolutions is corrected.
  • Many small enhancements and minor fixes to functionality are included.
MM-9667 Management Console list columns with numeric data were sorted as text. Fixed: these columns are now sorted numerically.
MM-9672 Failed DNS lookups for A records would not be retried for 24 hours. Fixed: Lookups that fail for transient reasons can be retried after 1 minute.
MM-9675 The Receiver service no longer uses ANY queries when querying the Marshal IP Reputation Service.
MM-9702 When lists in the Management Console were filtered, action buttons could apply to the wrong item. Fixed.
MM-9737 Connection Policy groups could not be disabled. Fixed.
MM-9739 Management Console error messages related to deleting or disabling rules and groups are improved.
MM-9757 The release of TLS/SSL libraries included with the product has been updated.
MM-9779 Import of configuration could fail if it included rules created in some earlier versions that allowed duplicate GUIDs. Fixed.
MM-9782 The version of .NET Core installed is updated to the latest 3.1 (long term support) release.

10.0.1 (November 3, 2020)

MM-3361 Paged views of folders and history in the Console could miss items at the page boundary if they were received within the same second. Fixed.
MM-6288 Outgoing DMARC Report emails are now DKIM signed if DKIM is available for the domain.
MM-7029 The installer checks that requested website ports are available.
MM-7189 Management Console validation of rule user matching is improved (semi-colons are not allowed in email addresses).
MM-7194 Installation requires .NET 3.5 to be pre-installed (automatic installation in-line is not possible in supported Windows versions).
MM-7205 Entering a new license key requires commit of configuration, but the commit button was not enabled in this case. Fixed.
MM-7271 Un-installation now removes the Management Console and Config Service websites from IIS.
MM-7357 If configuration commit requires service restarts, the console user is notified. This notification was present in 8.X but was not available in 10.0.0.
MM-7411 Attempting to view a Message History record (with no message body information) could return an error in the Mail History view of the Console. Fixed.
MM-7534 Maintenance expiry is show on the license details page.
MM-7598 Version information ("About") is available in the Profile section of the Management Console.
MM-8477 When services restart, the Receiver service is started first to improve responsiveness where the Engine loads a large configuration.
MM-8632 DMARC results reported by MailMarshal for local domains were not sent to an external RUA. Fixed.
MM-8733 For MailMarshal Service Provider Edition installations, additional checking of the Customer ID is performed when a user attempts to view a message.
MM-8871 Logging could show an incorrect rule name for a Pass to Rule action if the action had been edited. Processing was not affected. Fixed.
MM-8875 If a MailMarshal 8.2 database is selected for use, User Group and Connectors information is checked. Groups must match the groups available in MailMarshal 10. If the groups do not match, the database will not be accepted.
MM-8876 When a new MailMarshal database is created in the server tool, user groups are populated from the Configuration Service database.
MM-8938 For MailMarshal Service Provider Edition installations, Receiver SPF checking for local addresses could cause some notification messages to fail. Fixed.
MM-8955 Status of manual configuration restore is better presented in the Management Console.
MM-8974 Upgrade is blocked if an invalid "pass to rule" action is found in the previous version configuration.
MM-8982 Scheduled automatic backups were run at the time entered even if the "back up at" option was not selected. Fixed.
MM-8993 Filtering in Message History and Folders views was not effective. Fixed. Note that filtering only affects the currently displayed page. To search over all messages use the message search.
MM-9027 Setting of the physical path for each folder is supported.
MM-9028 A "task was cancelled" message displayed if a manual check for updates took a long time. Fixed.
MM-9033 Management Console logs are deleted after 30 days by default.
MM-9042 For new installations or upgrades from 8.2, the Management Console SSL certificate matches the local server name.
MM-9043 In release 10.0.0, the Folders view of email did not open in certain timezones at certain times of day. Fixed.
MM-9044 In release 10.0.0, SQL Server 2017 or 2019 was not detected as a permitted version. Fixed.
MM-9093 The release of TLS/SSL libraries included with the product has been updated.
MM-9094 In release 10.0.0, rule user matching did not display the user list for editing when more than one individual user entry was present. Fixed.
MM-9122 In release 10.0.0, creating a user group with wide characters in the name or description returned an error. The group was created but the name was not correctly displayed. Fixed.
MM-9123 In release 10.0.0, the calendar control display in Mail History Search showed incorrect weekdays for dates. Fixed.
MM-9127 In release 10.0.0, some entries in Advanced Settings were incorrectly treated as case sensitive, and services could stop as a result. Fixed.
MM-9129 TLS version limits can now be set in Advanced Settings. For details see Trustwave Knowledgebase article Q21147. Upgrade now imports the settings made in Registry in version 8.X.
MM-9131 The version of .NET Core installed is updated to the current 3.1 (long term support) release.
MM-9132 Upgrade prerequisite checks could fail due to case sensitive checking of AD connector prefixes. Fixed.
MM-9136 An additional SQL table index is added for User Groups to enhance Array Manager performance.
MM-9146 Upgrade from 8.X could not proceed if the System account was the Operational User of the MailMarshal database and the logged on user did not have database access. Fixed.
MM-9147 Editing an IP group did not correctly populate the form and the group could not be updated. Fixed.
MM-9149 The installer checks availability of website ports.
MM-9156 To enhance performance on very busy systems, the maximum values for sender threads configurable in the user interface have been increased and the sender check for processed messages is more frequent.
MM-9181 In release 10.0.0, upgrade or import of connectors did not handle names or descriptions that included certain extended characters. Fixed: German and Nordic characters are supported.
MM-9189 In release 10.0.0, the last user group in the list in the Console could not be opened by double-clicking. Fixed.
MM-9200 In release 10.0.0, the display of the message component tree in the Console was incorrect for identically named children of different attachments. Fixed.
MM-9218 Rejected message records in the database did not correctly translate IPv4 addresses stored in the IPv6 column. Fixed.
MM-9221 In release 10.0.0, upgrade could un-populate membership of connector based groups. Fixed.
MM-9222 The database record for a message could show an incorrect subject where multiple messages were received on the same connection. Fixed.
MM-9249 In release 10.0.0, high ASCII characters in subjects and filenames did not display correctly in the Console. Fixed.
MM-9255 After upgrade to 10.0.0 on a single server system, virus scanner updates could fail because a copy of an old license key was not removed. Fixed.
MM-9261 In release 10.0.0, files named with certain characters could not be viewed or downloaded in the Console. Fixed.
MM-9264 The listing of Top Level Domains included in the installation is updated (used by Blended Threat rewriting, DMARC, and SpamSURBL functions).
MM-9306 The SpamProfiler cartridge (executable) included in the release has been updated.
MM-9326 On upgrade to release 10.0.0, configuration import failed if disabled rules referenced non-existent user groups. Fixed: the offending disabled rules will not be imported.
MM-9347 Deleted Management Console users can be undeleted on the Authorized Users page.
MM-9397 Connector refresh times were not correctly set on restart of the Array Manager (UTC offset not applied). Delay to the next refresh could result. Fixed.
MM-9430 The version of the PDF unpacker that is included in the installation has been updated.

10.0.0 (April 14, 2020)

MM-4077 Certificate Revocation List retrieval is improved: retrieval stops after the first successful download and information about failed sources is cached.
MM-5741 In SpamCensor attachment checking, search limits now allow ranges. Details are available in the Advanced Anti-spam document.
MM-6645 Category script evaluation was not performed on a RTF email body contained in "winmail.dat". Fixed.
MM-6685 In Category Scripts, TextCensor rules with a score of zero (used in combinations of rules) did not trigger. Fixed.
MM-6697 Specific complex email address local parts could cause the Receiver to stop. Fixed.
MM-6797 The Header Rewrite action "insert if missing" replaced an existing header value. Fixed: the action does not change an existing header.
MM-6847 Elliptic Curves "X25519" and "X448" are supported for key exchange. "secp256k1" is no longer supported because it cannot be used with TLSv1.3. At least one Elliptic Curve will always be selected in the Configurator. "X25519" is the default choice.
MM-6853 DMARC evaluation did not correctly check domain alignment of the DKIM or SPF pass. Fixed.
MM-6900 The REST API did not handle large volumes of concurrent requests. Fixed.
MM-7209 In version 8.2.3 and 8.2.4, the "last seen" date for user group entries was not updated as expected. Fixed.
MM-7280 In version 8.2.2 through 8.2.4, DMARC validation failed when SPF was validated but an invalid DKIM key was retrieved. Fixed.
MM-8439 The Category Script "filter by types" selection has been removed from the user interface.
MM-8919 DMARC report generation deleted unrelated configuration files from the Unpacking\Temp subfolder. In some cases the Engine service stopped as a result. Also, invalid DMARC report messages were never deleted. Both issues fixed.
MM-8921 Expired day folders within the DMARC Reports folder were never deleted. Fixed.

8.2.6 (December 22, 2020)

MM-6770 SEG supports verification of DKIM signatures signed with Ed25519-SHA256 (RFC-8463).
MM-8477 When services restart, the Receiver service is started first to improve responsiveness where the Engine loads a large configuration.
MM-8698 Some URL validation issues were not covered by the fix in MM-7191 (release 8.2.4). Fixed.
MM-8733 For SEG Service Provider Edition installations, additional checking of the Customer ID is performed when a user attempts to view a message.
MM-8757 In version 8.2.2 and above, DMARC validation failed when SPF was validated but an invalid DKIM key was retrieved. Fixed.
MM-8781 The cloud archiving service could stop delivering messages to the archive (messages were queued at the SEG server). Fixed.
MM-8823 When AD Authentication is used in the Receiver, the sender address can be validated against the user's email addresses retrieved from AD.
MM-8902 For SEG Service Provider Edition installations, the domain part of Reputation Service results is not shown in logs so that paid domain keys are not visible.
MM-8910 DMARC report generation deleted unrelated configuration files from the Unpacking\Temp subfolder. In some cases the Engine service stopped as a result. Also, invalid DMARC report messages were never deleted. Both issues fixed.
MM-8917 Expired day folders within the DMARC Reports folder were never deleted. Fixed.
MM-8938 For SEG Service Provider Edition installations, Receiver SPF checking for local addresses could cause some notification messages to fail. Fixed.
MM-8942 In version 8.2.3 and above, the "last seen" date for user group entries was not updated as expected. Fixed.
MM-9089 For SEG Service Provider Edition installations, DMARC can be evaluated even if the destination customer has not enabled DMARC.
MM-9102 The database record for a message could show an incorrect subject where multiple messages were received on the same connection. Fixed.
MM-9139 The TLS/SSL library used by SEG has been updated.
MM-9142 Removing child IP groups caused the Array Manager to stop. Fixed.
MM-9156 To enhance performance on very busy systems, the maximum values for sender threads configurable in the user interface have been increased and the sender check for processed messages is more frequent.
MM-9209 DMARC Reporting activity could consume excessive database connections. This issue has been addressed with changes to the connection logic.
MM-9218 Rejected message records in the database did not correctly translate IPv4 addresses stored in the IPv6 column. Fixed.
MM-9246 The REST API could not retrieve mail component files with specific characters in the file name. Fixed: the API call has been updated to use the POST method.
MM-9262 In SURBL category lookups, the domain part of Reputation Service results can be hidden in logs so that paid domain keys are not visible.
MM-9435 CRL lookups results are cached in memory for up to an hour to reduce load caused by extremely large CRLs.
MM-9449 The Syslog service continued to retry sending and made excessive requests to the database when the target Syslog server refused connections. Fixed.
MM-9456 If the directory referenced by the Cloud Archiving service was not present, messages for archiving were deadlettered. Fixed: the directory is re-created if necessary.
MM-9510 The Engine service experienced excessive memory usage and file handle usage in some circumstances. Fixed.
MM-9534 Usergroup pruning settings were not saved in the configuration backup. Fixed.
MM-9544 The Receiver service no longer uses ANY queries when querying DNS based block lists.
MM-9547 The Receiver service no longer uses ANY queries when querying the Marshal Reputation Service.
MM-9573 For SEG Service Provider Edition installations, temporary files for messages that were split based on recipients were not deleted in some cases. Fixed.
MM-9567 The Syslog service could stop due to a race condition when invoked from multiple threads. Fixed.
MM-9569 User group pruning did not delete entries containing upper case letters. Fixed.

To review Release History prior to version 8.2.6, please see the Release Notes for the specific versions.

Legal Notice

Copyright © 2024 Trustwave Holdings, Inc.

All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.

The authors make no representation or warranties with respect to the accuracy or completeness of the contents of this document and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the author nor Trustwave shall be liable for any loss of profit or any commercial damages, including but not limited to direct, indirect, special, incidental, consequential, or other damages.

Trademarks

Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.

About Trustwave®

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.