Tuesday, October 24, 2017, 11:52
This is a maintenance roll-up release.
Rollout is scheduled to begin Oct 24, 2017 after hours, continuing until the morning of Oct 26th.
- Update mime parsing code to check for attempts to abuse mime encoding mechanisms.
- Implementation of a backscatter defense module.
- Reworked data flow to identify backscatter as early as possible and minimize resource usage.
- Implemented lookups to backscatter.org.
- Implemented a rolling database to track compromised servers sending backscatter.
- Extended and improved library functions.
- Created wikipedia link type for future documentation activities.
- Reformatted the PerfectMail RSS feed.
- Reworked the PM website change log. Broke out release notes into separate pages. Reworked change log entries to act as stand alone web pages that can be easily be embedded into social media streams such as twitter and facebook.
- Added a "notification on news" notification flag on the user admin page to allow us to send messages to interested users.
- Updated the notification on upgrade mechanism to provide a link to the changelog so admins can know what changes were made to their servers.
- Implement alternate mail delivery ports. We can now deliver mail via ports 25 (SMTP), 587 (MSA), 2525 (SMTP2525), 2526 (SMTP2526).
- Extend selectable alternative mail ports to all custom mailing infrastructure functions and scripts involved with server maintenance, server validation, notifications and upgrades.
- Added functionality to age/reset the backscatter database.
- Code improvements to statistic reporting.
- Code improvements to database management scripts.
- Code improvements to activity reports.
- Code improvements to smtp probe functions.
- Code improvements to logging functions; also reworked logging through most of the code.
- Bug: Fixed a bug in the back-office server address lookup functionality. Found a situation where legitimate addresses were not being discovered on inbound, verifiable mail.
- Bug: Fixed a bug in the Self Service Console where a users console access could inadvertently be disabled.
- Bug: Fixed a bug where PM internal messaging could be blocked by the local filters.
- Added a test to block postmaster message from server that spoof OUR local hostname as the sending address for THEIR postmaster messages. Spoofing is simply not acceptable.
- Created a new FromNameSpoof test, where spammer stuffs a different sender address into the name portion of the From header.
- Implemented mime-attachment validation for common mime types that are being used to deliver spam. Of note is the 7z archive format, which is very popular at the moment.
-- Development Team