Users January 2019

users@lists.ciphermail.com

3 participants
4 discussions

CipherMail gateway community 4.3.0-1 release available

by Martijn Brinkers

Hi all, A new version of the CipherMail gateway community edition is available for download (version 4.3.0-1). Changes: * HTML/CSS refactored. Bootstrap HTML/CSS framework is now used for the web GUI. The web GUI is now responsive and scales on small mobile devices (iPhone, iPad etc.). Some menu items are now combined under one pulldown menu (S/MIME) and some menu items are moved. This was a major change because all GUI pages had to be updated. * MimeEncodeHeaderMethod freemarker method added which can be used to MIME encode a header to make it 7bit safe * General cleanup (copyright statements, expired test keys/certs updated, code cleanup etc.) * Reboot and shutdown are now done in background to prevent a browser error on fast systems (system that shutdown before the browser was able to get the result) * EncodedSubject template parameter added which contains the 7bit safe subject. * post-quarantine- processors renamed, There are now special processor's used for email released from quarantine and no longer shared between normal flow. * MariaDB JDBC driver is updated to 1.7.4. * Factory property files are now read from conf/djigzo.properties.d in sorted order. This can be used to add new factory properties or override existing properties. * A new TLS/SSL cert for the web GUI is now installed using a script. This requires that -Ddjigzo.home parameter is set for Tomcat. * Postfix long queue IDs are now enabled by default (main.cf) * The web server can now be restarted from the system page. * Download key page now supports downloading keys as PEM. * The Virtual Appliance no longer maximizes the back-end memory to 2GB (the 2GB max was due to 32 bits Linux not supporting more than 2GB for a JVM). * Stats added for DLP and failed encryption [PRO/ENT]. * Apache HTTPd is now used for the front-end for the Virtual Appliance. Restarting after a new TLS/SSL certificate is installed is now much faster and does not invalidate existing sessions. Another benefit is that Apache HTTPd provides a large number of configuration options (for example configuring which TLS ciphers are allowed) [PRO/ENT]. * The IP range used by O365 and GSuite can be automatically configured. This makes it easier to use the gateway as a secure gateway for O365 or GSuite [PRO/ENT]. * MTA Lookup tables can be configured from the GUI. This allows you to configure your own MTA maps (for example to configure a fine-grained per destination TLS policy) [PRO/ENT]. * GlobalSign Certificate Request handler added. Certificates can now be automatically requested from the GlobalSign Managed ePKI service [PRO/ENT]. * LDAP config refactored. The LDAP server URL and credentials should now be configured in ldap-context-source.xml [PRO/ENT]. * Milter classes refactored. "Change Sender" milter added [PRO/ENT]. When upgrading an existing installation, a (minor) additional configuration step is required if you want to allow uploading of the TLS/SSL certificate using the web GUI. See the upgrade guide for more information: https://www.ciphermail.com/documents/upgrade-guide.pdf Kind regards, Martijn Brinkers -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail

2 years, 8 months

CipherMail gateway community 4.3.0-0 release candidate available

by Martijn Brinkers

Hi, A new release candidate of the CipherMail gateway community edition is now available (version 4.3.0-0). Changes: * HTML/CSS refactored. Bootstrap HTML/CSS framework is now used for the web GUI. The web GUI is now responsive and scales on small mobile devices (iPhone, iPad etc.). Some menu items are now combined under one pulldown menu (S/MIME) and some menu items are moved. This was a major change because all GUI pages had to be updated. * MimeEncodeHeaderMethod freemarker method added which can be used to MIME encode a header to make it 7bit safe * General code cleanup * Reboot and shutdown are now done in background to prevent a browser error on fast systems (system that shutdown before the browser was able to get the result) * EncodedSubject template parameter added which contains the 7bit safe subject. * post-quarantine- processors renamed, There are now special processor's used for email released from quarantine and no longer shared between normal flow. * Stats added for DLP and failed encryption. * MariaDB JDBC driver is updated to 1.7.4. * Factory property files are now read from conf/djigzo.properties.d in sorted order. This can be used to add new factory properties or override existing properties. * A new TLS/SSL cert for the web GUI is now installed using a script. This requires that -Ddjigzo.home parameter is set for Tomcat. * Postfix long queue IDs are now enabled by default (main.cf) * The web server can now be restarted from the system page. * Download key page now supports downloading keys as PEM. The release candidate can be downloaded from https://www.ciphermail.com/beta.html When upgrading an existing installation, a (minor) additional configuration step is required if you want to allow uploading of the TLS/SSL certificate using the web GUI. See the upgrade guide for more information: https://www.ciphermail.com/documents/beta/upgrade-guide.pdf Kind regards, Martijn Brinkers -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail

2 years, 9 months

bouncing emal in ciphermail - Syntax error in sender address (in reply to MAIL FROM command))

by de Longpre, Dale

A message from in from the dol.gov servers through our external sendmail servers and is accepted fine and forwarded to our ciphermail box. It appears postfix doesn't like how the From is done so it then bounces the message. Jan 11 16:00:32 ciphermail postfix/smtp[16067]: A197BE0: to=<yadayada(a)yada.com>, relay=127.0.0.1[127.0.0.1]:10025, delay=0.34, delays=0.26/0/0.04/0.04, dsn=5.1.7, status=bounced (host 127.0.0.1[127.0.0.1] said: 501 5.1.7 Syntax error in sender address (in reply to MAIL FROM command)) Does anyone know of a way to tell postfix (I think that is the culpruit) to not be so strict? Or maybe to trust 127.0.0.1? I can't change what the government is sending and heck they are shutdown anyway1 ;-} I'm clueless about postfix, is it the same thing as "James"? Thanks all, Dale

2 years, 9 months

Database format

by m.erdmann＠utwente.nl

I've setup a new version 4.1.3.0 Virtual Appliance to replace our current appliance running version 3.1.1.1 I tried a backup and restore (which worked fine with previous similar upgrades) but none of the users/certs etc. were imported. Only 'system settings' were restored. In earlier messages in this list I read that the database used has been changed from Postgres to MariaDB, and that tools for conversion are available but: "We have tools to convert the database between versions but for now these are only available for customers with a support contract or who are using the Pro or Enterprise edition." I've set my hopes on the mention of 'for now' : any change the conversion tool will be available for customers without a support contract? Met vriendelijke groet / Regards, Michel Erdmann

2 years, 9 months

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

Users January 2019