Released July 18, 2007
- You must have a current license key for your specific version of IMail 2006 to install version 2006.21. If you need help finding your license key, contact our customer service team.
Note: If you are using a custom ODBC.dll file developed by a 3rd party vendor, contact the vendor for information about an updated ODBC.dll file for IMail Server. Failure to update the ODBC.dll file could result in a message being misdirected or users unable to access their account.
Summary:This update fixes a variety of issues.
- Web Client - CuteEditor by CuteSoft Components, Inc., a new HTML editor has replaced FreeTextBox for composing messages.
New release of Premium Antispam (Mail-Filters): IMail Server 2006.21 also includes an update to the Premium Antispam (Mail-Filters) software. The latest version of the StarEngineService provides new options for configuring spam filtering of message header content. These options are available on the Premium Filter Settings page. (Click Services > Antispam.) Note: These settings apply to the selected domain.
- Flag missing Subject: header as spam. Checks that the Subject Header field exists. If the Subject is missing, it will take the action specified in For email determined to be from a dirty IP section of the Premium Antispam Filter page.
- Flag missing From: and To: headers as spam. Checks that both the From and To fields in the header exists. If either field is missing, it will take the action specified in the For email determined to be from a dirty IP section of the Premium Antispam Filter page.
- These options help to filter emails sent as part of a campaign and to identify IP addresses used to send spam, also known as "dirty" IP addresses. When mail fails the header checks, IMail takes the action specified on the Premium Filter Settings page (click Antispam > Premium Filter).
- Also on the Premium Filter Settings page, in the Update Engine Options section, the Enable Telemetry option was added.
- Ipswitch would like to thank TippingPoint (www.tippingpoint.com) and Zero Day Initiative (www.zerodayinitiative.com) for reporting the following issues that have been fixed:
- A heap overflow condition in Imailsec allowed unauthenticated users arbitrary code execution.
- Buffer overflow due to unchecked buffer length in subscribe.
Ipswitch would like to thank iDefense Labs (labs.idefense.com) for reporting the following issues, that are now fixed:
- [IDEF2131] Buffer overflow in the IMAP Search command.
- [IDEF2474] Buffer overflow vulnerability in the Search Charset command.
- [IDEF2390] Overwritten Destructor causes IM Server to crash without authentication.