What’s New in MailStore SPE
MailStore SPE 11.0.1
- Searching for email or attachment contents will return no results for emails that have been archived in version 10 or older, after archive stores have been upgraded.
- Users who already upgraded their archive stores with version 11.0 need to manually rebuild all search indexes in order to restore full search capabilities. When upgrading archive stores from version 10 or older to version 11.0.1 or newer this rebuild is done automatically. Refer to the update notices for further information about upgrading archive stores.
MailStore SPE 11.0
- Retention Policies: By creating a set of retention policies, administrators gain full control over how long different type of messages are retained in the archive and whether messaged are to be removed automatically at the end of the retention period. For each message, administrators may check how current retention settings affect that message.
- An existing global retention period from a previous version is migrated to a corresponding retention policy. In addition, a new job is created to process retention policies daily at 3:30am.
- Management API: Added GetRetentionPolicies and SetRetentionPolicies methods. Removed "globalRetentionTimeYears" parameter from GetComplianceConfiguration and SetComplianceConfiguration.
- Automatic Update Check: Available updates are shown on the dashboard of the Management Console and notifications are sent to SPE admins via email if possible.
- Automatic Update of Web Access: Updates are automatically installed to ensure latest security updates are available to end customers as soon as possible.
- Branding: Updates can be pushed to Client Access Servers by ReloadBranding API command and activated without the need to restart the Client Access Server role.
- Management Console: Added SMTP settings page which allows service providers to configure SMTP settings. These settings are are used to send notifications to SPE admins, e.g. about available product updates.
- Jobs: New template for processing retention policies.
- Web Access: Search criteria are now fully integrated into the sidebar in desktop view.
- Web Access: Setting for language independent date formats added.
- Search: Messages can now be searched by their archive date.
- Jobs: $archiveadmin user is limited to see, edit, and execute his own jobs only.
- Recovery records are now stored in separate container files, contain all meta data of the messages and are updated in real-time.
- Archive store recovery based on the new recovery records allows a rebuild of corrupt archive store databases without the need to export and re-archive messages. The new RecoverStore Management API command provides access to this function.
- Further hardening of encryption key file management to work around potential file system corruption.
- For security reasons, the username of the first admin user must now be entered during initial configuration.
- Integrated IMAP-Server: Disallow authentication through insecure connections.
- Added TLS 1.1 and TLS 1.2 support to outgoing connections when accessing email servers.
- Added TLS 1.1 and TLS 1.2 support to connections between Management Server, Instance Hosts, and Client Access Servers.
- Client: Added TLS 1.1 and TLS 1.2 support to outgoing connections when accessing Client Access Server.
- It is highly recommended to update the Email Archive Client manually or via an automated software deployment to already ensure TLS 1.1 and TLS 1.2 compatibility during the initial connection to the Client Access Server. This is mandatory if TLS 1.0 is disabled on the Client Access Server system, e.g. for PCI compliance.
- Web Access version now visible on dashboard of the Management Console.
- Localization: Description of audit events.
- Client launcher may be used to execute arbitrary applications if files are put in specific directories on the client computer.
- It is highly recommended to update the Email Archive Client manually or via an automated software deployment to resolve this security issue. After the udpate, the Email Archive Client will no longer be able to connect to older MailStore SPE instances.
- Selecting catchall folder throws an error under certain circumstances.
- Missing window title in Terminal Progress Dialog.
- Incorrect help page requested on job page.
- Output of VerifyStore and VerifyStores command does not contain hints about corrupt container files.
- Path to archive store is missing in Windows event log when attaching a store.
- Log output of certain operations (e.g. VerifyStore) cannot be copied to clipboard.
- Wrong error message if Outlook Click-To-Run detection fails.
- Outlook Add-in: Open and Restore buttons sometimes remain disabled unexpectedly.
- Web Access: Welcome page in mobile view does not jump to search when touching search entry box on iPhone.
- Web Access: Login not possible after server service restart under certain circumstances.
- Web Access: Incorrect design of radio buttons.
- Web Access: Toolbar buttons are not shown for messages when certain header fields are missing.
- Updated third party libraries to fix several minor issues in archiving, displaying and exporting of emails.
MailStore SPE 10.2.3
- Web Access: The new Web Access is now available in all 17 languages.
- Web Access: Under certain conditions, the login page is locked after a logout (i.e. session expired).
- Web Access: Issues with "Save password" functionality of some web browsers.
- Synchronizing users from "Office 365 operated by 21Vianet (China)" fails.
- MailStore references in SMTP test message.
- MailStore references Status Reports.
- Displaying issues when changing the default password while using large values for scaling fonts (High DPI).
MailStore SPE 10.2.2
- Client Access Server crashes under certain circumstances when the archive is being accessed using the Legacy Web Access or Outlook Add-in.
MailStore SPE 10.2.1
- No folders are recognized when archiving from IMAP servers that do not announce SPECIAL-USE capability but XLIST instead, and respond to XLIST requests with a LIST response (i.e. Dovecot with configured Outlook workaround).
- Web Access: Downloading attachments containing special characters in file name fails.
- Web Access: Too complex search queries do not cause an error message.
- Web Access: Displayed name of saved search is not updated when saved under a new name.
- Web Access: Additional cross shown in search field when using Internet Explorer.
- Web Access: Internet Explorer uses compatibility mode for when URL is evaluated as an intranet site.
- Web Access: Opening or downloading large emails or attachments is slow or fails.
MailStore SPE 10.2
- Responsive Web Access allows accessing the archive from any device, irrespective of operating system and display size. Additionally, it provides more functionality than the legacy web access, such as deleting or moving messages.
- Digitally sign emails exported to the file system to ensure authenticity outside of the archive.
- Status Reports: Administrators can regularly receive status reports by creating a corresponding job. These reports contain relevant information from all areas, like successful or failed profile and job executions, licensing information, and much more.
- Management API: Method to manage SMTP settings added.
- Instances are automatically started upon creation if the Startup Type is set to Automatic.
- SMTP Settings: Default port changed to 587 and STARTTLS selected by default.
- Status of service provider access is now shown on administrator's dashboard.
- Hardening of encryption key management.
- More details about skipped messages are shown in the profile summary.
- User list in Audit Log not sorted alphabetically.
- "Test" button in Exchange profiles does not heed status of "Ignore SSL warnings" checkbox when autodiscovery mechanism is used.
- Update of third party library, which fixes several minor issues in archiving, displaying and exporting of emails.
MailStore SPE 10.1.4
- Support for the latest Microsoft Office 365 update (Exchange Server 15.20).
MailStore SPE 10.1.3
- Synchronizing users from Office 365 Germany fails.
MailStore SPE 10.1
- Autodetect "Sent Items" folder in IMAP mailboxes.
- Depending on the auditing configuration, administrators and/or users are asked to provide a reason when deleting an email. The given reason is written to the audit log along with the event itself.
- Compliance: Additional protection from accidentally blocking or unblocking the archive access by confirming the change with entering the password.
- Compliance: Administrators are asked to provide a reason when blocking or unblocking the archive access for admins. The given reason is written to the audit log along with the event itself.
- "Search here..." item in folder context menu allows to quickly start an advanced search on selected folder.
- Restriction of $archiveadmin user. This special service provider user will no longer be able to browse, search, or export email of other users.
- Support for multiple IMAP sent item folders.
- Search: Allow searching different strings in different parts of the email and add keywords for searching only in body or attachments. Major rework of search documentation.
- Add search modifiers "Older/Newer than (range)", "Older/Newer than (date)", "Not Older/Not Newer than (range)", and "Not Older/Not Newer than (date)" in advanced search.
- Removed default search index restriction of 10000 tokens (words) per object.
- Increase default keep duration of profile and job results to 90 days for new installations.
- The function "Test sync" of the directory service configuration now also allows to test authentication of users from the result list.
- Select IMAP-TLS or POP3-TLS as default in new profiles.
- Archive page now shows the total number of emails and size in megabyte.
- No archiving of emails if not all attached archive stores are available (State: Archive here, Normal, Write-Protected). This prevents the creation of duplicates under certain scenarios.
- Replacement of "Google Apps" by "G Suite"
- Support Google G Suites' new JSON based exchange format.
- Workaround for handling emails with incorrect character encoding identifier (e.g. utf8, cp1252, or CP-850).
- Further improvement of protecting user passwords inside and outside of the application, for instance by using the Windows Credential Store.
- Changed hash algorithms of self signed certificates to SHA256.
- Naming of status on "Auditing" page to make scope clearer.
- Update of software licenses.
- Upgrading from version 9 or older fails if an archive store cannot be opened.
- Outlook Add-in: Under certain circumstances the add-in buttons are disabled when working with multiple Outlook windows.
- Inconsistent error level when profiles are cancelled.
- Client: No login possible after previous occurrence of 404 error.
- IMAP Server: Incompatibility with Pine/Alpine email client due to sending incorrect continuation request.
- IMAP Server: PLAIN authentication capability offered even after successful login.
- Debug log contains misleading UID information when archiving IMAP mailboxes.
- MIME preamble is never shown nor exported.
- Management API allows $archiveadmin user to move folders into his own archive.
- Incorrect label "E-mail Preview by Admin" on dashboard.
- Product Key/Generated Passphrase must be entered in correct casing when unlocking archive stores.
- CRAM-MD5 authentication is visible in debug log.
- Various minor bug fixes and improvements.
MailStore SPE 10.0.2
- This version fixes two critical security vulnerabilities in Web Access. All customer running an affected version of MailStore Service Provider Edition should update their installations as soon as possible.
- Web Access: Reflected Cross-Site-Scripting (XSS) vulnerability in search function, allowing an attacker to gain access to the archive if the victim clicks on a specially-crafted link while being logged in to Web Access. Affected versions: 9.2 and newer.
- Web Access: Open Redirect in Dereferrer. This allows an attacker to create specially-crafted links, which would redirect the victim to a malicious website, although the link itself seems to point to a trusted resource. Affected versions: 9.0 and newer.
MailStore SPE 10.0.1
- Upgrade process may stop unexpectedly during encryption of databases on slow disks or USB drives.
- Database update does not delete MailStoreFileGroup.fdb.key from previous failed update.
MailStore SPE 10.0
- Full encryption of databases and audit logs. In addition to the existing encryption of the email contents and sensitive data inside the databases, all databases and the internal audit log are also fully encrypted as of this version. This requires an upgrade of all archive stores. Please read the update notices carefully to learn more about the upgrade process.
- All admin activities except MessageRetrieveContent will be recorded in the audit log.
- Dashboard notification if SMTP settings have not yet been configured.
- Windows performance counter for monitoring the Firebird database connection pool.
- Archive Stores now support different locations for database, index and content files. This is also fully supported by the auto-create store feature.
- The limitations of MailStore administrators have been extended and are enabled by default for newly created archives. MailStore administrators will not be able to browse, search, or export email of other MailStore users as long as the compliance setting "Archive Access”, formerly known as "E-mail Preview”, is set to "Block Access”.
- Relative paths are now used internally to store the location of archive stores. This makes relocating the whole archive to a new location much easier.
- Synchronization of Microsoft Office 365 users that have no Exchange Online license assigned.
- Delete key triggers delete function when one or more emails are selected in the email list.
- Show a warning when a folder is renamed and a folder with the new name already exists.
- Automatically delete the mailbox cache file "MailboxCache.fdb" if it could not be loaded successfully.
- Hyperlinks in dialogs are now clickable.
- Incorrect encoding of passwords used when logging into remote IMAP server.
- Export via IMAP to Tobit’s David Server fails when server sends EXPUNGE in response to APPEND command.
- RTF attachments are spuriously used as email body when email is exported to MSG file.
- Clicking "Help" on the login screens results in displaying an error message.
- Embedded browser controls are no longer supported by Google's consent dialog. As recommended by Google, the user’s default web browser is now used to open the consent dialog.
- Management API allows instance IDs to be longer than allowed by the Management Console. Instance ID is limited to 32 characters’ now, with a minimum length of three characters.
- Major update of third party library, which fixes several minor issues in archiving, displaying and exporting of emails.
- The navigation tree item "Users and Privileges” in "Administrative Tools” has been renamed to "Users and Archives”
- The page "Storage > Statistics” in "Administrative Tools” has been relocated to "Users and Archives > Archives”. Additionally, it now supports the management (rename, delete, ..) of user archives.
- Compliance option "E-mail Preview” has been renamed to "Archive Access”.
MailStore SPE 9.8.2
- Google Apps multi mailbox archiving profile ignores delete condition.
MailStore SPE 9.8.1
- Login as normal user not possible.
MailStore SPE 9.8
- Profile runs are now marked with "Has ended with warning" in "Recent Results" in case warnings were thrown internally. Until now, these warnings were only visible in the details and profile run was markes as "Successful".
- Job Scheduler: Added column "Last Execution Result".
- Slightly improved SPE Service Configuration Tool user interface.
- Client: Slow rendering of search result list when searching for a recipient, if a matching email contains a large number of recipients in the emails "To" field.
- Client: Large number of email recipients may cause an overlap of the message content, which prevents the user from accessing the email body.
- IMAP Server: Several bug fixes that improve the compatibility with IMAP clients.
- Archiving process stops and a System.UnauthorizedAccessException is thrown when archiving from a file system which contains inaccessible folders (i.e. inappropriate permissions).
- Various minor bug fixes and improvements.
MailStore SPE 9.7.1
- Invalid CSS in a HTML email causes an error message and prevents the email from being displayed.
- Thousand seperator missing when displaying the number of archived emails in dashboard banner.
MailStore SPE 9.7
- New Gmail archiving profile with OAuth support and the option to automatically remove messages from the mailbox. Please refer to the update Notices for further details if you are using the Google Mail archiving profile.
- Client: Minor UI refresh of the dashboard.
- Improved translations.
- When synchronizing users with Google Apps, invalid MailStore users are created if the primary email address of the user contains uppercase letters.
- Syncronizing users with Google Apps is limited to 200 users per group.
- Under certain circumstances BCC recipients are shown to non-admin users by mistake.
- Various minor bug fixes and improvements.
MailStore SPE 9.6
- Client: Pin to taskbar now possible on Windows 7 and newer.
- Debug log for connections to integrated IMAP server can be enabled per instance.
- Brandable default website when accessing client Client Access Server without instance ID.
- Fixed URLs for downloading client and Outlook Add-in from Client Access Server.
- Support for different SSL certificate thumbprint formats in group policies.
- Group policies allow configuration of client und Outlook Add-in language.
- Branding now supports changing of the favicon.
- Email headers are missing when printing from Web Access or Client.
- Incorrect number of deleted emails in summary when trying to delete emails from read-only IMAP folders.
- Instance stops responding under certain circumstances when multiple simultaneous request are send to a LDAP based directory service.
- Offering non-supported Windows authentication in login dialog of client.
- Computer Name and User Agent are not shown in Active Sessions when accessing the archive via Outlook Add-in.
- Mobile Web Access: jQuery and jQuery mobile updated to latest version to protect against potential security vulnerabilities.
- Various minor bug fixes and improvements.
MailStore SPE 9.5
- Official Microsoft Exchange 2016 support.
- Improved Exchange Autodiscover support.
- Client: Executing a saved search now applies search result highlighting analog to a regular search.
- Management Console: Opening the instance details is now possible with a single click on the corresponding list item.
- Management Console: Status of Client Access Server and its TCP ports are not taken into account by CreateClientOneTimUrlForArchiveAdmin API method, which is used when accessing an instance through the Management Console.
- Web Access, Outlook Add-In: Attachments having a name beginning with # cannot be opened in the webclient.
- MailStore skips folders when archiving from Mozilla Thunderbird, if Thunderbird's profile path contains special characters.
- Search does not use regional settings of the system to determine first day of week.
- Various minor bug fixes.
MailStore SPE 9.4.1
- Web Access, Outlook Add-in: Search for custom date range returns incorrect search result.
- Incorrect CSS handling when displaying HTML messages under certain circumstances.
MailStore SPE 9.4
- Official Outlook 2016 support.
- Client: Copying table content to clipboard may duplicate columns or include hidden columns.
- Various minor bug fixes.
MailStore SPE 9.3
- Official Windows 10 support.
- Directory Services Integration: Improved performance when creating the list of groups if a larger number of groups exists in the directory service.
- Server, Client and IMAP server: Removed support for insecure SSLv2 and SSLv3. Added support for TLS 1.1 and TLS 1.2.
- X-Final-To header is now recognized when archiving IMAP multidrop mailboxes. In particular this enhances archiving of such mailboxes from a Kerio Connect mail server.
- Various minor bug fixes.
MailStore SPE 9.2.1
- Improved performance when retrieving groups from Microsoft Office 365.
- Synchronizing users from a Microsoft Office 365 environment with more than 100 users fails.
- Web Access, Outlook Add-in: Compatibility issues with Internet Explorer 8.
- Compatibility issues with .NET Framework 4.6.
- Various minor bug fixes.
MailStore SPE 9.2
- The Microsoft Office 365 directory services can now be used by MailStore for user synchronization and authentication.
- Web Access and the add-in for Microsoft Outlook now come with a completely rewritten message list view which makes it possible to scroll through large folder contents and search results with minimum latency.
- The information displayed in reports of multi-mailbox archiving profiles is misleading under certain circumstances.
- Web Access, Outlook Add-in: Saved searches cannot be opened or deleted, depending on characters used in their names and the browser used.
- Some executable files are not marked as DPI aware, causing the user interface to look blurry depending on Windows version and DPI settings.
- The client branding is not applied correctly if the images used do not have a resolution of 96 dpi.
- Accessing Microsoft Outlook without access to the mailbox root folder causes an access violation.
- Opening S/MIME messages in Outlook, restoring to Outlook and exporting to MSG/PST may fail under certain circumstances with the error message "Accessing content stream of non-leaf entities is not supported.”
- Some windows in MailStore Client are displayed incorrectly when Windows has a DPI setting other than 96 dpi (100%) and/or windows are resized.
- Certain Outlook messages cannot be processed by MailStore. The error "Argument is out of range of valid values.” is displayed.
- The API HTTP server doesn’t use the configured server certificate. Instead, it uses the server certificate of the Management Console’s HTTP server.
- Google Apps directory services synchronization may hang under certain circumstances if a large number of users or groups exists.
- Indexing message bodies and attachments in HTML format is performed incorrectly under certain circumstances, causing the results of full text searches to be incomplete. Rebuild search indexes if you encounter this error.
- File system archiving profiles cannot be created with drag and drop from Windows Explorer, as stated in the documentation.
- Some multi-select enabled tables in MailStore Client react very slowly if a large number of items is selected.
- Some multi-select enabled tables in MailStore Client don’t accept the Ctrl+A hotkey for selecting all items.
MailStore SPE 9.1
- First class support for Google Apps (includes user database synchronization, authentication, multi-mailbox archiving using a central service account, multidrop archiving and export).
- Internal archive store directory traversal is now reduced to a minimum, significantly improving performance especially when using larger archives and/or storing them on network storage.
- MailStore's integrated e-mail preview is now able to detect and repair invalid CSS to a certain extent.
MailStore SPE 9.0.5
- Support for the latest Microsoft Office 365 update (Exchange Server 15.1).
MailStore SPE 9.0.4
- Archiving and Export: If a profile is run via a scheduled task or the API, the memory and/or disk space used for reports and debug logs is not released until the server process is stopped or restarted.
- Archiving and Export: User interface text might be displayed in the wrong language under certain circumstances.
- Archiving and Export: The CRAM-MD5 authentication mechanism does not work when accessing mailboxes with the IMAP protocol.
- Archiving: MailStore is unable to archive Microsoft Exchange folders containing tabulator characters in their names.
- Client, Web Access, Outlook Add-in: Messages in HTML format might be displayed incorrectly under certain circumstances.
- Web Access: Windows authentication is not offered when using Internet Explorer 11.
- Server: Under certain circumstances, folder names are disclosed to users without the appropriate privileges.
- Server: A timeout might occur when trying to upgrade a large number of archive stores created by old versions of MailStore Server.
- Server: Reduced disk I/O when accessing Firebird Embedded-based database files.
- Various minor user interface improvements and bug fixes.
MailStore SPE 9.0.3
- Client: In 120 dpi mode, some controls do not scale correctly (message list, date ranges, folder include/exclude dialog, progress dialogs).
- Client: Non-invokable commands are offered to users who have only limited archiving or export privileges (execute only or manage only). Users are getting an access denied error message only after trying to invoke those commands though.
- Client: The page "Recent Results" is not visible to users who can only manage archiving and/or export profiles.
- Directory Services Integration: Due to a bug in Windows' ADSI connection pool, Active Directory authentication sometimes fails when transport layer security (LDAP-SSL) is used. This version works around this bug by performing the authentication via separate LDAP connections when LDAP-SSL is configured.
- Management API: The virtual time zones $UTC (Coordinated Universal Time) and $Local (Server Local Time) are not available in the GetTimeZones and GetWorkerResults API methods.
- Management API: An optional argument instanceUrl has been added to the CreateClientOneTimeUrlForArchiveAdmin method, allowing to specify manually specify the client access server to be used.
- Management Console: Various minor user interface improvements.
MailStore SPE 9.0.2
- The login page of Mobile Web Access does not show the service provider-specific branding. Instead, a MailStore logo is shown.
MailStore SPE 9.0.1
- The Exchange EWS and IMAP property caches are no longer updated if the contents of a folder hasn't changed, reducing write I/O especially when continuously archiving a large number of mailboxes
- Archiving large messages from the client fails when the upload of a large message to MailStore SPE takes more than 100 seconds. Error message: 'The request was aborted: The request was canceled.'
- Installation of the client and the add-in for Microsoft Outlook fails on systems with .NET Framework 4.5.2 installed
- The server process may cause very high CPU load when the archive consists of a very large number of archive stores
- MailStore's internal lock monitor writes timeout errors to the Windows Event Log even when the timeouts were expected, e.g. to detect internal idle states
- Due to a bug in some versions of Microsoft Exchange, archiving folders may fail with error messages such as 'The Delete change relates to an unknown item' or 'The ReadFlagChange change relates to an unknown item'. This version uses a different sync method that doesn't rely on the buggy SyncFolderItems operation.
- If a virus was detected in one or more items of a Microsoft Exchange folder ('ErrorVirusDetected'), archiving the whole folder fails
- Archiving localized (non-English) versions of Google Mail leads to multiple inbox folders with different names when upgrading from earlier MailStore versions
MailStore SPE 9.0
- MailStore Client now requires Windows Vista SP2, Windows 7 SP1, Windows 8 or Windows 8.1.
- The add-in for Microsoft Outlook now requires Windows Vista SP2, Windows 7 SP1, Windows 8 or Windows 8.1. Users still running Windows XP can however use the latest 8.5 version of the add-in to connect to MailStore Service Provider Edition 9.
- Client: Entirely rewritten Message List (used for both folder contents and search results) now behaves more like the one built into Microsoft Outlook, is much faster and can easily display hundereds of thousands of messages. In order to simplify the selection of multiple messages, the last selected message is now opened in message preview.
- Client: Entirely rewritten Message Preview improves display of a large number of recipients and attachments.
- Web Access: HTML E-mail Viewer based on a secure whitelist-based HTML rewriter.
- Web Access: The attachment list now shows icons for the most common file types.
- Web Access: The message list now automatically loads new entries when the user has scrolled to its end.
- Add-in for Microsoft Outlook: HTML E-mail Viewer based on a secure whitelist-based HTML rewriter.
- Add-in for Microsoft Outlook: The attachment list now shows icons for the most common file types.
- Add-in for Microsoft Outlook: The message list now automatically loads new entries when the user has scrolled to its end.
- Server: Entirely rewritten internal lock manager significantly reduces congestions and leads to a much better overall behaviour of the system.
- Archiving and Export: Support for AVM KEN! has been removed.
- Archiving: The performance when archiving Microsoft Exchange 2007 or higher EWS-based mailboxes with a high number of already archived messages has been significantly improved thanks to a new Firebird-based MAPI property cache with an also new folder contents sync module.
- Archiving: The performance when archiving IMAP-based mailboxes with a high number of already archived messages has been significantly improved thanks to a new Firebird-based property cache with an also new folder contents sync module.
- Archiving: The performance when archiving e-mail servers, e-mails clients and e-mails files with a high number of already archived messages has been significantly improved thanks to the implementation of a new store-hinting algorithm.
- Archiving: E-mails which are selected for deletion are now immediately deleted from the e-mail source. Previously, they were deleted in batch after the entire folder contents has been processed.
- Directory Services Integration: The Kerio synchronization now supports domain aliases. Previously, only user aliases were supported.
- Management API: The API has been entirely rewritten. Please refer to the Release Notes for details.
- Full Text Search: Added compatibility with both Adobe Reader and the Adobe PDF IFilter to improve search in PDF attachments. The internal PDF document filter has been removed.
- Statistics: Significantly faster statistics calculation.
- Dozens of minor improvements and bug fixes.