MDaemon Server 9.60 英文正式版

MDaemon Server 9.60 英文正式版 Description:
Alt-N 于美国时间2007年6月12日发布MDaemon Server 9.60 英文正式版.
----------------------------
MDaemon 9.60 - June 12, 2007
----------------------------

----------------------
SPECIAL CONSIDERATIONS
----------------------

  * MDaemon 9.60 is capable of taking advantage of the new Outbreak Protection
    features shipping with the next version of SecurityPlus.  These features
    include improved image spam detection and support for the Internet Watch
    Foundation's efforts to expose and classify child pornography and other
    sites promoting or involved in illegal activities.  SecurityPlus is a
    separately licensed product:  http://www.altn.com/SecurityPlus/.

  * [5128] MDaemon's DNS-BL system is once again able to skip the oldest
    X "Received" headers when processing SMTP and POP collected messages.  
    There are new controls for configuring this in the DNS-BL options UI.

    Note: Your existing configuration for the SMTP and POP "Skip the X most
    recent "Received" headers" option has been reset to a default of 0 and 1
    respectively.  This will be fine in most cases.  If you have special
    needs you might need to adjust these settings.

  * [498] DomainPOP and MultiPOP mail collection has changed.  The old
    option which retained a certain number of messages on servers was removed.  
    In it's place, new options to delete messages stored on servers after XX
    days have been added to the DomainPOP and MultiPOP UI.  This has required
    several changes to the API and MD_UserInfo structure which may require
    your custom applications and plug-ins to be recompiled.

  * [5513] relays.ordb.org will be removed from the DNS-BL host list.  This
    RBL is history.  Also, any entry for sbl-xbl.spamhaus.org will be changed
    to the new zen.spamhaus.org.
    
  * You might need to generate and deploy new DKIM keys.  This would only be
    necessary if in the past you manually generated keys of 512 bits or less
    (it is not possible to do this via the UI).  So, if your outbound message
    signing is failing with error 4 you will need to generate and deploy new
    DKIM keys.  The default for bit size is 1024.

------------------
MAJOR NEW FEATURES
------------------

  * [4388] ACCOUNT GROUPING *
  
    Added grouping support for accounts.  Groups can be defined via a new
    option off the Accounts menu.  Within the account editor you can make the
    account a member of one of more groups by entering group names into a new
    edit control on the Mailbox tab.  
     
    Two new content filter conditions have been added which allow you to con-
    figure rule actions based on group membership.  Also, ACLs for public
    folders can be specified for groups in addition to email addresses.
  
  * [6182] SUBADDRESSING *
  
    Added support for subaddressing.  Subaddressing is a system for including
    a folder name in an email address.  Replies or emails sent to that email
    address will pull the folder from the address and move the message into
    folders automatically without the need to setup filtering rules.
    
    The syntax is: "mailbox+folder@domain".  So, for example, the email
    address "arvel+ietf@altn.com" would route messages directly into
    arvel@altn.com's "ietf" IMAP folder (assuming that folder exists).  
    Nested folders can be specified using period characters.  For example,
    "arvel+industry.ietf@altn.com" would route messages directly into
    arvel@altn.com's "industry\ietf" IMAP mail folder (again, assuming that
    folder exists).  Underscores are used for spaces in folder names.  For
    example, "arvel+my_friends.frank@altn.com" would route messages
    directly into arvel@altn.com's "my friends\frank" IMAP mail folder.
    
    How you might configure your mail client to use various subaddresses
    depends on the mail client.  Alternatively, the content filter could do
    a header search/replace based on the message destination or some other
    criteria.
    
    The folder must exist prior to being used with subaddressing.  Otherwise,
    the address will be treated as unknown.  This is necessary to prevent
    abuse.
    
    You can not subaddress an alias.  You must use the actual address.  
    However, you can create an alias which refers to an entire subaddressed
    form.
        
    A new switch has been added to the Filters tab within the account editor
    which will allow you to enable/disable subaddressing on a per account
    basis.  As a result of the need to delimit using the + character this
    feature will be unavailable to accounts which include + in their email
    address local-part (mailbox).
    
    This feature can be shut down globally irrespective of individual account
    configuration via a new switch on the Misc Options|Misc UI.  By default,
    each account has this feature disabled individually.
    
  * DKIM IS NOW AN INDUSTRY STANDARD! *

    http://mipassoc.org/pipermail/ietf-dkim/2007q1/007026.html  
    http://www.emediawire.com/releases/2007/3/emw508676.htm    
    http://www.altn.com/Company/PressRoom/PressRoomViewer/Default.aspx?ID=/PressReleases/20070301-DKIMStandardization    

    After much hard work, DKIM has been approved by the IETF as an Internet
    standard!  MDaemon's DKIM implementation has therefore been updated to the
    final IETF version.  However, MDaemon will maintain back-compatibility
    with our pre-IETF version as well for at least the next 6 months to a year.

    DKIM checks will now take place before DomainKeys checks.  In addition,
    when DKIM checks produce a "pass" result, no DomainKeys check is made at
    all.  By default, MDaemon will now sign according to the final IETF stand-
    ard requirements (v=1, SHA256, and bh=, etc).  MDaemon will continue to
    honor the older pre-IETF DKIM standard signatures for the near term.

    Congratulations to all of us and you should smile knowing that you've en-
    joyed a nearly two year head start in this important email security area
    and have helped to perfect it.

  * [5645] MESSAGE CERTIFICATION (MDaemon PRO only) *

    Alt-N Technologies, through its participation in the Domain Assurance
    Council (DAC) is working to create an extension to Internet mail called
    "Vouch By Reference" (or "VBR" for short).  VBR provides a mechanism
    through which certification providers may vouch for the email messages
    sent by others.  VBR is based on the idea of adding an additional header
    to the outgoing mail and providing a very simple way to check whether cer-
    tification providers vouch for a particular sender.  VBR does not require
    the certification provider to sign (or even know about) any mail that is
    sent.

    MDaemon includes the world's first commercial implementation of VBR and
    handles all the details for you.  All you have to do is configure your
    MDaemon with one or more certification providers you trust to vouch for
    incoming mail and one or more certification providers which are willing to
    vouch for your outgoing mail.  

    Ultimately, it is our goal to have all the major reputation service pro-
    viders create certification servers for your use.  They will certify only
    those who meet their criteria for "good email practices".  Until that day
    arrives, Alt-N Technologies will step into the role and provide certifica-
    tion services for the MDaemon community.  To submit a request for Alt-N
    Technologies to certify your domain's messages visit:
    http://www.altn.com/email-certification/signup/

    To configure your MDaemon to use Alt-N Technologies as a certification
    provider use the MDaemon GUI thus:  hit Alt+X, switch to the Certification
    tab, select "Enable certification of incoming messages", enter
    "vbr.emailcertification.org" into the "Host name(s) of certification serv-
    ices that I trust" edit control.  Note: MDaemon 9.6 will set this up auto-
    matically when run for the first time.  Next, if you have signed up for
    Alt-N's certification service, click the "Configure a domain for message
    certification" button and enter the required information there.  Be sure
    to use "vbr.emailcertification.org" in the "Host name(s) of services
    willing to certify messages..." edit control.
    
    A "Certification" tab was added to MDaemon's "Security" log window.  Also,
    logging of certification processing can be toggled via new settings within
    MDaemon's logging options.

    Certification of incoming messages is only possible when an authenticated
    identity can be obtained from the incoming message.  This is possible
    using DomainKeys, DKIM, SPF, and/or Sender ID/PRA.  Therefore, one or more
    of these authentication features must be enabled.   Similarly, certifica-
    tion of your messages by others requires the authentication of your ident-
    ity so we recommend enabling DomainKeys and DKIM signing of your outbound
    mail and/or sending your outbound traffic over an SPF or Sender ID approved
    path.

    For more information on VBR and message certification visit:
    http://www.domain-assurance.org.  
    For more information on DKIM visit: http://www.dkim.org.
    IETF submission of VBR:
    http://www1.ietf.org/mail-archive/web/i-d-announce/current/msg14053.html
    VBR technical inner-workings:
    http://files.altn.com/MDaemon/drafts/draft-hoffman-dac-vbr-00.txt

  * [5833] BACKSCATTER PROTECTION (MDaemon PRO only) *

    MDaemon now includes an implementation of the BATV protocol to fight
    against the problem of email backscatter.  

    Backscatter occurs when spam or viruses send mail using a forged address
    as the return path.  This can lead to thousands of bogus delivery status
    notifications, vacation and out-of-office messages, autoresponders, etc.,
    ending up in the inbox.  You can enable Backscatter Protection from the
    Security menu to greatly aid in solving this problem.

    Backscatter protection uses HMAC SHA-1 digests with a private key and mit-
    igates against replay attacks by imposing a 7 day life-time for all return
    path values.

    BATV technical inner-workings:
    http://files.altn.com/MDaemon/drafts/draft-levine-batv-03.txt

  * [5889] MINGER (MDaemon PRO only) *

    Alt-N Technologies has created a new email address verification protocol
    called Minger.  The original Minger was loosely based on the Finger proto-
    col [RFC 1288] and thus the name.  However, it has evolved and doesn't
    look much like Finger anymore; but the name stuck.  Minger includes the
    following improvements over Finger: (a) requires authentication so it's se-
    cure (b) uses UDP rather then TCP.  Minger allows others to query your
    server for user information.  It is primarily intended to provide a simple
    and efficient mechanism for verifying whether an account exists or not.  

    MDaemon's Minger server can be enabled/disabled via the UI in the usual
    way.  A Minger user name and password may be configured from Ctrl+M on
    the Minger tab to use the server.  A Minger client has been embedded in
    the "Gateways" feature-set.  The old "LDAP Verify" tab has been renamed
    "Verification" and the existing controls have been reworked slightly to
    allow configuration for Minger.  Finally, a new top level UI tab and log
    file for the Minger server was added.

    Minger technical inner-workings:  
    http://files.altn.com/MDaemon/drafts/draft-hathcock-minger-02.txt

  * PERFORMANCE ENHANCEMENTS *

    The entire product and development process was re-tooled, setup, compiled
    and built using Visual Studio 2005 and Team Foundation Server (previously,
    Visual Studio 6 and SourceSafe were used).

    Three specific performance enhancements were made with respect to queuing
    and message delivery efficiency:

    [5549] Added a connection failure cache system which can be configured
    via a new option on the Setup | Primary Domain | Sessions tab.  If an SMTP
    session results in a connection error or connection failure the IP is
    cached in memory for XX minutes.  Once cached, further connection attempts
    to that IP are not attempted until the cache expires.  The cache is main-
    tained in memory and is reset on a restart and at midnight.

    [5582] When large numbers of messages are waiting to be delivered a prob-
    lem occurs when MDaemon continually rebuilds its internal message delivery
    memory structure.  This problem leads to very slow message processing be-
    cause the CPU is split between actually doing the delivery and continually
    rebuilding this memory structure.  To address this problem, when MDaemon's
    internal memory structure already has 1000 or more messages queued up it
    will not dynamically rebuild this structure.  This preserves the benefi-
    cial nature of dynamic queuing for the vast majority of MDaemon users who
    rarely have 1000 or more messages awaiting simultaneous delivery and at
    the same time better serve the performance needs of those who do.  You can
    raise or lower this 1000 message limit by manually editing the following
    MDaemon.ini key:

    [Sessions]
    MaxQueuedCount=1000

    [5546] There's a new option which can be used with the default schedule.
    When using the immediate delivery option you can now specify that only
    mail which is XX minutes or newer should be delivered by that option.
    This will increase mail processing efficiency since an incoming message
    will no longer trigger the delivery of everything.  Of course, the entire
    queue will spool when the toolbar button is pressed or when any other
    queue run trigger fires.  This new option only applies to queue runs which
    are triggered by the "Send mail immediately after getting queued" feature.
    By default, 1 minute has been set as the limiting factor.  You can change
    that if you like using the schedule GUI.  You can set it to ZERO to dis-
    able this behavior completely (which will cause MDaemon to behave as in
    previous versions - send all queued mail every time (inefficient)).

    [1077] Added a "Maximum simultaneous connections to any single IP" option
    which can be configured via a new option on the Setup|Primary Domain|
    Sessions tab.  This setting limits the number of simultaneous connections
    to any IP address during delivery of queued outbound mail.  It is useful
    to prevent making too many connections all at once to various IPs.  During
    delivery, if a message would require a connection to an IP that would ex-
    ceed this connection limit, then the connection is skipped and the next MX
    host (or smart host) is used.  If no additional hosts are available the
    message is queued for the next delivery cycle.  
    
    By default, this option is completely disabled which preserves existing
    behavior.  Also, by default, connections to trusted IPs are exempt from
    this feature.  However, if you'd like to enforce it for trusted IPs you
    can set the following switch in the MDaemon.ini file:
    
    [Sessions]
    TrustedIPsUseConnectionLimit=Yes (default No)

    Also, by default, connections to IPs reserved for intranet use are exempt
    from this feature.  These are 127.0.0., 192.168., 10., and 172.16.0.0/12.  
    However, if you'd like to enforce it for reserved IPs you can set the
    following switch in the MDaemon.ini file:
    
    [Sessions]
    ReservedIPsUseConnectionLimit=Yes (default No)

  * IMPROVED GATEWAY SUPPORT (MDaemon PRO only) *

    [6118] Valid email addresses for gateways can be configured by just enter-
    ing them into a text file now.  A new button was added to the gateway
    Verification tab which will let you add addresses to GatewayUsers.dat. Any
    gateway message sent to a email address found within this file will be
    considered valid.  You can also setup gateway verification to use a new
    "File" option which requires that the address be present within the text
    file in order to be considered valid.  When using other verification meth-
    ods, the text file is just an extra source for address data but not a
    definitive source.

    [6127] Gateway LDAP verification settings have been changed to better sup-
    port Exchange/Active Directory in the following ways:

    (a) The default search filter strings created for new gateways will use an
        objectclass of "user" rather than "MDaemonContact".
    (b) The default search filter strings will now include
        (proxyAddresses=SMTP:$EMAIL$)

    [6129] The format of the LDAP cache file has changed in order to fix a bug
    preventing multiple base DNs at the same host from working.  As a result,
    all existing cached values are invalid.  You can either delete the entire
    file and let MDaemon rebuild it or do nothing and allow the invalid entries
    to expire automatically over time.

    [6126] Added LDAP/Minger cache enable/disable to the Gateway Options UI.
    [6128] Added button to the Gateway Verification UI to edit the LDAP cache.

-----------------------------------
CHANGES AND ADDITIONAL NEW FEATURES
-----------------------------------

  o [4262] Added an option to the DKIM signing properties which allows a single
    checkbox which configured all local domains (the primary domain and all
    secondary domains) for signing.  You will no longer have to specify each
    domain individually within the DKSign.dat file.  This option is enabled
    by default.

  o [5497] WorldClient has better character set support for composed messages.
    Previously, WorldClient would use the utf-8 character set for message that
    contained any characters not in iso-8859-1.  Now the preferred character
    sets can be configured by the administrator with the "ComposeCharsets"
    INI value in WorldClient's Domains.ini or User.ini files.  The default
    character set for the Japanese version is iso-2022-jp, Chinese is gb2312,
    and Russian is koi8-r.

  o [5254] MDaemon will now send emails to all users who are approaching their
    quota limitation informing them of the number of messages and size of
    their mailbox as well as percentages used and remaining.  These emails are
    sent at midnight.  If an existing warning is found in the users mailbox
    it is replaced with an updated message.  You can configure a percentage
    value in the Misc Options|Misc tab which controls when these emails are
    sent.  That UI has been redesigned slightly to make room for this new
    control.  The number of allowable files or the amount of disk remaining
    must drop below this value in order for an account to receive a warning.  
    
    Also, unrelated but tagged onto 5254 was a slight redesign of the default
    account options UI.  The quota options have been isolated to a separate
    tab and the button(s) to restore installation defaults have been removed
    for now pending a sync-up with WebAdmin.

  o [5953] When sending messages to a smart host MDaemon already has the op-
    tion to authenticate using a configured user name and password.  However,
    this is a single set of authentication credentials that is used for each
    message sent.  Some ISPs are requiring a different set of credentials
    based on the sender of the message (the SMTP MAIL value).  Therefore, it
    is now possible to configure independent smart host user name and pass-
    word values for each account.  When authenticating to a smart host during
    outbound message processing these credentials will be used, if provided.  
    When not provided, the existing single set of credentials that MDaemon has
    always supported will serve as a default.

    A new edit control was added to the Account Editor which will allow you to
    configure a smart host password.  By default, the smart host user name
    will always match the account's email address.  If, for some reason, this
    is not desired, a separate smart host user name can be manually configured
    by editing the HIWATER.MRK file found in the account's root mail folder
    and adding the following key:

    [AUTH]
    ISPAUTHUserName=-<user name>  (example: ISPAUTHUserName=-arvel@altn.com)

    Preface <user name> with a dash character "-" so that MDaemon will recog-
    nize the value as unencrypted and will encrypt it for security.

    Additionally, the following MDaemon.ini settings are available for use:

    [AUTH]
    ISPAUTHByAccount=No (default Yes)

    This option enables or disables the entire thing we're talking about here.  
    When disabled, behavior is as MDaemon has always done - all messages are
    sent to the smart host after authenticating via a single user name and
    password.  When enabled, particular authentication credentials will be
    used for messages sent from a local account to the smart host only when
    those credentials are either explicitly provided -or- when the options be-
    low force the use of defaults.  A checkbox for this was added to the Setup
    |Primary Domain|Delivery UI as "Allow per-account authentication".

    ISPAUTHUseEmails=No (default Yes)

    This option causes MDaemon to always use the account's email address as
    the smart host user name unless HIWATER.MRK overrides (see above).  When
    this option is set to No (disabled) and nothing is configured in the
    HIWATER.MRK for use then nothing special happens.

    ISPAUTHUsePasswords=Yes (default No)

    This option causes MDaemon to always use the account's POP/IMAP password
    as the smart host password unless HIWATER.MRK overrides.  When this option
    is set to No (disabled) and no smart host password is configured for use
    then nothing special happens.

    SECURITY NOTE: Enabling the ISPAUTHUsePasswords option will effectively
    communicate all your account's local mail passwords to the smart host over
    time.  This is not a good idea since it provides sensitive information
    (enough to compromise mail security) to somebody else.  Use only if re-
    quired to do so by a smart host you absolutely trust.

    This system is shipped disabled because no account will have a smart host
    password value available for use.

  o [6251] When installing in silent mode (using the /s option) the installer
    will no longer show a "you need to reboot" dialog box.  Instead, if a
    reboot is needed, the installer will create \App\RebootNeeded.sem.  It's
    up to you to do the needed rebooting in these cases.

  o [6225] Added an new UI tool to pick users, lists, catalogs, or mailing
    lists where appropriate and retired the older tool.  This new UI element
    ties in at various places (such as a button to the right of UI elements
    that allow user selection).  It will support multiple selection when
    appropriate.

  o If you are adding DNS-BL hits to the IP screen you'll need to set the
    following MDaemon.ini switch to continue to make that happen:
    
    [SpamBlocker]
    AddToIPScreen2=Yes (default No)
    
    This is not recommended as it amounts to a permanent caching of DNS-BL
    results.  It is provided for backward compatibility only.
    
  o [3678] Added account option to cause automatic processing of meeting
    requests, changes, and cancellations.  When MDaemon encounters a message
    for a local user that contains a meeting request it will update the users
    calendar automatically if this option is enabled.  This option is disabled
    for all users by default.

  o [5834] Removed option to force a reverse-path when none is provided in an
    outbound message.  This was preventing the proper sending of mail with a
    NULL reverse path.  If this is a problem use the content filter to insert
    an X-Return-Path header.  The MDaemon.ini setting [Special] ForceFrom= is
    no longer used.

  o [6089] Alt-N supports only the SpamHaus RBL.  Therefore, default installs
    of MDaemon will be configured with only this RBL.  Alt-N does not recom-
    mend other RBL services however you are free to use whatever services you
    wish.

  o RAW message processing will no longer append "Message contains [X] file
    attachments" to message bodies.  If you want that, you can enable this
    MDaemon.ini setting: [Special] ShowRAWAttachmentCountString=Yes.

  o [5875] Added two new IMAP filter rule options:  Redirect Message - re-
    directs incoming messages EXACTLY as they arrived - no changes to the
    headers or body are made.  The only thing changed is the SMTP envelope re-
    cipient.  Forward Message - forwards the incoming message to a new recip-
    ient by introducing a new message into the mail stream (with the Subject
    header and body content taken from the original message).

  o [5678] Added SyncML password to the account editor.  You only need to
    specify a SyncML password if your account is setup for Dynamic Authentica-
    tion.  However, you can specify a SyncML password at any time.  If speci-
    fied, that is the password that you must use when your account interacts
    with MDaemon's SyncML server.

  o [6002] The Alt-N web site now includes pages to provide more details on
    how to configure SyncML clients for various platforms.  The SyncML server
    UI page has changed to include links to these new pages.

  o [5955] The account editor UI has seen additional descriptive text changes
    including:

    1) SyncML password edit box added to Mailbox tab
    2) Smart Host password edit box added to Mailbox tab
    3) Better wording to describe various options on Options tab
    4) "Aliases" button moved to Options tab to make room for 1) and 2)
    6) "IMAP Filter Rules" is now just "Filters" to be consistent with
       WorldClient/WA

  o Some changes to better support Vista:

    [5640] Popups will not occur from MDaemon running as a service in session
    zero under Vista.  This was causing nag screens.

    [5638] Mutex and shared memory problems fixed which were causing a break
    down of inter-process communication and leading to several odd issues
    (like double WorldClient.exe and MDSpamD instances, re-initing sockets).

    Help file converted to Microsoft HTML Help (MDaemon.chm) for Vista compat-
    ibility. "What's This? Help" is still only supported in 2000/XP.

  o [5886] Updated AntiSpam system to include SpamAssassin 3.18.

  o [5832] Added option to spam filter to toggle sending a spam trap public
    folder summary email to the postmaster each day.

  o [5852] The option "Send to next MX host when an SMTP error occurs" has
    been removed from Setup|Primary Domain|DNS.  MDaemon will always send to
    the next MX host as appropriate.

  o [5854] An option was added to Setup|Primary Domain|DNS which will bounce a
    message upon the first 5xx error returned from any MX host.  When uncheck-
    ed, messages will not be immediately bounced as long as at least one MX
    returns a 4xx error.

  o [5653] The RBL caching system was removed.  It's redundant since DNS al-
    ready does caching and was needlessly CPU/disk intensive.

  o [5580] A new switch was added to Misc Options|Servers.  You can now indiv-
    idually enable message and SMTP parameter RFC compliance checking.

  o [5581] Authenticated sessions are always exempt from SMTP parameter and
    message RFC compliance checks.

  o [5525] Slight restructuring to the DNS-BL UI to make it more efficient.

  o [5467] Changed several references from "AntiVirus" to "AntiVirus/SecurityPlus"

  o [6014] A warning message will appear when enabling message relaying.

  o [5539] The option "Enable disk checking for waiting message counts" was
    renamed to "Update GUI with queued message counts" and moved from the
    Misc Options|Misc to the Misc Options|GUI tab.

  o [5336] By default, automatic attachment extraction will no longer extract
    text/plain attachment types.  You can change this with a new switch on the
    Misc Options|Misc tab.

  o [5540] The option to relay for trusted IPs has been disabled by default.
    You can change this with a switch on the Security|Relay...|Relay Settings
    tab.

  o [5949] The following INI file keys are no longer used:

    [RAS] EncryptName and EncryptPassword (MDaemon.ini)
    [AUTH] EncryptDequeueLogon and EncryptDequeueSharedSecret (MDaemon.ini)
    [DomainPOP] EncryptName and EncryptPassword (DomainPOP.ini)

    The proper way to have MDaemon encrypt these values is to make the first
    character a dash "-" char.

    Also, the following keys were renamed for MDaemon 9.60:

    [AUTH] ISPAuthLogon        -> [AUTH] ISPAuthUserName
    [AUTH] ISPAuthSharedSecret -> [AUTH] ISPAuthPassword
    [AUTH] DequeueSharedSecret -> [AUTH] DequeuePassword

  o [5542] By default, MDaemon will strip out X-MDOP-RefID headers from in-
    coming messages.  These are headers generated by Outbreak Protection.  If
    you'd like to retain these headers you can set the following switch in
    MDaemon.ini:

    [Special]
    StripOPRefIDHeaders=No (default Yes)

  o [4241] Added additional reminder times for WorldClient events.

  o [5612] * and ? chars will now be accepted in RCPT values.  However, if you
    have accounts that use * and ? chars within the mailbox value be aware
    that aliases will not work properly for such accounts.  You should not
    setup accounts with * and ? chars in mailbox values.

  o [5361] Details related to the meeting are now included in the subject of
    iCalendar invitations.  This works around an issue where Exchange uses the
    RFC message subject and not the iCalendar summary field for the meetings
    description.

  o [5839] Added menu and toolbar button for editing SyncML server options.

  o [5465] User can specify default browser when Comagent launches WorldClient.
    Edit the Comagent.ini file:

    [ComAgent]
    DefaultBrowser=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.exe -url "%1"

  o [6062] Route slips will honor the "Abort delivery on 5XX after RCPT" op-
    tion.  Previously they used an MDaemon.ini setting called IgnoreRcptErrors.
    This has been deprecated.

  o [6004] Auto-responders will never be triggered by a spam messages regard-
    less of whether they are explicitly listed on the auto-responder exception
    UI or not.

  o [6005] MDaemon's internal resource string ids were changed in order to
    assist localization efforts and prevent errant string translations from
    causing software crashes and bugs.  As a result, the "custom SMTP" and
    "custom POP" string systems for which support ceased a long time ago has
    now been completely deprecated.

  o [6013] Secondary domains can now be configured with a unique FQDN value.
    This value will be used with incoming SMTP connections.  IP binding is not
    required in order for this to work.  However, if you have two or more
    domains using the same unbound IP then the FQDN used will be the one
    associated with the domain that is first in alphabetical order.  If each
    domain is bound to its own IP then the proper FQDN will be used in all
    cases.  Also, this value will be used with outgoing SMTP sessions in the
    HELO/EHLO.
        
    When no FQDN value is specified, MDaemon will use the primary domain's
    FQDN value as a default.

  o [6016] The option to use the FQDN host name in SMTP when required and the
    option to use the same in "Received" headers were both removed from Setup|
    Primary Domain.  The former options were eliminated completely from the
    software and the FQDN will always be used when required by RFC.  The
    latter option still exists in the Misc. Options however it's default has
    been changed to TRUE.

  o [6025] Outbound socket IP binding has been changed.  MDaemon will always
    bind outbound sockets if the domain has binding in place on inbound sockets
    and if the option to enable outbound IP binding is enabled.  The IP used
    in this case is the one associated with the handling of inbound mail.  If
    no IP can be determined then MDaemon can use a specific IP which you can
    configure by editing the following in MDaemon.ini:
    
    [Domain]
    OutboundSocketIP=<IP>  
    
    All of this functionality requires that outbound socket binding be enabled
    via a new UI switch added to Misc Options|System.
    
    The following setting is no longer used:
    
    [Domain]
    BindToBoundDomains=<whatever>

  o [6045] DK/DKIM processing will properly handle keys with CR, LF, and SP
    embedded within them.  Some examples of keys that have been errantly white-
    space folded were encountered in the wild.

  o [6049] Uninstall will automatically invoke a deactivation of the software.

  o [2725] System log will note the queue status on startup (frozen/active).

  o [6113] Removed "Check for update now" option from all installers.  Check-
    ing for updates from within the installer is no longer technically poss-
    ible for us.  Update checks can only be safely performed using the MDaemon
    UI.

  o [6205] Changed list digests slightly.  First, the format of the digest
    mail was simplified and is always sent with basic HTML codes inserted.
    The option to create HTML digests has been removed. The button to edit
    the digest format was also removed from the UI.  MDaemon will always
    rebuild DIGEST.MBF every time it starts.  So, DIGEST.MBF, like RFC822.
    MBF is now a reserved file and shouldn't be changed by end users.  If
    you want to create a custom DIGEST.MBF file for use with certain lists
    you should copy DIGEST.MBF to another file name of your choice, make the
    changes you need using notepad, and then configure the list to use your
    new MBF file.
    
  o [6212] RFC822.mbf and DIGEST.mbf are important system files that can
    cause MDaemon to operate strangely if they are modified.  These files
    are no longer eligible for modification.  MDaemon will rebuild these
    files to system defaults at each startup.  

  o [6193] MDaemon's service startup procedure has been internally changed.
    It is in a separate thread now which should keep the Windows SCM updated
    properly.  Also, MDaemon will report its status as SERVICE_RUNNING when
    connections are ready to be serviced rather than when the main window
    is initialized as in previous versions.
    
  o [4146] Added an option to the Logging Mode UI which allows you to config-
    ure a log file path.  The resulted in a slight reorganization of the con-
    trols on that UI tab.
    
  o [6142] MDaemon no longer sends auto-generated messages using "BadMsgQ@"
    as the Reply-to.  MDaemon will use "Noreply@".  Therefore, if you have
    an account using that mailbox it will no longer be able to receive mail.
    
  o [6143] Auto-generated emails sent from MDaemon which should not receive
    replies will be sent with a reply-to and reverse-path of "noreply@".
    Messages received for "noreply@" will be refused by the SMTP server.
    
  o [6120] It is no longer possible to use the envelope sender value to verify
    list membership.  Doing so is an improper use of the envelope value result-
    ing in the breakage of systems like BATV.  List related checks will be
    performed on the value of the FROM header after the message body is re-
    ceived.

  o [6123] ComAgent warning will popup on public folder synch when user lacks
    permission to modify the public address book.

  o [6214] Tarpit.dat was renamed DynamicScreen.dat.

  o [6131] The feature which automatically updates local address books with
    the email addresses of folks to whom mail is sent was broken.  So was the
    DomainPOP "real name matching" feature.  Both were using the return-path
    address rather than the address taken from the message's From: header.  
    This has been fixed.

  o [6132] The feature which checks local address books to determine whether a
    message should be exempt from the spam filter was broken in two ways.  
    First, a single address book match for a RCPT white listed the message for
    all RCPTs.  For this reason, messages to multiple RCPTs will be handled
    by the MTA rather than the SMTP server.  Second, the return-path address
    was the one being matched to the address books.  This should be the ad-
    dress of the sender of the message as taken from first the Sender: header
    and failing that, the From: header.

  o [6135] Some changes were made regarding the logging of tarpit and dynamic
    screening activity.  First, these items are no longer tracked into the OS
    event log.  This was just bloating the even log greatly.  Second, a new
    "Screening" sub-tab has been added to the Security tab.  Tarpit and dy-
    namic screening events will track into this tab and log file rather than
    the System tab and log.

  o [6145] The "Machine name" parm has been removed.  MDaemon already has an
    FQDN value which is supposed to uniquely identify the machine.  MDaemon
    will now use the FQDN value everywhere that it previously used the Machine
    name value.

  o [6146] Auto-generated messages are sent with a FROM field which indicates
    the FQDN of the server who sent the message.  Something like this:  
    From: "MDaemon at c3po.altn.com" <MDaemon@altn.com>.
    
  o If CLEARQUOTACOUNTS.SEM contains * on a line by itself the entire file
    will be deleted thereby invalidating all cached quota counts.
    
-----
FIXES
-----

  o [6079] fix to session transcripts no always included in NDR when should be
  o [6090] fix to CRLF in Comments and UserDefined fields breaking CSV export
  o [550]  fix to list digest messages not handling HTML mail properly
  o [2874] fix to RAW & CF generated messages not working with list digests
  o [6021] fix to list digest processing leaving orphaned temp files
  o [6023] fix to list digest processing handling only multipart/alternative
  o [5526] fix to truncated ACL help button text  
  o [5462] fix to missing strings for translation
  o [5532] fix to DNS-BL not refusing connections when it should
  o [5534] fix to orphaned RTE files in Bayesian learning folders
  o [5448] fix to restricted account default setting only working in English
  o [4777] fix to unsubscribe emails not available for localization
  o [5541] fix to bad email addresses sometimes written to OC user data file
  o [5252] fix to OC user data file not updated when domain names change
  o [5543] fix to RTE files orphaned by IMAP server
  o [5545] fix to RTE files orphaned by POP server
  o [4866] fix to SMTP not sending to backup server on error during session
  o [5136] fix to SMTP not sending to backup server on error after EHLO
  o [5508] fix to ComAgent right-click lockup problem under some conditions
  o [5509] fix to ComAgent crashes when Outlook synchronization occurs when
    server connection had been lost
  o [5573] fix to apply button not working on some spam filter UI tabs
  o [5559] fix to more "MDaemon Antivirus" in UI when should be "SecurityPlus"
  o [6133] fix to BATV pvrs encoded return-paths not playing nice with greylisting
  o [5583] workaround for HiPath ProCenter bug which caused it to strip
    email attachments from unread messages
  o [5418] fix to MD not being able to delete a domain's public folders when
    removing the domain
  o [5599] fix to ComAgent not using translated folder name for new email
    notification
  o [5844] fix to DomainPOP "Default" button (removed it)
  o [5604] fix to Apply button not working in Queues UI
  o [5680] fix to Comagent Outlook sync not synching job title field
  o [5681] fix to Comagent Outlook sync not synching title in full name field
  o [5707] fix to Comagent Outlook sync not synching suffix in full name field
  o [5847] fix to handle leak when using the gateway's LDAP "test" button
  o [5855] fix to plugin menu options appearing in menubar in simple mode
  o [5792] fix to attachments not being removed when using the 'extract
    attachment to folder' action in content filter
  o [5872] fix to cf and virus .dat files being overwritten by the installers
  o [5868] fix to content filter rules not able to be modified on some systems
  o [5876] fix to improper use of Resent-From in auto-forwarded mails
  o [5879] fix to stack corruption in SafeFormatResourceString function
  o [5621] fix to unable to set ham/spam sample count below 200 in UI
  o [5651] fix to spam filter's DNS-BL score not enabling/disabling correctly
  o [5652] fix to account filters UI not enable/disable match text correctly
  o [5467] fix to UI references to "AntiVirus" -> "SecurityPlus/AntiVirus"
  o [5663] fix to summary stats report file formatted improperly
  o [5882] fix to summary stats report leaving orphaned files in temp folder
  o [5784] fix to DPOP/MPOP not working with UIDLs that start with # properly
  o [5795] fix to some public folder UI text not in resources for translating
  o [5619] fix to import process breaking down when missing a last name field
  o [5622] fix to smart host being used immediately after first MX connect
    failure rather than trying all MX hosts first
  o [5665] fix to schedules added/changed by config session not taking effect
  o [5945] fix to 502 rather than 252 response when VRFY/EXPN disabled
  o [5871] fix to SyncML: server should log if directory does not exist
  o [5505] fix to SyncML: the fact that the Outlook Connector deletes and re-
    creates an item when editing causes the SyncML server to do the same
  o [6006] fix to Host Screen not working with PTR result at times
  o [5993] fix to tarpit.dat not purging matches to notarpit.dat on startup
  o [6011] fix to 250 EHLO/HELO response not including FQDN value
  o [6036] fix to Comagent strings, "Could not connect to the server! Please
    verify that the server information is correct.", not translated
  o [6063] fix to QUIT sometimes being sent at the wrong time during SMTP
  o [6064] fix to "Bounce message on first 5XX from an MX host" not working in
    all cases
  o [6081] fix ComAgent's un-translated strings
  o [6102] fix to WorldClient does not recognize invitations from GoToMeeting.com
  o [6105] fix to errant text on Help menu regarding Top 10 support questions
  o [6106] fix to errant text on Help menu regarding Top KB articles
  o [6107] fix to redundant Help options (there's just one HELP option now)
  o [5609] fix to the contact picker not selecting the right contact folder
    after refreshing data when the contact folder is refreshed in some foreign
    languages
  o [5904] fix to activation resets when installed on Vista
  o [5899] fix to $LOCALDOMAIN$ aliases showing in WC
  o [6140] fix to ComAgent auto-update not working
  o [5655] fix to New Folder dialog from IMAP Rules editor not decoding or
    encoding folder names
  o [6147] fix to IMAP rules possibly using value from the wrong header
  o [6156] fix to crash at shutdown if Spam Filter dialog is open
  o [6157] fix to incorrect title for some tabbed dialogs
  o [6161] fix to DKIM signatures not using the i= domain properly
  o [6174] fix to SPF "PTR" tests not working properly in some cases
  o [6166] fix to accepting MAIL parms with | char (MDaemon reserves this char)
  o [6115] fix to server freeze states not honored by config session on new install
  o [6177] fix to ISO-2022-KR messages are corrupted in WorldClient
  o [6183] fix to IMAP parse error with search arguments containing parentheses
  o [5963] fix to QuotaCounts.dat not being updated after pruning
  o [6213] fix to digest special editions being folded into digest proper
  o [4530] fix to SyncML: database path containing non-ASCII characters not found
  o [5885] fix to SyncML: recurring events not synchronized with TBird extension
  o [6051] fix to WC and some IMAP clients not properly decoding a message
    that has trailing whitespace in the Content-Transfer-Encoding header value.
  o [6297] fix to SMTP based scan scoring for VBR and OP results
  o [5495] fix to a message composed in WorldClient with an improperly
    formatted email address may not be sent to all recipients
  o [6232] fix AccountPrune not accepting foreign and accented characters for
    folder name parameter(/p)
  o [6243] fix to MDaemon's "Log full WC/HTTP/IM activity" setting having no
    effect on WorldClient's HTTP log
  o [6250] fix to auth'ed sessions accepting, and then bouncing, messages sent
    to unknown local users (should not accept message in the first place)
  o [6237] fix to auto-generated messages being sent even when triggering
    message specified a NULL reverse path
  o [6141] fix to installer backup not taking place before file conversion
  o [6257] fix to Korean message not displaying in WC LookOut theme
  o [6278] fix to DomainAdmin.ini file key may contain unnecessary commas
  o [6279] fix to switch inserting X-Lookup-Warning header not working
  o [6199] fix to DKIM options tab not using Apply button correctly
  o [6305] fix to cfengine.exe crash when using search and replace rule action