Hi,
Version 2.4.0-3 of the DJIGZO gateway is released.
This is the same version as the last release candidate so if you already
installed 2.4.0-3 you do not need to reinstall this version.
Release notes:
New
* Sign and encrypt tags can be added to the subject for incoming signed
and/or encrypted email (GATEWAY-36)
* Signer and sender address mismatch detection has been added
(GATEWAY-21)
* S/MIME encrypt mailet can selectively encrypt headers (this is mainly
used in combination with DJIGZO for Android)
* S/MIME encryption and signing algorithm can be set per recipient or
domain.
* Simple subject filter added which can be used to filter the subject
using a regular expression.
* Locale (i.e., language) can be selected on the portal login and signup
page.
* CLI tool added which can be used to set/get user properties from the
command line.
Improvements/Changes
* The 8.4 PostgreSQL JDBC drivers were not compatible with PostgreSQL 9
(The default version with Ubuntu 12.04).
The PostgreSQL JDBC drivers have been updated to 9.X (GATEWAY-56)
* Logging has been improved. More information is logged and color coding
has been improved (GATEWAY-42, GATEWAY-26)
* Upgraded to BC 1.47
* LogLevel OFF added which can be used to completely disable logging for
a class.
* Clickatell provider now supports additional parameters.
* Spanish translation for the portal added
(translation by Diego A. Fliess)
* Loading speed of the preferences page has been improved.
* The user no longer has to login after the portal signup. The user is
automatically logged in after the signup process.
* The packages are now signed with a new gpg key.
Bug fix
* sudo added to the RPM spec file as a required package (GATEWAY-55)
* PDF reply should use the Reply-To header (GATEWAY-45)
* Under certain circumstances, unicode characters were incorrectly
encoded when replying to a PDF (GATEWAY-48)
* Compatibility with IE9 has been improved (GATEWAY-40)
* The RPM installer now waits for Postgres to be running before
continuing the installation.
The new version can be downloaded from:
http://www.djigzo.com/downloads.html
Upgrade guide http://www.djigzo.com/documents/upgrade-guide.pdf
Note: the packages are signed with a new GPG key (which can be
downloaded from the download page)
Kind regards,
Martijn Brinkers
···
--
DJIGZO email encryption
Zitat von Martijn Brinkers <martijn(a)djigzo.com>:
Hi,
Version 2.4.0-3 of the DJIGZO gateway is released.
This is the same version as the last release candidate so if you already
installed 2.4.0-3 you do not need to reinstall this version.
Release notes:
New
* Sign and encrypt tags can be added to the subject for incoming signed
and/or encrypted email (GATEWAY-36)
* Signer and sender address mismatch detection has been added
(GATEWAY-21)
* S/MIME encrypt mailet can selectively encrypt headers (this is mainly
used in combination with DJIGZO for Android)
Disabled by default, i guess??
* S/MIME encryption and signing algorithm can be set per recipient or
domain.
The default was SHA1/3DES until now, no?
I ask because we have a problem at one customer site that their
content filter crashes badly since we have this release at work. We
sign all outgoing mail and there were no problems with this site until
now. Disable S/MIME for this site save their content filter, but it
would be interessting what really have changed for signed mails.
Thanks & Regards
Andreas
Zitat von Martijn Brinkers <martijn(a)djigzo.com>:
Hi,
Version 2.4.0-3 of the DJIGZO gateway is released.
This is the same version as the last release candidate so if you already
installed 2.4.0-3 you do not need to reinstall this version.
Release notes:
New
* Sign and encrypt tags can be added to the subject for incoming signed
and/or encrypted email (GATEWAY-36)
* Signer and sender address mismatch detection has been added
(GATEWAY-21)
* S/MIME encrypt mailet can selectively encrypt headers (this is mainly
used in combination with DJIGZO for Android)
Disabled by default, i guess??
Yes by default disabled.
* S/MIME encryption and signing algorithm can be set per recipient or
domain.
The default was SHA1/3DES until now, no?
The default is still SHA1/3DES
I ask because we have a problem at one customer site that their content
filter crashes badly since we have this release at work. We sign all
outgoing mail and there were no problems with this site until now.
Disable S/MIME for this site save their content filter, but it would be
interessting what really have changed for signed mails.
Afaik the only change that might have had an influence on the digital
signatures was an update of the Bouncycastle library (the Java library
used for digital signatures etc.).
Does your client use an S/MIME gateway? Did they report a specific error
or did it just crash?
Kind regards,
Martijn Brinkers
···
On 07/04/2012 05:28 PM, lst_hoe02(a)kwsoft.de wrote:
--
DJIGZO email encryption
Zitat von Martijn Brinkers <martijn(a)djigzo.com>:
Zitat von Martijn Brinkers <martijn(a)djigzo.com>:
Hi,
Version 2.4.0-3 of the DJIGZO gateway is released.
This is the same version as the last release candidate so if you already
installed 2.4.0-3 you do not need to reinstall this version.
Release notes:
New
* Sign and encrypt tags can be added to the subject for incoming signed
and/or encrypted email (GATEWAY-36)
* Signer and sender address mismatch detection has been added
(GATEWAY-21)
* S/MIME encrypt mailet can selectively encrypt headers (this is mainly
used in combination with DJIGZO for Android)
Disabled by default, i guess??
Yes by default disabled.
* S/MIME encryption and signing algorithm can be set per recipient or
domain.
The default was SHA1/3DES until now, no?
The default is still SHA1/3DES
I ask because we have a problem at one customer site that their content
filter crashes badly since we have this release at work. We sign all
outgoing mail and there were no problems with this site until now.
Disable S/MIME for this site save their content filter, but it would be
interessting what really have changed for signed mails.
Afaik the only change that might have had an influence on the digital
signatures was an update of the Bouncycastle library (the Java library
used for digital signatures etc.).
Does your client use an S/MIME gateway? Did they report a specific error
or did it just crash?
It is a spam (content)-filter with no S/MIME capabilities as far as i
know. It just crashs and eat up the mail. We got a "550 could not
process your mail" and the recipient a mail with no subject and 0 byte
size. So while it is clearly their fault it would be helpful to have
more details for a bug report to the maker of the spam filter.
Thanks
Andreas
···
On 07/04/2012 05:28 PM, lst_hoe02(a)kwsoft.de wrote:
The upgrade to BouncyCastle 1.47 was a lot of work so there were a lot
of changes. Most changes however were more API related and not so much
implementation. One change that might be relevant is that the signing
algorithm identifier added to the headers has been changed.
Previously it was sha1 but this has been changed to sha-1 (see S/MIME
3.2 http://www.rfc-editor.org/rfc/rfc5751.txt)
so it was:
Content-Type: multipart/signed; protocol="application/pkcs7-signature";
micalg=sha1; boundary="....."
and now it is:
Content-Type: multipart/signed; protocol="application/pkcs7-signature";
micalg=sha-1; boundary="..."
(i.e., sha1 was replaced with sha-1 according to rfc5751).
It might be that your client's scanner chokes on the sha-1 value?
Kind regards,
Martijn Brinkers
···
On 07/04/2012 06:10 PM, lst_hoe02(a)kwsoft.de wrote:
Zitat von Martijn Brinkers <martijn(a)djigzo.com>:
On 07/04/2012 05:28 PM, lst_hoe02(a)kwsoft.de wrote:
Zitat von Martijn Brinkers <martijn(a)djigzo.com>:
Hi,
Version 2.4.0-3 of the DJIGZO gateway is released.
This is the same version as the last release candidate so if you
already
installed 2.4.0-3 you do not need to reinstall this version.
Release notes:
New
* Sign and encrypt tags can be added to the subject for incoming signed
and/or encrypted email (GATEWAY-36)
* Signer and sender address mismatch detection has been added
(GATEWAY-21)
* S/MIME encrypt mailet can selectively encrypt headers (this is mainly
used in combination with DJIGZO for Android)
Disabled by default, i guess??
Yes by default disabled.
* S/MIME encryption and signing algorithm can be set per recipient or
domain.
The default was SHA1/3DES until now, no?
The default is still SHA1/3DES
I ask because we have a problem at one customer site that their content
filter crashes badly since we have this release at work. We sign all
outgoing mail and there were no problems with this site until now.
Disable S/MIME for this site save their content filter, but it would be
interessting what really have changed for signed mails.
Afaik the only change that might have had an influence on the digital
signatures was an update of the Bouncycastle library (the Java library
used for digital signatures etc.).
Does your client use an S/MIME gateway? Did they report a specific error
or did it just crash?
It is a spam (content)-filter with no S/MIME capabilities as far as i
know. It just crashs and eat up the mail. We got a "550 could not
process your mail" and the recipient a mail with no subject and 0 byte
size. So while it is clearly their fault it would be helpful to have
more details for a bug report to the maker of the spam filter.
--
DJIGZO email encryption