N-able SpamExperts

The August 22nd release of N-able SpamExperts Hosted Cloud brings many improvements as well as the usual bug fixes and performance improvements. In particular, we have focused on security enhancements and reporting improvements.

Note that these updates will only apply after the OS upgrade is applied to the cluster.

The latest Local Cloud update brings support for CloudBlue 20.4 and 20.5, some small reporting enhancements, and the usual bug fixes and performance improvements.

Operating System upgrade

Over the next 6-8 weeks, we will be upgrading all SpamExperts Local Clouds to a newer OS version. There will be some disruption to the clusters as part of this upgrade, but this will not impact filtering. The update will be actioned during the scheduled update period for each cluster.

After the upgrade is complete, we very strongly recommend that you reboot your servers, one by one, in order to ensure that the latest kernel version is active. We will notify you after the upgrade is complete with more recommendations about how to most safely & efficiently reboot all the servers in the cluster.

The OS upgrade will also deploy the latest build, which includes several other fixes & improvements. It also enables the inclusion of improvements to Email Scout Reports, and a new custom actions feature, that will be released over the next few weeks – expect a post with more details on those soon.

Removal of outdated functionality

To improve the performance & security of the app, we are removing some pages that were replaced some time ago, and were only accessible via a saved bookmark or directly entering the URL. The addresses will now redirect to the replacement pages. These are:

• The old “Train non-spam” and “Train spam” pages (these redirect to the “Train messages” page)
• The old archive search page (this redirects to the “Incoming Archive search” page)

Similarly, some functionality is being removed from the old, hidden, queue page and old log search pages:

• View message (replaced by an action to view the message from the new log search page)
• Train message (replaced by an action to train the message from the new log search page)
• Delete message (replaced by an action to delete the message from the new log search page)

TLS required for IMAP connections

IMAP connections to the quarantine server will now require a connection secured with TLS. This can be explicit (ie. using STARTTLS with a port 143 connection) or implicit (ie. connecting to port 993).

Detailed changelog

This update resolves the following issues:

• #2966 An error where archived messages that could not be immediately stored on the storage node would continue to be queued on the filtering server (MMA-5938)
• #2992 Logging tables on clusters that have converted to the newer database engine could fail to store entries in extremely rare circumstances (MMA-5906)
• #2954 Very long running archive indexing jobs could start to expire the index before the indexing job was complete (MMA-5658)
• #2989 An issue where outgoing filter ESR reports could be sent based on the wrong time zone (MMA-5904)
• #143 An error that could cause rotated logs to have an incorrect owner
• #1642 An issue where after executing an action (e.g. whitelisting a sender) in the app, the user would be unable to execute a second action without reloading (MMA-5922)
• #142 An error that could cause custom TLS certificates to be replaced with Lets Encrypt certificates during the update process (MMA-5921)
• #2976 A rare issue that could cause a negative AV scan result to be incorrectly cached when scanning remote files (MMA-4495)
• #3053 An error when previewing a quarantined message with invalid character encoding (MMA-5997)

This update also includes the following improvements:

• #382 Upgraded to PHP 7.3
• #1516, #1518, #1648, #1580, #1541, #2956 Improved app loading speed by removing flags for fully deployed features
• #141, #2968 Added support for Protection Report generation as a dedicated server role (MMA-4964)
• #3039 Reduced the amount of space required to track the archive disk space used by domains (MMA-5789)
• #2461 Added a safety check that ensures that only valid characters can be used for table names when specified in executing maintenance scripts (MMA-5108)
• #2952 Reduced disk use in logging scheduled maintenance job output
• #2823 Removing outdated quarantine accounts is delayed if there are replication issues on the quarantine server
• #2965 Parsing non-standard ISO files has been improved (MMA-5918)
• #2684 Outgoing email that will fail an SPF check downstream will again score more highly in the classification decision (MMA-5611)
• #1635 The “locked account notification” template editor now has a UI that is consistent with the other template editors (MMA-5723)

What’s new:

We have improved consistency by upgrading the legacy Protection Reports to use the current message view when using the subject link (MMA-5333).

Improved the Mailboxes, Mailbox Aliases, Domain Aliases, Templates, Destinations, Whitelist, Blacklist, Custom Filtering Rules, Custom Filtering Actions, and many other pages so that results are displayed on page load, without having to use the “show results” button (MMA-3694).

Admins can now select which activation template is used when Email Scout Reports are created. Users can use this to default to a different language, or to welcome new mailboxes using content specific to their service or brand (MMA-1421).

Viewing message logs across multiple domains is now much simpler, with the addition to the incoming & outgoing log search pages of filtering by admin (MMA-3318).

Training messages in the app is now simpler, with a fresh design of the training page, combining training all types of incorrectly classified messages in one location (MMA-680).