mobile version

Release notes CipherMail Email Encryption Gateway

See upgrade guidePDF file for help on upgrading.

2.10.0-3 (2015-03-30)

Improvements/Changes

  • HTML parts are now scanned for PGP content (GATEWAY-88)
  • PGP desktop/universal (now Symantec) proprietary partitioned encoding format is now fully supported for incoming email. Email encrypted with PGP desktop/universal with the partitioned encoding format is now "repaired" to a proper MIME message.
  • RedHat/CentOS 7 is now supported.
  • Ignore content-transfer-encoding of multipart messages.
  • S/MIME handler now adds X-Djigzo-Info-Signer-Email-* headers with the email address of the signer certificate.
  • Tomcat server.xml config configured to only use strong ciphers. This implies that Windows XP users with IE can no longer connect since IE on Windows XP does not support strong ciphers.
  • Virtual appliance: There is no longer a separate version for VMware ESX and workstation. The VMware virtual appliance now supports ESX 4 and up and VMware workstation. Because the virtual appliance now requires VM version 7, ESXi 3 is no longer supported.

2.9.0-0 (2014-09-24)

new

  • Global Skip calendar messages property added which will skip encryption and signing if the message is a meeting request (Outlook cannot handle encrypted or signed meeting requests).
  • PGP sign only is now supported. "Only sign when encrypt" now also works for PGP messages. S/MIME signing is tried before PGP signing, i.e., if a sender has a valid S/MIME signing key, the message will be S/MIME signed. If the sender does not have a valid S/MIME signing key but has a valid PGP signing key, the message will be PGP signed. Signing of PDF encrypted email now also supports PGP signing if a valid PGP signing key is available.
  • Allow administrator to disable auto decryption. The PGP handler can now be configured to not decrypt incoming email. Disabling PGP decryption requires a change to config.xml (GATEWAY-81)

Improvements/Changes

  • PGP universal gateway uses non standard encoding for PGP/MIME. The header x-pgp-encoding-format is now used to detect PGP/MIME encoding for messages generated by PGP Universal (GATEWAY-83)
  • PDF password only supports ASCII characters. Encrypted properties are now UTF8 encoded instead of ASCII encoded (GATEWAY-82)
  • Default Signature algorithm for newly generated certificates is now SHA256 (was SHA1).
  • BlackBerry add-in handling is not longer enabled by default. The add-in is only for for BB OS 7 and lower using BIS. BB 10 does not use BIS so for BB 10 the add-in is not required.
  • PGP signatures are now created as a text signature and not as a binary signature. This is a workaround for an Enigmail bug in Enigmail 1.7 (Enigmail bug 329)
  • PGP/MIME encrypted messages now use inline as default disposition. This is similar to how Enigmail sets the disposition and allows Mailvelope to open PGP/MIME encrypted email.
  • BouncyCastle jar updated to 1.51
  • Spring jars updated to 3.2.9
  • Web GUI: Spring security jars updated to 3.2.5
  • Web GUI: Incorrect logins are now cached for 5 min (was 1 min).
  • Web GUI: Mobile settings link disabled by default since the BB add-in is no longer enabled by default.
  • Web GUI: Minor changes to settings page. Some settings were moved to additional settings and vice versa. Some settings were grouped differently.

Bug fix

  • Startup fails if the Linux free command is localized (for example German language). A fallback to /proc/meminfo is added if free does not return the required info (GATEWAY-80)
  • PGP/MIME signatures were invalid if a multipart message contained extra newlines at the end of the message. Zimbra mail client added additional empty lines at the end of a multipart message. The additional empty lines are now removed before signing.
  • Virtual Appliance: The NTP settings cannot be changed. Ubuntu 14.04 uses a different name for ntp server settings (GATEWAY-79)

2.8.6-3 (2014-07-27)

Bug fix

  • Fix for GATEWAY-78. Gateway could no longer start due to an incompatible change in a recent update of OpenJDK (more info).

2.8.6-2 (2014-06-19)

new

  • OpenPGP support.
  • RPM for SUSE added (initial release, only tested on last release of OpenSUSE).
  • A PDF reply now sets the In-Reply-To header. Conversation threading is now supported, i.e., the email client can now
  • group the original message and the reply.
  • A comment field has been added to the user, domain and global properties.

Improvements/Changes

  • The gateway product has been renamed to CipherMail (the company that owns CipherMail is still called DJIGZO).
  • SOAP port changed from 9000 to 9009 to prevent a port conflict with nCipher netHSM.
  • Default Max. message size for SMIME and PDF is not set to 50MB
  • PDF encrypted email uses the same Message-Id as the original message.
  • MPA logging was improved. More information is provided as to why messages are handled in a certain way.
  • Lots of internal changes to allow new functionality to be dynamically added as plugins.
  • Web GUI: Timeout of Web GUI changed to 15 min and timeout of portal to 30 min.
  • Web GUI: S/MIME certificate selection links are moved to a pulldown menu.
  • Web GUI: Certificates filter now can filter on "expired only".
  • Web GUI: German language files for the portal have been updated.
  • Web GUI: The encrypt mode option "Force" has been renamed to "Allow (sender or recipient)".
  • Virtual Appliance: the virtual appliance is upgraded from 32 bit Ubuntu 12.04 to 64 bit Ubuntu 14.04.
  • Virtual Appliance: the default username/password for the appliance is changed to username: sa, password: sa
  • Virtual Appliance: fail2ban is installed to prevent brute force SSH logins.

Bug fix

  • Recent version of OpenJDK register additional DataHandler's which can conflict with the way the back-end handles certain attachments. The additional DataHandler's are now ignored.
  • The fallback charset providers were accidentally disabled. They are now enabled again.

2.5.0-4 (2013-05-07)

Improvements/Changes

  • a page has been added on which a MIME encoded email can be uploaded for text extraction. This allows the admin to see which text the DLP scanner uses for pattern matching.
  • PDF option Send CC to replier added. If set, a CC of the PDF reply will be sent to the replying user.
  • S/MIME option Skip import of untrusted certificates added. By default all certificates from a signed email will be imported even if untrusted. By enabling Skip import of untrusted certificates, only trusted certificates are imported.
  • Signing subject trigger option added. This can be used to force signing of email if the subject contains a user defined keyword (keyword can be removed if configured).
  • Password strength check/estimate is added to the portal password selection/change pages. The minimum required password strength can be set by the administrator. By default you are not allowed to use your email address as your password or base your password on your username or use a qwerty sequence of more than 5 characters.
  • System page added on which the server can be restarted/rebooted and Postfix stopped/started.
  • Three custom properties and templates added. These properties and templates can be used if the mail flow (config.xml) is modified by the admin and the changes require some user configurable options.
  • A page has been added with which an email can be sent. This is helpful for testing purposes.
  • French language support added to portal
  • WEB GUI is automatically logged off after 5 min. of inactivity.
  • The HTML text extractor for the DLP scanner now by default skips HTML comments. This makes it less likely to have false positives for certain patterns (for example SSN pattern)
  • The HTML text extractor for the DLP scanner now by default only scans the HTML body. This makes it less likely to have false positives for certain patterns (for example SSN pattern)
  • The HTML text extractor now also scans application/xhtml+xml attachments.
  • "Dynamic" memory allocation is now enabled by default for the DEB and RPM packages. The DJIGZO back-end now by default uses a heap size of 0.6 * available memory.
  • The back-end SMTP server no longer adds a received header. This makes it easier to remove internal IP addresses from the received headers using Postfix header checks.
  • Backup's are now gzip'd.
  • Changing the Web GUI IP filter no longer requires a restart of the web server. The IP filter settings are read from /etc/djigzo/ip-filter.properties.
  • Max inline body of PDF is now by default 256K. If the text is larger that max, the text will be added as a text attachment.
  • Back-end logs now rotate at 10MB (was 5MB)
  • The SMS option "Phone number allowed" is no longer enabled by default. Note: This is a non-backward compatible change since the default value changed. To revert back to the old behavior, enable the global "Phone number allowed" option.
  • sudo usage has been simplified. Scripts will now be executed from scripts.d.
  • Some jars updated to newer releases
  • Support for right to left (RTL) text added to the PDF encryption module.
  • Support for multiple SMS transports added.
  • The DLP scanner now also extracts the meta content of MIME parts. This can for example be used to block or quarantine certain attachment types. The attachment type is detected from the content of the attachment and not from the filename.
  • Comodo classes have been removed for now since the Comodo EPKI nog longer allowed certificates to be automatically requested (the Comodo module will probably be added in later versions)
  • Changing the automatic backup cron expression no longer requires a restart. The backup job will be rescheduled.
  • The signature algorithm identifier of a signed email changed between RFC 3851 and RFC 5751. RFC 5751 uses for example sha-1 whereas RFC 3851 uses sha1. The gateway by default follows RFC 5751. Some anti-spam gateways however cannot handle the new RFC 5751 syntax. The SMIMESign mailet can be configured to revert back to RFC 3851.
  • URL detection for the PDF module has been improved.
  • The reply link in the PDF is now a clickable image.
  • OpenJDK 7 is now supported.
  • WEB GUI look and feel updated. Moved some functionality to different pages (for example SMS queue is not part of the Queues page). Most menu items can be dynamically extended to support add-ins.
  • JCE policy manager page removed since this is not longer required with OpenJDK.
  • Most pages now close after applying the settings instead of showing "settings applied".
  • The WEB GUI now checks whether regular expressions are valid.
  • Virtual Appliance: The Virtual Appliance now runs on Ubuntu 12.04 LTS.
  • Virtual Appliance: Backup/restore is now possible from the console application.
  • Virtual Appliance: Remote samba share can be mounted.
  • Virtual Appliance: Network setup should now be done with the WEB GUI. Only the initial IP address can be setup with the console application.

Bug fix

  • The HTML text extractor for the DLP scanner sometimes removed white space characters which resulted in merged words.
  • Some internal James log files were not correctly log rotated.
  • On Chrome, if an attachment was removed from the PDF reply page, the frame was not resized.

2.4.0-3 (2012-05-30)

New

  • Sign and encrypt tags can be added to the subject for incoming signed and/or encrypted email (GATEWAY-36)
  • Signer and sender address mismatch detection has been added (GATEWAY-21)
  • S/MIME encrypt mailet can selectively encrypt headers (this is mainly used in combination with DJIGZO for Android)
  • S/MIME encryption and signing algorithm can be set per recipient or domain.
  • Simple subject filter added which can be used to filter the subject using a regular expression.
  • Locale (i.e., language) can be selected on the portal login and signup page.
  • CLI tool added which can be used to set/get user properties from the command line.

Improvements/Changes

  • The 8.4 PostgreSQL JDBC drivers were not compatible with PostgreSQL 9 (The default version with Ubuntu 12.04). The PostgreSQL JDBC drivers have been updated to 9.X (GATEWAY-56)
  • Logging has been improved. More information is logged and color coding has been improved (GATEWAY-42, GATEWAY-26)
  • Upgraded to BC 1.47.
  • LogLevel OFF added which can be used to completely disable logging for a class.
  • Clickatell provider now supports additional parameters.
  • Spanish translation for the portal added (translation by Diego A. Fliess)
  • Loading speed of the preferences page has been improved.
  • The user no longer has to login after the portal signup. The user is automatically logged in after the signup process.
  • The packages are now signed with a new gpg key.

Bug fix

  • sudo added to the RPM spec file as a required package (GATEWAY-55)
  • PDF reply should use the Reply-To header (GATEWAY-45)
  • Under certain circumstances, unicode characters were incorrectly encoded when replying to a PDF (GATEWAY-48)
  • Compatibility with IE9 has been improved (GATEWAY-40)
  • The RPM installer now waits for Postgres to be running before continuing the installation.

2.3.1-7 (2011-11-27)

New

  • One Time Password (OTP) PDF encryption. The OTP can be generated by the recipient after logging into the portal.
  • Email can be encrypted with additional certificates (aka escrow) (GATEWAY-9)
  • PDF reply page and quarantine viewer now supports multiple languages (de, en, nl). German translation by Stefan Michael Guenther.
  • The message with the encrypted PDF can be digitally signed.
  • EJBCA integration added (certificates can be requested from an EJBCA server).
  • Login pages (admin and portal) now contain a brute-force filter that blocks access for some time if IP/user tried to login with incorrect credentials in short timeframe.

Improvements/Changes

  • Default password length is now 16 bytes (128 bits).
  • The URL for PDF and quarantine view has been changed from /external/* to /web/portal/*
  • Some CSS changes: fonts bigger, background color white and other minor changes.
  • The portal functionality (PDF reply, external quarantine view) are now in separate war file (djigzo-portal.war)
  • SMS settings removed from the main settings page to a separate setting pages
  • Support for RedHat/CentOS 6

Bug fix

  • The wildcard domains were not functioning correctly (GATEWAY-35)
  • Incorrect URL for multiple recipients when using OTP PDF encryption (GATEWAY-38)

Known issues

  • In Internet explorer 9, Compatibility View should be enabled. For more info on how to enable compatibility view in IE9 see How to use Compatibility View in Internet Explorer 9. This will be fixed in the next release.
  • 2.3.1 RC (2011-08-25)

    New

    • One Time Password (OTP) PDF encryption. The OTP can be generated by the recipient after logging into the portal.
    • Email can be encrypted with additional certificates (aka escrow) (GATEWAY-9)
    • PDF reply page and quarantine viewer now supports multiple languages (de, en, nl). German translation by Stefan Michael Guenther.
    • The message with the encrypted PDF can be digitally signed.
    • EJBCA integration added (certificates can be requested from an EJBCA server).
    • Login pages (admin and portal) now contain a brute-force filter that blocks access for some time if IP/user tried to login with incorrect credentials in short timeframe.

    Improvements/Changes

    • Default password length is now 16 bytes (128 bits).
    • The URL for PDF and quarantine view has been changed from /external/* to /web/portal/*
    • Some CSS changes: fonts bigger, background color white and other minor changes.
    • The portal functionality (PDF reply, external quarantine view) are now in separate war file (djigzo-portal.war)
    • SMS settings removed from the main settings page to a separate setting pages

    Bug fix

    • The wildcard domains were not functioning correctly (GATEWAY-35)

    2.1.1 (2011-08-16)

    New

    • Advanced S/MIME setting "Always use freshest signing certificate" added. If checked, every time the sender needs to sign a message, the most recent (i.e., the latest "not before" date) signing certificate will be used (GATEWAY-14).
    • Advanced PDF setting "Only encrypt if mandatory" added (GATEWAY-22). If checked, PDF encryption will only be activated if encryption is mandatory.
    • DLP setting "Quarantine on failed encryption" added. If checked and encryption is mandatory and a message cannot be encrypted, the message will be quarantined and not "bounced". Note: this required minor changes to the "DLP quarantine" template.
    • Quarantined emails can now be "released as-is". When a quarantined email is released as-is, no further processing of the email is done and the email is immediately delivered.
    • The admin can now specify how many rows the grid should show per page (users, certificates, MTA queue) (GATEWAY-23)
    • The admin can now filter for specific email in the MTA queue.
    • The MTA logs are now by default shown in "raw" format (i.e., in exact same order as the log file). To view the MTA logs grouped on queue ID (the old behavior), the admin should select "Grouped".
    • If a certificate chain is valid, the issuer of the certificate in the certificate view can be clicked to open the issuer certificate view.

    Improvements

    • The BlackBerry and mobile settings are moved to a specialized mobile settings page. New role ROLE_MOBILE_MANAGER added.
    • Some settings are moved to advanced settings.
    • New charsets can be added to the PDF encryption module (should be enabled from the command line) to support charsets not supported "out of the box" by Acrobat reader. For example certain Turkish characters are not supported "out of the box" by Acrobat reader (GATEWAY-20)
    • If a certificate was available for a recipient, a user object was always created for that recipient. This resulted in a lot of users when domain to domain encryption was used. The user is no longer added by default. A new S/MIME advanced setting "Add user" is added which can be used to specify whether a user should be added when a certificate is available for a recipient.
    • Djigzo has the capability of adding certain headers to the signed and or encrypted inner MIME part. This can be used to protect certain headers (for example the subject). However there are some S/MIME gateways that cannot handle S/MIME messages with headers within inner MIME parts (for example Antigen). Because interoperability is important, the subject header protection has been disabled by default (GATEWAY-31).

    Bug fix

    • With S/MIME "strict mode" enabled, S/MIME messages were only handled by the S/MIME handler if the recipient had a valid certificate with private key. If a digitally signed message was received for a recipient not having a private key, the certificates were not extracted from the message and the signature was not removed when "Remove signature" was enabled for that recipient. The message is now always handled by the S/MIME handler. (GATEWAY-27)
    • Under certain special conditions, the base64 encoder of Javamail sometimes created lines with more than 76 characters (only a few characters extra). OpenSSL (which is used by some S/MIME gateways) cannot handle base64 encoded parts containing lines longer than 76 characters. Javamail has been updated (GATEWAY-29)
    • When deleting a large number of email from the MTA queue, the MTA queue can no longer be read until the garbage collector has run (GATEWAY-32)

    2.0.1 (2011-03-18)

    Bug fix

    • Fix for GATEWAY-15. If a message was placed in quarantine because of a DLP violation and the message-id or from header contained a '%' character, deleting the mail from quarantine resulted in an error . This bug was reported by Andreas Beier.

    2.0.0-7 (2011-03-07)

    New

    • Data leak prevention (DLP) module added.
    • S/MIME strict mode.
    • Locally generated notifications are now signed. If a locally generated notification is received by the gateway (for example because of email forwarding) the email is send as-is to prevent mail loops.
    • DSN is now supported (DSN is transparently handled by the back-end).
    • Header protection can be disabled (GATEWAY-13).

    Improvement

    • workaround for non RFC compliant SKI support from Outlook 2010. For info why this workaround is needed see: Link 1 and Link 2.
    • Javamail updated to 1.4.4 final.

    1.4.1-0 (2010-11-12)

    New

    • The Virtual Appliance now allows you to specify which IP addresses can access the Web Admin login page.

    Bug fix

    • Fix for "The PDF reply portal no longer attaches the uploaded attachment" (GATEWAY-12). This was a regression of a previous bug fix GATEWAY-4.
    • Fix for "The telephone number in the subject should be detected before removing the encryption trigger" (GATEWAY-11).

    1.4.0-5 (2010-08-23)

    New

    • Different certificate request handlers can now be added using a pluggable infrastructure.
    • Certificate request handler for Comodo has been added. With the Comodo certificate request handler, certificates from Comodo's managed PKI services (EPKI) can be automatically requested from the gateway.
    • Certificates can now be requested in bulk. A comma separated text file containing the request details can be imported. The certificates will be requested using the selected certificate request handler.
    • Email encryption header trigger has been added. Encryption of email can be triggered using a pre-defined email header (matched against a regular expression).
    • A certificate can now be automatically requested for a sender using the default selected certificate request handler (only if the sender does not yet have a valid certificate with private key).

    Improvement

    • When a large number of certificates were imported (60000 certificates) the certificates view (UI) was no longer 'snappy' enough. The certificate view has been optimized (only noticeable with large number of certificates).
    • Some UI menu items are moved to left-hand submenu.
    • SMS settings menu item has been moved to the SMS page.
    • The message template to edit should now be selected from a drop down select.
    • The restart and PDF import attachment wait animation has been replaced with an animated gif.
    • Upgraded to new version of CXF. The soap port is now by default only accessible from localhost.
    • Added note to Virtual Appliance documentation about reserving memory to prevent swapping (thanks goes to Andreas Beier for his help in finding the cause of spurious crashes when running under ESX when the total memory used by all VMs was larger than the total host memory).
    • The Virtual Appliance is upgraded to Ubuntu 10.04 LTS.

    Bug fix

    • The PDF reply URL didn't support unicode characters (only US-ASCII). The reply URL parameters are now UTF-8 encoded. (thanks goes to Benedikt Zorn for finding the problem).
    • The PDF reply body didn't support unicode characters. The body is now UTF-8 if the body contains non-ascii characters. This has been reported by Benedikt Zorn.
    • When creating certificates, the email address wasn't added to the alternative names (only to the subject).
    • The check whether a domain is a valid domain was not strict enough. Domains containing an underscore ("_") are no longer accepted as a valid domain.
    • Java wrapper version upgraded to latest version. Sometimes the Java wrapper was not able to automatically restart Djigzo when the wrapper detected that Djigzo wasn't running.
    • The Virtual Appliance console update menu items were incorrectly named. The menu items were named "Update" and "Upgrade" but they should have been named "Upgrade" and "Dist-upgrade".
    • Importing a PFX file containing a large number of certificates resulted in a timeout.

    1.3.2-1 (2010-03-30)

    New

    • Subdomain matching can now be set on MTA config page.
    • PFX passwords can be stored in the user preferences.
    • MTA authentication for external and internal relay host can be set (SASL passwords).
    • Virtual appliance has Fetchmail support (disabled by default).

    Improvement

    • Support for IE8 (new release of prototype and script.aculo.us).
    • Debian 5 (Lenny) is now supported by the .deb packages.
    • Multipart/alternative calendar items are now detected.

    Bug fix

    • When SELinux was enabled and postfix was restarted by Djigzo, postfix sometimes stopped working. This is now fixed.
    • Upgrading with the RPM package wasn't working. This has been fixed.
    • The owner and file mode of the SSL certificate was reset when upgrading the Debian packages. This has been fixed.

    1.3.1-0 (2010-01-10)

    New

    • RPM packages for Red Hat/CentOS are now available. Install guides updated with instructions for Red Hat/CentOS.
    • S/MIME signatures can be selectively removed.
    • S/MIME can selectively be skipped for calendar items (text/calendar). Outlook cannot handle signed or encrypted meeting requests.
    • CRL downloader and SMS gateway can now access external resources via configurable HTTP Proxy.
    • Config files split into multiple files to make upgrades easier when local files have been changed.
    • Password setting "Send to originator" added. If it's checked generated passwords for the PDF will be sent to the "sender" of the message.
    • Force signing trigger can be used to trigger S/MIME signing of a message using a special email header.
    • Certificate Trust List added which can be used to "white list" or "black list" certificates.
    • Messages sent from BlackBerry (via BIS) can now be relayed through Djigzo.

    Improvement

    • Tomcat is now used by default instead of Jetty.
    • Most templates are now by default UTF-8. Templates now fully support Unicode.
    • Backup and restore now works accross different PostgreSQL versions.
    • Expired column is now shown in red when a certificate is expired.
    • The Virtual Appliance now contains a firewall which blocks access to ports that need not be externally accessible.
    • support for MAC OSX Java wrapper added (patch subumitted by Rainer Frey).
    • Original Message-ID of messages is retained if possible.
    • Subject trigger is now recursively removed.

    Bug fix

    • Signature check sometimes failed for clear signed message which were clear signed.

    1.2.3-1 (2009-09-01)

    New

    • Monitor command line tool added which can be used to monitor the MPA queue.
    • Authentication and authorisation is now possible using an external LDAP.

    Improvement

    • encoded smime.p7m filenames are now recognized.

    Bug fix

    • Some "Received" headers were sorted in incorrect order (reported by Steven Geerts).
    • The mx setting on the MTA page was reversed (reported by Steven Geerts). upgrade notes
    • The telephone number on the subject was not picked up when the subject only contained the telephone number.
    • If the virtual appliance was given more than 2048 MB Djigzo did not start (reported by Stefan Schwarz).

    1.2.3 (2009-07-01)

    Bug fix

    • The CRL distribution point did not contain an issuer. When Outlook option SigStatusNoCRL was enabled Outlook reported that the CRL was not available. The CRL distribution point is now moved to the end-user certificate. This has been reported by Mark van Voorden.
    • If a CA certificate was not yet setup and apply was selected on the CA select page an error occurred.

    1.2.2 (2009-06-02)

    New

    • built-in CA added. The CA can issue certificates for internal and external users
    • Telephone numbers specified on the subject can be used as for the SMS Text message number
    • VMware tools can be rebuild from menu

    Improvement

    • BB add-on. Attachment not supported by the Blackberry are stripped. HTML only mail is converted to text
    • BB add-on. Large attachment are now supported
    • Root certificate is added when exporting certificates and when signing messages
    • CRLDistPointCertPathChecker added to certificate path builder. Critical CRL dist points are now accepted
    • Force "encrypt mode" added which overrules noEncryption
    • SMS Text message now expires in 24 hours if not sent (was 4 hours)
    • PDF reply allowed is now false by default
    • Default S/MIME encryption algorithm is now 3DES because not all Windows versions support AES
    • Administrator can see who (user, domain) is using a certificate
    • Rows per page for the grids can be set using a system property
    • Certificate and CRL algorithms and more properties can now be viewed
    • CRL certificate entries (the revoked serial numbers) can be downloaded as a text file
    • Password validity interval should now be set in minutes (old settings are converted)
    • Some user properties moved to advanced properties
    • Dialog shown on network configuration error
    • Jetty upgraded to 6.1.17

    Bug fix

    • mail.mime.parameters.strict system property added. This is a workaround for mail created by Apple mac. The Apple mac mailer 'forgets' to quote filenames containing spaces

    1.1.0 (2009-03-31)

    New

    • Automatic and manual system backup (encrypted) and restore to remote shares and local browser
    • Blackberry plugin support
    • Only sign when encrypt preference added
    • X-Djigzo-* headers are removed from incoming (to internal) email
    • Subject trigger is removed from incoming (to internal) email

    Improvement

    • Already signed messages are not signed again
    • Internal users and domains are marked with a 'star' icon
    • Certificates entries with a private key are marked with a key icon
    • Debian package dependency changed from SUN JRE to OpenJDK
    • Postfix mydestination can no longer be specified (can be re-enabled with system setting)

    1.0.1 (2009-02-08)

    • Initial release