Webmail Messenger release notes
07
Jun
2018

2.1.2-1

New

  • TLSv1 and TLSv1.1 are now disabled (only TLSv1.2 is supported). Only strong TLS ciphers are enabled.
  • "Clickjacking" protection added (the Web GUI now adds an "X-Frame-Options: DENY" header)
  • SMTP lookup tables GUI option added [PRO/ENT].

Bug & Improvements & Changes

  • The password reset email no longer uses the empty sender (<>). Some anti-spam gateways block emails with an empty sender address.
  • "Relay recipient" is no longer a required option. This is need when running Webmail messenger in standalone mode.
08
May
2018

2.1.0-0

New

  • The back-end now supports a Mail attribute named remote-delivery.smtp.relay-host. It can be used to deliver email to a different relay host or local port based on content.
  • Export database to XML [ENT/PRO].

Bug & Improvements & Changes

  • Cipher suites for HTTPClient are no longer set. The Cipher suites config resulted in a bug after a Java update. The Java bug was only triggered in old versions of CipherMail that used a link to sunjce_provider.jar in /usr/share/djigzo/james-2.3.1/lib.
  • SleepTimeOnError added to SMSGatewayImpl background thread. The thread will sleep for 30 sec (default) if there was an exception in the background thread not caused by a transport. This is done to prevent filling up the logs if there is a problem with the database.
  • Postgres 10 does not allow the JDBC URL to end with /. The last / has been removed from the URL.
  • Postgres JDB driver updated to support Postgres 10.
  • Most required/depends removed from RPM and DEB conf files. It is impossible to support different RH/CentOS, Ubuntu etc. releases with one RPM or DEB because packages are renamed/removed etc.
  • The back-end front-end SOAP layer now uses Basic Authentication mode instead of WS security to work around a recently introduced Java bug in Java 1.8.0_162. (https://bugs.openjdk.java.net/browse/JDK-8196491, https://github.com/javaee/metro-jax-ws/issues/1209)
  • The CipherMail Virtual Appliance is now using CentOS 7 instead of Ubuntu and uses MariaDB instead of Postgres. Unfortunately this means that back-ups of previous CipherMail Virtual Appliance cannot be directly imported because the database type is changed. Users with a support contract can contact Us for help with migrating the database to the new version. Note: this only impacts users using the Virtual Appliance who wish to upgrade to the new CentOS based Virtual Appliance.
  • License check only checked if license was valid at startup.
  • Jetty upgraded to release 9.4. This requires java 8 or up.
04
Apr
2017

1.5.6-6

Bug & Improvements & Changes

  • CreatePortalAuthenticationSecret was missing when the user was first invited with PDF
  • Because some NIO classes are now used, Java 7 or up is now required.
  • PDF encryption now supports deep scanning which scans the complete MIME message (this fixes bug GATEWAY-89)
  • ciphermail.d/*.conf" added to apache config. This can be used for skinning etc.
  • Some libraries updated.
21
Nov
2016

1.5.2-1

New

  • Two factor authentication with SMS or TOTP (for example using Google Authenticator) is now supported.
  • SMS gateway added.
  • Support for Twilio and eCall SMS gateway added.
  • Auto cleanup service added. When enabled, webmail account which are not used for some time will be automatically cleaned up.

Bug & Improvements & Changes

  • Libraries updated.
  • Minor bug fixes.
23
Aug
2016

1.5.0-3

New

  • The portal is now extended. It can now also be used for PDF reply and OTP mode password generation. The logged in user can switch between portal and webmail.

Bug & Improvements & Changes

  • The portal now uses bootstrap css.
  • MySQL/MariaDB jdbc drivers updated.
  • CXF upgraded. CXF now uses netty for http soap server connections instead of jetty.
  • Regression: New admin roles could no longer be assigned/removed [GATEWAY-102]
18
Apr
2016

1.4.0

New

  • Script added for creating the required TLS certificate for HA replication mode.
  • Script added which can be used to backup email to new appliance.

Bug & Improvements & Changes

  • Tooltip was not always shown on top. z-index was changed to high value.
  • GUI changes. Most close/cancel buttons removed to make UI more consistent. Users should use back button or menu items for navigation.
  • CSS naming on some forms changed to make CSS naming more consistent.
  • MTA config page refactored. The MTA page no longer has any advanced options since the old advanced options were actually important enough to always show.
  • The portal user password can be set to an empty value. This resets the password for the recipient. The next webmail will then result in a new "invite" email.
  • X500 subject field now shows most settings by default and only OU under the more option.
  • Certificate/key import pages now return to the parent page (certificates, roots) after import. The import result is shown in the parent page.
15
Mar
2016

1.3.5

New

  • Support for MySQL/MariaDB and Oracle added.
  • Dovecot dict service added. This was required to support Oracle since Oracle is not directly supported with Dovecot.
  • HA replication support added.
  • HTTP Strict Transport Security (HTST) enabled.
  • ciphermail.backup.enabled system prop added which can be used to disable backup option from the web GUI .

Bug & Improvements & Changes

  • Java wrapper upgraded to 3.5.28 to fix a memory leak on RedHat/CentOS .
27
Nov
2015

1.3.4

New

  • The user can now select a language on the login page.
  • Web GUI is now fully responsive on mobile devices.

Bug & Improvements & Changes

  • Roundcube updated.
  • Roundcube secure URL option enabled.
16
May
2015

1.3.0

New

  • Authorized recipients, for email sent by webmail users, can be configured from the web GUI.
  • SMTP transports can be configured from the web GUI.
  • Per user quota support added.
  • Max. attachment size for webmail user can now be configured from web GUI.
  • Configurable periodic mail purging added.

Bug & Improvements & Changes

  • Virtual Appliance updated to Ubuntu 14.04 LTS, 64bit.
  • Passwords are now stored as UTF8 to support Unicode characters.
  • Roundcube updated.
  • Legacy browser plugin for RC added to support old IE versions.
  • Java wrapper updated to 3.5.26. This fixes multibyte char logging bug which sometimes resulted in ? in the log files.
10
Apr
2014

1.2.1

New

  • Mail box manager added.
  • RSyslog module added.
  • Mail quota support added.

Bug & Improvements & Changes

  • HSM local mail encryption/decryption script refactored.
  • Roundcube updated.
20
Dec
2013

1.1.1

Initial release