CipherMail gateway community 4.3.0-1 release available

Hi all,

A new version of the CipherMail gateway community edition is
available for download (version 4.3.0-1).


* HTML/CSS refactored. Bootstrap HTML/CSS framework is now used for
  the web GUI. The web GUI is now responsive and scales on small mobile
  devices (iPhone, iPad etc.). Some menu items are now combined under
  one pulldown menu (S/MIME) and some menu items are moved. This was
  a major change because all GUI pages had to be updated.
* MimeEncodeHeaderMethod freemarker method added which can be used
  to MIME encode a header to make it 7bit safe
* General cleanup (copyright statements, expired test keys/certs
  updated, code cleanup etc.)
* Reboot and shutdown are now done in background to prevent a browser
  error on fast systems (system that shutdown before the browser was
  able to get the result)
* EncodedSubject template parameter added which contains the 7bit
  safe subject.
* post-quarantine- processors renamed, There are now special
  processor's used for email released from quarantine and no longer
  shared between normal flow.
* MariaDB JDBC driver is updated to 1.7.4.
* Factory property files are now read from conf/
  in sorted order. This can be used to add new factory properties or
  override existing properties.
* A new TLS/SSL cert for the web GUI is now installed using a
  script. This requires that -Ddjigzo.home parameter is set for Tomcat.
* Postfix long queue IDs are now enabled by default (
* The web server can now be restarted from the system page.
* Download key page now supports downloading keys as PEM.
* The Virtual Appliance no longer maximizes the back-end memory to 2GB
  (the 2GB max was due to 32 bits Linux not supporting more than 2GB
  for a JVM).
* Stats added for DLP and failed encryption [PRO/ENT].
* Apache HTTPd is now used for the front-end for the Virtual
  Appliance. Restarting after a new TLS/SSL certificate is installed
  is now much faster and does not invalidate existing sessions. Another
  benefit is that Apache HTTPd provides a large number of configuration
  options (for example configuring which TLS ciphers are allowed)
* The IP range used by O365 and GSuite can be automatically
  configured. This makes it easier to use the gateway as a secure
  gateway for O365 or GSuite [PRO/ENT].
* MTA Lookup tables can be configured from the GUI. This allows you to
  configure your own MTA maps (for example to configure a fine-grained
  per destination TLS policy) [PRO/ENT].
* GlobalSign Certificate Request handler added. Certificates can now
  be automatically requested from the GlobalSign Managed ePKI service
* LDAP config refactored. The LDAP server URL and credentials should
  now be configured in ldap-context-source.xml [PRO/ENT].
* Milter classes refactored. "Change Sender" milter added [PRO/ENT].

When upgrading an existing installation, a (minor) additional
configuration step is required if you want to allow uploading of the
TLS/SSL certificate using the web GUI. See the upgrade guide for more

Kind regards,

Martijn Brinkers


CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.