I had the problem that the only good way to check for valid e-mail
addresses at my firewall, which also does SPAM prevention and virus
scanning etc., is to use SMPT verify. Before I've setup Ciphermail my
internal mail server was the relay and handled this. With Ciphermail as
a relay between the firewall and my mail server hist was no longer
possible. As I found no solution on the web I decided to build my own:
With this SMTP verify works again. If you know other, better solutions,
please let me know. If you try this and find a bug drop me a note. This
is quick&dirty cut&paste code ... but it works.
MHC SoftWare GmbH
HR Coburg: B2242
Geschäftsführer: Matthias Henze
A new release candidate of the CipherMail gateway community edition is
now available (version 3.0.3-0).
* Support for MySQL/MariaDB and Oracle Database added.
* JDB connection tester tool added. This can be used to test a
connection to an external database (Postgres,
MySQL/MariaDB and Oracle Database).
* Log export functionality added to the virtual appliance (previously
this was a CipherMail Enterprise only feature).
* Because support for MySQL/MariaDB and Oracle Database was added, there
is now a separate package for Postgres. The
main back-end package no longer requires Postgres. The separate
postgres package can be used to auto configure a local postgres
* Mail generated by the web GUI ("Compose a test email" tool and "PDF
reply" page) is now sent to a special local port
on port 10027. This makes it possible to change settings on the
default smtpd port (25) without interfering with email sent from the
GUI. This requires an additional service setting for port 10027 in
* Java wrapper updated to 3.5.28
This fixes the following Java wrapper bugs: multi byte char logging
sometimes resulted in ? in the log files, memory leak on
* Libraries updated.
* Java 8 is now supported. Note: because of bug#
https://bugs.centos.org/view.php?id=9482, OpenJDK 8 on RedHat/CentOS
currently cannot be used because EC ciphers are not supported for
* Certificate request page now supports more request parameters
(country, locality, state, OU).
* Fix for bug GATEWAY-91. Djigzo should trim off whitespace in the
beginning and/or end of any PGP header lines. Note that this is not
enabled by default because this is not RFC compliant. A system
property must be set to enable this.
* Fix for bug GATEWAY-92. PDF encryption failed on non-standard Unicode
characters (Webdings font).
* Fix for bug GATEWAY-96. PGP keyring importer does not report import
failure if password is incorrect.
* Fix for bug GATEWAY-97. PGP/MIME signing a message with an invalid
content-transfer-encoding results in a message in the error queue.
* The database connection string is now stored in a separate xml
fragment (hibernate.connection.xml). This makes upgrading easier
because upgrading the hibernate configuration file no longer results
in overwriting the database connection string.
* The Web portal is now responsive (i.e., scales on smaller devices).
* Ciphermail.backup.enabled system property added which can be used to
disable backup option from the web GUI.
* Default Tomcat server.xml now only supports strong SSL/TLS ciphers
(ssllabs gives GUI an A rating).
The release candidate can be downloaded from
When upgrading an existing installation, a number of (minor) additional
configuration steps are required. See the upgrade guide for more
This release has been extensively tested. If there are no major issues
found this week, it will be officially released.
CipherMail email encryption
Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.
we are on the way from Djigzo 2.10.0-3 to 3.0.5 mostly to keep up with
releases. The upgrade guide list a additional injection port 10027
needed for this release an i wonder why it is needed. Should mail
injected there be passed through the djigzo gateway (again)? If yes,
why not use the already used 10025 Djigzo input?
We have an AV Scanner listening at 10027 in our stack and i wonder
which part of the setup to change...
Furthermore we have not found the additonal PostgreSQL package
djigzo-postgres_3.0.5-0_all.deb mentioned in the Guide. Is it needed
or is it just a configuration package?
I`m using a ciphermail on a CentOS 6 fully patched and it worked fine for quite a while, but after an update to java-1.6.0-openjdk-22.214.171.124-126.96.36.199.el6_7.x86_64 today, I found this in the /var/log/djigzo.log:
...ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
JVM process is gone.
JVM exited while loading the application.
Launching a JVM...
JVM received a signal UNKNOWN (6).
java version "1.6.0_39"
OpenJDK Runtime Environment (IcedTea6 1.13.11) (rhel-188.8.131.52.el6_7-x86_64)
OpenJDK 64-Bit Server VM (build 23.25-b01, mixed mode)
*** glibc detected *** /usr/lib/jvm/java-1.6.0-openjdk-184.108.40.206.x86_64/jre/bin/java: double free or corruption (!prev): 0x0000000001e5ac
======= Backtrace: =========
There were 10 failed launches in a row, each lasting less than 300 seconds. Giving up.
There may be a configuration problem: please check the logs.
<-- Wrapper Stopped
On the Weblogin-page I got the message about a not fully started background problem.
Any suggestions are welcome