Producent oprogramowania Fortinet właśnie udostępnił aktualizację dla produktu FortiMail w wersji 6.4.4. W najnowszej wersji naprawiono błąd z transkrypcją adresu URL, która nie działała prawidłowo, gdy oryginalny adres URL kończył się kropką. Naprawiono również problem fałszywych alarmów, gdy nagłówek “Od” miał znak @ w wyświetlanej nazwie. Rozwiązano także błąd podczas którego zbyt duża ilość metadanych była wysyłana do FortiSandbox. Po więcej ciekawych informacji o aktualizacji zapraszamy do dalszej części artykułu.
Co nowego:
| Feature | Description |
|---|---|
| MSSP: LDAP routing and recipient verification enhancement | Support LDAP routing and recipient verification when using Domain Check under System > Mail Setting > Mail Server Setting. |
| Option to select subject tag location | Choose where to insert the subject tag under Security > Other > Preference or by using the following CLI command:
config mailsetting preference |
Rozwiązane problemy:
Antispam/Antivirus
| Bug ID | Description |
|---|---|
| 686269 | Files cannot be uploaded to FortiSanbox Cloud for inspection and all the files are incorrectly displayed with the same file size. |
| 673226 | DMARC checking fails for most email from a specific domain. |
| 684937 | URL rewriting does not work properly when the original URL ends with a dot. |
| 683293 | Content filter cannot detect *.hta files for certain types of email. |
| 660873 | Impersonation analysis false positives when Header From has @ sign in the display name. |
| 677857 | DLP fingerprints fail to detect .doc files that are manually uploaded. |
| 675212 | Password protected and compressed malware files are not detected. |
| 681435 | When “Detect on failure to decompress” is enabled in the content profile, the .zip files may cause false positives. |
| 691329 | Policy match issue with LDAP verified domains. |
| 694038 | Unable to delete dynamic impersonation database entries with special characters in the Display Name. |
System
| Bug ID | Description |
|---|---|
| 688015 | Cloning a used mail routing profile, when the max entries are reached, deletes the original profile. |
| 688008 | DKIM and S/MIME signing in combination does not work properly. |
| 682822 | Some GUI items are not translated into Spanish and Portuguese. |
| 683893 | Oversized email meta data is sent to FortiSandbox. |
| 675831 | The maifilterd process causes high CPU usage. |
| 684622 | In the antispam and content action profiles, the header insertion value cannot exceed 66 characters. |
| 672299 | In some cases, the dnscached process may get corrupted. |
| 630571 | In some cases, after a secondary unit reboots in a config only HA, it cannot resynchronize with the primary unit |
| 674038 | When the registration expiry time under IBE Encryption setting is set to 0, the registration/reset link should never expire. |
| 681338 | FortiMail server mode calendar subscription on Outlook using the iCal URL is not working. |
| 679151 | A Gmail account using a “+” plus symbol for an alias will cause issues with IBE account creation on FortiMail. |
| 681775 | Incorrect subject encoding modifies cross search log lines. |
| 691523 | Unexpected quotation marks in blocklists when exporting the configuration. |
| 691596 | In FIPS-CC mode, FortiMail fails to import a local certificate due to the lack of certificate CRL. |
| 691549 | After adding a new webmail custom language under System > Customization > Appearance, the IBE registration web portal stops working. |
| 693194 | When hide-on-email-arrival is enabled with Microsoft 365 real-time scanning, duplicate folders may be created in the mail user inbox. |
Mail delivery
| Bug ID | Description |
|---|---|
| 673911 | Webmail client IP address is used in EHLO when sending DSNs for IBE reply email. |
Common vulnerabilites and exposures
| Bug ID | Description |
|---|---|
| 690894 | CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’). |
| 692223 | CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’). |
| 693465 | CWE-36: Absolute Path Traversal. |
| 694366 | CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’). |
Znane problemy do rozwiązania:
| Bug ID | Description |
|---|---|
| 307919 | Webmail GUI for IBE users displays a paper clip for all email although the email has no attachments. |
| 594547 | Due to more confining security restrictions imposed by the iOS system, email attachments included in IBE PUSH notification messages can no longer be opened properly on iOS devices running version 10 and up. Therefore, users cannot view the encrypted email messages on these iOS devices. Users should download and open the attachments on their PCs as a workaround. |
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie