This document contains the release notes for Symantec Mail Security 8.1.x for Domino in-line releases.
Release notes for Symantec Mail Security 8.1.3
Symptom: SMSDOM crashes when specific user’s mail is accessed from mailbox in CNotesString::find() API.
Solution: Code is modified to mitigate the issue by skipping the panic on NOTES API failure during alert generation with RTF message body.
Symptom: When nntask is restarted, the status of definitions in savdefs.nsf changes to Inactive from Active.
Solution: Code is modified to add new generic support for date conversion on top of date formats returned by Notes API. Date formats are not affected due to time zone differences.
Symptom: Nntask crashes when file extension is found invalid for DBCS file names.
Solution: Now, invalid file names are assumed to have .tmp extension, and the files are scanned.
Solution: Conduit.exe service takes time to start on low configuration servers. PAS initialization is modified to retry the conduit.exe process for one more time to facilitate smooth PAS startup.
Solution: The issue has been fixed in JLU v3.10.1, and it is integrated into SMSDOM.
Solution: Timeout for purge operation has been increased to 300 seconds to allow purging of older definitions from savdefs.nsf on some low configuration servers.
Solution: Add SAVJLUDebug=1 to the notes.ini file. After Domino server is restarted, the JLU is launched with -d option (when executed from UI) and the activity is recorded in a log file.
Solution: Code is modified to skip VSP parsing if it finds entry SAVBypassVSP=1 in notes.ini file. It avoids crashes on XML parsing issues in gSOAP on low configuration servers.
Solution: Code is modified to allow simultaneous message processing and signature downloads for PAS.
Solution: Java LiveUpdate component has been updated to allow support for JRE version 8.
Release notes for Symantec Mail Security 8.1.2
Symptom: Server name was missing when trying to add to a server group.
Solution: Lotus Script is fixed and now the user interface shows the server name properly while adding to a server group.
Symptom: High CPU usage was shown with no email traffic.
Solution: Message queue logic is modified to avoid CPU consumption when there is no email traffic.
Symptom: Whitelist was not working properly when user's email address (portion of the email address before the @ sign) contained a period (.) in it
Solution: Code is modified to support a period (.) in user name part of email address while checking for whitelisting
Solution: License file consumption logic is modified to fix this issue.
Solution: SAVAppendChildName parameter is introduced to disable (value 0) the display of child file name in the console log. Default is ON (value 1).
Solution: Code is modified to send an alert email when the infected child file in an attached archive file (that is zip, rar, and so on) is deleted.
Solution: Decomposer temporary directory create logic is modified to avoid duplicate directory in the temp location.
Solution: Implementation guide and help database is modified to include the reference of the changed user interface text of the scheduled scan.
Solution: SMSDOM disallows users to enable scheduled scans without specifying days to run on. User must specify at least one day to schedule a scan. Message is displayed if none of the days are selected.
Solution: Added more checks to validate the already running nnpas process when load nnpas command is executed from the console. New console message is added: SMSDOM: SMSDOM is verifying if PAS is already loaded...
Solution: Updated the Java Live Update component to allow support for Java Runtime Environment (JRE) version 7.
Release notes for Symantec Mail Security 220.127.116.11
Symptom: Fixed "Failed to get number of mail boxes issue."
Solution: Code change
Symptom: SMSDOM exits with "Unknown OS error" when mail1.box is missing and multiple mail boxes are configured.
Solution: Code change
Symptom: Minor spelling error in debug logs.
Solution: Text output corrected.
Symptom: Liveupdate notification goes out when not enabled to do so.
Solution: Code changed.
Symptom: Leap year logic caused issues in SSO tags
Solution: Logic corrected with code change
Symptom: Can not add large amount of domains to PAS white list.
Solution: This is due to limitation of 32k for field size. Adding logic to prevent going over this size.
Symptom: Schedule scans can cause an issue when run at same time. One option to run LU after LiveUpdate bypasses this.
Solution: Changed code so only one can run at a time.
Symptom: SMSDOM Write/Mail threads getting hung.
Solution: Scan file handling logic has been modified to address this issue.
Symptom: Manual scan should show appropriate message in server console
Solution: Show task will show distintive message for manual scans - "SMSDOM Manual Scan Scanning"
Symptom: PAS crashes if license file is missing
Solution: PAS will not crash if license file is missing. Message is now displayed that license is missing.
Symptom: MIME to CD conversion should not happen if Manual or Schedule scan is not checked under any CF rule with body rule enabled.
Solution: Code change
Symptom: Any file enbedded on Structured Protected xlsx file is not getting scanned.
Solution: Files embedded in structured protected xlsx will be scanned and threats will be detected.
Symptom: Delete option does not work for threats gz file
Solution: Any threat inside gz file will be deleted and a dummy delted.txt will be added into it to replace the threat
Symptom: Change the initialization code on how nntask determines if already running.
Solution: Code change
Symptom: Crash with Unlink failed in DeleteLockFile "C errno: 13 (0xD): Permission denied"
Solution: File locking code improved.
Symptom: Last message sent is always held in mail.box with status "Symantec mail security scanning" when SAVMailThreads=1
Solution: Scan threads logic is fixed to address this issue
Symptom: Temp file created for scanning some time has conflicting temp names
Solution: The logic is modified to create unique file name for files being scanned in temp location
Symptom: Skip scanning containers exceeding the configured limits before copying the file to temp dir
Solution: If the temp location free disk space is less than size of file being scanned, it will be skipped. No crash will occur
Symptom: Defect discovered in Attachment Content Filtering (ACF)
Solution: Verity upgraded to 10.15.0 to address this issue
Symptom: Content Filtering rule not working if SMTPOriginator is empty
Solution: CF will refer to both SMTPOriginator and From field during scan
Symptom: Change the text "Also run this scan after LiveUpdate" in GUI of Scheduled Scan
Solution: Text changed to "Also run this scan after new definitions arrive"
Symptom: Alert does not work properly when sending to a Group and that group has a Mail Domain configured
Solution: Code is fixed to lookup all members of the group
Symptom: Upgrade to decomposer engine to newer version.
Solution: Decomposer has been upgraded to version 18.104.22.168
Symptom: Upgrade PAS engine (BEIK)
Solution: PAS engine has been upgraded to version 6.3
Symptom: Vulnerabilty found in Verity engine
Solution: Verity has been upgraded to 10.15.0 with patches
Symptom: Improve exception handling at every dynamic memory allocation and file locking mechanism
Solution: Code has been improved to handle exceptions at dynamic memory allocations and file locking mechanism
Symptom: Determine number of install/uninstall/upgrade instances for Mail Security for Domino
Solution: Support is added to track the number of install/uninstall/upgrade instances. EULA changed to include transmitted details by this feature
Release notes for Symantec Mail Security 22.214.171.124
Symptom: Need notes.ini parameter to ignore scan errors due to split content
Solution: Added notes.ini parameter 'SAVSplitMessageDetection' with default value as 1 to ignore scan errors due to split content.
Symptom: Limit SSO feature to e-mail routing only.
Solution: Changed code to limit the SSO feature to only e-mail routing. Also removed options from Schedule/Manual scans.
Symptom: Cannot disable automatic system reboot via silent install option.
Solution: During SMSDOM silent install on windows with 'REBOOT=ReallySuppress', the system will not be rebooted after successful installation now.
Symptom: SMSDOM does not report scan errors on containers' child files, but on parent only.
Solution: The code can now reports scan errors on container’s child files along with their parent containers.
Symptom: Leak in VSP error path.
Solution: Code updated which handles the objects during unsuccessful parsing of VSP file.
Symptom: Implementation Guide change request for number of scanning threads.
Solution: Implementation guide as well as the help database is now updated with correct
Symptom: Need to change the "Fake body" message to something more meaningful like "Empty or Encrypted body"
Solution: When the email has no body or encrypted body, it will be reported properly in the log messages.
Symptom: UI validation should happen before saving mis-configured Alert.
Solution: UI validation will be done before user enables and saves any Alert if checkbox of Administrator, Document author or
Symptom: MIME to CD conversion should not happen on Manual or Schedule scan run if Content Filtering is disabled.
Solution: MIME to CD conversion will not happen during Manual or Schedule scan if option ‘Scan for Content Filtering rule violations’ is disabled/unchecked.
Symptom: SMSDOM fails to consume RR definition if RR runs prior to LU at very first time.
Solution: Libraries have been updated. After fresh install of SMSDOM, when RR update is run for the very first time prior to LiveUpdate, RR definition will be consumed by SMSDOM.
Symptom: LiveUpdate get's triggered on Hub as well as Spoke Server in Cluster Environment.
Solution: Log message has been corrected.
Symptom: 'SMSDOM: Another instance of LiveUpdate is running.' message doesn’t get logged while RR is running.
Solution: Code updated to notify 'Another Instance of LU is running message' on Domino Console and SAVLog.
Symptom: OpenSSL 0.9.7c being used in NNTask.exe has publicly known vulnerability.
Solution: OpenSSL has been upgraded to version 1.0.0e.
Symptom: Change wording in sav.nsf / CF Rule for container (zip) to be changed to something more meaningful.
Solution: The text "For Container (zip) file attachments" on CF Rule page is changed to "For any attachment container file (ie. zip, pptx, docx, etc.)".
Symptom: Add new SPAM and AV definitions to SMSDOM package.
Solution: Bundled standard spam and AV definitions have been updated.
Symptom: Please include CPU 100% workaround into SMSDOM 8.1 conducfg.xml file.
Solution: Premium Antispam will point to lighter rulesets.
Symptom: Change wording in Implementation Guide of 'For Container (zip) file attachments' to For any attachment container file (ie. zip, pptx, docx, etc.).
Solution: Implementation Guide has been updated.
Symptom: CF rule is not applied properly if the cf precondition is set to 'EVERY_RECIPIENT_ATTR' or 'EVERY_RECIPIENT_INTERNET_DOMAIN_ATTR'.
Solution: The CF rule will be applied based on whether the every recipient attributes/internet domain is matching with the entries in CF precondition.
Symptom: LUA 2.3.1 needs to be packaged with SMSDOM 8.1 because some components will expire.
Solution: LUA 2.3.1 has been packaged/ bundled with SMSDOM 8.1 ISO.
Symptom: Integrate SMSDOM with DECOMPOSER 126.96.36.199.
Solution: DECOMPOSER has been upgraded to version 188.8.131.52.
Release Notes - Symantec Mail Security for Domino 8.1.2
SMSDOM_8.1.3_Release_Notes.pdf (191.6 KB)