The August 22nd release of N-able SpamExperts Hosted Cloud brings many improvements as well as the usual bug fixes and performance improvements. In particular, we have focused on security enhancements and reporting improvements.
Security Enhancements
IMAP TLS: As of this update, all IMAP connections to the quarantine will require an encrypted (TLS) connection. You can use an explicit TLS connection (connecting to port 143 and using STARTTLS) or implicit (connection to port 993) – in most cases your mail client will already have automatically enabled this. If you access your quarantined messages using the app or reports rather than through IMAP, then you do not need to make any changes.
Macros: email messages containing attachments that have macros are a common source of dangerous content. We recommend that macros are disabled in Office for all users that do not require their use, and that sharing any documents that contain macros is done via a document control system, like SharePoint, Google Drive, iCloud, or DropBox. You can block all incoming messages containing macros with the setting on the “Filter settings” page:

With this release, you can now also block all outgoing messages containing macros. To do this, use the “Manage authentication” page in the “Outgoing” section. Select the IP or smarthost that you wish to restrict, and choose “edit”. You’ll find the new option near the end of the page.

Increased Customisation
The “custom actions” feature now allows further customisation when using the subject notation action (MMA-977). Instead of always using a fixed keyword in the subject, you can configure any tag when adding the action. For example, you might want to tag mail that matches specific keywords or from senders in specific industries.

Reporting Improvements
Previews: When creating an Email Scout Report, or configuring automatic Email Scout Reports for all mailboxes at a domain, you can now see a preview of what the report will look like (note that all email clients have slightly different rendering rules, so the exact appearance will differ slightly in each). Simply configure the report as usual, and then use the Preview tab to see what the report will look like – we use the actual live search results so you can see real data in the report. You’ll find that it’s much easier to choose the right subject and template, and have confidence that you know what the reports will look like.

Multiple Edit: It’s now much faster to manage existing Email Scout Reports, with the new ability to edit multiple reports at once. For example, you might have a large number of reports where you wish to change the schedule, or the subject of the message. Simply select all of the reports you want to edit, and choose the “Edit” option from the menu at the end of the list. You can change multiple aspects of the reports, and leave others unchanged.
Excluded mailboxes: Managing which mailboxes do not receive Email Scout Reports is now much simpler. Typically, for automatic Email Scout Reports, all mailboxes other than distribution lists and shared mailboxes, have a report enabled. However, there are cases where a user unsubscribes from the report and you need to enable it again, or where there’s a specific mailbox that shouldn’t receive reports. When you create an automatic Email Scout Report, there’s a new option to specify mailboxes to exclude (MMA-5540), and you can add and remove excluded mailboxes in the exclusions tab (MMA-3697).
Branding: It’s now much simpler to manage the branding that appears in Email Scout Reports. If you have Premium Private Label, you’ll find a new “include standard branding” option at the top of the Email Scout Report template editor. Users that do not have Premium Private Label will continue to automatically have appropriate branding added to the top of the report.
If this option is enabled, then the logo that you have configured for the brand, or the brand name (if there is no logo) will be added to the top of the Email Scout Report – above any of the content in the template. You can configure multiple brands, or if you don’t configure any then the N-able Mail Assure brand will be used.
If you prefer to have completely white-label reports, or if you wish to include branding elements in a custom format (perhaps at the end of the report, or incorporating additional elements of your brand), then simply disable the option and edit the template to suit your needs.
You’ll notice that there is also an additional “Language” field in the Email Scout Report template editor. This allows you to easily manage multiple templates in different languages, if you wish to offer this functionality to your users. In the future, we’ll add the ability to automatically select a template by matching this language choice with the user’s selected language.
New Templates: There are four new Email Scout Report Templates available. These are similar to the “row” and “column” templates, but with a modernised look, and clearer instructions. “Desktop Card” is suited to users who typically view their reports on larger screens, and have a small number of report entries. “Mobile Card” is similar, but will work better for users who typically view their reports on smaller screens. The “Desktop Table” template is suited to users who typically view their reports on larger screens, and have a large number of report entries, or a large number of columns in the report. Finally, “Mobile Table” is similar, but again suitable to users who typically view their reports on smaller screens.

Lock notifications: We’ve simplified the interface for editing the template for email notifications when an outgoing user is locked – it has the same design as the other email template editors (MMA-5723).
Detailed Changelog
This update resolves the following issues:
- #2823 Fixed an issue where newly added domains could have the quarantine folder (and contents) removed
- #2965 Fixed an issue parsing non standard ISO files
- #2992 Fixed a rare issue where log messages could fail to be stored
- #2954 Fixed an issue where a very long-running archive index creation could start expiring before the indexing was complete
- #2989 Fixed an issue with outgoing ESR reports being sent at the wrong time
- #2976 Fixed an error where a cached result could wrongly be used in the URL scanning
- #3053 Fixed an error viewing quarantined messages when the message had a particular type of invalid encoding
- #3079 Fixed an error preventing outgoing quarantined messages being viewed in some situations
- #142 Fixed an error where custom certificates could be replaced by Lets Encrypt ones during the update process
- #1642 Fixed an issue where pages would not work the second time they were used
- #1727 Fixed an error where admins would be unable to accept the SSA
- #1771 Fixed an error where an on-demand Email Scout Report would send to all domains instead of the selected domain(s)
- #1784 Fixed a rare visual error on the remote syslog configuration page
- #149 Fixed a rare issue updating specific types of TLS certificate
This update also includes the following improvements:
- #2684 Adjusted classification of outgoing messages that would fail a downstream SPF check
- #1538 Add a field to exclude mailboxes directly when creating Email Scout Reports
- #1635 Changed the “lock template” dialog to match other template editors
- #1650 Add “include standard branding” toggle for Email Scout Report templates
- #1709 Updated cookie attributes to the latest browser requirements
- #3108 Improved detection of “tar” archives