New Available Build Notification (77754)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, Spam Experts.

What’s new this week:

Front-End:

We have extended the “sub admin” functionality that we recently added, so that it is more flexible.  Rather than an all-or-nothing option, you may now grant or deny each individual admin the ability to create their own admin users.  In the “Edit” page for each admin, you’ll find a new “Allow sub-admins” option, with three choices: “allow” (allow the admin to have sub-admins), “deny” (do not allow), or “default” (use the server default setting).

The default choice is controlled by a new option on the “Server Settings” page, called “Auto-enable sub-admins for all admins”.  If you tick this box, then all the admins that are set to use the default will have the ability to create their own admins, and if the box is not ticked, then only those admins that have “Allow” selected will be able to create admins.

Changelog:

Filtering (services):

  • TLS certificate verification has been re-enabled (#22804)
  • The local part of an email address (‘sam’ in ‘[email protected]’) is specified as being case sensitive.  However, many systems treat it as case in-sensitive.  There are new API methods to control whether the local part is treated as case sensitive or insensitive.  Note that the default is case insensitive, which is a change from previous behavior. (#20581)
  • The “block hidden executables” setting now uses the same default system as other settings, where new domains will start with the “use the default” setting, rather than the option disabled (#22817)
  • Improvements to the efficiency of migrating log entries (#19970)
  • The api_delivery_queue() and api_outgoing_delivery_queue() API methods now support paginated requests (#18406)
  • The IP whitelist/blacklist API methods now support paginated requests (#18406)
  • Improvements to the encryption mechanism in archiving (#11813)
  • The API method api_list_domains() is now able to filter the list of domains that are returned, and supports pagination.  There is also a new API method api_count_domains() (#21102)

Front-end / GUI:

  • Added the ability to get `recipient error` details for more than just the previous two days (#19372)
  • Resolved issue with column alignment in Outgoing IP whitelist page (#22935)
  • Resolved issue with domain ordering via ‘Upload CSV file’ option (#22946)
  • Updated text when creating Software API users via the Software API user page (#22810)
  • Force lowercase username argument of the emailusers/add method (#22707)
  • Add support for sub-admins reseller list with ‘/api/reseller/list/’ (#22247)
  • Hide deprecated calls from Spampanel API help (#21005)
  • Expanded permission system to allow granular access to create sub-admins (#22186)
  • Changed title description for add and edit pages at super-admin, domain and email level (#22811)
  • Resolved issue with `Could not retrieve the Archiving REST API` Reference (#22750)

Plugins & Integration tools:

  • cPanel: Resolved issue with 2 SpamExperts links in X3 theme (#22822)
  • cPanel: Resolved issue with `Use IP as destination route` option (#22936)
  • cPanel: Resolved issue with ‘per-package’ enable/disable option (#8038)
  • cPanel: Added allowance for 4 MX records within configuration (#14588)
  • cPanel: Optimized domain refresh list with AJAX (#14589)
  • cPanel: Resolved issue with 2 SpamExperts links showing in X3 theme (#22822)
  • cPanel: Resolved issue with SpamExperts icon not shown in X3 theme (#22834)
  • cPanel: Resolved issue Paper Lantern theme not using the custom branding set in WHM (#22825)
  • cPanel: Resolved issue with SpamExperts branding shown in title bar for whitelisted add-on installation (#22867)
  • Plesk: Resolved issue with UI updater (#22923)
  • Plesk: Resolved issue with `Use IP as destination route` option (#22936)
  • Plesk: Added allowance for 4 MX records within configuration (#14588)
  • Plesk: Optimized domain refresh list with AJAX (#14589)
  • Plesk: Resolved issue with SpamExperts branding shown in title for whitelisted add-on installation (#22867)

For more information, please do not hesitate to contact us.

 


New Available Build Notification (75122)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, Spam Experts.

 Filtering (services):

  • Adjusted the warning output by the api_set_update_day_and_time() API call when a server in the cluster cannot be reached is now prefixed by “WARNING:” (#22633)
  • It is now possible to use encryption with the “S3” archiving storage backend (in addition to the encryption that Amazon adds) (#22346)
  • You can no longer set your cluster to update between Tuesday 10:00 and Wednesday 08:00 UTC (#22641)

Front-end / GUI:

  • Adjusted the error message when messages are not trained via IMAP (#22557)
  • Resolved issue with the graphs showing incorrect time frame information in the domain statistics page (#22600)
  • Removed the “View Logs” page from the interface. This is for internal use only (#22578)
  • Resolved issue with the domains pending transfer not being visible from the “from other admins” list (#22614)
  • Resolved issue with camel-case email users, when bridge-login was being used (#22707)
  • Resolved issue with `Failed to add domain` message when adding domain via SpamPanel API, even if domain stil gets added (#22734)
  • The “Now” option when selecting the current time in Log Search was removed (#22374)
  • Updated SpamPanel API to use `admin` instead of `reseller` (#22642)
  • Resolved issue with “Archiving API response size is exceeding the allowed limit” by increasing the Archiving API response size limit (#22672)
  • Resolved issue with searching archived messages for a longer time period (#22670)
  • Resolved issue with Archive Search returning Invalid Dates error message (#22702)
  • Optimized email preview page when using Email Archiving (#21809)
  • Added SpamPanel API support for setting the Archiving Quota (soft/hard) for admins(#21994)
  • When the archiving product is added/removed, reflect that in the archiving settings (#21024)

Plugins & Integration tools:

  • Resolved issue with backward compatibility with the Paperl Lantern theme in older versions of cPanel (#22354)

Email Archiving (services):

  • Retrieving the space used from the archiving API will now be significantly faster (#19005)

In case you have items you would like to discuss in more detail, please inform support and these topics will be included in the next quarterly CTO webinar.

For more information, please do not hesitate to contact us.

 


New Available Build Notification (76354)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, Spam Experts.

 Admins are now called “super admins”, and Resellers are now called “admins”:

With the introduction of sub-resellers recently, and the launch of our Reseller business model, we’ve decided to change the “reseller” naming in our control panel. As we’re exposing more and more features at the old “reseller” level, that were formerly only accessible to the administrator on the Local Cloud, the following name changes will take effect as of this update:

“administrators” become “super administrators”
“resellers” becomes “administrators”
“sub-resellers” become “sub-administrators”
“sub-administrators” can have “sub-administrators”

Nothing will change in terms of functionality. We’re just improving the naming, so there is no confusion with the “reseller” business model. At the same time we are working on exposing as many “administrators” features as possible at all levels.

Manually locking an outgoing user ‘identity’:

If you have configured your outgoing filtering to identify end users (e.g. via a header or the envelope sender), then you can now use the api_lock_outgoing_identity() and api_unlock_outgoing_identity() Software API calls to manually lock a specific “identity” from being able to send more outgoing messages. For example, you may already be receiving one of the reports we offer indicating which of these users are attempting to send out spam, or perhaps you’re getting that information from a log search in the web interface/API or by processing the automatic ARF reports. You can now immediately act on this information by locking the problematic identity (either automatically by hooking in the API call into your systems, or manually), so that they aren’t able to do any more damage while you contact them to resolve the problem.

We are working on adding in the full automated locking system at the ‘identity’ (end user) level, as well as other improvements around this area and in providing even more information about which of your users are causing the most problems. However, this should be a very useful first step if you have been unable to block the users with the existing functionality.

Email user level sender whitelist and blacklist:

Although it has always been possible to whitelist or blacklist a specific sender for all recipients at a domain, it’s sometimes useful to be able to do this whitelisting or blacklisting only for specific recipients (e.g. only for [email protected]), and this is something that end users are often interested in doing.  We have added the ability to create such whitelists and blacklists at the end-user level, this is available directly from the Software API now. We will be adding this functionality to the web interface as well in a future update. Please note that it’s generally not recommended to overrule the automatic filters with such custom whitelists, as spam may be received when spammers spoof the sender address and match a whitelisted entry.

Changelog:

Filtering (services):

  • Added whitelist or blacklist sender API at the incoming email address level, not just the domain level (#22073)
  • The api_count_messages() and api_count_outgoing_messages() API calls now support sorting and pagination when the “group by” option is used (#22270)
  • Resolved issue with the number of running / sleeping processes shown for each server with the status call (#22503)
  • A new API method, api_add_delivery_domain() has been added, which works like api_add_incoming_domain but has JSON arguments and response for easier integration into upstream systems
  • Resolved issue with incorrect Message-ID key returned when using api_find_messages and api_find_outgoing_messages were used with format=JSON (#22611)

Front-end / GUI:

  • Resolved issue with message retrieval in Outgoing Delivery Queue page when searching for recipient (#22561)
  • Resolved issue with editing outgoing limits when limits are enabled (#22610)
  • Resolved on screen error when clicking “Manage permissions” option at domain level (#22593)
  • Adjusted SpamPanel API `api/reseller/getarchivingdiskspaceusage/` & `/api/reseller/wipe/` calls  to show `admin` instead of `reseller` (#22617)
  • Removed “sort_field” when calling api_count_messages (#22424)
  • Resolved issue with archiving product status incorrectly reflected in the archiving options (#22317)
  • Added `Skip archiving account creation` if the ‘activate for all domains’ setting is off (#22360)
  • Increased HSTS timeout to 180 days (#22410)
  • Resolved CSRF issues on certain pages that had the error `We are sorry, but you cannot access the requested page due to security restrictions` (#22455)
  • Provide the message date when retrieving a message (#21583)
  • New SpamPanel API call `api/reseller/wipe` to wipe reseller data (#21991)
  • New SpamPanel API call `api/reseller/getarchivingdiskspaceusage` to get archiving disk space usage for a reseller (#21993)
  • Added a notification before sub-admin deletion (#22117)
  • Add option to specify individual domain results in ‘/api/user/list/role/email/format/json’ (#20852)
  • Change `admin` to `super admin` and `reseller` to `admin` (#21443)

Plugins & Integration tools:

  • cPanel: Added option to enable/disable add-on per-package (#8038)
  • cPanel: Resolved issue with SpamExperts Icon is missing in X3 theme (#22354)
  • cPanel: Resolved issue with GTLD MX records (#22608)
  • cPanel: Resolved issue with error notice `PHP Notice: Undefined index: status  Line: 397` (#22352)
  • Plesk: Resolved issue with GTLD MX records (#22608)
  • Plesk: Resolved issue with error notice `PHP Notice: Undefined index: status  Line: 397` (#22352)

 

For more information, please do not hesitate to contact us.

 


New available build notification (75122)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, Spam Experts.

Filtering (services):

  • Removed RC4 from the available HTTPS cipher list
  • Improvements in the efficiency of message classification and training (#17503)

Front-end / GUI:

  • Resolved issue with the “pending transfers” and domain deletion when transferring domains (#22312)
  • Optimized API  `/domain/add/` & `/domain/edit/` error message when destinations cannot be empty (#22332)
  • Resolved issue with double semi-colons inconsistency when getting/setting route (#22356)
  • Resolved issue with domain overview not showing correct active products (#22366)
  • Resolved issue with incorrect error message when updating a SSL certificate (#22365)
  • Resolved issue with continually terminating the session (#21747)
  • Optimized error message when trying to reset the password for a domain that isn’t in the system (#22392)

Plugins & Integration tools:

  • No new updates this week

For more information, please do not hesitate to contact us.

 


New available build notification (74564)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, Spam Experts.

What’s new this week:

Catch-all aliases:
You have long been able to set up aliases at a domain level, so that any mail @example.com gets redirected to the same recipient @example.org.  A few updates ago, we also added the ability to configure recipient aliases, so you can direct mail for (e.g.) [email protected] to [email protected].  With this week’s update, you can now configure a “catch all” alias, so that any mail @example.com is directed specifically to a single address, e.g. [email protected]example.org.  The web interface currently only exposes the ability to configure domain level aliases, but we will be adding the ability to create a “catch-all” account and to configure recipient aliases within a domain in an update early in 2015.

Hidden BCC:  
There are times when you need (e.g. for regulatory requirements) to send a copy of all messages for a domain or a specific recipient to another address – basically, to automatically add a “bcc” recipient to all messages, without the sender being aware of this.  This is now possible via the API.  You can configure all mail at a domain to be copied to a specified address, or all mail to specified recipients within a domain.

Grouped log counts:
The API now supports getting counts of messages grouped by a column, for faster and easier report creation.  For example, you might want to get the number of messages each distinct recipient has received in a specified time period, or you might want to know how many spam messages each of your outgoing users have attempted to send in the last day (so that you can address that problem with your users).

Changelog:
Filtering (services):

  • The api_find_messages and api_find_outgoing_messages API calls now support a “group” argument, which works like a “group by” clause in SQL (#21641)
  • [outgoing only] The “block spam” option is now set for all outgoing accounts.  The API calls that controlled this option still exist, but are deprecated and have no effect (#20925)
  • [incoming only] The API methods that handle aliases now permit you to specify that all mail for a domain should be aliased to a specific address at domain, without having to individually configure each alias (#19679)
  • New API methods api_set_hidden_bcc_address, api_get_hidden_bcc_address, api_set_hidden_bcc_address_outgoing, and api_get_hidden_bcc_address_outgoing, which allow you to have mail blind copied to a specified address (#7818)

Email Archiving (services):

  • A new method is available that provides a list of all IDs for a specified account and date.  This may be used to iterate / browse through an archive far more efficiently than by using a search (#21585)
  • You may now specify the message date when retrieving a message from the archive.  This is far more efficient than having the system determine the date itself, particularly on heavily loaded clusters  (#21580)

Front-end / GUI:

  • Resolved issue with some missing dates from the Domain Statistics Page (#22191)
  • Resolved issue with Date field from Incoming Log Search(#22199)
  • Resolved issue with `Domain Transfer` error message “This method is not available” (#22184)
  • Resolved issue with adding camel-case email users when reseller exists with same address (#22161)

Plugins & Integration tools:

  • No new updates this week

 


New available build notification (74420)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, Spam Experts.

 Please have a look at the changelog to view the modifications included in the new build 74420.

A randomization bug in the auto-update system of our Plesk/cPanel integration caused the auto-update system to potentially stop. If prompted about an available update from the add-on control panel, please force the update manually to the latest version. That should resolve the auto-update issues. Alternatively you can manually execute “wget -Nhttp://download.seinternal.com/integration/installers/installer.sh && bash installer.sh” from the addon-server to force update the addon at anytime.
Filtering (services):

  • This build includes general filtering/performance updates only

Front-end / GUI:

  • No new updates this week

Plugins & Integration tools:

  • cPanel: Resolved issue with auto-update system (#22172)
  • Plesk: Resolved issue with auto-update system (#22172)
  • POA APS 1.2: Resolved issue with returning error `: a:0:` (#22207)

 


New available build notification (73605)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, Spam Experts.

 Filtering (services):

  • The api_set_update_day_and_time has a new argument that may be used to get a status code response rather than a blank response (success) or detailed error message (#73476)
  • The api_set_ssh_ips and api_set_backup_settings have a new argument that may be used to get a status code response rather than a blank response (success) or detailed error message (#73477)
  • Removed warning message from set_protection_report_template in the case where the template is not available in the user’s selected language (#73480)
  • Added improvements in monitoring when the updater is running (#16747)
  • The API response “Default value is overruled for ” is no longer translated; the API will always return this message in English (#73505)

Front-end / GUI:

  • Removed <50 domain behavior of quick jump widget (#21873)
  • Removed “check delivery status” action for log search results (#21636)
  • Added ‘Show domain’ when adding submission user at domain level (#20253)
  • Removed use of “right click” in API user editing (#20220)
  • Resolved issue with Skip all filters option with adding invalid IP addresses (#19091)
  • Added telnet test to other useful locations (#19220)
  • Resolved issue with the reset of ‘Private label’ and ‘available product’ settings if an error occurs at reseller creation (#22036)
  • Optimization of the domains transfer procedure (#21658)

Plugins & Integration tools:

  • No new updates this week

For more information, please do not hesitate to contact us.

 


New available build notification (73433)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, Spam Experts.

 Log Searching:

You can now include delivery information in your log searches.  You can filter your searches by the delivery date and time or the server the message was delivered to, and you can get this information included as columns in your results as well.  This information is only available for messages that have been successfully delivered to their destination, of course – we’re hard at work adding in similar functionality to get more detailed and faster information about problems delivering messages.

In the outgoing log search, you can now also filter your results by the “user identity” that you can configure (e.g. based on a header you add to your outgoing messages, or the envelope sender that the message uses).  This makes it simple to get information about messages that a specific end-user has sent (or attempted to send).

Archiving:

The support for using Microsoft Exchange’s “journalling” functionality that was added a few weeks ago is now available in the web interface, for easy configuration.  This feature of Exchange allows you to configure Exchange to forward all messages (in a special “journal” format) that are to internal addresses (e.g. within your organisation) to a specified address.  Normally, these don’t go outside of your organisation, so would not end up in your archive – so this allows you to ensure that all of your mail is available in your archive.  If you configure Exchange to do this, you can then enable “journalling” in the web interface (this will whitelist the address you have chosen and also set it to not make any delivery attempts for that mail – you can customise this in the normal way if necessary).  Note that currently only the admin for a cluster is able to configure journalling for a domain.  Please contact support if you need assistance setting this up.

We have also made improvements for the “redeliver” functionality in archiving in the web interface.  When you choose to “redeliver” a message, the default behaviour is to deliver it to the original recipients of the message (note that this may not be the addresses in the “To” header – e.g. when the message was a BCC), and this is more clearly explained in the interface.  You also have the ability to customise the delivery location as part of the “redeliver” action – there’s no more need to set this up before you click “redeliver”.  We also now use the original envelope sender (“mail from”) address when redelivering an archived message.

Protection Report:

You now have a lot more control over the way that protection reports look.  In the template editing page, you can now edit the CSS stylesheet that the HTML version of the protection report uses – giving you considerable control over the fonts, size, margins, and other general layout and design of the protection reports for your users (note that mail clients vary in which style instructions they will obey).  You can also customise the row, header, and cell HTML, if you need to do that to make further style adjustments.  Finally, you can also choose to not include links to the web interface to view messages, if you wish to use the protection reports without providing access to the web interface, and customise the hostname that is used for links to release messages if your quarantine server is not the same server as the web interface server.

Changelog:

Filtering (services):

  • Improvements to handling training messages that have been through filtering more than once (#20461)
  • Added support for additional delivery problems in the api_delivery_errors API call (#22009)

Email Archiving (services):

  • Resolved issue that could cause a delay in archived messages being added to the storage server (#22007)
  • Resolved issue that could cause archiving messages in the Exchange journal format to fail when the recipient was blackholed (#22008)

Front-end / GUI:

  • Resolved issue with incorrect TLD whitelisting at Domain Level (#21557)
  • Resolved issue with message results in delivery queue when filtering on a specific sender (#21842)
  • Resolved issue with Archive redelivery (#21676)
  • Resolved issue with creating of authticket via Spampanel API (#21681)
  • Resolved issue with incorrect date display in Domain Statics page. (#21673)
  • Resolved issue with Login prompting to enable 2FA (#21684)
  • Resolved issue with bandwidth overview for resellers not showing data (#21497)
  • Resolved issue with delivery queue HTML version opening links in iframe (#21950)
  • Resolved issue with the outgoing delivery queue page where recipient search required “Return partial matches” (#21938)
  • Resolved issue with ‘time-queued parameter’ in the outgoing delivery queue page (#22006)
  • Resolved issue with Quarantine date-time column sorting (#21752)
  • Resolved issue with domain cache list (#21812)
  • Resolved admin login issue with HTML  escaped characters (#21848)
  • Resolved issue with the “Error details” option from the log search page (#21904)
  • Adjusted wording for Sender Whitelist and Sender Blacklist (#21877)
  • Adjusted styling for ‘Add a new identification header’ button (#21612)
  • Adjusted wording of outgoing “Delivery queue” to “Outgoing delivery queue” (#21939)
  • Added auto whitelist recipient when adding admin contact (#16716)
  • Added  America/Denver timezone (#21751)
  • Added Content-Security-Policy HTTP header (#20331)
  • Added ability to filter by identification user in log search (#21481)
  • Added additional protection report template parameters to edit page (#21457)
  • Added delivery information as additional columns/filters in log searches (#20562)
  • Added Archive search show progress bar when re-delivering messages (#21537)
  • Moved “block password protected attachments” option to the “Extensions” page (#21483)
  • Stop /api/archive/getsize/ from using account-less /archive/usage/ (#21711)
  • Sort bandwidth overview on un-rounded numbers (#19293)
  • Expose the functionality to integrate archiving with Exchange’s “journal” mode (#21559)

Plugins & Integration tools:

  • No new updates this week

For more information, please do not hesitate to contact us.

 


New available build notification (73023)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, Spam Experts.

 Filtering (services):

  • [outgoing only] Resolved issue with the X–Domain header added to outgoing messages would incorrectly have the recipient’s domain (#21899)
  • Improvements in the efficiency of training messages (#21060)
  • Improvements to the efficiency of the quarantine system (#19768)
  • Improvements in the efficiency of processing messages (#21112)

Email Archiving (services):

  • Messages are now archived against the date they were originally received, rather than the date that they were processed (#21581)

API:

  • The log search API calls now support returning the result as JSON as well as CSV (#21236)

Front-end / GUI:

  • No new updates this week

Plugins & Integration tools:

  • cPanel: Resolved issue with alias domain not getting MX records force-set and fails with Domain exists (#21727)
  • cPanel: Resolved issue with `disabled` feature option on cPanel paper Latern theme (#21395)
  • WHMCS Addon: Resolved issue with `Fatal error: Class ‘kwspamexperts_api’ not found`

In case you have items you would like to discuss in more detail, please inform support and these topics will be included in the next quarterly CTO webinar.

 


New available build notification (72730)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, Spam Experts

OS Update:
SpamExperts is upgrading all remaining Local Cloud servers from Debian 6 (LTS) to Debian 7.0 this week. This is done as part of your scheduled automatic update, or it may be executed manually during off-peak times (before 8am or after 7pm server time during working days, or throughout the day during the weekend). This process is monitored carefully by our engineers, and we’ll ensure only a single system is upgraded at a time so your clients will not notice any of the changes. Generally, the update will complete quickly. It is not required to reboot the machine after the upgrade, however you may wish to schedule a reboot on your end some date after the upgrade to ensure the boot process is working as expected.

For more information, please do not hesitate to contact us.

Changelog:

Filtering (services):

  • Optimisation of IP whitelist loading, including better handling when there are database connection issues (#21790)
  • [outgoing only] Addition of a new identification method, “envelope sender domain”, which works like “envelope sender”, but uses only the domain part of the address.
  • Dropped support for SSLv3 HTTPS connections, and added support for TLSv1.2 HTTPS, SMTP, and IMAP connections (#20074)

Front-end / GUI:

  • Adjusted RCPT TO value to be used as default archive re-deliver address (#21567)
  • Resolved issue with ‘Re-sent headers’ in Archiving (#21732)
  • Resolved issue with sorting in Spam Quarantine page (#21752)
  • Resolved issue SSO download link missing from reseller level (#21843)
  • Adjusted triangle location for disabled SPF domains/IP page (#21823)
  • Optimized SpamPanel speed when accessing domain level control panel (#21757)

Plugins & Integration tools:

  • No new updates this week.

In case you have items you would like to discuss in more detail, please inform support and these topics will be included in the next quarterly CTO webinar.