Producent oprogramowania FortiNet opublikował aktualizacje dla FortiMail o oznaczeniu 6.0.11. W nowszej wersji poprawiono profile ochronne, takie jak antyspamowy i antywirusowy. Główne naprawy dotyczyły problemów z skanowaniem plików PDF, zarówno problem dotyczący linków URL, zostały skorygowany. Po aktualizacji, możemy również zauważyć poprawę działania poczty e-mail, naprawiono problemy z logowaniem, jak i trudności z załączaniem plików graficznych w wiadomościach. Dzięki wersji 6.0.11, udało się zoptymalizować zużycie procesora, gdyż problem dotyczył błędnego działania procesu ,,mailfilterd”. Po więcej szczegółowych informacji, zapraszam do dalszej części artykułu.
Wspierane modele:
- FortiMail 60D
- FortiMail 200D
- FortiMail 200E
- FortiMail 200F
- FortiMail 400E
- FortiMail 400F
- FortiMail 900F
- FortiMail 1000D
- FortiMail 2000E
- FortiMail 3000D
- FortiMail 3000E
- FortiMail 3200E
- FortiMail VM (VMware vSphere Hypervisor ESX/ESXi 5.0 and higher)
- FortiMail VM (Microsoft Hyper-V Server 2008 R2, 2012 and 2012 R2, 2016)
- FortiMail VM (KVM qemu 0.12.1 and higher)
- FortiMail VM (Citrix XenServer v5.6sp2, 6.0 and higher; Open Source XenServer 7.4 and higher)
- FortiMail VM (AWS BYOL and On-Demand)
- FortiMail VM (Azure BYOL and On-Demand)
Rozwiązane problemy:
Antispam/Antivirus
| Bug ID | Description |
|---|---|
| 667425 | DOCX files uploaded into DLP sensitive data fingerprint are not detected. |
| 666868 | ISO attachments are not detected by file MIME type. |
| 673226 | DMARC check may fail for email from specific domains. |
| 662953 | Invalid URLs in email may cause email rejection. |
| 660873 | Impersonation Analysis false positives. |
| 700919 | Issues when scanning PDF files. |
| 684937 | URL click protection does not work properly with links ending with a dot |
| 624567 | URL click protection does not properly for some email when displayed in Outlook. |
| 669438 | Email classified as “TLS Session” shouldn’t be counted as spam in spam reports. |
System
| Bug ID | Description |
|---|---|
| 669152 | Administrator idle timeout does not work for REST API login. |
| 663290 | When email address parsing mode is set to relaxed, gateway mode also loosens LDAP recipient verification and allows non-existing hosts. |
| 669689 | No DSNs are sent after the email in queue reaches the maximum time. |
| 700959 | Error when accessing quarantine using SSO with a proxy address not matching mail attribute. |
| 679151 | Gmail using a “+” plus symbol for an alias causes issues with IBE account creation |
| 691523 | Unexpected quotation marks appear in the block lists when exporting the configuration |
| 672299 | The dnscached process may cache incorrect query results under heavy traffic. |
| 608243 | In some cases, LDAP authentication does not work for newly configured domains. |
| 700244 | For Diffie-Hellman key exchange, FortiMail uses self-generated parameters, which are different from the predefined finite field groups in RFC 7919. |
| 683893 | Oversized meta data is sent to FortiSandbox. |
| 675831 | The mailfilterd process causes high CPU usage. |
| 669983 | The mailfilterd process causes high CPU usage when recipient verification over SMTPS is enabled. |
| 673811 | DSN should have the hostname instead of the client IP address in EHLO. |
| 630571 | In some cases, after a secondary unit reboots in a config only HA, it cannot resynchronize with the primary unit. |
| 656401 | IP pools disappear from the access control delivery policies on config only secondary units after certain configuration changes. |
| 658706 | The mailfilterd process may exit unexpectedly while trying to decrypt archive attachments. |
| 655958 | Non-working remote FTP server for remote email archiving may cause high disk usage. |
| 660143 | In some cases, the email notification template may be reset to default. |
Mail delivery
| Bug ID | Description |
|---|---|
| 663329 | In some cases, FortiMail transparent mode intermittently stops passing traffic |
Common vulnerabilites and exposures
| Bug ID | Description |
|---|---|
| 691547 690894 692221 692463 |
CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’). |
| 692223 | CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’). |
| 693465 | CWE-36: Absolute Path Traversal. |
| 694366 | CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’). |
| 694751 | CWE-310: Cryptographic Issues. |
| 695037 694752 |
CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’). |
| 695039 | CWE-131: Incorrect Calculation of Buffer Size. |
| 681403 | CWE-284: Improper Access Control. |
Webmail
| Bug ID | Description |
|---|---|
| 662754 | When sending an encrypted email, image files may not be attached in some cases. |
| 673962 | Users cannot log in to webmail with configured email aliases. |
| 662754 | When sending email with both an imbedded image and an attached image, the image attachment will not be sent. |
Log and Report
| Bug ID | Description |
|---|---|
| 681775 | Incorrect email subject encoding modifies the cross search log lines. |
| 682102 | Both accept and system quarantine actions appears in the same log. |
Znane problemy do rozwiązania:
| Bug ID | Description |
|---|---|
| 307919 | Webmail GUI for IBE users displays a paper clip for all email although the email has no attachments. |
| 594547 | Due to more confining security restrictions imposed by the iOS system, email attachments included in IBE PUSH notification messages can no longer be opened properly on iOS devices running version 10 and up. Therefore, users cannot view the encrypted email messages on these iOS devices. Users should download and open the attachments on their PCs as a workaround. |
| 381511 | IBE messages are not signed with DKIM although DKIM signing is enabled. Note: This issue has been fixed in 6.4.0 release. |
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie