BaruwaOS 6.10.2
New Features
Support Verification Only Delivery servers
Support has been added for delivery servers that are only used to validate the existance of recipient email addresses prior to accepting the message at SMTP-Time using SMTP callback.
The verification only delivery servers are not used to deliver mail but only for checking the existance of email addresses.
Support for verification only delivery servers was necessitated by the changes to Exchange server versions >= 2013 where invalid recipients are no longer rejected at the RCPT stage of the SMTP conversation.
Support SMTP Callback Address verification on newer Exchange versions
With Microsoft Exchange server versions >= 2013, Microsoft have altered the behavior of the Exchange FrontEnd Transport service so that it no longer rejects invalid recipients after they are specified. The rejection only happens after the DATA command. This prevents the validation of recipients on Baruwa using SMTP callback.
The Default HubTransport connector which is still SMTP compliant, and rejects invalid recipients after they are specified using the RCPT TO command. By default the Default HubTransport connector is accessed on port 2525.
For SMTP Callback Address verification in Baruwa to work you need to configure the Default HubTransport connector for your exchange server and then add a verification only destination server for the domain pointing to your Default HubTransport connector.
Improved SMTP-Time support for Approved list entries
Previously only entries listed to any/all were allowed to by pass SMTP-Time checks such as DNSBL, SPF, DKIM.
With this release all listed entries can now by pass these SMTP-Time checks.
This allows for more fine grained approved listings such as email to email or email to domain.
Bounce email address entries are now supported at SMTP-Time as well.
Macro reporting
A macros report filter has been added to the reporting function to allow for reports to be generated on emails with attachments that contain macros.
Scanner Macro checking rules
A plugin has been added to identify messages that have attachments that contain macros. This is an additional layer of security to the Anti-Virus based check for attachments with macros.
The following rules will be matched.
| Rule name | Rule description | Rule score | 
| BARUWA_OLEMACRO | Attachment has an Office Macro | 3.0 | 
| BARUWA_OLEMACRO_MALICE | Potentially malicious Office Macro | 10.0 | 
| BARUWA_OLEMACRO_ENCRYPTED | Has an Office doc that is encrypted | 10.0 | 
| BARUWA_OLEMACRO_RENAME | Has an Office doc that has been renamed | 5.0 | 
| BARUWA_OLEMACRO_ZIP_PW | Has an Office doc that is password protected in a zip | 10.0 | 
You can increase your local scores based on your requirements to block messages that match these rules.
Name Spoofing checking rules
A plugin has been added to identify messages that have a spoofed from: name. Spoofing of the from name part is increasingly common. It is used to trick users into believing the sender is someone within their own domain.
The following rules will be matched.
| Rule name | Rule description | Rule score | 
| BARUWA_FROMNAME_EMAIL | From: name contains an email address | 0.5 | 
| BARUWA_FROMNAME_DIFFERENT | From: name differs from From: address | 2.0 | 
| BARUWA_FROMNAME_OWNERS_DIFFER | From: name owner differs from From: address | 2.0 | 
| BARUWA_FROMNAME_DOMAIN_DIFFER | From: name domain differs from From: address | 2.0 | 
| BARUWA_FROMNAME_SPOOF | From: name is spoofed | 3.0 | 
| BARUWA_FROMNAME_EQUALS_TO | From: name same as To: address | 2.0 | 
You can increase your local scores based on your requirements to block messages that match these rules.
Depreciations
Scanner Spam Lists
The use of Scanner Spam Lists (Settings > MailScanner Settings > Spam Checks >
Spam List) which was depreciated in BaruwaOS 6.8.1 has been removed.
Scanner Spam Domain Lists
The use of Scanner Spam Domain Lists (Settings > MailScanner Settings > Spam Checks >
Spam Domain List) which was depreciated in BaruwaOS 6.8.1 has been removed.
Sought Spam Rules removed
The sought spam check rules update channel has been disabled as the rules are no longer maintained.
Known Issues
TypeError: an integer is required
Ensure you have the latest baruwa-setup tool by running the following command:
yum install baruwa-setup -y
You can then ran baruwa-setup again.
Template changes
If you are using a custom template and do not update your templates you may ran into issues, ensure that you update your templates on upgrade.