Changelog

2.0.8

  • Implemented the SPF Checks Exemptions list to allow for exemptions of domains from SPF checks.
  • Added perl functions to block abusive clients
  • Updated the yum plugin to run baruwa-setup -c
  • Updated documentation
  • Updated Spamassassin rules location
  • Silence output from updatedelta.pl
  • Disconnect from PgSQL and Sphinx after indexing
  • Disabled paster delta index updates
  • FIX: Untaint ENV{PATH}
  • FIX: Template bugs
  • FIX: Exception in lists module
  • FIX: WebApp Error Is a directory exception
  • FIX: Display more accurate message status info
  • FIX: Catch LXML Error: Document is empty in message preview
  • FIX: Only show quarantined flag if message not delivered
  • FIX: Remove preview and release buttons when message is deleted
  • FIX: IOError on deleted message preview
  • FIX: Ajax alert message box not being removed.
  • FIX: Correct SMTP error codes information
  • FIX: Exception when users attempt to release dangerous messages
  • FIX: Ensured API created domains belong to correct org
  • FIX: Restrict the domain creation scope to admin users
  • FIX: Release SQL connections on commandline apps
  • FIX: Generate initial indexes if missing
  • FIX: Incorrect certificate location

2.0.7

  • Implemented the baruwa-setup utility that automates the configuration of Baruwa Enterprise Edition systems including clustered setups.
  • Implemented Content Protection functionality within the interface. This allows admins to manage File name and Mime Type block policies from within the interface. The policies can be set globally and on a per domain basis.
  • Implemented MTA settings functionality within the interface. This allows admins to manage various MTA exemption lists from within the web interface.
  • Implemented functionality to support Email Address tagging. It is now possible to add addresses using a regex such as username-*@domain.com or username+*@domain.com. The supported delimiters are - and +. This closes issue #55
  • Implemented the theme licensing checks. Templates that do not follow the guidelines will not render.
  • Implemented the list to all domains option for domain admins, when used the listing will be functional at SMTP time just as it is with when created by a server admin.
  • Implemented SMTP Error information page. This provides a more in depth error message than provided at SMTP time. SMTP server will display links to this page for the detailed error message.
  • Implemented timezone awareness for Baruwa reports, reports now sent to the user at the configured time in their own timezone not the server timezone. By default reports are sent at 07H00, users in New York or Sydney will each get the report at 07H00 their own localtime.
  • Implemented the baruwa.send.reports.at to allow configuration of the hour at which reports are sent out.
  • Implemented CDB based lookup files for Exim to improve performance and to ensure mail processing continues when the DB is inaccessible.
  • Implemented Site signatures which allow you to add a site signature to all mail sent out through the server regardless of the status of user or domain signatures. Can be used to add scanned by xxx messages
  • Implemented outbound relay rate limit settings, you can use this to control the sending speed of clients to prevent DNSBL listing during spam outbreaks.
  • Implemented checks to prevent DOS and Memory exhaustion attacks via large datasets in the bulk operations module such as bayesian learn of 100 messages on a system with insufficient memory. Baruwa will now check if the memory is sufficient to perform the tasks before executing them, it polls to check if memory has been released and times out after 10 checks.
  • Implemented online local scores management, this allows admins to set local spam rule scores. The local scores override the default system scores.
  • Added the msgfiles database column to store the location of a message, this speeds up message operations as the location does not have to be dynamically looked up each time. Dynamic lookups are still available to ensure that messages logged in the old format are still accessible.
  • Added tooltips to icon based links to assist screen readers.
  • Improved the Backup DB table creation process, the creation will only be attempted if the table does not exist. For existing tables the schema is checked and upgraded if it should be.
  • Implemented progress bar for Messages bulk processing
  • FIX: Quarantined files were not being cleaned up.
  • FIX: celery restore_group is not supported by this backend is now fixed
  • FIX: Select all checkbox for domains and accounts search results pages
  • FIX: The change report options url in quarantine reports resulted in a 403 access denied error for non admin users.
  • FIX: XML formatted email messages were incorrectly handling, thus failed to display in preview.
  • FIX: Quarantine email logo was not displaying due to incorrect encoding of the attachment data.
  • FIX: AJAX generated dates used to show the browser timezone not the timezone configured by the user. This has been updated to ensure that the dates are generated in the users configured timezone.
  • FIX: prune-database was not honouring command line options
  • FIX: Added missing newlines at the end of files.
  • FIX: Virus checks ruleset generation task was duplicated.
  • FIX: Message totals were not being updated via AJAX.
  • FIX: It is now possible to download attached email .eml messages
  • FIX: Improved bulk message operations by updating code to use the new celery API with group and GroupResult
  • FIX: Ensure command line tools use the correct user and group id to ensure that files are created with the correct ownership.
  • FIX: It was not possible to delete multi select settings.
  • FIX: Incorrect defaults were being used in settings.
  • FIX: It was not possible to add multiple non SMTP-AUTH IP based relays
  • FIX: Branding not being done by the JS scripts
  • FIX: Encoding detection of mail records
  • FIX: DOM_RE regex incorrectly matched IP addrs
  • FIX: Incorrect rules being generated.

2.0.6

  • Added a REST based OAUTH authenticated API
  • Moved MailScanner rulesets to file based rulesets, SQL rulesets were not scaling well for very large installations.
  • Added support for After SMTP Anti-Virus Checks, This per domain setting allows AV checks to be ran after accepting the message to allow for actions to be applied such as delete,deliver, quarantine.
  • Implemented support for setting default language and setting the languages available for translation. This allows users to limit languages to only those they can support.
  • Added support for setting spam and high spam scores and actions on outbound relays. This setting only works on outbound relays that have an IP address specified.
  • Added support for Virus infected actions allowing for deliver, delete and quarantine of Virus infected messages.
  • Added cache control support
  • Implemented the cleanup of the AWL database table
  • FIX: Prevent normal users from previewing messages that are dangerous.
  • FIX: Support new domain names such as .system.
  • FIX: Improve email and domain name validation.
  • FIX: Improve the previewing of messages with lots of embedded CSS.
  • FIX: Possible XSS in Message Preview
  • FIX: Unicode decoding errors in Message Preview
  • FIX: Active Directory LDAP lookups failing when there are referrals
  • FIX: Incorrect MS SQL configuration options being loaded
  • FIX: Domain actions were not displayed in domain search results
  • FIX: Disable weekly, daily reports for users in cron as they are not supported
  • FIX: Fixed the Fanout router naming
  • FIX: Ensure indexer is installed for updatedelta
  • FIX: Bug #49 Confirmation text longer than field
  • FIX: Fixed issue with corrupt PDF reports
  • FIX: Destination server connection tests caused an exception instead of returning an error when the hostname can not be resolved.
  • Improved the documentation especially the manual configuration
  • Added the API documentation
  • Updated translations

2.0.5

  • Implemented distributed locking to enable only one cluster member to execute commands within the cluster.
  • Implemented standalone search index update script for use within clusters.
  • Fixed issues with LDAP attributes not being updated.
  • Fixed the prune database command
  • Added support for domain aliases in rulesets
  • Improvements to the caching system
  • Added support for the Esets and F-Secure AV engines
  • Improved the display formatting of DKIM keys
  • Added a description to relay settings
  • Prevent normal users from downloading prohibited or infected attachments
  • Various fixes and minor improvements
  • Point data feeds to datafeeds.baruwa.com
  • Updated documentation

2.0.4

  • Moved the sphinx configuration options to MailScanner.conf, Sphinx configuration options moved from the BS.pm module into the MailScanner.conf file to simplify updating the module.
  • Improved the ConfigSQL view with better ordering.
  • Implemented deletion of default settings from ConfigSQL, Make sure that options are deleted from the ConfigSQL database when updated to the default value. Previously the values were left in the database.
  • Implemented validation of MailScanner ConfigSQL options
  • Implemented online help for Scanner settings
  • Updated the forms to display online help
  • Updated CSS to display help popups

2.0.3

  • Fixed unicode encode error in spamassassin rules update command.
  • Implemented locking to update delta command to ensure only one instance runs.
  • Fixed quarantine clean command date format exception.
  • Replaced old commands with their new generation versions.
  • Fixed issue with fake charsets causing exceptions.
  • Prevented cron.d file from being overwritten during update.
  • Made improvements to authentication and authorization subsystems.
  • Fixed prune quarantine command issue where customized cleanup days options were not being honored for the messages and archive tables.
  • Fixed display of bayesian auto learn status, Bayes auto learn status was displayed incorrectly on the message detail page when bayes learning was disabled by the engine.
  • Fixed sphinx indexing cronjobs.
  • Fixed issue with incorrect attachments being downloaded when messages contain an embedded image.
  • Fixed Spam rules display, preventing the “required score” from displaying as a rule.
  • Fixed MailScanner config spamactions option which was not being picked up correctly.
  • Fixed delivery status information, which incorrectly displayed as quarantined messages that had been deleted.
  • Implemented Default theme support, which allows for global overriding of built-in appearance.
  • Fixed branding issue where the logo was not being replaced with the theme version. Closes issue #19
  • Implemented a configurable DKIM selector. Closes issue #17. A new option baruwa.dkim.selector introduced to allow configuration of the DKIM selector.
  • Fixed Error when adding address to approved/banned senders using an alias domain. Closes issue #20
  • Made default settings match supplied mailscanner configuration file. Closes issue #17.
  • Fixed Information Header Value not applying. Closes issue #13
  • Implemented the Blue lagoon theme as base template, this is built using responsive design which scales to display on all device sizes.
  • Updated the translations.
  • Updated the documentation.

2.0.2

  • Fixed taskid session checks, which caused an exception when the session attribute did not exist.
  • Fixed issue with headers which can not be decoded leading to exceptions
  • Fixed issue with empty values breaking quarantine messages due to attempt to concat strings with None values.
  • Added checks to prevent the creation of duplicate user accounts from external authentication mechanisms due to the case being different.
  • Fixed the deletion of relay settings, which was causing an exception.
  • Fixed accounts navigation issue, when paging using AJAX.
  • Added support for custom logos in PDF reports, fixes issue #14.
  • Fixed incorrect memory usage percentages in the status page.
  • Improve daily totals calculation, it now supports users timezone settings.
  • Fixed an exception with the Psutil backend which was not being caught.
  • Added organization filters to the quarantine and pdf reports commands.
  • Improvements to lost password handing, restrict requests to local users and fix the reset url.
  • Added a top spammers generation command which can be used to export data to external or internal blacklists.
  • Added a top clean senders generation command which can be used to export data to external or internal whitelists.
  • Improvements to display all dates and times in users own timezone.
  • Implemented JSON data exports to support JSON driven charts and graphs.
  • Improvements to the search functions error handling.
  • Improvements to the external authentication modules.
  • Improvements to the message preview functionality, now able to display both the text and HTML alternatives of an email. HTML messages formatted correctly using embedded CSS styles which are sanitized.
  • Added support for duplicate message id’s which are generated on high mail volume installations.
  • Various minor code cleanups and fixes.
  • Updates to the documentation.

2.0.1

  • Fixed domains information leak when logged in as domain admin. Domain admins were able to see domains belonging to other users in the drop down menu under edit or delete accounts.
  • Added support for theming and customization. Included are support for Interface, email, reports customization as well as productization with a custom name.
  • Added support for shared quarantines on shared storage which allows messages to be accessed even when the node that processed them is offline.
  • Implemented full cluster functionality for all components
  • Improvements to Active Directory / LDAP including support for address verification of alias domain accounts, import of aliases from LDAP servers that use the mail attribute such as OpenLDAP, fix case sensitivity issue with Active Directory servers.
  • Fixed MailScanner SQL config keyword issue.
  • Fixed duplicates of account listings when user belonged to more than one domain
  • Fixed various issues that caused quarantine reports not to be sent to some user accounts.
  • Fixed auto user logout when they delete their account.
  • Improve the predicate matching system for authorization of actions.
  • Fixed previewing of embedded images in emails.
  • Fixed the searching of archives when did not display the actual messages found.
  • Fixed signature processing on the nodes after configuration in the interface.
  • Added experimental PDF reporting command with theme support
  • Added experimental Quarantine reporting command with theme support
  • Fix to various cronjobs like the ones pruning database tables.
  • Disabled NJABL
  • Updated translations

2.0.0

  • Initial release