DJIGZO gateway 2.5.0 released

Hi,

A new version of DJIGZO gateway (version 2.5.0) is now officially released.

The packages, including the updated Virtual Appliances, can be
downloaded from:

http://www.djigzo.com/downloads.html

Upgrade guide direct download:

http://www.djigzo.com/documents/upgrade-guide.pdf

Release notes:

* a page has been added on which a MIME encoded email can be uploaded
  for text extraction. This allows the admin to see which text the DLP
  scanner uses for pattern matching.
* PDF option "Send CC to replier" added. If set, a CC of the PDF reply
  will be sent to the replying user.
* S/MIME option "Skip import of untrusted certificates" added. By
  default all certificates from a signed email will be imported even if
  untrusted. By enabling "Skip import of untrusted certificates", only
  trusted certificates are imported.
* "Signing subject trigger" option added. This can be used to force
  signing of email if the subject contains a user defined keyword
  (keyword can be removed if configured).
* Password strength check/estimate is added to the portal password
  selection/change pages. The minimum required password strength can be
  set by the administrator. By default you are not allowed to use your
  email address as your password or base your password on your username
  or use a qwerty sequence of more than 5 characters.
* System page added on which the server can be restarted/rebooted and
  Postfix stopped/started.
* Three custom properties and templates added. These properties and
  templates can be used if the mail flow (config.xml) is modified by
  the admin and the changes require some user configurable options.
* a page has been added with which an email can be sent. This is helpful
  for testing purposes.
* French language support added to portal
* WEB GUI is automatically logged off after 5 min. of inactivity.
* The HTML text extractor for the DLP scanner now by default skips HTML
  comments. This makes it less likely to have false positives for
  certain patterns (for example SSN pattern)
* The HTML text extractor for the DLP scanner now by default only scans
  the HTML body. This makes it less likely to have false positives for
  certain patterns (for example SSN pattern)
* The HTML text extractor now also scans application/xhtml+xml
  attachments.
* "Dynamic" memory allocation is now enabled by default. The DJIGZO
  back-end now by default uses a heap size of 0.6 * available memory.
* The back-end SMTP server no longer adds a received header. This makes
  it easier to remove internal IP addresses from the received headers
  using Postfix header checks.
* Backup's are now gzip'd.
* Changing the Web GUI IP filter no longer requires a restart of the web
  server. The IP filter settings are read from
  /etc/djigzo/ip-filter.properties.
* Max inline body of PDF is now by default 256K. If the text is larger
  that max, the text will be added as a text attachment.
* back-end logs now rotate at 10MB (was 5MB)
* The SMS option "Phone number allowed" is no longer enabled by default.
  Note: This is a non-backward compatible change since the default
  value changed. To revert back to the old behavior, enable the global
  "Phone number allowed" option.
* sudo usage has been simplified. Scripts will now be executed from
  scripts.d.
* Some jars updated to newer releases
* Support for right to left (RTL) text added to the PDF encryption
  module.
* Support for multiple SMS transports added.
* The DLP scanner now also extracts the meta content of MIME parts. This
  can for example be used to block or quarantine certain attachment
  types. The attachment type is detected from the content of the
  attachment and not from the filename.
* Comodo classes have been removed for now since the Comodo EPKI no
  longer allowed certificates to be automatically requested (the Comodo
  module will probably be added in later versions)
* Changing the automatic backup cron expression no longer requires a
  restart. The backup job will be rescheduled.
* The signature algorithm identifier of a signed email changed between
  RFC 3851 and RFC 5751. RFC 5751 uses for example sha-1 whereas RFC
  3851 uses sha1. The gateway by default follows RFC 5751. Some
  anti-spam gateways however cannot handle the new RFC 5751 syntax. The
  SMIMESign mailet can be configured to revert back to RFC 3851.
* URL detection for the PDF module has been improved.
* The reply link in the PDF is now a clickable image.
* OpenJDK 7 is now supported.
* WEB GUI look and feel updated. Moved some functionality to different
  pages (for example SMS queue is not part of the Queues page). Most
  menu items can be dynamically extended to support add-ins.
* JCE policy manager page removed since this is not longer required with
  OpenJDK.
* Most pages now close after applying the settings instead of showing
  "settings applied".
* The WEB GUI now checks whether regular expressions are valid.
* Virtual Appliance: The Virtual Appliance now runs on Ubuntu 12.04 LTS.
* Virtual Appliance: Backup/restore is now possible from the console
  application.
* Virtual Appliance: Remote samba share can be mounted.
* Virtual Appliance: Network setup should now be done with the WEB GUI.
  Only the initial IP address can be setup with the console
  application.

Bug fix

* The HTML text extractor for the DLP scanner sometimes removed white
  space characters which resulted in merged words.
* Some internal James log files were not correctly log rotated.
* On Chrome, if an attachment was removed from the PDF reply page, the
  frame was not resized.

Kind regards,

Martijn Brinkers

PS. if you already installed the release candidate 2.5.0-4, there is no
need to reinstall since this release version is the same as the last
release candidate.

···

--
DJIGZO email encryption