Release notes for Symantec Mail Security for SMTP 4.1.2 through 4.1.16
|Article:TECH83225|||||Created: 2005-01-11|||||Updated: 2011-02-09|||||Article URL http://www.symantec.com/docs/TECH83225|
This page contains the public release notes for Symantec Mail Security for SMTP 4.1.2 through 4.1.15.
Release notes for Symantec Mail Security for SMTP 4.1.2 through 4.1.16 This page contains the public release notes for Symantec Mail Security for SMTP 4.1.2 through 4.1.16.
Symantec Mail Security for SMTP 4.1.16 build 48 Symptom: Incomplete quarantine entries cause interference with other submissions. Solution: Modified the check for incomplete quarantine entries prior to saving the data. Symptom: Heavy load may cause Solaris to make multiple attempts to delete a message. Solution: Limited number of message deletion attempts.
Note for Windows users with Symantec AntiVirus Corporate Edition: If you run Symantec AntiVirus Corporate Edition version 188.8.131.520 or earlier, you may see spurious virus alerts as Symantec Mail Security for SMTP processes email. To resolve this problem, upgrade to Symantec AntiVirus Corporate Edition 10.1.5.5000-17 or later. You should only need to exclude the Symantec Mail Security for SMTP queues directory from scans by Symantec AntiVirus Corporate Edition.
Notes for Solaris users:
ln -s /opt/SMSSMTP/bin/jlu.jar /opt/Symantec/LiveUpdate/jlu.jar
Note for all users:
Symantec Mail Security for SMTP 4.1.15 build 47
Symptom: Symantec Mail Security for SMTP marks files from Symantec AntiVirus CE that are destined for the quarantine server as malformed.
Solution: Modified release notes text, adding a note for Windows users running Symantec AntiVirus Corporate Edition that recommends upgrading to version 10.1.5.5000-17 or later. No change was made to Symantec Mail Security for SMTP 4.1.
Symptom: A specific partial message was being handled incorrectly.
Solution: Corrected processing in the decomposer to correctly display the message partial error.
Symantec Mail Security for SMTP 4.1.14 build 46
Symptom: Provide a method to disable the update of Heuristic SPAM definitions.
Solution: Created a variable for the SMSSMTP.cfg file that inhibits LiveUpdate of Heuristic spam definitions when set to '1'. To disable the update add the value "HeuristicSpamDisableUpdates=1" to the SMSSMTP.cfg file and restart the service. To re-enable LiveUpdate for Heuristic spam definitions, completely remove the "HeuristicSpamDisableUpdates=1" value and restart the service.
Symptom: Particular Korean encoded email caused thread to stop processing.
Solution: Corrected processing code to add bytes to the end of a string when an encoded DBCS language is encountered that extends beyond the allocated buffer size.
Symptom: Scan error with specific simplified Chinese character in subject line.
Solution: Added the corrected value for this particular character.
Symptom: Particular file consumed CPU cycles.
Solution: Corrected processing code to not delete data that is not yet instantiated.
Symptom: Symbols are not present in deliverable builds.
Solution: Added debug symbols to deliverable builds.
Symptom: Multiple failed login alert messages.
Solution: Corrected the count for issuing subsequent alerts for invalid logins.
Symantec Mail Security for SMTP 4.1.13 build 45
Symptom: Enhancement request to limit extract time to 60 seconds and deliver mail if the time container limit is disabled.
Solution: Changed code to limit maximum extract time to 60 seconds and hold email instead of dropping when container limit disabled.
Symptom: SPAM file buffer overflow cause when JIS ending escape sequence missing
Solution: For Japanese encoded subjects, a check is made to verify the ending escape sequence is JIS. If the sequence is missing an attempt is made to convert the string by SHIFT JIS. Failure of conversion is logged to the original undecoded subject as ASCII.
Symantec Mail Security for SMTP 4.1.12 build 43
Symptom: Only the log in page is sent by HTTPS protocol when in secure mode
Solution: Log in page now correctly transmits by HTTPS when in secure mode. A security modes change requires the restart of the service. Flush the browser cache.
User Int: Symantec logo shows in address field of browsers.
Message: When a change is made to security settings a message shows. The message is "Changing security settings requires the application be restarted."
Symptom: Program blocks email even when container limits disabled.
Solution: A Checkbox is added for container limits. If the no check is in the box, messages are delivered regardless of depth. No warning is displayed and deliveries can result in viral email delivery.
User Int: Text added which recommends users do not disable container limits. For existing installations, uninstall the product and reinstall to display the disclaimer in the Web interface.
Symptom: Content filtering fails for specific characters
Solution: Upgraded CSAPI
Symptom: Specific Chinese glyphs cause subject line block problems
Solution: Upgraded CSAPI
Symptom: Bogota time is incorrect
Solution: Changed default time for Bogota to GMT -4 so time is not subject to daylight savings time.
Symptom: Sydney time is incorrect.
Solution: Changed default time for Sydney. Sydney no longer subject to daylight savings time.
Symptom: Add configurable delay time to delivery of message delivery failure notifications
Solution: Change to code to add option "DelayDeliveryFailureNotification" to SMSSMTP.cfg file. Set the delivery time by setting the "DelayDeliveryFailureNotification" to a number of seconds. The seconds must be less than 5 days.
Symptom: Installation of product fails for Microsoft Windows Server 2003 R2
Solution: Modified install script to allow installation of Microsoft Windows Server 2003 R2
Symantec Mail Security for SMTP 4.1.11 build 41
Symptom: Enhancement request, extend programs ability to detect malformed containers.
Solution: Upgraded CSAPI and decomposer.
Symptom: RAR file decompression can result in buffer overflow.
Solution: Upgraded CSAPI and decomposer
Symptom: Malformed MIME sample will "Drop" when Scan Policy is set to "Hold, Drop or Deliver."
Solution: Corrected checks, so email with scan errors is placed in the Hold queue.
Symptom: Program blocks email despite disabling container limits.
Solution: Added code to check the on or off check box for container limits. If the container limit box is not checked, email is delivered regardless of depth. No warning is displayed. This may result in potentially viral email being delivered.
User Interface: Added text recommending users do not disable container limits. Customers will need to uninstall product and reinstall the product to see the disclaimer on the web interface.
Symptom: Deletion of certain non-RFC compliant "X-" headers results in excessive CPU utilization.
Solution: Deleted noncompliant "X-" headers.
Symptom: "Suspect message" alerts can be sent out more than once if Symantec Mail Security for SMTP is stopped and restarted.
Solution: Added additional notifications to limit number of alert messages sent when email reprocessed.
Symptom: Message-Partial and Malformed-Containers are processed differently from earlier versions of Symantec Mail Security for SMTP.
Solution: Message-Partial and Malformed-Containers processing corrected and re-enabled.
Symptom: Specific block string is incorrectly blocking specific email.
Solution: Updated Japanese processing of wild cards.
Symptom: Extremely long specific subject line block string is not blocking email
Solution: Updated Japanese glyph processing.
Symptom: Container open error.
Solution: Corrected processing for HTML section of email
Symantec Mail Security for SMTP 4.1.9 build 35
Note: This build of Symantec Mail Security for SMTP uses Openssl version 0.9.7g
Symptom: Entries in the whitelist are processed incorrectly.
Solution: Changed processing to ensure whitelist entries are not scanned by the Spam detection engines.
Symptom: Alerts sent on every rescan of files placed in the hold queue.
Solution: Added processing to limit the number of alert messages actually sent when files reprocessed.
Symptom: Duplicate subject lines appear in logs and alerts and email is not processed correctly.
Solution: Changed processing of JIS to UTF-8 so subject line is fully processed without duplication.
Symptom: Extension blocking of encoded Japanese files is inconsistent.
Solution: Changed processing of JIS to UTF-8, so file name is fully processed.
Symptom: Delivery failure notification headers do not contain a DATE field.
Solution: Added the Date field to email notifications.
Symptom: Custom Blacklist does not work correctly.
Solution: Changed processing to determine which entries in the list need examined.
Symantec Mail Security for SMTP 4.1.7 build 33
Symptom: Scan errors received on various files.
Solution: Upgraded decomposer 3 to version 12 'U'
Symptom: Certain email subjects are not being blocked.
Solution: Upgraded to CSAPI 184.108.40.206 that corrected the scanning of wild card characters in subject blocking.
Symptom: Scan Errors produced with subject line blocking of wild card characters.
Solution: Upgraded to CSAPI 220.127.116.11 that corrected the scanning of wild card characters.
Symptom: SMTP is not FIPS compliant.
Solution: Re-compiled the OPENSSL library package integrated into SmsSMTP (version 0.9.7g) to enable FIPS. The package version will be
tracked in the header of this file.
Symptom: Inconsistent reporting of file names in the detailed report.
Solution: The detailed report will no longer display the path name.
Symptom: Administrator notifications need Connection From <IP address> to differentiate potentially 'spoofed' From addresses.
Solution: Added 'Connection From: <IP address> to the MSGINFO metatag. The line 'Connection From: ###.###.###.###' will appear in
administrator notifications that utilize the MSGINFO metatag.
Symptom: A virus in a specific malformed email virus was not detected.
Solution: Changed processing to allow the program to continue processing after determining that a particular message is malformed.
Symptom: Time setting for Brisbane is incorrect.
Solution: Changed the time so that Brisbane is GMT+10.
Symantec Mail Security for SMTP 4.1.5 build 31
Symptom: Scan status message dispositions re-evaluated.
Solution: Updated program, added m_ReScanFile to handle results.
Symptom: Certain combination of JIS strings in the Subject may result in excessive CPU utilization.
Solution: Update program to check for end of JIS.
Symptom: Desktop anti-virus would present alerts on viruses during SMS SMTP email processing.
Solution: When Symantec AntiVirus Corporate Edition 9 installed upgraded to version 9.0.4.
Symantec Mail Security for SMTP 4.1.4 build 30
Symptom: Certain combinations of strings in Spam rules may not be detected.
Solution: Updated code to search content starting with the first character of each keyword in the rule.
Symptom: Certain mail files are not having notification or disclaimer text added.
Solution: Updated code to add disclaimers and notifications according to RFC 2183. If email does not conform to RFC 2183, no disclaimers or notifications sent.
Symptom: Symantec Mail Security SMTP service would not restart if the Cert.pem file is not downloaded to the system during initial installation.
Solution: Updated code to return appropriate errors after determining if the license is valid but Brightmail scanner failed to register.
When installing Premium Anti-Spam, if the Cert.pem file is not downloaded correctly and placed in the following location:
<installed directory>\csapi\BMI\etc\ directory
A scan error for every email will be placed in the log file when the Cert.pem is not downloaded correctly. Users should restart the service, allowing the Heuristic Anti-Spam engine to enable. Contact their technical support representatives for environmental analysis if the file did not download and install correctly.
Symptom: Subject block fails when the subject: field contains multiple UTF-8 encoding sections.
Solution: Updated code to correct Subject block failures when subject field contains multiple UTF-8 encoding sections.
Symptom: Messages dropping after content scan error.
Solution: Code updated to change the default disposition from drop to deliver on scan errors when scanning for content.
Symptom: Remove confusing phrase concerning foreign OS's from README.
Solution: Updated READEME text file.
Symptom: The delivery failure notification report implies that mail for all recipients mail failed.
Solution: Code update to Delivery Failure Notification message to report only recipients whose mail failed to be delivered.
Symptom: Subject lines with multiple encoding fail to be displayed properly in reports.
Solution: Code changed to correct subject line multiple encode failure.
Symptom: Recipients do not receive notification of dropped emails when mass mailers have been detected.
Solution: Updated code, adding receiver notification in the event of a mass mailer.
Symantec Mail Security for SMTP 4.1.2 build 20 Windows Only
Symptom: All messages are dropped with "Invalid Premium AntiSpam scanner license" error after installing license for Symantec Premium AntiSpam and restarting the Mail Security service.
Solution: Messages will no longer be dropped due to an invalid license. If spam is being delivered and the license error is present in the logs, an administrator should clear out all old license files and install new licenses.
Symptom: Scan error number no longer logged in the Index.txt file.
Solution: A design change to the program renders numeric scan errors obsolete. The Index.txt file will no longer be generated. Scan error information is now located in the log file.
Symptom: Display of "Subject" entry is not consistent in the GUI (graphical user interface).
Solution: Added "Optional" to GUI Filtering policy page.
User Interface: "Subject: (optional)" on the Filtering Policy Content page.
Symptom: Display of text "Email" is not consistent in the GUI.
Solution: Made "Email" consistent.
User Interface: Changed to "Email Address:" on the Certificate Management page.
Symptom: The status page does not report Spam Quarantined.
Solution: Changed processing and the displays to differentiate between virus and Spam Quarantine.
User Interface: The user interface now displays "Spam Quarantined" on the Summary report page. Viruses quarantined and Spam quarantined displays on the Status page.
Symptom: The encrypted container notification setting is confusing.
Solution: Changed display to read "detected" SMS SMTP does not alter an encrypted container.
User Interface: Change now displays text "Encrypted container detected or deleted."
Symptom: Domain routing list matches are case-sensitive.
Solution: Removed case sensitivity. Domain routing lists are no longer case-sensitive.
Symantec Mail Security for SMTP 4.1.16 build 48
Symptom: Incomplete quarantine entries cause interference with other submissions.
Solution: Modified the check for incomplete quarantine entries prior to saving the data.
Symptom: Heavy load may cause Solaris to make multiple attempts to delete a message.
Solution: Limited number of message deletion attempts.
Article URL http://www.symantec.com/docs/TECH83225