Producent oprogramowania Fortinet wydał najnowszą aktualizację dla produktu FortiMail w wersji 7.0.7. Aktualizacja skupia się na rozwiązaniu dotychczasowych problemów, z którymi użytkownicy mogli się spotkać. Jednym z rozwiązanych problemów jest generowanie błędnych raportów DMARC dla domen. Dodatkowo poprawiono obsługę adresów phishingowych, które wcześniej nie mogły być analizowane. Naprawiono także kwestie związane ze strefą czasową, eliminując problemy z czasem letnim i zimowym. Optymalizacja dotyczy również zużycia pamięci po usunięciu profili sygnatur plików antywirusowych. Szczegółowe informacje można znaleźć w poniższym artykule.
Rozwiązane problemy:
Antispam/Antivirus
Bug ID | Description |
---|---|
902812 | Personal quarantine mail cannot be released when the mail subject is encoded. |
917444 | Multiple DMARC reports are incorrectly generated for all domains. |
921181 | Some phishing URLs cannot be parsed. |
923787 | In some cases, random hyperlinks may be generated after the content profile scan. |
923805 | URLs are sent to FortiSandbox despite the category is not selected in the URL filter profile. |
936502 | While training Bayesian database, if clean emails are selected before spam emails within the same upload, only the spam count increases. |
941219 | Cached SPF pass results persist until mailfilterd is reloaded, ignoring DNS changes. |
949525 | „Newly Observed Domain” category in URI filter does not detect spam correctly. |
949892 | Quarantined email cannot be released when the subject of manual email for release contains a new line. |
966146 | mailfilterd process spikes by handling some emails. |
968102 | URLs are unexpectedly changed when sent to FortiGuard. |
Mail Receival and Delivery
Bug ID | Description |
---|---|
925041 | Outgoing email stuck in the queue. |
955513 | FortiMail stops sending/receiving email when there is a mail event log for mailfilterd. |
System
Bug ID | Description |
---|---|
870416 | mailfilterd errors on FortiMail Cloud instance. |
903260 | A system reboot is required for DMARC report settings to take effect. |
909330 | Timezone is not updated with the daylight saving time (DST) change. |
911143 | SMTP daemon restarts when there is a virus DB update going on. |
918857 | Memory consumption is not released when antivirus File Signature profiles are deleted. |
921653 | The /var/spool folder is not cleaned up properly and thus causes high mail disk usage and SMTP connection rejection. |
929893 | IBE expiry notification is sent from all active-active HA cluster members. |
932040 | False-positive power fluctuation alert logs. |
933542 | Quarantined email on the secondary HA was pushed back to the primary side, but is not counted. |
942581 | Partial search match for „Inbox_archive” does not work properly on archived email search when an Archive Account profile’s index type is set to Header or Full. |
945330 | Unexpected system quarantine behavior. |
948641 | After adding IPv6 prefixes under config profile ip-address-group, FortiMail started to flood with „icmp6: neighbor adv” messages. |
953639 | The disclaimer in the antispam profile is not working in the IP policy. |
954509 | IP reputation fails to identify spam IP addresses. |
954548 | Attachment scan rules can’t detect specific files when files start with a number. |
955065 | PKI authentication with non-ASCII characters does not work. |
960618 | Domain MTA status was not correct after a FortiMail update. |
964861 | Block/Safe list entries are overwritten instead of being appended after NFS sync disconnection. |
Content
Bug ID | Description |
---|---|
943096 | File password decryption issue for .xls files. |
Log and Report
Bug ID | Description |
---|---|
929771 | IP reputation level 2 was disabled, but antispam log still showed spam IP score: 2. |
937921 | Some syslogs sent from FortiMail are incomplete. |
962023 | Logs sent via syslog have missing disposition field entries when email is put into the domain quarantine. |
963521 | Incorrect search results when the OR operator is used. |
Admin GUI and Webmail
Bug ID | Description |
---|---|
911598 | „Show Remote Content” does not show inline images for email in domain quarantine. |
912126 | Font viewed in webmail Sent folder is different from the font used when composing email. |
924193 | System quarantine list GUI shows garbled text for some quarantined emails. |
937898 | IBE login page redirect did not use the configured base URL. |
938976 | Cannot edit a calendar event in the shared calendar. |
969500 | „Signature” in webmail is garbled for specific words. |
Bug ID | Description |
---|---|
921580 | FortiMail 7.0.7 is no longer vulnerable to the following CWE Reference: CWE-78: Improper Neutralization of Special Elements used in an OS Command (’OS Command Injection’). |
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie