Halo, MDaemon versi 23.0.0 release pagi ini.
https://mdaemon.com/pages/downloads-mdaemon-mail-server-free-trial http://ftp.dutaint.com/altn-mdaemon/MD2300_en_x64.exe MDaemon Server v23.0 Release Notes https://files.mdaemon.com/mdaemon/release/RelNotes_en.HTML MDaemon 23.0.0 - February 8, 2023 CHANGES AND NEW FEATURES MDAEMON SERVER * [6984] Added IMAP server support for keyword flags. This allows email clients such as Mozilla Thunderbird to store Message Tags on the server, which lets you see tags set in one client in another instance of the client. * [26376] Improved the IMAP server's performance when opening large mail folders. * [23873] MTA-STS now has an exempt list, so problem domains can be made exempt instead of MTA-STS needing to be turned off when failures affect deliverability. * [18486] MDaemon sends a warning email to admins when SSL certificates configured for use by MDaemon, Webmail, or Remote Administration are about to expire. * [22800] Added OAuth 2.0 support for MultiPOP mail collection from Gmail and Office 365. OAuth 2.0 is modern authentication, which these services will require once they disable support for legacy/basic authentication. Simplified setup instructions are: 1. Create an app using the Google API Console (for Gmail) or Azure Active Directory (Office 365). 2. Enter the app's Client ID and Secret in MDaemon at Setup | Server Settings | MultiPOP. 3. On the Account Editor's Web Services screen, enable "edit MultiPOP settings" for the accounts that need to use OAuth. 4. On the Account Editor's MultiPOP screen, select the Gmail ("pop.gmail.com:995") or Office 365 ("outlook.office365.com:995") entry, check "Use OAuth", click Replace, then save. Users can also do this for themselves in Webmail or MDRA. 5. Users then need to authorize the accounts in Webmail. On the Settings | Mailboxes page, click the "Authorize" button for the Gmail or Office 365 entry. Sign in to Google or Microsoft and consent to the application. Users may need to reauthorize on a weekly basis. Detailed setup instructions can be found in Knowledge Base articles https://knowledge.mdaemon.com/how-to-setup-oauth-google (Gmail) and https://knowledge.mdaemon.com/how-to-setup-oauth-m365 (Office 365). * [26476] The "MultiPOP always deletes mail..." option has moved from Setup | Event Scheduling | Mail Scheduling | MultiPOP Collection to Setup | Server Settings | MultiPOP. WEBMAIL * [10314] Integrated Google Drive into Webmail Documents. Users can view their Drives, Folders, and Files that are in Google Drive. Users can upload, download, move, copy, rename, and delete files, as well as copy/move files to and from the local document folders. If the user wants to edit a document, clicking the option to View the file in Google Drive will allow the user to make edits in accordance with their permissions in Google Drive. To Setup the integration view the Knowledge Base Article at https://knowledge.mdaemon.com/mdaemon-google-drive-setup. * [26164] Pro theme - Added read receipts support. * [26236] Pro theme - Added an option to disable the HTML editor context menu. * [25647] Pro theme - Added the ability to resize the folder list. * [24927] Added option to enable drag and drop folders at Settings | Folders. Setting is enabled by default. * [26275] Made the session cookie Secure over HTTPS. * [26278] WorldClient no longer modifies the robots.txt file on startup. * [26309] The built-in web server prevents the download of .dll files from the HTML directory. * [26535] Pro theme - Changed the validation process to allow BCC only recipients when composing a message. REMOTE ADMINISTRATION (MDRA) * [26188] Added an option at Main | Webmail Settings | Settings and at Main | Domain Manager | Edit | Webmail Settings to "Allow users to receive Two Factor Authentication verification codes over email". This setting is enabled by default. * [26274] Changed the default permissions when adding a new ACL entry to Lookup and Read. * [26257] Test buttons at Spam Filter | DNS-BL | Hosts and Setup | Active Directory | Authentication are now disabled while the process is ongoing. * [26312] The built-in web server prevents the execution and download of .dll files in the Templates directory. * [25041] Updated the UI to use a stacked menu for widths of 1024px and greater. Added a user settings page that can be accessed by clicking the username in the top right. User settings include a Dark Mode, font size options, and the current language. * [26304] Changed the account delete confirmation to use the custom confirmation feature. SECURITY * [26114] Dynamic Screening - There is a new option titled Block Logon Policy Violations. If the logon policy to require full email addresses is active, and Block Logon Policy Violations is active, then the offending IP address will be blocked immediately. Also added a new option for Auth Failures, to only ignore duplicate passwords for valid accounts. This means that if a password change was done at a client, then another client still running the old password will still have ignore duplicates enabled, since it would have the correct logon name. A bot trying random logons with a similar password would not have that same benefit, and will be blocked as soon as it surpasses the auth failure threshold. This will help to defeat bots much quicker. The XML API DynamicScreen operation has been updated to reflect these new features. * [26115] Content Filter - Added an option to add a warning at the top of the message if a restricted attachment is removed from message under Content Filter | Attachments. * [26328] AntiVirus - Updated ClamAV to version 0.105.1. * [26036] AntiVirus - Added an option to exclude trusted IPs from virus scanning. * [26695] AntiVirus - Removed option to send notification if Cyren virus definitions have not updated. ACTIVESYNC * [26305] Added the ability to define a custom display name for mailbox and public folders. * [26287] Added option to disable the ability to factory wipe devices. * [26215] Improved shutdown performance. * [26184] ActiveSync clients can now send to Personal Distribution Lists in Contact folders. * [26067] Changed layout of Client Settings Dialog to add room for new settings. * [26030] Added Client Setting to block sender when item moved to Junk Email folder. * [26446] Outlook's Junk E-mail folder should always be associated with the server-side spam folder. OTHER * [26059] MDaemon GUI - Changed the default permissions when adding a new ACL entry to Lookup and Read. * [18756] MDaemon GUI - Added warning popup if you attempt to set the Webmail, Remote Administration, or XMPP BOSH Server ports to have conflicting values. * [26027] XMLAPI - Added Editor operation which can be used to edit MDaemon's various INI files * [26191] Changed several plugins to allow newer versions to run so customers can test possible hotfix/patch versions. FIXES * [26387] fix to Message Indexing - maintenance does not use as many worker threads as it's configured to * [26253] fix to Pro theme - Event Editor - Add attendees auto complete output is hidden by the Add Recurrence section * [26245] fix to LookOut theme - popup does not close after removing a canceled event from calendar * [26254] fix to MDaemon stops responding after failed SMTP delivery to smart host if the hostname is in brackets and a port is specified * [26244] fix to Pro theme - Resend option is not always available in the right click menu * [26231] fix to Pro theme - Drag and Drop PIM attachments not working * [26268] fix to MDRA - When clicking "Sender block list", a large list causes a long delay * [20207] fix to Lite theme - Advanced search date range does not work * [25737] fix to Lite theme - List Refresh time shows incorrectly when set to a non-standard value * [10527] fix to Outbreak Protection - processing will skip messages when the recipient is in the sender's allow list if this option is enabled in Spam Filter * [26334] fix to Outbreak Protection - skip reasons are now logged during SMTP processing * [26282] fix to messages with password-protected files that are allowed through not getting archived * [26306] fix to MDRA - After creating an IMAP Filter to forward, the rule is displayed incorrectly when viewing it * [26375] fix to Content Filter - typo in restricted attachment logging * [21233] fix to MDRA - Requiring two factor authentication is not enforced if TFA not already set up in Webmail * [26343] fix to Webmail - When replying to a message with a long From header, the To address is truncated * [24865] fix to Webmail - After setting a default language, only English is set when first logging in. Added an option to disable the "Default to user's browser language" in MDRA at Main | WorldClient Settings | Settings * [26349] fix to Pro theme - iOS - When you tap a message in your search results, it enables the checkmark icon * [26339] fix to Pro theme - When changing your password on the login screen, the Save button is unavailable * [26066] fix to MDaemon shutdown delay when real-time message indexing is enabled * [26310] fix to ActiveSync and Autodiscover do not honor the "Hide software version identification" option * [26338] fix to ActiveSync - delay processing Ping and Sync wait expirations * [26380] fix to ActiveSync - crash when client downloads particular message * [26379] fix to Clustering - Deadlock possible while removing secondary node * [26302] fix to ActiveSync - Crash when attempting to wipe data using protocol version 14.1 * [26296] fix to Autodiscover is not enabled on new installations * [26238] fix to Clustering - ClstrSvc.ini written to the root of C: * [26110] fix to MDaemon GUI - AutoDiscovery Service Help does not work * [26064] fix to ActiveSync - WindowsOutlook15 client may enter an indefinite Sync/Ping loop * [26047] fix to XMLAPI - GetVersionInfo emits non-UTF8 encoded strings (specifically LegalCopyright) * [26319] fix to Pro theme - Compose - window not wide enough for navbar in some languages * [26368] fix to AntiVirus - messages that contained password-protected files that can not be scanned will have "X-MDAV-Infected: password-protected" header added * [26307] fix to Pro theme - Compose - If the extended HTML editor toolbar is present, alerts are covered by it * [21938] fix to Pro theme - iOS - Cannot scroll all the way down New Event page * [21200] fix to Webmail IM - When adding a contact, it shows up on your list only after a refresh * [18802] fix to MDRA - No error when entering invalid path in RF queue path * [26176] fix to Pro theme - HTML Editor - Firefox not loading inline images * [26040] fix to MDaemon creates X-MDDNSBL-Result header when error code is returned * [26400] fix to AntiVirus - Cyren Cloud Assist will use proxy info from AVUpdate if enabled * [26217] fix to SPF HELO lookup result is ignored if DMARC verification is enabled * [26398] fix to Pro theme - Folder list vertical scroll bar is partially covered by line * [26408] fix to MDRA - Signing in from Webmail's Advanced Settings link fails * [26342] fix to SMTP server RFC compliance check mistakenly rejects valid "From" header syntax * [26353] fix to OCAddins.dat.lck file left behind by crash causes MDaemon Connector performance issues * [26264] fix to Mail Statistics Summary email duplicates the MDaemon Statistics Report * [18112] fix to Content Filter - non-ASCII attachment filenames are garbled when using outbound compression * [26070] fix to Installer - translated Cf*.dat files may not be installed on a fresh install * [26415] fix to Pro theme - Cannot unsnooze a snoozed message * [26452] fix to Pro theme - saved draft has ../../../ in the image url when sent and image cannot be viewed * [25952] fix to inaccurate text in SMTP screening notification email about sending to unknown recipients * [26470] fix to MDRA - SMTP Screening "Send notification when IP is blocked" checkbox is tied to the wrong setting * [26472] fix to ActiveSync - timestamps in Received headers with extra whitespace are not parsed correctly * [26447] fix to ActiveSync - events created with no reminder on iOS are synced to the server with a 0 minute reminder * [26474] fix to Pro theme - An expired CSRF token prevents a user from sending a message * [26454] fix to possible crash in MDaemon.exe * [23477] fix to SMTP server ignores the From header if the Sender header exists when checking message headers for addresses on the block list * [26478] fix to messages routed from the Inbound queue to the Bad queue may be deleted silently * [26421] fix to CNAME in A record lookup response causes SSL certificate validation failure * [26492] fix to security vulnerability in Webmail * [26509] fix to Pro theme - Default From Address is not saved to the User.ini correctly * [26564] fix to Outbreak Protection not using proxy username and password * [26566] fix to possible crash in WorldClient.dll * [26570] fix to possible crash in CFilter.dll syafril -------- Syafril Hermansyah MDaemon-L Moderators, running MDaemon 23.0.0 Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. A good scientist is a person with original ideas. A good engineer is a person who makes a design that works with as few original ideas as possible. There are no prima donnas in engineering. --- Freeman Dyson
OpenPGP_0xA5E5117522155320.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
