Producent oprogramowania Fortinet właśnie udostępnił aktualizację dla produktu FortiMail w wersji 6.2.6. W najnowszej wersji rozwiązano problem trybu przezroczystego, w którym FortiMail sporadycznie zatrzymywał przepływający ruch. Naprawiono również problem z analizą podszywania się oraz mailfilterd, który niespodziewanie wyłączał się podczas próby odszyfrowania załączników archiwalnych. Zapraszamy do zapoznania się z dalszą częścią artykułu.
Rozwiązane problemy:
Antispam/Antivirus
| Bug ID | Description |
|---|---|
| 677857 | DOC files uploaded into DLP sensitive data fingerprint are not detected. |
| 667425 | DOCX files uploaded into DLP sensitive data fingerprint are not detected. |
| 662953 | Invalid URLs in email may cause email rejection. |
| 673226 | In some cases, DMARC checking may fail for some domains. |
| 669438 | Email classified as “TLS Session” shouldn’t be counted as spam in spam reports. |
| 666868 | ISO attachments are not detected by file MIME type. |
| 660487 | Spam outbreak protection stops working when access control receiving policies are matched. |
| 660873 | Impersonation analysis false positive issue. |
| 624567 | Some URLs may not be rewritten with URL click protection. |
Mail delivery
| Bug ID | Description |
|---|---|
| 673911 | DSNs should have the host name instead of the client IP address in EHLO. |
| 663329 | In some cases, FortiMail transparent mode intermittently stops passing traffic. |
| 658706 | The mailfilterd may exit while trying to decrypt archive attachments. |
System
| Bug ID | Description |
|---|---|
| 673962 | After upgrading to 6.2.5 release, email aliases cannot log on to webmail anymore. |
| 675831 | Some email attachment types may cause high CPU usage. |
| 669689 | No DSNs are sent after the email in queue reaches the maximum time. |
| 669983 | In some cases, recipient verification over SMTPS may cause high CPU usage. |
| 669152 | Administrator idle timeout does not work for REST API login. |
| 663290 | When email address parsing mode is set to relaxed, gateway mode also loosens LDAP recipient verification and allows non-existing hosts. |
| 660143 | In some cases, customized email templates may be set to default. |
| 655958 | When the remote archive server is not reachable, the mail queue may cause high disk usage. |
| 654451 | In some cases, mailfilterd may cause high CPU usage. |
| 659393 | Changes to LDAP alias options are not reflected on the GUI. |
| 660878 | External IBE users cannot change their user information under Preferences settings. |
| 656401 | IP Pools disappear from access control delivery policies on config HA secondary unit after certain configuration changes. |
| 630571 | After rebooting the config HA secondary unit, it cannot synchronize properly with the primary unit. |
Admin GUI and webmail
| Bug ID | Description |
|---|---|
| 662754 | When sending an encrypted email, image files may not be attached in some cases. |
CLI
| Bug ID | Description |
|---|---|
| 653179 | The “execute erase-filesystem” command returns wrong partition size information. |
Znane problemy do rozwiązania:
| Bug ID | Description |
|---|---|
| 307919 | Webmail GUI for IBE users displays a paper clip for all email although the email has no attachments. |
| 381511 | IBE messages are not signed with DKIM although DKIM signing is enabled. This has been fixed in 6.4 and newer releases. |
| 594547 | Due to more confining security restrictions imposed by the iOS system, email attachments included in IBE PUSH notification messages can no longer be opened properly on iOS devices running version 10 and up. Therefore, users cannot view the encrypted email messages on these iOS devices. Users should download and open the attachments on their PCs as a workaround. |
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie