This month, as well as the usual bundle of bug fixes and minor improvements, we’ve added the possibility to block the potential unwanted attachments separately for delivery and submission flows and we’ve created Hosted Cloud regional SPF hostnames.
Hosted Cloud – Region-specific SPF Hostnames
Some customers have indicated that they would prefer to have fewer servers authorised to deliver their email, to reduce their security surface. Including many servers is necessary in order to ensure reliable delivery, but it is possible to decrease the number of IPs based on the region selected for the domain. To support this, we have created hostnames that can be used for SPF records that only include the IPs used to deliver email from domains that are set to use that region in SpamExperts Hosted Cloud.
We strongly recommend using the global SPF hostname unless absolutely necessary. It is also critical that you exactly match the region selected for the domain in the app with the SPF hostname that is used, or simply use the global SPF hostname. For example, if a domain is set to use the US region but the domain’s SPF record has the Canadian SPF hostname, this could result in SPF failures and subsequent issues with delivery. Note that you should never include a SpamExperts IP address in the SPF record, only the hostname, as delivery IPs are regularly changed as part of overall IP and delivery management.
The regional SPF hostnames are:
- EU: spf-eu.antispamcloud.com
- US: spf-us.antispamcloud.com
- UK: spf-uk.antispamcloud.com
- Australia: spf-au.antispamcloud.com
- Canada: spf-ca.antispamcloud.com
- South Africa: spf-za.antispamcloud.com
Note that work to entirely restrict message delivery within all available regions is not yet complete, so delivery for domains using a specific region may occur from servers outside of that region, and the SPF hostname will reflect that.
Separate Potential Unwanted Attachments (PUA) for Incoming and Outgoing Filtering (HC & LC)
Over the next four weeks we will be enabling a set of changes for better PUA control.
A new option has been added in the Outgoing user settings page to block or unblock the potential unwanted attachments for the outgoing filter flow.
The previous option “Block potentially unwanted attachments” from Incoming / Attachment Restrictions page will be applicable only for the incoming filter flow.
Changelog (HC & LC)
Since the last major release, we’ve also fixed the following issues:
- MMA-7853. Fixed an issue with DMARC reports not being generated.
- MMA-7819. Fixed an issue with outgoing filter messages not being archived when the “Archive specific mailboxes only” option is enabled, and the sender is CamelCased.
- MMA-7780. Improved archive expiry performance to avoid issues with app performance around 1 a.m. UTC each day.
- MMA-7666. Improved performance when there are temporary issues connecting to archive storages.
- MMA-7878. Fixed an issue with Edit dialog from Edit Mailbox not closing after saving the changes.
- MMA-7650. Fixed “Block Macros” option to reset to default value in Attachment Restrictions page.
- MMA-7769. Fixed an issue with missing Locked Identity reports.
We’ve also made the following improvements:
- MMA-7015. CSV output orders the fields in the same order as in the request.