What’s New in MailStore SPE

MailStore SPE 13.1

21/04/2021

Note Following Google's major product renaming for business products, the name G Suite has been replaced by Google Workspace throughout the software.
New Added support for AD FS OpenID Connect when using the directory service type "Active Directory".
New Added support for AD FS OpenID Connect when using the directory service type "LDAP Generic".
New The administrator is warned on the dashboard and in the status report when certificates used as credentials are about to expire or are already expired.
Improved Significant performance improvement when moving messages within the same archive.
Improved Client: When opening emails in a mail client, Thunderbird profile names are now displayed for all profiles.
Fixed Folder names containing multi-byte Unicode characters are stored incorrectly.
Fixed Client: The x64 version of Thunderbird is not properly detected.
Fixed Client: The client does not check certificate revocation.
Fixed Client: Ad-hoc export of emails to Microsoft 365 or an Exchange Server using auto discover fails.
Fixed Outlook Add-in: After unloading the add-in, it cannot be loaded again in the same Outlook session.
Fixed Outlook Add-in: Attachments with special characters in their name cannot be downloaded.
Fixed Web Access: Attachments with special characters in their name cannot be downloaded.
Fixed Various minor bug fixes and improvements.

MailStore SPE 13.0.5

25/11/2020

Fixed Directory Services: "Sync only these groups" filter behaves different for Microsoft 365 (Modern Authentication) than for other directory services.

MailStore SPE 13.0.3

29/10/2020

Improved Replaced "Ignore SSL Warnings" label with "Accept all certificates" in archive and export profiles to resolve confusion around MailStore's own warnings if the option is enabled. The behavior itself remains as is, as "Accept all certificates" is an insecure setting.
Fixed Certificate warnings cause RunProfileArc audit event of type "Error".
Fixed Client and Outlook Add-in do not check certificate revocation.
Fixed Discontinued product Zarafa included in list of Implementation Guides.

MailStore SPE 13.0.2

11/08/2020

Note Before updating from version 13.0.1: If the directory service type Microsoft 365 (Modern Authentication) is used, please check if there are MailStore users whose email addresses contain upper case letters. In such a case, please contact tech support for assistance in preparing the update.
Fixed Directory Services: When using Microsoft 365 (Modern Authentication), email addresses are not always converted to lower case, which may result in the creation of a secondary folder structure and duplicate emails.

MailStore SPE 13.0.1

17/07/2020

Fixed Directory Services: Incomplete list of email addresses when using Microsoft 365 (Modern Authentication) profile and if Azure AD is synchronized with an Active Directory.

MailStore SPE 13.0

15/07/2020

Note Following Microsoft's major product renaming for consumer and SMB products, the name Office 365 has been replaced by Microsoft 365 throughout the software. All references to Microsoft 365 interchangeably apply to the Office 365 Enterprise plans and other plans that kept Office 365 in their name.
Note Mobile Web Access has been fully removed in this release. Many improvements and bug fixes applied to the responsive Web Access in this release make it a suitable, modern, and secure replacement on all supported mobile devices, including support of authenticating users directly against Microsoft 365 and Google G Suite.
Note Microsoft has announced the removal of HTTP Basic Auth for Exchange Web Services (EWS) in Microsoft 365. As MailStore's traditional Microsoft Exchange profiles support EWS with Basic Auth only, a new dedicated Microsoft 365 profile with support for modern OAuth authentication and a new Directory Service with support for authenticating users via OpenID Connect have been added. Customers of Microsoft 365 are advised to regularly check for Microsoft's announcement on the timeline for removing HTTP Basic Auth, and should plan the migration to the new profiles in advance. Please note that IMAP access to the archive is no longer supported when using a directory service which authenticates users via OpenID Connect.
Note Google has announced the removal of basic authentication types for IMAP in G Suite. IMAP is used in MailStore when authenticating users against G Suite. The existing direcory service settings for G Suite have therefore been extended to support the modern OpenID Connect authentication method. Customers of G Suite are advised to regularly check for Google's announcement on the timeline for removing basic authentication, and should plan the migration to the new setting in advance. Please note that IMAP access to the archive is no longer supported when using a directory service which authenticates users via OpenID Connect.
New Dedicated Microsoft 365 profiles for archiving and exporting emails using modern OAuth authentication as required by Microsoft. Please note that for technical and organizational reasons, these profiles are only available to MailStore administrators.
New Directory Services: New profile for Microsoft 365 using modern OAuth authentication, to synchronize users via Microsoft Graph API and to enable synchronized users to authenticate directly with Microsoft using OpenID Connect.
New Directory Services: Added OpenID Connect as authentication method to G Suite profile, which allows synchronized users to authenticate directly with G Suite.
New Two-step login process in Client, Outlook Add-in, and Web Access which supports the use modern authentication via OpenID Connect to authenticate users directly against Microsoft 365 and Google's G Suite.
New Group Policy templates for Client and Outlook Add-in are now available for downloading from the default page (if no instance was specified in URL) on the Client Access Server.
Improved Localization of Group Policy templates.
Improved Improved handling of logging job results for Jobs that did not create any output.
Improved Audit event MessageDelete is now set to "All Users" by default on new installations.
Improved The admin dashboard and recent profile results warn about potentially insecure (e.g. unencrypted, Ignore SSL warning set) outbound connections to email servers or directory services. This has been just an information since version 12.
Improved The dashboard of the Management Console warns about potentially insecure (e.g. unencrypted, Ignore SSL warning set) outbound connections to email servers. This has been just an information since version 12.
Improved Client: Clicking on folder path in message view opens the folder and shows the messages therein.
Improved Web Access: Clicking on folder path in message view opens the folder and depending on display size shows the messages therein.
Improved Web Access: Show specific message if session has expired.
Improved Web Access: Major update of all underlying web framework components.
Improved Web Access: Increased available reading space for content in mobile view.
Improved Web Access: Search by "This Week" and "Last Week" filter take locale setting into account for first day of week.
Improved Web Access: Images attached to emails will be displayed in web browser instead of downloaded when opened.
Improved Unified handling of certificate validation across all clients that connect to an SPE Instance. Please note that certificate thumbprints can no longer be whitelisted via Group Policies.
Fixed Messages of item class "IPM.Note.NotSupportedICal" cause ErrorAccessDenied exception when archiving from Microsoft 365 mailboxes.
Fixed Processing of Retention Policies does not mark broken search indexes as broken.
Fixed Compliance setting "Archive Access" can be modified by $archiveadmin via API method SetComplianceConfiguration.
Fixed Audit Log cannot be opened when it contains an entry with a user name which includes a colon.
Fixed Passwords with leading or trailing space character cannot be used in Exchange/Microsoft 365 archiving profile, although supported by Microsoft 365.
Fixed Client: In contrast to the Legacy Web Access and Outlook Add-in, only the date is shown in message list, but no time information.
Fixed Web Access: Scrolling in sidebar does not behave as expected on iOS devices.
Fixed Web Access: Sidebar does not scroll to expected position while switching between search and folder view.
Fixed Web Access: Escape character visible in path property in message detail view.
Fixed Web Access: Folders become inaccessible when a large folder hierarchy exist in the archive.
Fixed Web Access: Microsoft Edge (Spartan) crashes when selecting a custom date.
Fixed Web Access: Content of emails with wide message body cannot be reached due to missing horizontal scroll bars in message view.
Fixed Web Access: In contrast to the Legacy Web Access and Outlook Add-in, only the date is shown in message list, but no time information.
Fixed Incorrect Dutch localization of "Uncheck all".
Fixed Mobile Web Access is built upon the no longer maintained jQuery Mobile. To address security concerns and support modern OpenID Connect authentication method, Mobile Web Access has been removed in favor of the responsive Web Access.
Fixed Update of third party library, which fixes several minor issues in archiving, displaying and exporting of emails.
Fixed Various minor bug fixes and improvements.

MailStore SPE 12.1.3

23/04/2020

Fixed Outlook Add-in: Missing certificate validation during login.
Fixed Group Policy for the Outlook Add-in allows whitelisting of certificates by their thumbprint.

MailStore SPE 12.1.2

27/02/2020

Fixed Outlook Add-in: Opening saved searches does not clear checkboxes that are not set part of the saved search.
Fixed Outlook Add-in: Selected folder highlighting appears too bright in connection with new icons on some displays.

MailStore SPE 12.1.1

07/02/2020

Fixed Attachments with Umlauts in file name cannot be downloaded with Outlook Add-in.
Fixed Missing localization of a section title in some export profiles.

MailStore SPE 12.1

05/02/2020

New Outlook Add-in: "Print Message" button added, which allows to quickly print a message on the default printer.
Improved Outlook Add-in: Update of icon set to better integrate into the look and feel of recent Outlook versions.
Improved Significant performance improvement of verification when archiving from individual mailboxes.
Improved Links to Exchange Implementation Guides added to first step of Exchange profile wizard.
Improved Export profiles now allow retaining the archive folder structure in the destination to be optional.
Improved Audit Log: Copy to clipboard now includes event details.
Improved Orphaned archives are now shown on the Privileges page.
Improved SMTP Settings: Support for multiple recipients (comma separated email addresses) added.
Improved Thunderbird Support: MailStore warns users that archiving may be incomplete due to IMAP-backed Thunderbird profile.
Improved jQuery security update to close potential XSS vulnerability.
Improved Windows Mail archiving profile removed as MailStore does not run on any operating system where Windows Mail is available.
Improved Quick export of saved search results via context menu added.
Fixed Sporadic errors when accessing Exchange or Office 365 public folders in hybrid environments.
Fixed MailStore hangs when there is a redirection loop in Autodiscover for Exchange or Office 365 mailboxes.
Fixed MailStoreCmd.exe does not support TLS 1.1 and TLS 1.2.
Fixed MailStoreManagementCmd.exe does not support TLS 1.1 and TLS 1.2.
Fixed Change Password privilege not listed on Users page.
Fixed Outlook Add-in: Login fails on first attempt when TLS 1.0 is disabled on client computer.
Fixed Web Access does not forget first logged-in user after logging out, which leads to unexpected exceptions on re-login.
Fixed Various minor bug fixes and improvements.

MailStore SPE 12.0.3

26/06/2019

Fixed Outlook Add-in: Empty error message dialogs.
Fixed SMTP sessions are not terminated with QUIT command when sending emails to external systems.
Fixed GPO for client does not apply correct language if value is set to "(System)".

MailStore SPE 12.0.2

08/05/2019

Fixed Missing translations of new texts in version 12 if selected language is other than German or English.

MailStore SPE 12.0.1

24/04/2019

Fixed G Suite IMAP login fails due to failed token revocation.
Fixed Client: Clicking hyperlinks inside the email preview opens "about:blank#".
Fixed Archiving emails from MailStore Gateway mailbox fails when the POP3 user name in a proxy scenario is not lower case only.

MailStore SPE 12.0

10/04/2019

Note Due to security related fixes in the Client Launcher, it is highly recommended to update Email Archive Client manually or via an automated software deployment.
New Official Microsoft Windows Server 2019 support.
New MailStore Gateway: Free add-in application that provides POP3 and SMTP proxy functionality. Additionally it also provides limited mailserver functionality to receive messages from other email servers via SMTP, such as Microsoft Office 365 or Google G Suite. A new archiving profile has been added to the Email Archive Client for archiving emails from MailStore Gateway.
New The admin dashboard and recent profile results inform about potentially insecure (e.g. unencrypted, Ignore SSL warning set) outbound connections to email servers or directory services.
New The dashboard of the Management Console informs about potentially insecure (e.g. unencrypted, Ignore SSL warning set) outbound connections to email servers.
New Safe Mode: Instances can be started in Safe Mode to resolve configuration issues without interfering with profiles, jobs, or users.
Improved Outlook Add-in: Secure Connection is enabled by default on new installations.
Improved Directory Services: Default settings for new connections are set to secure protocols (e.g. LDAP-TLS, IMAP-TLS)
Improved Automatic execution of database scheme integrity check when attaching or enabling archive stores.
Improved Add G Suite to trademark list.
Improved Web Client: Detect browser language and switch language automatically.
Improved Notification for failed license update attempts.
Improved Changed retry logic for failed license update requests.
Improved Software prevents MailStore admins from dropping their own admin right.
Improved Web Client: Non-generic error message is shown for too complex searches.
Fixed Inconsistent status icon in result details of multi mailbox archiving profiles.
Fixed Status Reports: All non-failed statuses are reported as successful, which might be incorrect under certain conditions.
Fixed Web Access: Wrong date shown if MAPI CST has been set in the message.
Fixed Exit code of startup script is missing in Windows eventlog.
Fixed HTML MIME parts with too high recursion depth (i.e. nested DIVs) are not be shown correctly.
Fixed Detection of external URLs in HTML sanitizer broken.
Fixed Management API: Admins are able to delete themselves.
Fixed Directory Services: Synchronisation with G Suite fails when there are no groups in G Suite.
Fixed Client: Expired certificates are trusted if they have been whitelisted previously.
Fixed Client Launcher: Initial connection is always using TLS 1.0 instead supported higher TLS version.
Fixed Web Access: Folder cannot be created manually under the root archive level.
Fixed Various minor bug fixes and improvements.

MailStore SPE 11.2.2

26/02/2019

Note This version fixes a critical security vulnerability. All customers running an affected version of MailStore Service Provider Edition should update their installations as soon as possible.
Fixed Critical security vulnerability in version 9.6 and newer.

MailStore SPE 11.2.1

16/01/2019

Fixed Archiving from Microsoft Exchange or Microsoft Office365 may fail under certain circumstances in hybrid environments or migration scenarios.
Fixed Very large recovery records lead to continuous auto compacting of recovery record files.
Fixed Audit log entries larger than 4096 bytes cannot be read from file system.
Fixed Bump copyright to 2019.

MailStore SPE 11.2

26/09/2018

New Official Microsoft Exchange 2019 support.
New Official Microsoft Outlook 2019 support.
Improved Extend RecoverStore command by option to also restore deleted emails. Prior to usage consulting tech support is highly recommended.
Improved Retention Policies: Stricter validation of policies.
Improved Updated privacy policy and trademark list.
Fixed Incomplete exception handling in RecoverStore leads to abortion of recovery process if a corrupt search index file exists.

MailStore SPE 11.1

18/07/2018

New Password policies defines complexity requirements and minimum length for passwords of MailStore-integrated users.
Note The password policy is hard-coded and is applied the first/next time a MailStore password is changed.
New Web Access: Changing own password now possible for MailStore-integrated users.
Fixed Renamed Alt-N to MDaemon to match current vendor name.
Fixed VerifyStore may fail under certain circumstances

MailStore SPE 11.0.2

25/04/2018

Improved Improved performance when upgrading archive stores from version 10 or older. Refer to the update notices for further information about upgrading archive stores.
Note Users who already upgraded their archive stores with version 11.0.0 need to manually rebuild all search indexes in order to restore full search capabilities.
Note User who currently upgrade their archive stores from version 10 or older to 11.0.1 may cancel this process and upgrade to 11.0.2 to benefit from the performance improvement for remaining upgrade steps. Afterwards, one search index may require a manual rebuild due to the previous cancellation.
Improved Searches (incl. Saved Searches) without archive date are now possible on non-upgraded archive stores.
Fixed Issue "System.NotSupportedException: Stream does not support reading" resolved

MailStore SPE 11.0.1

19/04/2018

Note Version has been replaced by 11.0.2.

MailStore SPE 11.0

18/04/2018

New Retention Policies: By creating a set of retention policies, administrators gain full control over how long different type of messages are retained in the archive and whether messaged are to be removed automatically at the end of the retention period. For each message, administrators may check how current retention settings affect that message.
Note An existing global retention period from a previous version is migrated to a corresponding retention policy. In addition, a new job is created to process retention policies daily at 3:30am.
New Management API: Added GetRetentionPolicies and SetRetentionPolicies methods. Removed "globalRetentionTimeYears" parameter from GetComplianceConfiguration and SetComplianceConfiguration.
New Automatic Update Check: Available updates are shown on the dashboard of the Management Console and notifications are sent to SPE admins via email if possible.
New Automatic Update of Web Access: Updates are automatically installed to ensure latest security updates are available to end customers as soon as possible.
New Branding: Updates can be pushed to Client Access Servers by ReloadBranding API command and activated without the need to restart the Client Access Server role.
New Management Console: Added SMTP settings page which allows service providers to configure SMTP settings. These settings are are used to send notifications to SPE admins, e.g. about available product updates.
New Jobs: New template for processing retention policies.
Improved Web Access: Search criteria are now fully integrated into the sidebar in desktop view.
Improved Web Access: Setting for language independent date formats added.
Improved Search: Messages can now be searched by their archive date.
Improved Jobs: $archiveadmin user is limited to see, edit, and execute his own jobs only.
Improved Recovery records are now stored in separate container files, contain all meta data of the messages and are updated in real-time.
Improved Archive store recovery based on the new recovery records allows a rebuild of corrupt archive store databases without the need to export and re-archive messages. The new RecoverStore Management API command provides access to this function.
Improved Further hardening of encryption key file management to work around potential file system corruption.
Improved For security reasons, the username of the first admin user must now be entered during initial configuration.
Improved Integrated IMAP-Server: Disallow authentication through insecure connections.
Improved Added TLS 1.1 and TLS 1.2 support to outgoing connections when accessing email servers.
Improved Added TLS 1.1 and TLS 1.2 support to connections between Management Server, Instance Hosts, and Client Access Servers.
Improved Client: Added TLS 1.1 and TLS 1.2 support to outgoing connections when accessing Client Access Server.
Note It is highly recommended to update the Email Archive Client manually or via an automated software deployment to already ensure TLS 1.1 and TLS 1.2 compatibility during the initial connection to the Client Access Server. This is mandatory if TLS 1.0 is disabled on the Client Access Server system, e.g. for PCI compliance.
Improved Web Access version now visible on dashboard of the Management Console.
Improved Localization: Description of audit events.
Fixed Client launcher may be used to execute arbitrary applications if files are put in specific directories on the client computer.
Note It is highly recommended to update the Email Archive Client manually or via an automated software deployment to resolve this security issue. After the udpate, the Email Archive Client will no longer be able to connect to older MailStore SPE instances.
Fixed Selecting catchall folder throws an error under certain circumstances.
Fixed Missing window title in Terminal Progress Dialog.
Fixed Incorrect help page requested on job page.
Fixed Output of VerifyStore and VerifyStores command does not contain hints about corrupt container files.
Fixed Path to archive store is missing in Windows event log when attaching a store.
Fixed Log output of certain operations (e.g. VerifyStore) cannot be copied to clipboard.
Fixed Wrong error message if Outlook Click-To-Run detection fails.
Fixed Outlook Add-in: Open and Restore buttons sometimes remain disabled unexpectedly.
Fixed Web Access: Welcome page in mobile view does not jump to search when touching search entry box on iPhone.
Fixed Web Access: Login not possible after server service restart under certain circumstances.
Fixed Web Access: Incorrect design of radio buttons.
Fixed Web Access: Toolbar buttons are not shown for messages when certain header fields are missing.
Fixed Updated third party libraries to fix several minor issues in archiving, displaying and exporting of emails.

MailStore SPE 10.2.3

22/11/2017

Improved Web Access: The new Web Access is now available in all 17 languages.
Fixed Web Access: Under certain conditions, the login page is locked after a logout (i.e. session expired).
Fixed Web Access: Issues with "Save password" functionality of some web browsers.
Fixed Synchronizing users from "Office 365 operated by 21Vianet (China)" fails.
Fixed MailStore references in SMTP test message.
Fixed MailStore references Status Reports.
Fixed Displaying issues when changing the default password while using large values for scaling fonts (High DPI).

MailStore SPE 10.2.2

27/10/2017

Fixed Client Access Server crashes under certain circumstances when the archive is being accessed using the Legacy Web Access or Outlook Add-in.

MailStore SPE 10.2.1

25/10/2017

Fixed No folders are recognized when archiving from IMAP servers that do not announce SPECIAL-USE capability but XLIST instead, and respond to XLIST requests with a LIST response (i.e. Dovecot with configured Outlook workaround).
Fixed Web Access: Downloading attachments containing special characters in file name fails.
Fixed Web Access: Too complex search queries do not cause an error message.
Fixed Web Access: Displayed name of saved search is not updated when saved under a new name.
Fixed Web Access: Additional cross shown in search field when using Internet Explorer.
Fixed Web Access: Internet Explorer uses compatibility mode for when URL is evaluated as an intranet site.
Fixed Web Access: Opening or downloading large emails or attachments is slow or fails.

MailStore SPE 10.2

18/10/2017

New Responsive Web Access allows accessing the archive from any device, irrespective of operating system and display size. Additionally, it provides more functionality than the legacy web access, such as deleting or moving messages.
New Digitally sign emails exported to the file system to ensure authenticity outside of the archive.
New Status Reports: Administrators can regularly receive status reports by creating a corresponding job. These reports contain relevant information from all areas, like successful or failed profile and job executions, licensing information, and much more.
New Management API: Method to manage SMTP settings added.
Improved Instances are automatically started upon creation if the Startup Type is set to Automatic.
Improved SMTP Settings: Default port changed to 587 and STARTTLS selected by default.
Improved Status of service provider access is now shown on administrator's dashboard.
Improved Hardening of encryption key management.
Improved More details about skipped messages are shown in the profile summary.
Fixed User list in Audit Log not sorted alphabetically.
Fixed "Test" button in Exchange profiles does not heed status of "Ignore SSL warnings" checkbox when autodiscovery mechanism is used.
Fixed Update of third party library, which fixes several minor issues in archiving, displaying and exporting of emails.

MailStore SPE 10.1.4

24/08/2017

New Support for the latest Microsoft Office 365 update (Exchange Server 15.20).

MailStore SPE 10.1.3

26/07/2017

Fixed Synchronizing users from Office 365 Germany fails.

MailStore SPE 10.1

29/03/2017

New Autodetect "Sent Items" folder in IMAP mailboxes.
New Depending on the auditing configuration, administrators and/or users are asked to provide a reason when deleting an email. The given reason is written to the audit log along with the event itself.
New Compliance: Additional protection from accidentally blocking or unblocking the archive access by confirming the change with entering the password.
New Compliance: Administrators are asked to provide a reason when blocking or unblocking the archive access for admins. The given reason is written to the audit log along with the event itself.
New "Search here..." item in folder context menu allows to quickly start an advanced search on selected folder.
New Restriction of $archiveadmin user. This special service provider user will no longer be able to browse, search, or export email of other users.
Improved Support for multiple IMAP sent item folders.
Improved Search: Allow searching different strings in different parts of the email and add keywords for searching only in body or attachments. Major rework of search documentation.
Improved Add search modifiers "Older/Newer than (range)", "Older/Newer than (date)", "Not Older/Not Newer than (range)", and "Not Older/Not Newer than (date)" in advanced search.
Improved Removed default search index restriction of 10000 tokens (words) per object.
Improved Increase default keep duration of profile and job results to 90 days for new installations.
Improved The function "Test sync" of the directory service configuration now also allows to test authentication of users from the result list.
Improved Select IMAP-TLS or POP3-TLS as default in new profiles.
Improved Archive page now shows the total number of emails and size in megabyte.
Improved No archiving of emails if not all attached archive stores are available (State: Archive here, Normal, Write-Protected). This prevents the creation of duplicates under certain scenarios.
Improved Replacement of "Google Apps" by "G Suite"
Improved Support Google G Suites' new JSON based exchange format.
Improved Workaround for handling emails with incorrect character encoding identifier (e.g. utf8, cp1252, or CP-850).
Improved Further improvement of protecting user passwords inside and outside of the application, for instance by using the Windows Credential Store.
Improved Changed hash algorithms of self signed certificates to SHA256.
Improved Naming of status on "Auditing" page to make scope clearer.
Improved Update of software licenses.
Fixed Upgrading from version 9 or older fails if an archive store cannot be opened.
Fixed Outlook Add-in: Under certain circumstances the add-in buttons are disabled when working with multiple Outlook windows.
Fixed Inconsistent error level when profiles are cancelled.
Fixed Client: No login possible after previous occurrence of 404 error.
Fixed IMAP Server: Incompatibility with Pine/Alpine email client due to sending incorrect continuation request.
Fixed IMAP Server: PLAIN authentication capability offered even after successful login.
Fixed Debug log contains misleading UID information when archiving IMAP mailboxes.
Fixed MIME preamble is never shown nor exported.
Fixed Management API allows $archiveadmin user to move folders into his own archive.
Fixed Incorrect label "E-mail Preview by Admin" on dashboard.
Fixed Product Key/Generated Passphrase must be entered in correct casing when unlocking archive stores.
Fixed CRAM-MD5 authentication is visible in debug log.
Fixed Various minor bug fixes and improvements.

MailStore SPE 10.0.2

18/01/2017

Note This version fixes two critical security vulnerabilities in Web Access. All customers running an affected version of MailStore Service Provider Edition should update their installations as soon as possible.
Fixed Web Access: Reflected Cross-Site-Scripting (XSS) vulnerability in search function, allowing an attacker to gain access to the archive if the victim clicks on a specially-crafted link while being logged in to Web Access. Affected versions: 9.2 and newer.
Fixed Web Access: Open Redirect in Dereferrer. This allows an attacker to create specially-crafted links, which would redirect the victim to a malicious website, although the link itself seems to point to a trusted resource. Affected versions: 9.0 and newer.

MailStore SPE 10.0.1

07/12/2016

Fixed Upgrade process may stop unexpectedly during encryption of databases on slow disks or USB drives.
Fixed Database update does not delete MailStoreFileGroup.fdb.key from previous failed update.

MailStore SPE 10.0

30/11/2016

New Full encryption of databases and audit logs. In addition to the existing encryption of the email contents and sensitive data inside the databases, all databases and the internal audit log are also fully encrypted as of this version. This requires an upgrade of all archive stores. Please read the update notices carefully to learn more about the upgrade process.
New All admin activities except MessageRetrieveContent will be recorded in the audit log.
New Dashboard notification if SMTP settings have not yet been configured.
New Windows performance counter for monitoring the Firebird database connection pool.
Improved Archive Stores now support different locations for database, index and content files. This is also fully supported by the auto-create store feature.
Improved The limitations of MailStore administrators have been extended and are enabled by default for newly created archives. MailStore administrators will not be able to browse, search, or export email of other MailStore users as long as the compliance setting "Archive Access”, formerly known as "E-mail Preview”, is set to "Block Access”.
Improved Relative paths are now used internally to store the location of archive stores. This makes relocating the whole archive to a new location much easier.
Improved Synchronization of Microsoft Office 365 users that have no Exchange Online license assigned.
Improved Delete key triggers delete function when one or more emails are selected in the email list.
Improved Show a warning when a folder is renamed and a folder with the new name already exists.
Improved Automatically delete the mailbox cache file "MailboxCache.fdb" if it could not be loaded successfully.
Fixed Hyperlinks in dialogs are now clickable.
Fixed Incorrect encoding of passwords used when logging into remote IMAP server.
Fixed Export via IMAP to Tobit’s David Server fails when server sends EXPUNGE in response to APPEND command.
Fixed RTF attachments are spuriously used as email body when email is exported to MSG file.
Fixed Clicking "Help" on the login screens results in displaying an error message.
Fixed Embedded browser controls are no longer supported by Google's consent dialog. As recommended by Google, the user’s default web browser is now used to open the consent dialog.
Fixed Management API allows instance IDs to be longer than allowed by the Management Console. Instance ID is limited to 32 characters’ now, with a minimum length of three characters.
Fixed Major update of third party library, which fixes several minor issues in archiving, displaying and exporting of emails.
Changed The navigation tree item "Users and Privileges” in "Administrative Tools” has been renamed to "Users and Archives”
Changed The page "Storage > Statistics” in "Administrative Tools” has been relocated to "Users and Archives > Archives”. Additionally, it now supports the management (rename, delete, ..) of user archives.
Changed Compliance option "E-mail Preview” has been renamed to "Archive Access”.

MailStore SPE 9.8.2

20/07/2016

Fixed Google Apps multi mailbox archiving profile ignores delete condition.

MailStore SPE 9.8.1

29/06/2016

Fixed Login as normal user not possible.

MailStore SPE 9.8

29/06/2016

Improved Profile runs are now marked with "Has ended with warning" in "Recent Results" in case warnings were thrown internally. Until now, these warnings were only visible in the details and profile run was markes as "Successful".
Improved Job Scheduler: Added column "Last Execution Result".
Improved Slightly improved SPE Service Configuration Tool user interface.
Fixed Client: Slow rendering of search result list when searching for a recipient, if a matching email contains a large number of recipients in the emails "To" field.
Fixed Client: Large number of email recipients may cause an overlap of the message content, which prevents the user from accessing the email body.
Fixed IMAP Server: Several bug fixes that improve the compatibility with IMAP clients.
Fixed Archiving process stops and a System.UnauthorizedAccessException is thrown when archiving from a file system which contains inaccessible folders (i.e. inappropriate permissions).
Fixed Various minor bug fixes and improvements.

MailStore SPE 9.7.1

04/05/2016

Fixed Invalid CSS in a HTML email causes an error message and prevents the email from being displayed.
Fixed Thousand seperator missing when displaying the number of archived emails in dashboard banner.

MailStore SPE 9.7

20/04/2016

New New Gmail archiving profile with OAuth support and the option to automatically remove messages from the mailbox. Please refer to the update Notices for further details if you are using the Google Mail archiving profile.
Improved Client: Minor UI refresh of the dashboard.
Improved Improved translations.
Fixed When synchronizing users with Google Apps, invalid MailStore users are created if the primary email address of the user contains uppercase letters.
Fixed Syncronizing users with Google Apps is limited to 200 users per group.
Fixed Under certain circumstances BCC recipients are shown to non-admin users by mistake.
Fixed Various minor bug fixes and improvements.

MailStore SPE 9.6

24/02/2016

New Client: Pin to taskbar now possible on Windows 7 and newer.
New Debug log for connections to integrated IMAP server can be enabled per instance.
New Brandable default website when accessing client Client Access Server without instance ID.
New Fixed URLs for downloading client and Outlook Add-in from Client Access Server.
Improved Support for different SSL certificate thumbprint formats in group policies.
Improved Group policies allow configuration of client and Outlook Add-in language.
Improved Branding now supports changing of the favicon.
Fixed Email headers are missing when printing from Web Access or Client.
Fixed Incorrect number of deleted emails in summary when trying to delete emails from read-only IMAP folders.
Fixed Instance stops responding under certain circumstances when multiple simultaneous request are send to a LDAP based directory service.
Fixed Offering non-supported Windows authentication in login dialog of client.
Fixed Computer Name and User Agent are not shown in Active Sessions when accessing the archive via Outlook Add-in.
Fixed Mobile Web Access: jQuery and jQuery mobile updated to latest version to protect against potential security vulnerabilities.
Fixed Various minor bug fixes and improvements.

MailStore SPE 9.5

11/11/2015

New Official Microsoft Exchange 2016 support.
Improved Improved Exchange Autodiscover support.
Improved Client: Executing a saved search now applies search result highlighting analog to a regular search.
Improved Management Console: Opening the instance details is now possible with a single click on the corresponding list item.
Fixed Management Console: Status of Client Access Server and its TCP ports are not taken into account by CreateClientOneTimUrlForArchiveAdmin API method, which is used when accessing an instance through the Management Console.
Fixed Web Access, Outlook Add-In: Attachments having a name beginning with # cannot be opened in the webclient.
Fixed MailStore skips folders when archiving from Mozilla Thunderbird, if Thunderbird's profile path contains special characters.
Fixed Search does not use regional settings of the system to determine first day of week.
Fixed Various minor bug fixes.

MailStore SPE 9.4.1

15/10/2015

Fixed Web Access, Outlook Add-in: Search for custom date range returns incorrect search result.
Fixed Incorrect CSS handling when displaying HTML messages under certain circumstances.

MailStore SPE 9.4

23/09/2015

New Official Outlook 2016 support.
Fixed Client: Copying table content to clipboard may duplicate columns or include hidden columns.
Fixed Various minor bug fixes.

MailStore SPE 9.3

12/08/2015

New Official Windows 10 support.
Improved Directory Services Integration: Improved performance when creating the list of groups if a larger number of groups exists in the directory service.
Improved Server, Client and IMAP server: Removed support for insecure SSLv2 and SSLv3. Added support for TLS 1.1 and TLS 1.2.
Improved X-Final-To header is now recognized when archiving IMAP multidrop mailboxes. In particular this enhances archiving of such mailboxes from a Kerio Connect mail server.
Fixed Various minor bug fixes.

MailStore SPE 9.2.1

30/06/2015

Improved Improved performance when retrieving groups from Microsoft Office 365.
Fixed Synchronizing users from a Microsoft Office 365 environment with more than 100 users fails.
Fixed Web Access, Outlook Add-in: Compatibility issues with Internet Explorer 8.
Fixed Compatibility issues with .NET Framework 4.6.
Fixed Various minor bug fixes.

MailStore SPE 9.2

16/06/2015

New The Microsoft Office 365 directory services can now be used by MailStore for user synchronization and authentication.
Improved Web Access and the add-in for Microsoft Outlook now come with a completely rewritten message list view which makes it possible to scroll through large folder contents and search results with minimum latency.
Fixed The information displayed in reports of multi-mailbox archiving profiles is misleading under certain circumstances.
Fixed Web Access, Outlook Add-in: Saved searches cannot be opened or deleted, depending on characters used in their names and the browser used.
Fixed Some executable files are not marked as DPI aware, causing the user interface to look blurry depending on Windows version and DPI settings.
Fixed The client branding is not applied correctly if the images used do not have a resolution of 96 dpi.
Fixed Accessing Microsoft Outlook without access to the mailbox root folder causes an access violation.
Fixed Opening S/MIME messages in Outlook, restoring to Outlook and exporting to MSG/PST may fail under certain circumstances with the error message "Accessing content stream of non-leaf entities is not supported.”
Fixed Some windows in MailStore Client are displayed incorrectly when Windows has a DPI setting other than 96 dpi (100%) and/or windows are resized.
Fixed Certain Outlook messages cannot be processed by MailStore. The error "Argument is out of range of valid values.” is displayed.
Fixed The API HTTP server doesn’t use the configured server certificate. Instead, it uses the server certificate of the Management Console’s HTTP server.
Fixed Google Apps directory services synchronization may hang under certain circumstances if a large number of users or groups exists.
Fixed Indexing message bodies and attachments in HTML format is performed incorrectly under certain circumstances, causing the results of full text searches to be incomplete. Rebuild search indexes if you encounter this error.
Fixed File system archiving profiles cannot be created with drag and drop from Windows Explorer, as stated in the documentation.
Fixed Some multi-select enabled tables in MailStore Client react very slowly if a large number of items is selected.
Fixed Some multi-select enabled tables in MailStore Client don’t accept the Ctrl+A hotkey for selecting all items.

MailStore SPE 9.1

20/01/2015

New First class support for Google Apps (includes user database synchronization, authentication, multi-mailbox archiving using a central service account, multidrop archiving and export).
Improved Internal archive store directory traversal is now reduced to a minimum, significantly improving performance especially when using larger archives and/or storing them on network storage.
Fixed MailStore's integrated e-mail preview is now able to detect and repair invalid CSS to a certain extent.

MailStore SPE 9.0.5

27/10/2014

New Support for the latest Microsoft Office 365 update (Exchange Server 15.1).

MailStore SPE 9.0.4

16/10/2014

Fixed Archiving and Export: If a profile is run via a scheduled task or the API, the memory and/or disk space used for reports and debug logs is not released until the server process is stopped or restarted.
Fixed Archiving and Export: User interface text might be displayed in the wrong language under certain circumstances.
Fixed Archiving and Export: The CRAM-MD5 authentication mechanism does not work when accessing mailboxes with the IMAP protocol.
Fixed Archiving: MailStore is unable to archive Microsoft Exchange folders containing tabulator characters in their names.
Fixed Client, Web Access, Outlook Add-in: Messages in HTML format might be displayed incorrectly under certain circumstances.
Fixed Web Access: Windows authentication is not offered when using Internet Explorer 11.
Fixed Server: Under certain circumstances, folder names are disclosed to users without the appropriate privileges.
Fixed Server: A timeout might occur when trying to upgrade a large number of archive stores created by old versions of MailStore Server.
Improved Server: Reduced disk I/O when accessing Firebird Embedded-based database files.
Improved Various minor user interface improvements and bug fixes.

MailStore SPE 9.0.3

24/07/2014

Fixed Client: In 120 dpi mode, some controls do not scale correctly (message list, date ranges, folder include/exclude dialog, progress dialogs).
Fixed Client: Non-invokable commands are offered to users who have only limited archiving or export privileges (execute only or manage only). Users are getting an access denied error message only after trying to invoke those commands though.
Fixed Client: The page "Recent Results" is not visible to users who can only manage archiving and/or export profiles.
Fixed Directory Services Integration: Due to a bug in Windows' ADSI connection pool, Active Directory authentication sometimes fails when transport layer security (LDAP-SSL) is used. This version works around this bug by performing the authentication via separate LDAP connections when LDAP-SSL is configured.
Fixed Management API: The virtual time zones $UTC (Coordinated Universal Time) and $Local (Server Local Time) are not available in the GetTimeZones and GetWorkerResults API methods.
Improved Management API: An optional argument instanceUrl has been added to the CreateClientOneTimeUrlForArchiveAdmin method, allowing to specify manually specify the client access server to be used.
Improved Management Console: Various minor user interface improvements.

MailStore SPE 9.0.2

14/07/2014

Fixed The login page of Mobile Web Access does not show the service provider-specific branding. Instead, a MailStore logo is shown.

MailStore SPE 9.0.1

08/07/2014

Improved The Exchange EWS and IMAP property caches are no longer updated if the contents of a folder hasn't changed, reducing write I/O especially when continuously archiving a large number of mailboxes
Fixed Archiving large messages from the client fails when the upload of a large message to MailStore SPE takes more than 100 seconds. Error message: 'The request was aborted: The request was canceled.'
Fixed Installation of the client and the add-in for Microsoft Outlook fails on systems with .NET Framework 4.5.2 installed
Fixed The server process may cause very high CPU load when the archive consists of a very large number of archive stores
Fixed MailStore's internal lock monitor writes timeout errors to the Windows Event Log even when the timeouts were expected, e.g. to detect internal idle states
Fixed Due to a bug in some versions of Microsoft Exchange, archiving folders may fail with error messages such as 'The Delete change relates to an unknown item' or 'The ReadFlagChange change relates to an unknown item'. This version uses a different sync method that doesn't rely on the buggy SyncFolderItems operation.
Fixed If a virus was detected in one or more items of a Microsoft Exchange folder ('ErrorVirusDetected'), archiving the whole folder fails
Fixed Archiving localized (non-English) versions of Google Mail leads to multiple inbox folders with different names when upgrading from earlier MailStore versions

MailStore SPE 9.0

01/07/2014

Note MailStore Client now requires Windows Vista SP2, Windows 7 SP1, Windows 8 or Windows 8.1.
Note The add-in for Microsoft Outlook now requires Windows Vista SP2, Windows 7 SP1, Windows 8 or Windows 8.1. Users still running Windows XP can however use the latest 8.5 version of the add-in to connect to MailStore Service Provider Edition 9.
New Client: Entirely rewritten Message List (used for both folder contents and search results) now behaves more like the one built into Microsoft Outlook, is much faster and can easily display hundereds of thousands of messages. In order to simplify the selection of multiple messages, the last selected message is now opened in message preview.
New Client: Entirely rewritten Message Preview improves display of a large number of recipients and attachments.
New Web Access: HTML E-mail Viewer based on a secure whitelist-based HTML rewriter.
Improved Web Access: The attachment list now shows icons for the most common file types.
Improved Web Access: The message list now automatically loads new entries when the user has scrolled to its end.
New Add-in for Microsoft Outlook: HTML E-mail Viewer based on a secure whitelist-based HTML rewriter.
Improved Add-in for Microsoft Outlook: The attachment list now shows icons for the most common file types.
Improved Add-in for Microsoft Outlook: The message list now automatically loads new entries when the user has scrolled to its end.
New Server: Entirely rewritten internal lock manager significantly reduces congestions and leads to a much better overall behaviour of the system.
Changed Archiving and Export: Support for AVM KEN! has been removed.
Improved Archiving: The performance when archiving Microsoft Exchange 2007 or higher EWS-based mailboxes with a high number of already archived messages has been significantly improved thanks to a new Firebird-based MAPI property cache with an also new folder contents sync module.
Improved Archiving: The performance when archiving IMAP-based mailboxes with a high number of already archived messages has been significantly improved thanks to a new Firebird-based property cache with an also new folder contents sync module.
Improved Archiving: The performance when archiving e-mail servers, e-mails clients and e-mails files with a high number of already archived messages has been significantly improved thanks to the implementation of a new store-hinting algorithm.
Improved Archiving: E-mails which are selected for deletion are now immediately deleted from the e-mail source. Previously, they were deleted in batch after the entire folder contents has been processed.
Improved Directory Services Integration: The Kerio synchronization now supports domain aliases. Previously, only user aliases were supported.
New Management API: The API has been entirely rewritten. Please refer to the Release Notes for details.
Improved Full Text Search: Added compatibility with both Adobe Reader and the Adobe PDF IFilter to improve search in PDF attachments. The internal PDF document filter has been removed.
Improved Statistics: Significantly faster statistics calculation.