MDaemon Server v12.5.X Release Notes

MDaemon 12.5.4 - March 6, 2012

CHANGES AND NEW FEATURES

FIXES

MDaemon 12.5.3 - January 17, 2012

CHANGES

FIXES

MDaemon 12.5.2 - December 1, 2011

CHANGES AND NEW FEATURES

FIXES

MDaemon 12.5.1 - November 9, 2011

CHANGES AND NEW FEATURES

FIXES

MDaemon 12.5.0 - October 18, 2011

SPECIAL CONSIDERATIONS

  1. [6697] ActiveSync for MDaemon license key is now subject to product activation. Trial keys must be activated within 5 days and production keys within 30 days. Click here for more information on product activation.
  2. [7084] Incorporation of MDS-CS has required that your "BlackBerry Enterprise Server logging" value found at Alt+B | Options be reset to a default value of "Informational". If this is not what you want you can easily change it there.
  3. [7210] The Domain Sharing option "Incoming Minger lookups trigger Domain Sharing processing" has been removed.  If you have multiple servers using Domain Sharing be sure to configure each node to use all the other nodes for Domain Sharing (if appropriate for your setup) and this option should not be needed.
  4. [7003] The Ctrl+U | Quotas option "Over quota accounts can accept mail but not send mail" has been removed and replaced with two separate options "Refuse incoming messages sent to over quota accounts" (enabled by default) and "Refuse outgoing messages sent from over quota accounts" (disabled by default).  These new defaults may not replicate previously configured behavior so check and change as needed.

MAJOR NEW FEATURES

[7784] ACTIVESYNC FOR MDAEMON NOW SYNCS EMAIL + PIM DATA

ActiveSync for MDaemon has been improved and is now capable of sync'ing email as well as PIM data. For information on configuring your specific ActiveSync device see the documentation that accompanied your device. Some information on basic configuration is available from the Alt-N web site for Windows Mobile, iOS, and Android devices.

ActiveSync for MDaemon is a separately licensed product available from Alt-N Technologies. ActiveSync for MDaemon will not work beyond a one-time 30-day evaluation period unless a license is purchased.

[7494] TABLET SUPPORT AND OTHER WORLDCLIENT IMPROVEMENTS

WorldClient's flagship theme, LookOut, has undergone major architectural and design changes to accomodate tablet devices such as the PlayBook and the iPad.  Users should not have to change any settings to take advantage of these changes.  Specific items of interest:

  1. Single finger scrolling
  2. Dragging and dropping between folders with one finger; use two fingers to copy to the destination folder
  3. No popup windows for message composition, item entry and item editing to help maintain context
  4. Inline message preview to help preserve the flow of the mail folder and maximize screen real estate

Other WorldClient improvements:

  1. Various HTML5 & CSS3 features have been used to improve performance and loading time (Lookout theme).  The Compose view now uses app-caching to help load up the HTML editor more quickly (particularly over SSL connections) on browsers such as the PlayBook, Chrome and Firefox that support the manifest HTML attribute.
  2. [5349] WorldClient now supports some of the dynamic screening settings. By default, 5 authentication failures will cause an IP to be banned for 30 minutes. New settings for this can be found at Ctrl+S | Dynamic Screening. DYNAMICSCREEN.SEM in the \MDaemon\WorldClient directory will reload any manual changes.
  3. [7115] If ActiveSync is enabled for any domain and WorldClient is configured to use the internal web server then WorldClient will automatically run on port 80 in addition to whatever other ports might be configured if it's not already running on port 80 or 443. ActiveSync requires port 80 or 443. If you are running WorldClient via IIS or if you have configured specific IP:Port binding combinations via the MDaemon UI then this does not apply and you must manually configure those items to include port 80 or 443.
  4. [7790] WorldClient's LookOut theme now lets you add an email contact to your whitelist or blacklist (when users have access to these features) through a drop down menu when they hover over the email address in the message preview
  5. [3692] Advanced message searching has now been enhanced with a number of other new search parameters to help make finding messages easier
  6. ComAgent chatting has been moved to a side panel instead of being in a 'floating' tab that may cover other parts of the interface (Lookout theme).
  7. Calendars can now be viewed together to help see schedules for multiple users (Lookout theme).
  8. Autoresponder settings moved to own options view to help make management easier.
  9. [4600] WorldClient's LookOut theme now auto-saves draft messages every minute.
  10. [2461] WorldClient can decode malformed =?ISO-8859-1? style header lines.
  11. [4723] WorldClient will not include Outlook winmail.dat attachments when forwarding a message.
  12. [6177] Added "Mobile Phone 2" field to WorldClient.
  13. [5949] When importing calendar .csv file in WorldClient, if no end date/time is specified assume the event is one day long.
  14. [5443] Exposed BlackBerry PIN field in WorldClient for Contacts.

[7578] SPAM FILTER UPDATED TO INCLUDE SPAMASSASSIN 3.3.2

MDaemon's spam filter has been updated and now includes SpamAssassin 3.3.2.  A summary of changes and other documentation on SpamAssassin can be found here.

[7543] The Spam Filter update UI option "Run SA-UPDATE as part of update process" has been removed.  This will now always take place.  In fact, this is now the only way of doing the update.  The old and out-dated Alt-N method based on UpdateSpamAssassin.exe has been removed and that file has been deleted.  We now rely on sa-update to perform all necessary SpamAssassin updates.  Also, the 80_MDaemon_updates.cf file is no longer used and has been deleted.

[7631] Also, changed installer to no longer delete existing .cf rule content. The rule updating process will manage .cf files.

[5331] Also, the SMTP session log will now include a line indicating if spam filter processing was skipped due to message being too large.

[7084] BLACKBERRY MOBILE DATA SYSTEM - CONNECTION SERVICE (MDS-CS)

MDaemon's BES now includes MDS-CS. MDS-CS permits behind-the-firewall access to files and web applications from BlackBerry devices. This will (for example) allow you to access your private Intranet without a VPN connection. Click here for details about MDS-CS but please note that Alt-N does not necessarily support all the features and capabilities of MDS-CS that you may find there.

MDS-CS can be individually disabled while leaving other BES services running. This can be done from a new Alt+B | MDS-CS screen. You will also find settings there to set the default web port (MDS-CS is a web driven service) and a domain value which will appear on the BlackBerry device anytime the device prompts for authentication related to MDS-CS activities. This defaults to COMPANY.COM so you likely will want to change it.

[8076] IMPROVED BLACKBERRY SERVICE INTEGRATION

MDaemon's BlackBerry related service integration has been improved/changed as follows.

[7758] BES users can now configure their MDaemon autoresponder using the "Out of Office Reply" settings on the handheld.

[7405] Added Mobile Details tab to the Account Editor which lists BlackBerry and ActiveSync device details.

[6321] Added BES button to Account Manager which will allow you to BES enable selected accounts.  Note that each BES enabled account consumes server resources so only select and BES enable accounts which intend to activate a BlackBerry device.

[6749] MDaemon will update BES database with current computer name on startup.

[7264] A BES cleanup thread will run at midnight which will defrag BES database indexes.

[7263] A BES cleanup thread will run at midnight which will remove old history rows from the BES database.

[5557] Added SMTP server port option to BIS domain configuration UI.  This should not normally need special configuration but it is possible to point BIS to other SMTP servers so the ability to specify a port value is useful in those cases.

[7838] The BES Agent now automatically reloads users after their email address, full name, or mail directory has changed in MDaemon. A restart of the BlackBerry Controller service is no longer needed.

[6695] A line is added to the BES log when a slow sync is started and finished for a BES user

[6804] Exposed additional BlackBerry Enterprise Server features to end user in WorldClient. The PIN, model number, platform version, and phone number of the user's activated device is displayed. The user may reset the device's password, resend service books to the device, change the service name, or wipe their device. This feature is enabled by default, however may be disabled via a new option added to the Web Services section of the Account Manager.

[6182] When a BlackBerry device is subscribed to an MDaemon account using BIS (not BES) the option "Allow multiple BlackBerry device integrations" found at Alt+B | BlackBerry Internet Service | Options will control what happens to previous subscribed BlackBerry devices.  If there are any, they will be removed from MDaemon's configuration and no further event notifications will be pushed to those devices.  However, the fully proper way to unsubscribe a device is to delete the email account from the device itself.  Still, the system will self police much better now.

[2222] HTML DOMAIN SIGNATURES

A new screen at "F2 | Default Domain / Servers" will allow you to configure an HTML version of your domain signature. You must compose your HTML using your editor of choice, then cut-and-paste the HTML into this screen. If present, MDaemon will afix the HTML version of your domain signature into any "text/html" message part found within outbound email. See the users manual for more details on how this feature works.

[5338] GLOBAL RECIPIENT (RCPT) BLACKLIST

The "Address Blacklist" feature has been renamed "Sender Blacklist" and a new "Recipient Blacklist" feature has been added.  The new "Recipient Blacklist" operates on SMTP envelope RCPT data only (not message headers).  You can configure it at Ctrl+S | Recipient Blacklist.  Also, the Blacklist.dat file has been renamed SenderBlacklist.dat and a new RecipientBlacklist.dat file has been created.  BLACKLIST.SEM now reloads both files into memory.

[6390] PERSONAL SENDER (MAIL) BLACKLIST

Each account now has a personal "BlackList" contact folder. Incoming messages from any SMTP mail sender listed in the BlackList will be rejected with "550 recipient unknown." Messages that make it past SMTP and into the local queue but have a blacklisted address in the FROM or SENDER header will be moved to the bad message folder. The BlackList folder is automatically created the next time a message is received for the account. Users can manage their account's BlackList folder via WorldClient just as with the WhiteList folder.

[7834] Added option to "Ctrl+P | White List (automatic)" to permit forwarding of messages to "BlackList@<domain>" which will automatically add the email address taken from the forwarded message's FROM header to an account's personal blacklist.  Future messages from that email address to the account which blacklisted it will be refused.  To use this feature, the option mentioned above must be enabled and the user must forward a message (as an attachment of type message/rfc822) to "BlackList@<domain>."  Each MDaemon account already has a "Spam Filter uses personal contacts, white list and black list files" checkbox on the "Account Editor | Options" screen which must also be enabled for this feature to be used.

[6958] OUTBOUND MESSAGE SENDING QUOTAS

New quota options are available in the new account defaults and account editor which let you set a limit to the number of messages an account can send via SMTP per day.  The counter automatically resets back to zero for all accounts at midnight each night.  Note that it's possible to exceed this limit slightly if messages come in faster than the cache can keep up, but it won't be much over the limit (if at all).

[7275] INBOUND MESSAGE SIZE RESTRICTIONS

Maximum acceptable message size limits can now be configured on a per-domain basis using new controls in F2 | Servers and Alt+F2 | Extra Domains. There is also a new control to set a global SMTP message size limit in F2 | Servers which will be applied to all domains. By default, size limits are applied to everyone however you can exempt size checks for authenticated sessions with a new switch in Ctrl+O | Miscellaneous.

[7310] IMPROVED USE OF DNS

MDaemon will now use all DNS servers found within Windows if configured to use Windows DNS servers (not just the first two that are discovered).  This required several internal changes including doing away with the old "max retry attempts" option for DNS lookups.   MDaemon will now try each DNS server once per lookup operation and in sequence until it exhausts the complete list of DNS servers or finds the first one that works.  Immediate retries of DNS servers that just failed one second earlier are not productive.  Also, on startup, the System log will display each DNS server and an indication of where it came from (manually configured or taken from Windows).  Also, the UI controls for primary DNS server and secondary DNS server have been  removed.  Now there is just a single edit box that lets you manually configure as many DNS servers as you want.  Finally, the options to use Windows DNS servers or manually configured DNS servers are no longer mutually exclusive.  If you configure both, MDaemon will use both.

[6244] Also, to meet RFC requirements, MDaemon will (when possible) randomly pick from amongst several A records when determining where to send mail.

[7453] Also, MDaemon will treat blank (NULL) MX values as if no MX was provided at all (because it wasn't).

[7410] Also, removed the following DNS related options from F2 | DNS in UI and from the server code: 1. "Lookup MX records when delivering mail" (no longer a need for this option) 2. "Use IP addresses returned with MX record lookup result" (these will be used if they are found).  Also, removed the GUI'less option [Domain] "UseMultiHomedMXARecords" as MDaemon should just always do these things.

[7256] Also, added option to Ctrl+S | Reverse Lookups which will allow you to refuse MAIL domains which do not have MX records.  This is disabled by default and should be used with caution as domains do not need MX records in order to exist, be valid, or send/receive mail.

[7033] CONFIGURATION SESSION IMPROVEMENTS

The "Configuration Session" UI has been improved in several ways. For example, the right-click menu now works properly and allows you to disconnect an active session and you can double-click or view "Properties" of one or more active sessions which displays the session log. You can also submit the connecting IP address to the IP and/or Dynamic Screen features.

[7031] Also, configuration session "Sessions" window will update individual line items more efficiently now and [7032] handle a much larger amount of session data.

[6919] Configuration session can also change the primary domain name now.

[6864] Finally, changes made to IP Screen, Host Screen, and Address BlackList via WebAdmin will now be picked up by configuration sessions.

[7388] IMPROVED IP SHIELD PROTECTION

The IP Shield has changed.  It is now enabled by default for new installations and supports the $LOCALDOMAIN$ macro which expands to cover all local domains (including gateways).  If you use this macro it is no longer necessary to keep the IP Shield up to date when local domains or gateways change.  Existing installs will not have their existing IP Shield values altered in any way.  However, a new "Default" button is in the IP Shield editor UI which will convert existing IP Shield values over to the new $LOCALDOMAIN$ system if desired.  Finally, by default (or if you hit the "Default" button in the UI) entries are added to the IP Shield associating all reserved IP address ranges with $LOCALDOMAIN$.

[7400] Also, when the IP Shield option "Don't apply IP Shield to authenticated sessions" is enabled the message returned to the SMTP client upon an access refusal will be "Authentication required" in order to give them a clue on how to fix the issue: by enabling Authentication in their mail client.

[7389] In addition, the IP Shield now has a master on/off switch.  It defaults to on and that's fine even when there are not yet any configured domain/IP pairs.

[5192] Also, the IP Shield has a new option "Check FROM header address against IP Shield" (disabled by default).  If you enable this then the IP Shield will compare the address taken from the message's FROM header in addition to that taken from SMTP MAIL value.  Note that this option can lead to problems with incoming list messages (for starters).  This option should not be enabled unless you are sure you need it. 

[7988] Also, added option to IP Shield to exempt Trusted IPs from the IP Shield.  This option is enabled by default.

[7391] Finally, the IPShield.dat file is now cached in memory to increase access speed. Create an IPSHIELD.SEM to reload the file into memory.

CHANGES AND NEW FEATURES

FIXES

MDaemon is a registered trademark of Alt-N Technologies, Ltd.
Copyright ©1996-2012 Alt-N Technologies, Ltd.