FortiMail 5.4.6

Fortinet serwuje nam kolejną aktualizację dla produktu FortiMail. W wersji 5.4.6 producent między innymi poradził sobie z ograniczeniami poczty google, wprowadzając nową komendę set smtp-delivery-session-preference {domain | host}. Poza tym rozszerzona została pula adresów IP możliwa do wykorzystania przez modele wyższej klasy.

Rozwiązane problemy:

Antivirus/Antispam/Content
Bug ID Description

482917 When decrypting PDF files, the mailfilterd daemon may crash in some cases.
490887 FortiMail should combine base and relative URL against baseStriker attacks.
490890 When email re-scan is on, quarantined messages cannot be released in some cases.
486092 FortiGuard Web Filter Service identifies URI: http://www.amazon.com as Newly Observed Domain, instead of Shopping category.
484358 An email message which is deferred for both spam outbreak and FortiSandbox URI scanning will be delivered when the spam outbreak expires without waiting for FortiSandbox scan results or timeout.
491705 When the default action is selected in the recipient policy, email for an unknown user cannot be found in system quarantine although the log message disposition says so.
495608 Unable to release or view System Quarantine search results.
491213 FortiMail should not send URIs in the HTML title tags to FortiSandbox.

Mail Receiving and Delivering
Bug ID Description

484700 Email body is cut off when enabling incoming disclaimer at the start of message.
485716 Delivery receipt with S/MIME signing does not work.
489283 Returned mail contains incorrect From address when one of the recipient address cannot be reached.
486453 Under Domain & User > Domain > Advanced Group, the relay host test does not use STARTTLS.
477351 Relay host test with FQDN fails.

System
Bug ID Description

488606 Compliance with US Federal STIG requirements.
489047 Admin users without system privileges can change the system time.
483796 When setting up LDAP address book mapping under Domain & User > Address Book > LDAP Mapping, some contact fields are missing in 5.4 releases compared with 5.3 releases.
488513 When a FortiMail DNS query response is SERVFAIL, the secondary DNS server is not queried.
479310 Unable to add email addresses containing single quotes into an email address group via GUI or CLI.
490548 Importing LDAP contacts does not skip the already existing ones and thus create duplicates.
490889 If FortiMail uses the “exe ssh” command to connect to other server and the server changed its SSH key, the connection will fail with a warning.
483185 In HA mode, VIP does not work for the Redundant interface with a long interface name.
481223 The status of IBE security questions is not retained after firmware upgrade.
480951 High CPU usage due to mailfitlerd processes.
490052 Wrong certificate chain is supplied when an IP pool is used.
477122 Multiple mailfitlerd crashes.
484202 CSR download button is greyed out under System > Certificate > Local Certificate.
480659 Return-path in mail header is removed after email migration from other mail servers.
478972 Users cannot synchronize through their email clients (Outlook or Thunderbird).
484179 It takes very long time to run the “execute user generate” command to generate the user defined configuration file.

Log and Report
Bug ID Description

480998 User details are not displayed in the event log after the user deletes a log file.
489533 Week numbers in FortiMail reports are not displayed correctly.

Admin GUI/Webmail
Bug ID Description

485953 The Allow user to change theme option under System > Customization > Appearance > Webmail Portal does not take effect.
482891 IP address and port number combination is not accepted for FDS override IP address under System > FortiGuard > Antivirus.
264841 The quarantine report contains a URI that does not comply with RFC 6068.

CLI
Bug ID Description

486757 The “diag hardware deviceinfo nic” command does not work.

Common Vulnerabilities and Exposures
Bug ID Description

480291 FortiMail 5.4.6 is no longer vulnerable to the following CVE-Reference:
CVE-2017-14461
480263 FortiMail 5.4.6 is no longer vulnerable to the following CVE-Reference:
CVE-2017-15130
484829 FortiMail is no longer vulnerable to the following CVE-References:
CVE-2018-1000001
CVE-2018-6485
CVE-2018-6551

Znane problemy do rozwiązania:

Bug ID Description
307919 Webmail GUI for IBE users displays a paper clip for all email although the email has no attachments.
381511 IBE messages are not signed with DKIM although DKIM signing is enabled.

Zachęcamy do lektury notatek Notatki do wydania

Pozdrawiamy,

Zespół B&B
Bezpieczeństwo w biznesie

FortiMail