SmarterMail Build 9540

Tweet

Build 9540

• IMPORTANT: [SECURITY] Changed how the command-line is utilized across various areas.
• Added: [HA] Trusted Senders are now synchronized across a split domain.
• Added: SmarterMail codebase is now obfuscated.
• Changed: [HA] [HUB] Improved handling of impersonate and manage node errors when pop-ups are blocked by a browser.
• Fixed: [HA] [HUB] Impersonating from the accounts grid gives a 401 error.
• Fixed: [HA] [HUB] When logging into a hub you will sometimes see a `Fetch Error` instead of the server health grid details.
• Fixed: [HA] An issue where certificates can fail to renew for a cluster.
• Fixed: [HA] An issue with TypeNameHandling.
• Fixed: An EWS push notification issue.
• Fixed: An issue where a user is logged out when opening the Reports area.
• Fixed: An issue where authenticated users could have the server issue an HTTP request to an arbitrary URL.
• Fixed: An upgrade from SmarterMail 15.x to latest fails to detect existing XML configuration files.
• Fixed: Certain HTML messages Do not Render Correctly in Webmail.
• Fixed: Checking 2FA code is not thread safe.
• Fixed: External document servers (e.g., Collabora) fail to load files in email attachments but work for File Storage files.
• Fixed: SmarterMail's EXAMINE implementation does not comply with RFCs (IMAP).
• Fixed: SmarterMail's EXAMINE implementation for IMAP does not comply with RFCs.
• Fixed: Successfully used 2fa tokens are not always cleared from memory correctly.
• Fixed: Successfully used 2FA tokens are not always cleared from memory correctly.
• Fixed: Users can get logged out of webmail intermittently.
• Fixed: Using TAB to move cursor when composing new message in webmail is off.
• Security: [HA] Fixed a potential JSON deserialization issue.
• Security: Added access restrictions to a system with compromised RSA key.
• Security: Added the ability for system administrators to add IP restrictions for all APIs.
• Security: APIs now follow blacklist/whitelist restrictions for all scope levels.
• Security: Hardened various protocols against complex memory exhaustion issues.
• Security: Hardened various syncing protocols against complex entity expansion issues.