-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hallo,
MDaemon 9.6.3 release pagi ini : ftp://ftp.dutaint.com/altn-mdaemon/md963_en.exe http://ftp.dutaint.com/altn-mdaemon/md963_en.exe - ------------------------------- MDaemon 9.63 - November 6, 2007 - ------------------------------- * MDaemon's implementation of Sender Signing Practices for DKIM has been updated to a more recent IETF draft. I am hopeful that this draft will be substantially close to what the final version will look like (although work is ongoing). A copy of this draft proposal can be found here: http://www.dkim.org/specs/draft-ietf-dkim-ssp-00.txt. MDaemon no longer supports the older SSP draft. MDaemon will not query DNS for older SSP records nor will it recognize the format of those older records. The current SSP draft has a new format and location in DNS for this data. Assuming you are using SSP, Alt-N recommends updating it as follows: (a) Create a DNS TXT record containing the following (minus the quotes): "dkim=unknown" - if you are signing some, but not all, of your mail "dkim=all" - if all mail is signed by you or someone else "dkim=strict" - if all mail is signed only by you (b) Place the TXT record at "_ssp._domainkey.<domain>" (minus the quotes) where <domain> is the domain name specifying the SSP policy. For example: "_ssp._domainkey.altn.com". (c) Remove any old SSP record which may exist at "_policy._domainkey.<domain>" (minus the quotes) where <domain> is the domain name specifying the older SSP policy. Alternatively, you could leave this record in place for a time for legacy verifiers. Any dns_readme.txt files generated by MDaemon prior to this version of the software will contain incorrect instruction on how to configure SSP. These changes DO NOT affect DKIM signing or verifying (RFC4871). These changes DO NOT affect selectors, public or private keys, or data stored in DNS related to selectors or any other aspect of RFC4871 behavior. * MDaemon's implementation of Minger has been updated to the most recent draft. A copy of the most recent draft proposal will be available from the IETF web site soon (or you can email me - [EMAIL PROTECTED] - and I can send you a copy). It was necessary to change the way the Minger query string is formed. As a result the Minger server and client included in this version of MDaemon is not compatible with previous MDaemon versions. For Minger to continue to work you will need to update all your 9.6x installs to this patch. * The following changes to MDaemon's use of SpamAssassin have been made: (a) MDaemon installs the current default rule set into a new folder called default_rules. This folder should never be used by customers. (b) The existing rules folder was purged of all .cf files which were included in previous default installations. (c) Learn.bat was updated to reflect the new default_rules path. * [6723] The address book white listing feature has been improved in order to enhance security and prevent abuse. In order for a message to trigger the address book white listing system it's FROM address must have been authenticated with either SIDF or DKIM. In the case of DKIM, the signing domain must match to the domain taken from the FROM header. A new switch governing this behavior has been added to a slightly reworked Spam Filter White List (auto) UI tab. This new requirement is enabled by default and it is strongly recommended that you keep it enabled. o [6813] Some performance enhancements have been made. First, a partial fix to the "create fail for window" errors and "Thread Creation Error: 12" problems have been found. Although a complete fix will come in a future version, this version of MDaemon should be able to handle many more simultaneous connections than previous versions. The hard limit is imposed by Windows which limits the amount of resources granted to any process. o [3128] In WorldClient added the ability to delete individual occurrences of recurring events in the desktop themes. This will allow users to delete events that happen on holidays without removing all of the instances of the event from their calendar. SyncML has also been updated to support deleted occurrences or recurring events. o [6692] MDaemon's implementation of AUTH-RES has been updated to reflect the most recent draft which has several excellent changes. There is now a single Authentication-Results header which documents the result of all authentication processing. For more information on AUTH-RES read: http://www.ietf.org/internet-drafts/draft-kucherawy-sender-auth-header-08.txt o [6685] By default, MDaemon will no longer insert "Recieved-SPF" headers into messages when no SPF data is available. If you would like to continue to have MDaemon insert this header even when no data is available you can configure for that using Alt+X | SPF/Sender-ID tab and unchecking the "...except when the SPF result is 'none'" option. o [6682] Backscatter Protection processing will copy its results into a new header called X-MDBP-Result. This header will be present for all messages sent to a single RCPT which trigger BP processing. The header will contain the result of the BP test (pass, fail, or fail expired) as well as the reason the message wasn't outright rejected (matched to a white list, not configured to reject, etc). o [6696] MDaemon inserts various new headers into messages in a more organized fashion now. o [6700] The X-Lookup-Warning header has been deprecated. It suffers from the following problems: (a) It is not stripped on incoming which means it can't be reliably used for filtering. (b) It is a single header trying to represent three different lookup results which is impossible (subsequent lookups overwrite previous results thus causing data loss). (c) It is configurable (even the header name!) which makes it impossible to police. The header was replaced with three non-configurable, purpose built headers that do not suffer from such problems. They are X-MDPtrLookup-Result, X-MDHelo-Lookup-Result, and X-MDMailLookup-Result. Eventually, all these headers will be deprecated in favor of exclusively using Authentication-Results. o [6701] The X-RBL-Warning header has been deprecated. It turns out that the feature to automatically generate account filter rules to move messages with this header into the Junk Email folder automatically has never worked because the rule tested for "is equal to 'Yes'" when this header never contained that value. The installation process will remove this worthless rule for all accounts. If you want to reapply a working filter rule to all accounts you can enable the option to do so in the DNSBL Options UI. The X-RBL-Warning header has been replaced by a new header called X-MDDNSBL-Result. This header documents the results of all the DNSBL processing including the IP result returned from each DNSBL for your filtering pleasure. The 80_MDaemon_scores.cf file has been updated to reflect these changes but by default it does not inspect the results of the header for distinct action. It simply scores if the header exists. o [6669] Added option to Setup->Primary Domain->Archival to allow you to control whether messages marked as spam should be included in the archival process or not. By default they are not included however you must open and close the dialog box once to enact this change. o [6348] It is no longer possible to change the primary domain name using a detached "configuration session" UI. This must be done using the actual service UI or WebAdmin. This was causing numerous problems. o [6728] Several improvements were made to the Routing log to help track what's going on during message processing: (a) The Routing log should now always show where a message was ultimately delivered. (b) Forwarding failures will be logged (c) Each forwarded recipient will receive a line item entry in logging (d) Fixed several code paths were nothing was being logged at all (e) Format slightly changed to be consistent with other logs (f) If any errors occuring causing a message to not be forwarded then the original copy will be retained regardless of whether the account or gateway is configured to not do so. o [6730] Account filter rules will be processed now even when the IMAP and WorldClient servers are disabled. In previous versions at least one of those servers had to be enabled. o [6736] Added option to Accountprune to skip pruning of inactive account if account is a forwarding mail account. Add the following setting in the Domains.dat file to turn on the feature: [primary.domain.com] SkipForwardAccount=Yes (default = No) o [6822] When not archiving spam, message sent to spam trap email addresses will now be excluded from the archive. You will need to hit F2, switch to the Archival tab, and hit OK once to enable this behavior. o [4037] DomainPOP and MultiPOP use TLS/SSL when connecting to port 995. o [451] fix to IMAP sessions in Session pane sometimes incomplete o [6846] fix Accountprune doesn't work using foreign characters in midnight.bat o [6778] fix to errant error message when entering invalid domain forms o [6775] fix to VBR code not honoring all types returned from certifier o [6776] fix to VBR sign file not editable at times o [6802] fix to BATV file not editable at times o [6800] fix to CFEngine.exe crash when processing messages with TNEF o [6812] fix to log archives having incorrect date in zip file name o [6622] fix to digests not using list's reply-to address o [6630] fix to german installer not properly creating start menu link o [6552] fix to content scanning problems with certain messages o [6623] fix to midnight crash when using MS SQL ODBC backend o [6638] fix to gateway message forwarding ignoring SMTP MAIL value o [6646] fix to inbound SMTP spam trap flag not reset properly at times o [6655] fix to WC crash when opening a draft in the LookOut theme o [6639] fix to edituser.sem trashing autoresponder start/end times o [6659] fix to shared folders list limited to 32KB o [6663] fix to MDCalendar.dll may attempt to close an invalid handle o [6580] fix to forwarding+account restrictions not working right o [6672] fix to not able to edit accounts when us MySQL ODBC backend o [6673] fix to forwarded mail not using BATV properly o [6677] fix to dynamically screened IPs unable to log into WorldClient o [6693] fix to Domainkeys processing rejecting message against policy o [6705] fix to errant Authentication-Results inserted in local msgs o [6706] fix to errant handling of irrelevant RR records at times o [6695] fix to LookOut display issue related to invalid UTF-8 sequences o [6717] fix to inline spam scan not working with greylist right o [6718] fix to X-Spam-Flag header being stripped errantly o [6719] fix to possible mail loop when using account forwarding o [6720] fix to spam trap msgs getting spam scanned at times o [4282] fix to IPScreen not being cached in memory o [6382] fix to a meeting event at the original time being recreated after changing the meeting's time in Outlook Connector o [6729] fix to local mail being left in the queue forever when using a particular combination of "strip x headers" + account filter rules o [6678] fix to content filter's extract attachment creating 0 byte files o [6748] fix to auto-responder responding to messages from RelayFax@ o [6747] fix to spam to unknown local users routing to postmaster/sender o [6749] fix to forwarding to mailing lists able to start a loop o [6753] fix to ldapcache.dat not working only caching a single lookup o [6751] fix to DeleteAlias not work using MDCOM-API o [6754] fix to messages from trusted/auth'ed sources getting scanned even when configured not to do so o [6757] fix to RAW 'Received' headers being created improperly (using incorrect host/domain names) o [6636] fix to AD monitoring not disabling accounts properly o [6871] fix to Backscatter sometimes rejecting addresses improperly - -- syafril - ------- Syafril Hermansyah MDaemon-L Moderators, MDaemon 9.6.3 Beta RC1 under WinXP Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFHMSnjJDdq0WWNVhYRApKBAJ0ftjEBMOhtNciywH7p6F+4pITU9ACeNPS8 5247BiOrwW2Uv9FwKaAGHHM= =QZOx -----END PGP SIGNATURE----- -- --[MDaemon-L]------------------------------------------------ Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Mohon tidak posting dengan format HTML, pastikan selalu menggunakan Format Plain-text Arsip : <http://mdaemon-l.dutaint.com> Henti Langgan : <mailto:[EMAIL PROTECTED]> Berlangganan : <mailto:[EMAIL PROTECTED]> Versi Terakhir : MD 9.6.2, MDSP 3.0.5, MDOC 2.1.6
