Version 5.6.2

Release dateScope
August 8th, 2022MetaDefender Email Gateway Security 5.6.2 is a maintenance release focusing on minor improvements and fixes.

New & improved

Managing support packages through GUI

Email Gateway Security support packages can now be generated and downloaded through the Web Management Console GUI. Using the Web Management Console, support packages can be downloaded through a web session, no direct access is needed to Email Gateway Security's file system.

For details see How to generate support packages.

Disclaimer variable of blocked attachments

A new disclaimer variable has been introduced that lists the file names of blocked attachments.

For details see Disclaimer variables.

Customizable quarantine report schedule

Hourly and daily quarantine reports can be configured which minute of each hour or what time on each day the quarantine report is to be assembled and sent.

For details about quarantine reports see Quarantine reports.

For details about the schedule customization see Registry configuration.

Untitled attachments get correct extension

Some email clients add attachments to emails (e.g. calendar invites) with no file name at all. Under special conditions these unnamed attachments can cause file type mismatch - and are blocked - in MetaDefender Core.

To avoid such situations, Email Gateway Security will fabricate a file name with correct extension (e.g. [Unnamed attachment].ics in case of a calendar invite) before passing these unnamed attachments to Core.

Changed

Delivering processed blocklisted files

When Enable processing of blocklisted files was on in the Core side rule, then the attachment was delivered, even if the attachment file type was blocklisted.

Now, if the attachment is blocklisted, then it gets blocked in any case.

Attachments with no file extension

Previously attachments in emails without a file name extension got the MIME Content-Type: application/octet-stream. This could lead to email clients adding unexpected extensions to the attachment files (e.g. .dat extension).

Now Email Gateway Security determines the MIME Content-Type based on the file type the attachment was converted to by Deep CDR (when there is a conversion). This way there is a lower chance for unexpected file extensions.

Fixed

Alert emails generated in a recursive loop

Alert emails MetaDefender Email Gateway Security alert: SMTP relay refused email were generated in a loop when no server profile was configured for Alerts & Reports.

Incorrect session timeout validation

Session timeout validation allowed too large values causing users potentially being locked out.

The validator is changed now to allow the maximum value to 1 day (86400000 ms).

Filenames triggered Safe URL Rewriting

File names with extension (and other cases where there was no whitespace ahead a dot character) were misinterpreted by the parser as URLs and Dynamic Anti-phishing (URL rewriting) was applied on them.

Disclaimers appended to attachments

Due to a bug in the MIME parser, in certain cases disclaimers were appended to text file attachments.

The link editor of the disclaimer editor opened in the background rendering impossible to edit links.

Outbound rules marked as inbound

In the Quarantine, rules (even outbound ones) were always marked as inbound.

Updated

ComponentVersion
OpenSSL1.1.1p
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard