MDaemon Server v21.0 Release Notes
MDaemon 21.0.3 - August 3, 2021
 Hosted email options with MDaemon Private Cloud are now available. To learn more, please visit: http://www.altn.com/Products/MDaemon-Private-Cloud/.
-  fix to ActiveSync - possible public contacts corruption when PIM mrk file validation is enabled
-  fix to ActiveSync GUI - Help button does not work on Client Settings dialog
-  fix to untitled attachments on recurring events with changed occurrences that were saved by MDaemon Connector
-  fix to changed occurrences of a recurring event edited in both Webmail and MDaemon Connector can get out of sync
-  fix to delay during MDaemon startup if there are many gateways
-  fix to MDaemon performance issue when there are many domains
-  fix to Webmail - Spell Check may use 100% CPU for German and Finnish
-  fix to Webmail - XSS vulnerabilities
-  fix to Mobile theme - Unicode (e.g. Japanese) Public and Shared parent folder names are not displayed correctly
-  fix to possible crash in MDASMgmt.dll
-  fix to ActiveSync - password expiration warnings may be sent to client repeatedly
-  fix to XMLAPI - CreateUser does not work properly
-  fix to XMLAPI - AutoResponder times not adjusted to/from UTC
-  fix to possible crash in MdMbSrch.dll
-  fix to possible crash in MDaemon.exe
MDaemon 21.0.2 - May 18, 2021
 The settings at Setup|Preferences|Miscellaenous to copy all system generated postmaster notifications to global admins and domain admins now apply to more notifications, such as Account Freeze and Disable, No Such User, Disk Error, Low Disk Space, and Beta and AV expiration. If you do not feel it appropriate for your administrators to receive these notifications you must disable these settings.
CHANGES AND NEW FEATURES
-  Updated ClamAV to version 0.103.2.
-  MDaemon Connector has been updated to version 7.0.4.
-  LetsEncrypt - Updated script for new staging issuer.
-  Mobile theme - Added trial version warning on logon pages.
-  Mobile theme - Expanded the navigation items for desktop window sizes.
-  Mobile theme - Included the add image and hyperlink buttons in the HTML compose toolbar.
-  Mobile theme - Compose - CC and BCC are now shown automatically on load when populated.
-  Mobile theme - Moved the move and copy alerts to a notification message in the bottom right corner.
-  WorldClient and LookOut themes - Allowed right click context menus in textareas like Notes.
-  MDRA - Added an error message when attempting to create a new account with an already existing account mailbox name.
-  AntiVirus - Improved update notifications for Cyren AV and ClamAV.
-  Webmail - Added support for URL links in event and meeting previews.
-  Improved MDMigrator compatibility with newer versions of Exchange and Outlook.
-  The Let's Encrypt script has been updated to support ECDSA certificates. Let's Encrypt is currently only supporting ECDSA certificates via their staging system and via an allowed accounts list in production. If you'd like to request an ECDSA certificate from their production system, comment out lines 747 - 753 in MDaemon\LetsEncrypt\LetsEncrypt.ps1. For more information please visit https://community.letsencrypt.org/t/ecdsa-availability-in-production-environment/150679. If you comment out these lines and request an ECDSA certificate without being on the allow list, you will get an RSA certificate.
To request an ECDSA certificate add "-ECDSA" to the command line.
-  Added a Cancel button to the log file search window in the MD GUI.
-  fix to Mobile theme - missing translations
-  fix to Webmail - Snoozed messages are still displayed in the message view
-  fix to Mobile theme - When you delete all messages in the message list, the list is not refreshed to show the rest of the messages in the folder
-  fix to Mobile theme - Shift to select multiple items is not working correctly
-  fix to Webmail - Cannot restore the default Custom Original Message Attribution setting
-  fix to MDRA - Error when enabling ActiveSync - Form field [LocationScreenExempt] not found
-  fix to MDRA - Remote Admin IMAP filter - unable to display "when any of these conditions are true" in the editor
-  fix to MDRA - Apply to Subfolders is missing when editing the ACL of a public folder in some languages
-  fix to outbound SMTP MTA-STS failure after falling back to smart host
-  fix to MDaemon Statistics log does not roll over to the next day if a max log file size is configured
-  fix to messages to multiple local users are deferred when option to not defer local messages is enabled
-  fix to Content Filter may corrupt Japanese attachment filenames
-  fix to MDRA - Forwarding - Clicking Schedule button as a domain admin, you receive Access Denied error
-  fix to Mobile theme - mailto links are broken in messages
-  fix to Lite theme - "remote Images were blocked" is missing from message view
-  fix to Attachment Linking does not extract attachments from messages sent using Webmail
-  fix to MDaemon disconnects an ATRN session after refusing a MAIL command due to the Sender Blacklist
-  fix to Webmail - Chrome - Unable to drag and drop attachments to desktop
-  fix to Webmail - IE11 - When clicking the attachment filename, only a blank tab appears
-  fix to trusted IPs are not exempt from "Authentication is always required when mail is sent from local IPs"
-  fix to Mobile theme - LDAP address book does not show up in contact folder lists
-  fix to Webmail - CKEditor upgraded to version 4.16 to get vulnerability fixes
-  fix to MDaemon accepts IPv6 connections using the default domain instead of a domain bound to the IPv6 address
-  fix to "View" button on the Account Editor's "Mail Folder & Groups" screen does not open MDStats to the account's mail folder
-  fix to Webmail - Version is not hidden on logon page when "Hide software version identification in responses & "Received:" headers" is checked
-  fix to MDRA - Version is not hidden on logon page when "Hide software version identification in responses & "Received:" headers" is checked
-  fix to MDRA - Page description panel tile settings tile to the right
-  fix to MD GUI - Adding mailing list members using the account picker removes mailing lists configured as members
-  fix to MDRA - Cannot remove groups from mailing lists members
-  fix to Content Filter "remove header" action may not work
-  fix to possible crash in WorldClient.exe
-  fix to AV Updater screen showing wrong ClamAV information
-  fix to Webmail - View PDF in browser not working
-  fix to MDIM - Unable to send message with certain Japanese characters
-  fix to MDIM - Disable option to send files in group chat
-  fix to possible Alias.dat file corruption
-  fix to Mobile theme - Cannot sort by Sender or Recipient in message list
-  fix to MDIM - Unable to send files with Japanese character names
-  fix to Webmail - Signature images are not attached when sending from an alias
-  fix to duplicate Queue Summary messages may be sent to the postmaster
-  fix to MD GUI does not warn when a public folder submission address is added as a spam honeypot
-  fix to MDRA - Japanese characters are corrupted on the registration information window
-  fix to Webmail and MDRA - fixed jQuery vulnerabilities
-  fix to LetsEncrypt script not run when there is a space in the path
-  fix to Mobile theme - deferred delivery is not working
-  fix to calendar events marked as private in MDaemon Connector do not show as private in Webmail
-  fix to Antivirus - AV exclusions not applied to IMAP and Webmail sessions
-  fix to CalDAV - when sending a recurring meeting invitation in Apple Calendar for the Asia/Novosibirsk timezone the start time may be off by an hour
-  fix to CalDAV - monthly recurring event set to occur on the last day of month occurs on the last seven days of the month after saving the event on the client
-  fix to Mobile theme - Android - Unable to view PDF files in the browser when clicking on the attached file
-  fix to Webmail IM not being able to log in while using Mobile theme
-  fix to Dynamic Screening GUI Whitelist Add does not allow IPv6 address with mask
-  fix to MDaemon delivers to the A record when all MX lookups fail due to the DNS servers reporting technical problems
-  fix to possible MD GUI crash when doing a log file search
-  fix to Cyren AV updates are failing when TLS 1.2 is not enabled on the system
-  fix to ActiveSync GUI does not allow "Wipe device or enter 'Timed Lockout Mode' after repeated failed password attempts" policy option to be disabled
-  fix to MD GUI - Adding mailing list members using the account picker may change the type of existing members
MDaemon 21.0.1 - March 16, 2021
CHANGES AND NEW FEATURES
-  LetsEncrypt - Changed script to look for the new Certificate Issuer that LetsEncrypt changed to, and the fake Issuer that is used with the -staging switch.
-  LetsEncrypt - Updated script to look at -DNSName instead of Subject when looking for certificates to delete.
-  Changed how split DKIM keys are displayed in the dns_readme.txt file to make copy & paste easier.
-  MDRA - Users must enter their current password when attempting to change their account password.
-  The "Enable ActiveSync" checkbox in the Account Editor is disabled when the ActiveSync license is full.
-  When viewing the quarantine queue, the "Explanation" shown for messages quarantined by the Mailbox Scanner is "(Mailbox Scan) WARNING: infected with ($VIRUS_NAME$)".
-  MDaemon Connector has been updated to version 7.0.3.
-  Updated Cyren AV engine to version 6.4.0r2.
-  fix to DMARCReporter error 80004003 when decompressing .gz files on 64-bit version
-  fix to possible crash in CFEngine.exe
-  fix to Mobile theme - contact email addresses remain for new messages after a message is sent
-  fix to Mobile theme - distribution lists do not expand correctly in the autocomplete field
-  fix to MDaemon service can run as a configuration session
-  fix to possible cause of DKIM verification failures
-  fix to DMARC aggregate report generation issues
-  fix to Mobile theme - Display Previews option cannot be disabled
-  fix to Webmail - Public Calendar - If there are more than 100 events on a calendar, the page reloads constantly
-  fix to Mobile theme - Selecting the To, CC, and BCC fields requires a click farther to the right of the header name than expected
-  fix to MDaemon may not authenticate to a smart host when configured to "Send all email directly first, and then to smart hosts if there are problems"
-  fix to Android ActiveSync clients may not be able to open attachments
-  fix to ASMC does not sync data from an Office 365 account
-  fix to archiving issues related to forwarding
-  fix to distribution list contact corrupted after editing with ActiveSync client
-  fix to XMPP Server does not create database correctly on clean install
-  fix to possible crash in MDaemon.exe
-  fix to contacts from MDaemon Connector have their contact picture as an attachment in Webmail
-  fix to issues in MDaemon Connector with attachments of calendar and contact items saved in Webmail
-  fix to Cyren AV mistakenly detects some PDF files as being password protected
MDaemon 21.0.0 - February 9, 2021
MAJOR NEW FEATURES
 PERSISTENT CHAT ROOMS
MDaemon's XMPP server now supports persistent chat rooms, which do not need to be recreated every time all users leave the room. Configure them at Setup | Web & IM Services | XMPP.
 VIRUS/SPAM MISCLASSIFICATION REPORTING
When on the Quarantine, Bad, or Spam Trap queue screens in the MDaemon GUI, a right-click popup menu option was added to report messages to MDaemon.com as false positives or false negatives. Similar options have also been added to MDaemon Remote Administration. The messages will be analyzed and passed along to third-party vendors for corrective action.
 ACTIVESYNC MIGRATION CLIENT (ASMC) GUI
A GUI has been created to assist in running ASMC (ASMCUI). It allows you to store your options and recall them at a later time.
WEBMAIL MOBILE THEME IMPROVEMENTS
-  Added a way to see that a Note or Task has an attachment from the list view.
-  Added dialog to choose between editing an occurrence and editing the series, and another to choose between deleting an occurrence and deleting a series.
-  Added saved searches to the advanced search dialog.
-  Added saved search folders.
-  Added options to create a New Event, New Task, or New Note from a message.
-  Added the Scheduling Assistant to the Event editor.
-  Added Dropbox features.
-  Added autocomplete functionality to attendees, distribution lists (name field), and folder share users.
-  Added the Check Attachments feature.
-  Added the resend message feature.
-  Added Group By Company feature to the contact picker.
-  Added the MDaemon IM client.
-  Added keyboard shortcuts.
-  Added ability for users to view Mailbox Quota status in View Options dropdown.
-  Added the create All Unread and All Flagged saved search prompts.
-  Added support for message threading.
-  Added support for opening attachments in the browser in addition to the download option.
-  Added ability to drag list items to folders for move or copy actions.
-  Added right-click context menu to list views.
-  Made some visual refinements to the swipe right to delete feature.
-  Added a swipe left to toggle read/unread for the message list feature.
-  Added additional dialog options for Contacts and Calendar folders in Settings | Folders.
-  Added the ability to create a calendar event for the Anniversary or Birthday of a contact from the contact edit page.
-  Added a contact's picture to the contact list.
-  Added informational text to settings pages.
-  Added an icon next to the subject line in the message view for toggling the flagged state of a message.
-  Added an option use the auto-formatted date and time in the message list.
-  Added preview popup windows for contacts, tasks, and notes with an option to enable/disable them under Settings | Personalize.
-  Added ability to access the first two attachments of a message in the message list.
-  Moved the "Message Sent" alert to a non-intrusive notification.
-  Added Multi-Node Mail Routing, where mail queues are shared between the cluster nodes. Having multiple machines process and deliver the messages allows them to split the work more evenly and prevents messages from being stuck in the queues of any machines that are down.
-  SSL certificates are replicated from the primary to secondary nodes.
-  Queues on secondary nodes are frozen during the initial data replication, which improves responsiveness during startup.
-  Replication is paused as soon as MDaemon shutdown starts, eliminating clustering-related shutdown delays.
-  The admin is notified if the automatic update option is disabled when enabling the clustering service.
-  Cluster nodes may be added using IP address or DNS name.
CHANGES AND NEW FEATURES
REMOTE ADMINISTRATION (MDRA)
-  Updated the styling of the graphs and reports.
-  Added the ability to view a typed password. Setting values that contain passwords are masked when requested from the server.
-  Moved Administrator Notes into Administrative Roles view for Global Admins.
-  Added Host Authentication under Setup | Server Settings.
-  Added Groups under Account Templates | New Accounts and updated Group selection to use a tree-based checkbox interface.
-  Added an option to enable/disable the show password feature.
-  Added the Explanation column to the Quarantine queue list.
-  Added additional information when the "Apply to sub-folders" button is clicked.
-  Mailing list names are trimmed of spaces when saving changes.
-  Updated the appearance of the status page tables and the disk usage statistics.
-  Added list filters for Config Files and Log Files.
-  Added Domain NAT Exemptions page under Security | Dynamic Screening | Domain NAT Exemptions.
-  Added ability to resize list columns.
-  Added ClamAV and CyrenAV configuration options at Security | AntiVirus | AntiVirus.
-  Added Test buttons at Setup | Active Directory | Authentication and Main | Mailing Lists | Edit | Authentication.
-  Added custom branding options for Remote Administration at Main | Remote Admin Settings | Branding.
-  Added a table of Domain Statistics at Main | Status that shows the Total Messages and Total Space used per domain according to the quota counts. This feature is only available in MDaemon Private Cloud version.
-  Added a "Restart Spam Filter" button to the Spam Filter | Spam Filter | Spam Filter page.
-  Added a way to display the password requirements in the case that the user must change their password before login.
-  Added ability to manage the RAW queues under Messages and Queues | RAW Queue.
-  Added ability for Domain Admins to manage Spam Trap. This feature is only available in MDaemon Private Cloud version.
-  Added ability to create custom links that are added to the navigation menu. This feature is only available in MDaemon Private Cloud version.
-  Added Webmail Custom Links manager at Main | Webmail Settings | Custom Links for GAs and Main | Webmail Custom Links for DAs.
-  Added options to set List Admin permissions levels.
-  Added "Create new Backscatter Protection key" button at Security | Other | Backscatter Protection.
-  Added the "Test" button at Spam Filter | DNS-BL | Hosts.
-  Added the "Send aggregate reports now" button at Security | Sender Authentication | DMARC Reporting.
-  Added a mailbox exclusions list at Main | Remote Admin Settings | Settings to prevent display of specific mailboxes in Reports.
-  Added "Release All" and "Requeue All" buttons to the Queue managers at Messages and Queues | Deferred Queue, Holding Queue, Quarantine Queue, Spamtrap Queue.
-  Added the VBR Certification Setup page at Security | Sender Authentication | VBR Certification "Configure a domain for message certification".
-  Added a directory browse button that can be used across several pages in MDRA by Global Admins.
-  Changed the name of Mobile Devices to ActiveSync.
-  Added a "Recommended" button to restore the recommended settings for the account Web Services page.
-  Added the domain level "Log Level" option for ActiveSync client settings.
-  Added a button to take users to the Dynamic Screening Logging Options from the Setup | Logging | Settings page.
-  Added the Edit Default Autoresponder file button at Setup | Account Settings | Autoresponders
-  Added ability to search for restricted files inside 7-Zip compressed files.
-  Autoresponders now support Unicode (UTF-8), allowing the text to be in any language.
-  IMAP filtering rules can now search the message body for particular text.
-  Added ability to attach an event to a new email from the right-click menu in LookOut and WorldClient themes, and from the event preview in Mobile theme.
-  All New Account Creation features have been removed.
-  Added an option to set the default calendar view for published calendars.
-  Added an option to skip the IP persistence check on a per user basis. In MDRA edit a user account, go to Web Services and check "Skip IP persistence check for Webmail sessions".
-  Added ability to search the CC field in advanced search.
-  Added an option to publish a free / busy calendar link in addition to a normal calendar link.
-  Added Maximum Messages sent per day to the displayed quotas.
-  Updated to SpamAssassin 3.4.4.
-  Removed deprecated settings in local.cf.
-  MDaemon Connector has been updated to version 7.0.2.
-  Setup | Mobile Device Management has been removed and replaced by the ActiveSync Management dialog at Setup | ActiveSync.
-  The ActiveSync Client Settings screen has been removed. Customize client settings on the Tuning, Domains, Groups, Accounts, and Clients screens.
-  The ActiveSync Client Type screen has menu commands to whitelist and blacklist client types.
-  Added screens at Setup | Message Indexing for the configuration of real-time and nightly maintenance of the search indexes used by Webmail, ActiveSync, and Remote Administration.
-  Several plugins now share a common Diagnostics configuration screen.
-  Additional information is logged to the Plug-ins log.
-  Dynamic Screening allows 0 for recurrence penalties when blacklisting IP addresses.
-  Updated the text for the "Hide account" option at Account Editor | Settings.
-  The appearance of the XMLAPI documentation portal can be customized globally and by domain. See the "Changes and development notes" in the help portal (ie. http[s]://ServerName[:MDRAPort]/MdMgmtWS) or view the file \MDaemon\Docs\API\XML API\Help_Readme.xml on disk using Internet Explorer for more information. A sample company.mail directory is provided at \MDaemon\Docs\API\XML API\Samples\Branding.
-  Added Alias operation to simplify Alias management, resolve and report aliases.
-  Added FolderOperation Search action to search messages.
-  Added support for the Cluster Service to QueryServiceState and ControlServiceState.
-  When a message is sent between local accounts, both "in" and "out" archive copies will be created if both "Archive inbound mail" and "Archive outbound mail" are enabled.
-  The option to archive spam messages, which was removed in version 20.0, is back.
-  Spam messages released from the Spam Trap are archived.
-  Updated ClamAV to version 0.103.0.
-  Updated Cyren AV engine to version 220.127.116.11.
-  ASMC supports new command line options. /LogLevel:UnsignedInteger : The logging detail level [Default = 1 (Debug)]. /GPI:UnsignedInteger : The number of minutes between when the global processing status is logged. [Default = 1 Minute].
-  WDaemon - The "Server" response header is now hidden when "Hide software version identification in responses & "Received:" headers" is checked at Setup | Preferences | Headers.
-  XMPP Server - Updated database backend to version SQLite 3.33.0.
-  AD Monitoring - proxyAddresses attribute values that do not start with "smtp:" are ignored.
-  MDaemon Instant Messenger - Added support for Slovenian language.
-  fix to incorrect API documentation for MD_DeleteAlias
-  fix to ActiveSync server may limit Sync Window Size to 100
-  fix to Cluster Service may not restart correctly when joining or leaving cluster
-  fix to 32-bit and 64-bit mailbox search databases differ in file format
-  fix to possible hang during cluster service shutdown
-  fix to ActiveSync - Overriding log level to None at non-global levels does not work
-  fix to F1 key does not open help on Dynamic Screening dialogs in the MD GUI
-  fix to MDRA - No error when creating a gateway with the same name as your domain in Domain Manager
-  fix to MDRA - Mailing Lists Export not working
-  fix to MDRA - Public folder submission address not allowing non-existent local address
-  fix to Mobile theme - Unsubscribed calendar's events still show up when calendar was checked prior to unsubscribe
-  fix to Webmail - Sending via RPost no longer works
-  fix to MDRA - Search returning incorrect results for Recipients
-  fix to Mobile theme - compose text area is difficult to use on a mobile device
-  fix to Mobile theme - drag and drop attachments in compose view is hidden on desktops
-  fix to Mobile theme - Options | Folders - folder collapse button is too small on handheld devices
-  fix to Webmail - Calendar event editor might show wrong start and end dates and times
-  fix to MDRA - Everyone and MasterEveryone lists are not created when the setting is enabled and not deleted when the setting is disabled
-  fix to Mobile theme - Mark as Read on Preview setting not being honored
-  fix to LookOut theme - If you resize the preview pane to the very top of the window you cannot drag it back down
-  fix to Mobile theme - Sometimes the back button in the browser takes the user to the login screen
-  fix to Webmail - Some text is not translated
-  fix to Mobile theme - Calendar event drag and drop not working
-  fix to MDRA - the Download button does not work when viewing a log file
-  fix to MDRA - No configuration error when setting forward schedule to start and end on the same date and time
-  fix to MDRA - Clearing and saving Forwarding Schedule causes menus to disappear
-  fix to Mobile theme - On smaller devices, the View/Sort options are cut off on the left side
-  fix to AD monitoring creates incomplete alias list for accounts with many aliases
-  fix to Mobile theme - IMAP Filter - Folders containing non-ASCII characters are not displayed correctly
-  fx to possible MDStats.exe crash with long public folder name
-  fix to message with route slip may not be bounced immediately if the smart host returns a 5XX RCPT error
-  fix to incorrect deferred delivery logging
-  fix to CalDAV - with the Outlook CalDav Synchronizer plugin tasks are duplicated after synchronization
-  fix to MDRA - When you edit the External Warning message rule it changes the action to "then sign with private key"
-  fix to Mobile theme - Message Preview - Clicking details on one message causes all future messages to display headers
-  fix to MDRA - Changes to SPF whitelist do not take effect until MDaemon is restarted
-  fix to Webmail - Messages sent from Outlook do not print correctly in Chrome-based browsers
-  fix to Webmail - Remember Me only works for one device / browser at a time
-  fix to Spam Filter - queue-based scan is incorrectly interpreting the scan size limit
-  fix to MDRA - Editing domain settings for ActiveSync results in an exception
-  fix to Webmail - If AV engine is configured to not allow macros, Webmail reports that the attachment is infected instead of containing macro
-  fix to incorrect syntax in generated Authentication-Results headers
-  fix to Print/Copy in the MD GUI not always working
-  fix to Mobile theme - No error displayed when AV detects macro in uploaded attachment
-  fix to Lite theme - Double clicking on the Send button will send a message twice
-  fix to Attachment Linking may not extract files from HTML messages created by iOS Mail
-  fix to --pgpx not causing some emails to bounce back to sender as undelivered
-  fix to Mobile theme - No messages are displayed when Enable Message Snooze is disabled
-  fix to possible Account Manager UI crash
-  fix to Clustering - some notifications were not being sent between secondary nodes
-  fix to ActiveSync - the formatting of notes may be lost on iOS clients
-  fix to Mobile theme - The calendar translations are in Russian when English-UK is chosen for the user language
-  fix to MDRA - ActiveSync Clients list may be populated with other users' clients from the same domain
-  fix to trusted IPs are not exempt from RFC compliance check
-  fix to Lite theme - HTML messages appear blank in newer versions of Firefox
-  fix to Mobile theme - new features are not being loaded (old code is cached)
-  fix to Webmail - IE11 - Only 100 contacts in a Japanese Addrbook.mrk file are displayed
-  fix to MDRA - bottom half of mailing list member lists are highlighted in grey
-  fix to Content Filter - Restricted attachment actions not logged and notifications not sent when attachment extracted from rich text mail
-  fix to Cyren AV Updater - Updater does not always try to reattempt to download updates for certain errors
-  fix to MDRA - branding image uploads are failing due to caching
-  fix to "SMTP server requires STARTTLS on MSA port" is not enforced for AUTH command
-  fix to Mobile theme - Invalid parameters error being displayed to users
-  fix to MD GUI requires autoresponder end time to be after the start time even when the end date is after the start date
-  fix to Mobile theme - Mark as Spam and Mark as Not Spam do not work in the message preview dropdown
-  fix to MDRA - Dynamic Whitelist and Blacklist entries use the wrong time zone
-  fix to MDaemon creates "Tentative" meeting when it processes a "Busy" iCalendar invitation from Outlook
-  fix to Mobile theme - Unable to delete the first filter and wrong filters being deleted
-  AutoDiscovery Service now handles Outlook IMAP Configuration