Secure Email Gateway

NOTE: Prior to release 5.1.0 Secure Email Gateway was called SECURE Email Gateway.

July 2021

Version 5.3.0

Jul 29, 2021

New Features
  • Sandboxing allows the execution of email attachments in a controlled environment to check for any suspicious activity such as attempting to modify the registry or a file on the system. Sandboxing uses the Sophos sandboxing service and works in tandem with Sophos Anti-Virus. All sandboxing activity is conducted in the cloud and not on-premise.

Enhancements
  • An extra two rows have been added to the Product Information table on Cockpit Clearswift page to show whether Red Hat or Clearswift online updates are enabled.

Other Fixes
  • Fixed an issue where the "Upgrade is available" alarm would never be raised if using a non-English system locale.

  • If you change the gateway branding text and add multiple lines, they all display on a single line. This has now been fixed.

  • Fixed an issue where new SCOM servers could not always be added in the "Monitoring Services" page in Cockpit.

  • The 5.2 upgrade overwrote the keystore, reverting the custom UI certificate back to the Clearswift self-signed cert. This has now been fixed.

June 2021

Version 5.2.0

Jun 3, 2021

New Features
  • PhishTank has been enabled under Advanced Phishing Detection as part of spam policy. Advanced Phishing Detection uses the feed of confirmed phishing URLs supplied by PhishTank, providing a second source of phishing detection and complements the existing Mailshell functionality.

Enhancements
  • IP addresses have been updated to support the use of IPv6, enabling users to accept emails from email servers with IPv6 addresses. The Classless inter-domain routing (CIDR) format will be used to add and display addresses within the Gateway.

Other Fixes
  • PDF rendering has been improved, following steganography or redaction changes applied by the Gateway.

  • XLSX files were being detected as active content when no active content was present. This has now been fixed.

  • An Avira antivirus error stating that ‘not all file contents could be scanned’ has been resolved.

  • Processing documents such as PDFs and RTFs has been improved, resulting in more efficient detection of active content.

  • PDF detection and processing has been enhanced in this release to correct a number of issues, including the Gateway becoming unresponsive.

  • You can now disable XLM macros from being detected, by adding a configuration to the CDA and ZIP format managers. For more information, refer to the online help topic on Sanitization.

  • The process of generating SwissSign certificates with Silver license has been improved and now issues certificates successfully.

  • The gdb and valgrind RPMs can now be removed after product installation. This should be performed using the yum utility in Cockpit Terminal. Please note that these will be automatically reinstalled upon every product upgrade, so the removal process will need to be repeated each time.

  • DMARC logging detail now gives sufficient information as to why a message may have failed DMARC.

  • x-msw-jemd-scanning-scores headers were not being added to messages. This was due to RSPAMD engine returning a negative score to an email message. This has now been resolved.

March 2021

Version 5.1.0

Mar 1, 2021

New Features
  • PMM Portal users can add a domain to Trusted Senders to allow messages from any email address in that domain is trusted. This is particularly useful for allowing recurring mail to be delivered, such as newsletters.

Enhancements
  • Kaspersky anti-virus has been upgraded to version 8.9.

  • Branding changes have been applied to the user interface including new product logos. SECURE Email Gateway is now Secure Email Gateway.

  • Secure Email Gateway now has its own unique installation ISO and download location.

Other Fixes
  • A number of message processing failures have been fixed in this release.

  • Static Hostnames can contain alias names of over 40 characters.

  • SPF checks were failing due to a deprecated SPF RR Type. This has been fixed in this release.

  • An update to the Avira anti-virus engine has resolved a number of issues, including the detection of Eicar, and consistent use of downloaded definitions.

  • Excel macro detection has been significantly improved in this release.

  • A custom setting has been added to help FTP backups work more effectively.

  • Certificate store is now not restarted when applying configuration, unless its configuration has changed. This has made the Apply Configuration process faster.

  • The option to search for ‘Imported or generated’ certificate store has been removed and replaced with ‘unknown’.

September 2020

Version 5.0.0

Sep 08, 2020

New Features
  • As well as an update to Mailshell SDK 8.2.1, this release includes a number of new services designed to significantly improve spam detection rates. Additionally, a new Rspamd anti-spam engine is now configurable alongside Mailshell as part of the Gateway spam detection and filtering system. Rspamd is not enabled by default on upgrades.
  • Red Hat Cockpit replaces server console for administrators. Cockpit is an integrated web interface used for managing your network configuration, software updates, and system management.
Enhancements
  • This version of the Gateway runs on RHEL 7.8, enabling more accessible software updates, a number of technical improvements from RHEL 6, timely security fixes, and a more robust operating system.
  • You can now use the Search text box at the top of a reference list to search for a particular entry within a list. This includes Lexical Expressions, Content Rules, Hosted Domains, Email Routing, and MTA Groups.
  • Support for the SMBv1 protocol is no longer mandatory, due to security vulnerabilities. This version of the Clearswift SECURE Email Gateway still supports SMBv1, but SMBv2 will take precedence if available. The Gateway no longer requires a server to support SMBv1 in order to establish a connection.
  • You can now configure a lexical expression to ignore any duplicates of a unique string that matches that expression. This reduces false positives, where a string might be repeated in a file or attachment.
  • Detection of lexical expressions has been enhanced, so that the count of multiple matches is recorded per attachment or document.
  • The user interface has been resized to be more responsive to screen-size. Additionally, sensitive terminology has been updated where possible, replacing slave/master with worker/controller in log files. Blacklists and whitelists are now referred to as block lists and allow lists respectively.
Other Fixes
  • A weighted term now only counts once if it is repeated across multiple worksheets, if ‘Each expression may trigger only once for each part of the message’ is selected.
  • UI access controls have been significantly updated and tightened, restricting permissions to the correctly privileged users.
  • An admin account opening multiple tabs while logged in to the Gateway, presented the risk of cross-site-request forgery (CSRF) if a malicious page was open in a browser. This vulnerability has been resolved in this release.
  • Only the Installation Wizard page is accessible if the Gateway has not been fully configured.
  • The branding text appears on the login page, and was editable without authentication. This has been resolved in this release.
  • The certificate store is now automatically restarted if it crashes.
  • TrustCenter Connection check is now working as expected.
  • The Kaspersky anti-virus engine now installs correctly.
  • Failure to detect 'undisclosed-recipients:;' in the To: field when configured as a lexical expression. This issue has been resolved.

September 2020

Version 4.11.2
  • The %localdate% token in a Message Area Release Notification could show the incorrect timestamp for messages sent from the local time zone. This has been fixed.

  • Occasionally, applying configuration could result in the loss of Message Tracking events relating to the delivery of the message. This has been fixed.

  • The Sanitize Message rule could fail to detect some formats of URL in HTML href links. This has been fixed.

  • The ENVID parameter of a DSN request was dropped for messages delivered by the Gateway. This has been fixed.

  • The handling of attachments with incorrectly encoded filenames has been improved. It is now possible to inspect the held message.

  • Where a message was processed on multiple policy routes, it was possible for the attachments of the message to be duplicated in the Message Transaction log. This has been fixed.

  • Various problems with message formats have been fixed in this release.

October 2019

Version 4.11.1
Enhancements
  • Sanitization of URLs in documents.

  • Improved security of PMM digest links.

  • Improved searchability of Lexical Expressions, Email Addresses, and URL Lists.

  • Missing Manager updates for when a sender is not in the Manager Relationships list.

Other Fixes
  • Line breaks in Annotation Content written in plain text did not appear in emails received in Outlook.

  • When configuring the Gateway using the installation wizard, licenses were marked as invalid if you selected the Turkish locale (tr_TR.UTF-8) with US keyboard settings and the time zone GMT+2, using the Server Console.

  • When configuring an Active Directory forest, the credentials panel accepted an invalid user name if no password was entered. This rendered the Test Authentication to be successful without a specified password.

  • If a message containing a Delivery Service Notification (DSN) request was held, the Gateway removed the DSN request when the message was released.

  • In the Gateway, the ability to search for messages with an empty sender by specifying <> in the Sender field was not working.

  • In the Gateway, emails flagged as newsletters were detected as spam when the Reclassify suspected newsletters as spam option was disabled.

  • OCR extraction did not work on all images due to a problem with processing.

  • In the Gateway, DNS lookups for spam detection sent domain names and telephone numbers in clear text. Sensitive information is now obfuscated.

  • If a Gateway was configured to Bounce Address Tag Validation (BATV) sign outbound messages, and the original sender requested a DSN (Delivery Status Notification), the DSN was incorrectly sent to the BATV address.

August 2019

Version 4.11.0
New Features
  • Automatic Certificate Generation using SwissSign's Trust Center from within the Email Gateway.

  • URLs detected in messages can be rewritten, enabling integration with your web protection software, URL filtering, sandbox, or browser isolation platforms.

  • Geoblocking enables you to classify emails as Suspicious or Blocked based on the country of origin.

Enhancements
  • Not Junk Reporting can be configured to restrict the email data sent in reports.

  • Configure HTTPS in PMM Digest Only Mode.

  • Display the spam engine definitions timestamp on the System Health and Installed Version & Upgrades pages.

  • Spam headers are recorded in logs.

  • Sanitization and redaction of metadata in GIFs and PNGs.

  • Detect and inspect content in RAR5 archive files.

  • Content sanitization occurs regardless of the read-only flag in XMP data.

Other fixes
  • Reports did not filter on parameters containing an underscore character "_". This issue was resolved and reports are displayed as expected.

  • The TRUSTmanager statistics on the System Health page have been updated to reflect the correct percentage for Good or Neutral reputations.

  • Messages sent to a recipient without a domain name were affected by this issue. This has now been resolved.

  • The Reset Statistics button on the System Health page now correctly resets TRUSTmanager statistics.

  • The Only accept messages for these addresses and Reject messages from the following options failed for invalid email addresses. This issue has been resolved.

  • Domain Keys Identified Mail (DKIM) signing intermittently caused the SMTP Outbound Transport service to fail. This has been resolved in this release.

  • The Gateway offered a limited set of ciphers and there was no customer-override available. If none of the Email Gateway ciphers were supported by the SFTP server, the SFTP option could not be used. This has been resolved in this release by replacing the low-security cipher.

  • When reprocessing the original or modified message, the reprocessing sometimes failed with a different error message than was given during processing the first time. Reprocessing will now give the same result given for initial processing.

  • If the connection was interrupted after issuing a DATA command but before a message is accepted or rejected, it was possible the message event wasn't recorded.

  • If a Detect Lexical Expression content rule was created to run against a Received: header, it did not detect the phrases specified in the lexical expression list. This was due to an error with the content rule and has now been fixed in this release.

April 2019

Version 4.10.0
New Features
  • Mail Domains and Routing enables you to add load balancing and failover hosts for message delivery.

  • The Gateway can now use Optical Character Recognition (OCR) to redact text in images.

Enhancements
  • Additional TLS information (version and cipher name) is now provided on inbound and outbound connections in Message Tracking and SMTP logs.

  • You can now add comments to SpamLogic whitelist entries, enabling you to identify them more easily.

  • You can now detect and sanitize URLs found in message subjects.

  • You can now detect and process High Efficiency Image File formats (HEIF and HEIC).

  • Sophos anti-virus has been upgraded to version 2.6

  • Kaspersky anti-virus has been upgraded to version 8.8.

Other fixes
  • If Manager Relationships were set to update through LDAP SSL, and the policy was applied to a peered Gateway, the SSL setting on the peer was incorrectly changed to false. Applying a policy to a peered Gateway no longer changes this setting.

  • A problem has been fixed where email addresses of the form 'abc@local' could not be used in the Identify function on the Mail Policy Routes page.

  • A problem has been fixed where Sanitize Active Content sometimes failed on PDF files held in 7z compressed files.

  • A number of defects involving PDFs have been fixed to improve usability.

  • In PMM portal, when users with full access to test another user mailbox created an additional mailbox, the mailbox was displaying incorrectly in PMM Portal, even though it was displayed correctly in the Gateway UI. Attempts to delete the mailbox were unsuccessful. This issue has now been fixed, and the shared mailbox is displayed correctly in PMM portal and can be correctly deleted, as necessary.

  • A problem has been fixed where the Memory Low and Memory Critical alarms failed to trigger correctly when configured in specific instances.

  • If you configured SMTP authentication without enabling mandatory TLS, a warning icon only displayed on the connection profile list. A warning message now also displays on the SMTP Authentication panel.

  • A problem has been fixed where DKIM signatures were not added to outgoing email, when configured to do so, for capitalized hosted domain names, for example CLEARSWIFT.com.

  • If a message subject line contained ASCII control characters (in the ASCII range 0 - 31), it sometimes caused viewing message tracking details on a remote peered gateway to fail. These control characters are now replaced with a space before the subject is added to the audit database.

  • A problem has been fixed where when a message was signed using a specific certificate, the micalg element of the ContentType header was incorrectly set.

  • A problem has been fixed where messages were incorrectly rejected if a sending address was whitelisted in SpamLogic but the server IP was listed in the Realtime Block List.

  • The performance of tracking data processing has been improved by the addition of a new database index. Previous issues with delays in processing audit data have now been fixed.

  • Occasionally, random lines in the transaction logs were truncated in the message subject. This caused issues for messages exported to management systems.

  • Postgres configuration settings have been increased to improve the performance of large queries, for example, when retrieving a list of a user's PMM messages.

  • The Gateway no longer offers the deprecated diffie-hellman-group1-sha1 cipher when connecting to an SFTP server for System Backup and Restore.

  • A problem has been fixed where configuring the Gateway using the installation wizard caused licenses to be marked invalid if you already selected the Turkish locale using the Server Console in specific circumstances. This is no longer the case, and you can now complete the configuration process.

Back to Clearswift Products