Release Notes for Symantec Mail Security 4.0.1 for Microsoft Exchange, builds 456 through 465

Article:TECH81649  |  Created: 2003-01-16  |  Updated: 2013-10-22  |  Article URL http://www.symantec.com/docs/TECH81649
Article Type
Technical Solution


Environment

Issue



This document contains the release notes for Symantec Mail Security 4.0 for Microsoft Exchange inline release build. This document is written so that the most recent product builds will be added to the beginning of the document.


Solution



Symantec Mail Security 4.0.1.465 for Microsoft Exchange

Symptom: Updating virus definitions may crash Exchange Information store process when Symantec Mail Security and Symantec AntiVirus Corporate Edition installed.
Solution: Updated code to correctly interface between the two Symantec products.

Symptom: Symantec Mail Security for Microsoft Exchange folders need to be excluded from Symantec AntiVirus Corporate Edition Auto-Protect scanning.
Solution: Documented this requirement in Readme.txt file.

Symptom: Manual and scheduled scans can't list mailboxes for users from child domains or other domains when installed on a non-global catalog server.
Solution: Updated code to correctly query on mailbox users within entire organization.

Symptom: Remove support for LiveUpdate Decomposer functionality.
Solution: Removed functionality from product.

Symptom: Server installation fails when Cdoex.dll is not present or unregistered.
Solution: Updated code to allow installation to complete successfully.

Symptom: Error: "Insert disk 1" appears when running reinstall.bat from removable media when upgrading from an older version of Symantec Mail Security 4.0.x for Microsoft Exchange
Solution: Updated code to correctly handle error.

Symptom: LHA buffer overflow vulnerability.
Solution: Updated Decomposer.

Symptom: Address Denial of Service vulnerability from specific file.
Solution: Updated Decomposer


Symantec Mail Security 4.0.1.463 for Microsoft Exchange

Symptom: Certain malformed MIME messages can hang SMSMSE scanning.
Solution: Code modified to avoid hang.

Symptom: SMSMSE did not detect violations in email sent from Outlook Express when Opaque digital signature used.
Solution: Update decomposer. SMSMSE processes Opaque digital signatures correctly.

Symptom: When content score violation found, SMSMSE report did not report the score of the violation.
Solution: Content store report now includes content score violation.

Symptom: SMSMSE store content filtering rules may not apply on messages sent from Outlook 2003 when in "Cached Exchange Mode." This mode is the default for Outlook 2003.
Solution: Store content filtering rules now applied correctly.

Symptom: Request LiveUpdate v1.8 updated to LiveUpdate v2.0.
Solution: Updated to LiveUpdate v2.0. Updated Readme to reflect changes in LiveUpdate install.

Symptom: In a mixed mode environment of Exchange 5.5 and Exchange 2003, SMSMSE store content filtering rules may not apply to messages routed from Exchange 5.5 server.
Solution: Store content filtering rules now applied correctly.

Symptom: Settings updated from the SMSMSE Console may cause long period of high CPU usage on a SMSMSE server.
Solution: Improved the server settings update process to reduce the period of high CPU usage on SMSMSE server.

Symptom: Set the default of Enable Decomposer Update to disable and remove the warning when option disabled by users.
Solution: Disabled this option as default and removed warning.

Symptom: The EXE engine configuration caused unscannable files on clean EXE files.
Solution: Removed the EXE engine and related option MaxCompressedEXESize from product.

Symptom: Log ambiguous user names when ambiguous results returned from user name resolution.
Solution: Ambiguous users now always logged when ambiguous results returned. This information logged to the debug view output.

Symptom: Update Readme.txt to reflect change to Symantec license files. These files are now in a compressed ZIP format.
Solution: Updated Readme.txt


Symantec Mail Security 4.0.1.461 for Microsoft Exchange

New fixes and enhancements

Symptom: This problem can occur when using Symantec Mail Security with Exchange 2000 or 2003.
Solution: Changed the product behavior to avoid resolving duplicated display names. As a result of this change, heartbeat functionality may not succeed in a mailbox if that mailbox has an identical display name as another user in the Active Directory. When performing a manual or scheduled scan with AutoProtect enabled on such mailboxes, AutoProtect policy is applied on the scanned items even if a different policy is specified for this scan.


Symantec Mail Security 4.0.1.459 for Microsoft Exchange

New fixes and enhancements

Symptom: Manual and scheduled scans can't display more than 1000 mailboxes on Windows 2000 server or 1500 mailboxes on Windows 2003 server.
Solution: Use ranged retrieval to retrieve all mailboxes from Active Directory.

Symptom: Large recipient lists can exceed product limits and cause SAVFMSESP process to crash. As a result email messages may not be delivered to users in certain environment.
Solution: Truncate the recipient lists to avoid exceeding product limits.

Symptom: Symantec license files violate the suspicious attachment rule.
Solution: Modified code to avoid this issue.

Symptom: PowerPoint extension PPS files violate the suspicious attachment rule.
Solution: Modified code to recognize PPS as PowerPoint extension file.

Symptom: Enhancement: utilize the delete entire message capability in Exchange 2003 (VSAPI 2.5).
Solution: Modified code to utilize this feature provided by VSAPI 2.5. After this change, product should be able to delete violating messages reliably on Exchange 2003 server. It may also result in improved product performance when running on Exchange 2003.


Symantec Mail Security 4.0.1.458

New fixes and enhancements

Symptom: When you use reinstall.bat to reinstall the SMS for Exchange console, a reboot is required.
Solution: Changed the code to unregister the old component DLL, allowing the installer to remove it.

Symptom: Unscannable message errors on clean text and Microsoft Office files.
Solution: Decomposer was upgraded to avoid false positives when scanning text and Microsoft Office files.

Symptom: Files with the extension LZH reported as unscannable.
Solution: Updated the decomposer.

Symptom: Match lists created by the customer stop working. Event logs report errors resolving user names. This is not a problem with the Match List itself but a problem with using the "Unless Sender Equals or Contains" expression in a filtering rule.
Solution: Code was updated to resolve ambiguous user names correctly.

Symptom: Messages violating content filter rules with action of Delete entire message are not deleted. Event logs report errors in resolving user names.
Solution: Code was changed to correctly delete messages, resolve user names, and handle special characters in the Subject line.

Symptom: During the upgrade of the SMS for Exchange console from 3.0 to 4.0, when selecting use product default settings, the installation fails.
Solution: Modified the installation scripts to apply user input correctly.

Symptom: The SMS for Exchange console fails to push virus defs to a Windows 2003 server when WebDAV is disabled.
Solution: Changed the code to use HTTP Post to move virus defs to Windows 2003 server.

Symptom: The SMS for Exchange console does not push license files to a Windows 2003 server when WebDAV is disabled.
Solution: Changed the code to use HTTP Post method to move license files to Windows 2003 server.

Symptom: SMS for Exchange SMTP filtering fails on Cluster servers.
Solution: Changed outbound virus scanning to use the cluster virtual server name and changed SMTP filtering to not depend on this check any more.

Symptom: SMS for Exchange uses invalid application pool designator when installing to Windows 2003 servers.
Solution: Modified the install scripts to specify the application pool correctly.

Symptom: The SMTP sink deletes clean messages with empty subject line.
Solution: Code was changed to only delete messages violating content filtering.

Symptom: Quarantined message attachments are not released to multiple recipients when Release by Mail is selected.
Solution: Modified the code to release message to all recipients in the To: field of the original message.

Symptom: Message with a repairable macro virus treated as unrepairable.
Solution: Code was changed to process repairable Macro virus correctly.

Symptom: In some situations on Exchange 2003, sender email addresses are reported in LegacyExchangeDN format.
Solution: Code was changed to convert sender email address from LegacyExchangeDN format to standard SMTP format.

Symptom: Memory usage in SAVFMSESJM increases.
Solution: Corrected the memory leak in SAVFMSEJM process during refreshing of server mailbox and public folder lists.

Symptom: Memory usage in SAVFMSECTRL process increases.
Solution: This problem occurs with Windows 2000 SP 3. To resolve upgrade to Windows 2000 SP 4.

Symptom: PowerPoint file crashes the decomposer in SMS for Exchange. SMS for Exchange reports the file as unscannable.
Solution: Updated the decomposer.

Symptom: When the SMS for Exchange service is down, the SMTP event sink still attempts to scan messages.
Solution: Code was changed to have the SMTP event sink check the SMS for Exchange service and immediately report when service is down.


Symantec Mail Security 4.0.1.456 for Microsoft Exchange

New fixes

Symptom: When using the “Delete entire message” action, Inetinfo causes a slow down of a server. The slow down of server may result in a failure.
Solution: Changed the code to correctly manage the message deletion queue and improve the message deletion speed.

Symptom: SMS for Exchange service could not start when installing to Windows 2003 or Exchange 2003.
Solution: Updated to MSXML 4.0 service pack 2.

Symptom: Plain text email reported as Unscannable Message body.
Solution: Code changed, set MIMEFuzzyMainHeader option to 0. This change solves many unscannable issues. Some unscannable message bodies still exist if text appears to be MIME format and cause a false positive detection.

Symptom: Some matchlists were not saved with certain encoded characters in the filter section and list created from the MMC console.
Solution: Matchlist created from the MMC console correctly saves when using encoded characters &, <, >, ‘, and “.

Symptom: The Worm Virus rule is not enabled by default.
Solution: Changed the code to enable Worm Virus rule as default upon install or service start for server and console.






Legacy ID



2003091617013654


Article URL http://www.symantec.com/docs/TECH81649


Terms of use for this information are found in Legal Notices