Avira AntiVir MailGate 3.2 Release Notes



Similar documents
Avira Exchange Security 11 Release Notes

Avira Exchange Security Small Business Edition. Quick Guide

Avira Update Manager User Manual

PGP Command Line Version 10.0 Release Notes

Avira Managed Security AMES FAQ.

Avira Exchange Security Version 12. HowTo

ESET Mail Security 4. User Guide. for Microsoft Exchange Server. Microsoft Windows 2000 / 2003 / 2008

Release Notes for McAfee(R) VirusScan(R) Enterprise for Linux Version Copyright (C) 2014 McAfee, Inc. All Rights Reserved.

PGP Command Line Version 10.3 Release Notes

Avira Professional Security Migration to Avira Professional Security version HowTo

DJIGZO ENCRYPTION. Djigzo white paper

Using VMware Player. VMware Player. What Is VMware Player?

Djigzo encryption. Djigzo white paper

Sophos for Microsoft SharePoint Help

How To Install Avira Small Business Security Suite (Small Business) On A Microsoft Microsoft Server (Small Bserver) For A Small Business (Small) Computer (Small Server)

CIPHERMAIL ENCRYPTION. CipherMail white paper

Kaspersky Endpoint Security 8 for Linux INSTALLATION GUIDE

PGP Command Line Version 10.2 Release Notes

Avira Small Business Security Suite Avira Endpoint Security. Quick Guide

Kaspersky Anti-Virus 8.0 for Linux File Server Installation Guide

Avira Small Business Security Suite. HowTo

Monitoring Microsoft Exchange to Improve Performance and Availability

Avira Managed Security (AMES) User Guide

Installation Guide. McAfee VirusScan Enterprise for Linux Software

Sophos for Microsoft SharePoint Help. Product version: 2.0

OnCommand Performance Manager 1.1

Kaspersky Security 8.0 for Linux Mail Server Administrator's Guide

Avira Management Console AMC server configuration for managing online remote computers. HowTo

POP3 Connector for Exchange - Configuration

Kerio MailServer 6. Administrator s Guide. Kerio Technologies

Avira Exchange Security Upgrade from version 9.x to version11.x. HowTo

Chapter 6: ScanMail emanager

KASPERSKY LAB. Kaspersky Mail Gateway 5.6 ADMINISTRATOR S GUIDE

Avira Server Security Product Updates. Best Practice

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

Avira Support Collector. HowTo

1 Functionalities of iq.suite Update Manager Installation New Installation Update Installation Configuration...

Avira Management Console Optimization for large networks. HowTo

Exchange Migration Guide

Configuration of an SQL server as an index data base for quarantines in

Domains Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2016 SmarterTools Inc.

Using Avaya Aura Messaging

IceWarp Unified Communications. AntiVirus Reference. Version 10.4

PureMessage for Microsoft Exchange Help. Product version: 3.1

F-Secure Internet Gatekeeper

IceWarp to IceWarp Server Migration

The syslog-ng Premium Edition 5F2

2 Installing Privileged User Manager 2.3

KASPERSKY LAB. Kaspersky Anti-Virus 5.5 for Linux and FreeBSD Mail Servers ADMINISTRATOR S GUIDE

MailStore Server 5.0 Documentation

HelpSystems Web Server User Guide

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

BITDEFENDER ENDPOINT SECURITY TOOLS

Table of Contents Introduction and System Requirements 9 Installing VMware Server 35

McAfee Firewall for Linux 8.0.0

ES Exchange Server - How to Remove XMON

SupportDesk Extensions Installation Guide Extension Service - Versions

DocuShare Installation Guide

NETWRIX IDENTITY MANAGEMENT SUITE

EMC Avamar. Backup Clients User Guide. Version REV 02

Altiris Monitor Pack for Servers 7.1 SP2 from Symantec Release Notes

Avira Managed Security (AMES) User Guide

Attix5 Pro Server Edition

SecurEnvoy Security Server. SecurMail Solutions Guide

Barracuda Spam&Virus Firewall v5.1 a Web Filter v5.0 Nové funkce, pluginy a uživatelská vylepšení. Jiří Blažek, Product Manager

Netwrix Auditor for Active Directory

Doctor Web, All rights reserved

What s New in Centrify Server Suite 2015

GFI Product Manual. Administration and Configuration Manual

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

ESET Mobile Security Business Edition for Windows Mobile

DocuShare Installation Guide

User Guide. ThreatTrack Security Product Manual

Netwrix Auditor for Exchange

Help for System Administrators

KASPERSKY LAB. Kaspersky SMTP-Gateway 5.5 for Linux/Unix ADMINISTRATOR S GUIDE

Release Notes for Websense Security v7.2

SysPatrol - Server Security Monitor

Event Center (rev b) EVENT CENTER. VPI 160 Camino Ruiz, Camarillo, CA (Voice) (Fax)

Kerio Connect. Administrator s Guide. Kerio Technologies

Acronis Backup & Recovery 10 Server for Linux. Installation Guide

SpamPanel Level Manual Version 1 Last update: March 21, 2014 SpamPanel

User s Manual. Management Software for Inverter

Desktop Release Notes. Desktop Release Notes 5.2.1

EMC AVAMAR BACKUP CLIENTS

SPAMfighter Mail Gateway

Advanced Settings. Help Documentation

Technical Specification Data

Configuring MailArchiva with Insight Server

Symantec AntiVirus for Linux Implementation Guide

Transcription:

Release Notes 1. Features 1.1 Assigning recipient addresses to groups either by using Active Directory or a plain text file 1.1.1 Using a Active Directory server MailGate communicates with Active Directory using the LDAP protocol. Once a connection to the AD is established, MailGate authenticates itself via the user credentials in the config file (avmailgate.conf). MailGate uses the directory entry s mail attribute of each incoming email to associate a recipient with a directory entry. If e.g. only active accounts are to be considered, the filter of MailGate can be set to the respective UserAccount Control attribute of this entry. Search results can be cached to speed up the directory query. It is also possible to let the query start a specified branch of the directory. 1.1.2 Using a plain text file Alternatively, a plain text file can be used that maps email addresses to group names. In this plain text file the email addresses are matched with the corresponding group using the help of regular expressions. 1.2. Rejecting emails for unknown recipients If MailGate runs with Active Directory support, it now optionally rejects mail for recipients that aren t found in the directory, i.e. it generates a 550 response (=email address or email domain not existing). If the directory server cannot be contacted, a 450 response (=mailbox unavailable) is generated instead to make the client try to submit the mail at a later point. Mails whose recipients are not found in the active directory are rejected to make sure that only emails for legitimate email addresses are accepted and forwarded. MailGate 3.2 Release Notes (Status 2011-06-15) 1

1.3. SNMP Support Avira AntiVir MailGate, version 3.2 is now able to send SNMP to inform the administrator mainly about security relevant issues in MailGate. Traps include infos about issues such as MailGate started/stopped SMTP server terminated SMTP session terminated Forwarder server terminated Forwarder session process terminated Forwarder could not send mail Malware alerts Suspicious file detected Scanner not reachable Quarantine daemon is down Spam checker cannot be reached License will expire, license has expired, license exceeded (process mails for more users than license allows) High/low level of in- and outgoing queue reached MailGate uses the MIB-format to specify SNMP traps. Users can find those SNMP specifications in the avira-mib.txt and avira-mailgate-v0-mib.txt files. 1.4. AVQ enhancements, advanced quarantine AVQ is MailGate s queue management module. It allows managing the incoming and outgoing and rejected spool directories. The rejected directory also works as MailGate s quarantine directory because blocked or suspicious emails are moved to the rejected directory by default. Emails in the rejected directory can be removed individually or all together. This legacy quarantine has now been complemented with a new so called advanced quarantine. This advanced quarantine offers a lot more actions to be used on quarantined emails. Amongst others you can: list emails, view specific emails, count emails, delete all quarantined emails, delete specific emails, delete emails that have been quarantined at a certain date or during a certain time interval, reprocess a specific email, MailGate 3.2 Release Notes (Status 2011-06-15) 2

The advanced quarantine is disabled by default and has to be enabled in the avmailgate. conf by setting the parameter EnableLegacyQuarantine to NO. The advanced quarantine is called using the avqmc mgt command. The advanced quarantine offers a lot more action items than the legacy quarantine thus allowing a real quarantine management with quite a number of action options to be used for specific or all quarantined emails. 1.5. Handling of encrypted emails Avira AntiVir MailGate, version 3.2 is now able to identify encrypted emails and offers three different of ways of handling encrypted emails. Please note that only PGP encrypted MIME emails are detected. S/MIME encrypted emails are not detected at this stage. How to handle encrypted emails is defined in the configuration file (avmailgate.conf). A new paragraph EncryptedEmailAction has been added where the user can choose between the actions: ignore, notify postmaster, and treat as suspicious. Only one action can be chosen. 1.5.1. Ignore encrypted mails In this case MailGate will forward the emails in question to the recipient. This is the default value. 1.5.2. Send notification to administrator if encrypted mails is detected In this case MailGate will send an email to the postmaster that an encrypted email has been detected. The encrypted email will nevertheless be forwarded to the recipient. 1.5.3. Treat encrypted emails as suspicious scanner results In this case affected emails will not be delivered/forwarded but treated as suspicious (by default suspicious files are moved into the quarantine). MailGate will also write a warning into the logfile and the usual postmaster/recipient/sender notices are sent as well as the corresponding SNMP traps if this has been configured accordingly. MailGate 3.2 Release Notes (Status 2011-06-15) 3

By definition encrypted emails cannot be scanned. This means that encrypted emails pose a potential risk to the security of a system. By offering these new action items for encrypted emails MailGate now significantly enhances the protection against those potential risks. 1.6. Notify postmaster in case of problems In the previous version MailGate created a logfile entry in case it encountered problems. Version 3.2 now offers to send notifications for various occurrences in the system: If MailGate could not connect to SAVAPI If the Spam filter could not be reached If avgated (the SMTP server) was unexpectedly terminated If a SMTP session returns an error code If a SMTP session is terminated by a signal (e.g. segmentation fault because of memory access violation) If the incoming or outgoing queue process exited with an error code If the incoming or outgoing queue process exited with a signal By directly notifying the postmaster about problems in the system it allows the postmaster to immediately response to a problem. Thus it drastically reduces the time needed to fix a problem and greatly enhances the security of the system as a whole. 1.7. Queue Handling 1.7.1. Watch fill level of incoming and outgoing queue With the new version 3.2 MailGate is able to watch the fill level of the incoming and outgoing queue. A number of new parameters have been added to the avmailgate.conf file that allow setting those fill levels: IncomingHighFillLevel IncomingLowFillLevel. OutgoingHighFillLevel OutgoingLowFillLevel MailGate or to be more precise the SMTP process will stop accepting new connections and send an 4xx SMTP reply once there are more than the defined numbers of mails in the incoming or outgoing queue and it will start accepting them again once the number of MailGate 3.2 Release Notes (Status 2011-06-15) 4

incoming and outgoing emails has reached the low level values. By default all these values are set to zero. Please note that depending on the performance and load of the system MailGate might allow the number of mails to slightly exceed the high fill level value. Once any of the values mentioned above is reached Mailgate is able to perform certain actions: It can log the throttle information It can ignore the throttle information It can send an SNMP trap It can answer with a corresponding string in the SMTP error code Please note that this feature is not available in milter mode. 1.8. Package management 1.8.1. RPM packages for Mailgate Avira AntiVir MailGate is now also available as RPM packages supporting the RPM Package Manager (formerly known also as the Red Hat Package Manager). Package management systems make it easier for an administrator to perform software installation and maintenance since those systems offer advantages such as simplicity, consistency and the ability for those processes to be automated and non-interactive. RPM being one of the most wide-spread package managers those advantages are now available for each MailGate installation. MailGate 3.2 Release Notes (Status 2011-06-15) 5

1.9. Product specific installation path for MailGate If MailGate and WebGate were installed on the same machine in the past both products were installed into the same directory /usr/lib/antivir. This could lead to problems when shared modules like the SAVAPI needed to be updated for one product only. With version 3.2 MailGate is now installed into the product specific installation path /usr/lib/ AntiVir/mailgate. Please note that if MailGate is upgraded to the new version 3.2 from a previous version the installation script will automatically copy the key files, the configuration files and the certification files. Symlinks, rc scripts, the SMC agent.ini and cron jobs will be adjusted according to the new location. The previous version s product files will not be removed when an upgrade is performed. Instead, the installer will rename avmailgate to avmailgate.obsolete and avmailgate.bin to avmailgate.bin.obsolete. This is done so that users can easily do a rollback to the previous version if needed. The product specific installation path of MailGate, version 3.2 prevents compatibility and update problems when installed together with Avira AntiVir WebGate on the same machine. The new installation path is also in accordance with the Filesystem Hierarchy Standard. 1.10. Support for SMTP pipelining feature The new MailGate version 3.2 now supports the so called SMTP command pipelining feature. Command pipelining is an extension to SMTP which is described in the RFC 2929. It can speed up the normal back and forth communication by sending multiple commands in a batch without waiting for a response to each one. Support for pipelining can be configured with the new avmailgate.conf parameter UsePipeliningInSMTPClient. Of course this option has no effect unless a SMTP server is configured as a forwarder and the server itself supports the command pipelining SMTP extension. The default setting is NO. This new MailGate feature can speed up mail delivery especially if the forwarder SMTP server does not run on the same system as MailGate. MailGate 3.2 Release Notes (Status 2011-06-15) 6

1.11. IPv6 Support Version 3.2 now supports the internet protocol IPv6. Enter IPv6 in the InetProtocol section of the configuration file. It is possible to use IPv6 in addition to the default IPv4. You can also choose to use IPv6 on its own. Please note that if you enable only IPv6 support, you have to specify IPv6 addresses for the ListenAddress and ForwardTo options, as well as in the file avmailgate.acl. Please also note that if IPv4 support is turned off, both the Active Directory support and the SNMP support are automatically disabled, as these are both based on IPv4. Milter Mode will also not work since it is also based on IPv4. IPv6 is the follow-up of Internet Protocol version 4 (IPv4). It has gained more and more ground over the last couple of years and will replace IPv4) within the next few years. Mail- Gate version 3.2 now already supports this new standard making it a future-proof application and a secure investment. MailGate 3.2 Release Notes (Status 2011-06-15) 7

3. For the 3.2 release of Avira AntiVir MailGate these system requirements have been adapted: Platforms: Red Hat Enterprise Linux 6 Server Red Hat Enterprise Linux 5 Server Red Hat Enterprise Linux 4 Server* Novell Open Enterprise Server 10.2 Novell Linux Desktop 9 (NLD 9) Novell SUSE Linux Enterprise Server 11 (SLES 11) Novell SUSE Linux Enterprise Server 10.3 (SLES 10 SP 2)** Novell SUSE Linux Enterprise Server 9 (SLES 9) *** Debian GNU/Linux 4**** Debian GNU/Linux 5 Debian GNU/Linux 6 Ubuntu Server Edition 8***** Ubuntu Server Edition 9 Ubuntu Server Edition 10.4 Sun Solaris 9 (SPARC) * Sun Solaris 10 (SPARC) * Please note that Red Hat Enterprise Linux 4 Server is supported until 29.02.2012. ** Please note that Novell Suse Linux Enterprise Server 10 is supported until 31.07.2014. *** Please note that Novell SUSE Linux Enterprise Server 9 (SLES 9) is supported until 30.07.2012 **** Please note that Debian GNU/Linux 4 is supported until 01.02.2012. ***** Please note that Ubuntu Server Edition 8 is supported until 31.12.2014. ****** Please note that Sun Solaris 9 (SPARC) is supported until 30.10.2012. CPU: Intel, AMD, 32-bit or 64-bit with 32-bit compatibility mode RAM: 512 MB (2 GB recommended) HDD: 10 GB (recommended 50+ GB) space on configured TemporaryDir for downloading and scanning large files. 1 GB temporary space needed for unpacking archives. Note: * Sun Solaris 9 (SPARC) won t be supported any longer as of 30.10.2012. Use under 64 bit Linux: Please use the required 32 bit libraries. Administration through the Avira SMC: Please note that the libstdc++so.5 is required for the SMC agent. 2011 Avira GmbH. All rights reserved. All named products and company names are registered trademarks of the respective company. Our General Terms and Conditions of Business and the End-user License Agreement can be found in the Internet: www.avira.com E&OE. Technical information as of June 2011. Avira GmbH Kaplaneiweg 1 88069 Tettnang Germany Telephone: +49 7542-500 0 Facsimile: +49 7542-500 3000 www.avira.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information