Below is a list of special considerations and notes that you may need to be aware of when upgrading to MDaemon version 16.5.0 from a previous version.
| • | This version of MDaemon is not compatible with previous versions of BlackBerry Enterprise Server (BES) for MDaemon. BES will be disabled when MDaemon is installed. To continue running BES, update to BES for MDaemon version 2.0.3. |
| • | When MX record lookups during message delivery get a DNS server failure result, the message will be left in the queue for attempted delivery during the next processing cycle. This change is to conform with RFC guidelines. Previously, MDaemon would attempt direct delivery and, failing that, immediately bounce the message in some configurations. |
| • | For new installations, the default IPv6 setting to use IPv6 with outbound hosts has changed to disabled/off. |
| • | The Log Mode option to "log...based on the day of the week" (i.e., Monday.log, Tuesday.log, etc) was deprecated and removed. As a result, the option to overwrite log files was no longer necessary and also removed. When upgrading to MDaemon 16.5.0 or later, those set to use the old option are switched to the "log...based on the date" option (i.e., MDaemon-2016-02-22-X.log, etc). Further, there is a new option to let you set the number of .OLD backups that are created once the max log file size is reached (previously only one was possible). Finally, hyphens were added to the file names to make the dates easier to read. |
| • | SMTP Authentication has a new option to require all incoming messages from local IPs to use authentication or otherwise be rejected. Trusted IPs are exempt. This setting is enabled by default for new installations. When upgrading, however, it is disabled to avoid delivery problems from clients or other services that don't authenticate and aren't currently listed as a trusted IP. Please enable this option if you can as it is a good security practice. |
Another new SMTP Authentication option requires the credentials used for AUTH to match those of the address in the FROM header. This prevents cases where a sender authenticates as one user while claiming within the message to be another user. This option is enabled by default and handles aliases as if they were the real email account. Further, to support gateway mail storage and forwarding, there is a corresponding option located on the Global Gateway Settings screen that will "Exempt gateway mail from AUTH credential matching requirements" by default.
| • | A new Global Gateway Settings option to "Perform verification lookups on senders as well as recipients" makes it possible for you to use gateway address verification to verify senders, whereas previously only recipients could be verified. This option is enabled by default, which means that it is now possible for messages sent from addresses that cannot be verified to be refused in some cases where they might have been accepted before. If this is not to your liking then disable the new option. |
| • | The Mail Pruning and Public Folder Pruning options have been changed. Previously, the Last Modified Date of each message file was used when determining which messages to delete based on their age. Now the Date: header within the message itself is used. If there is no Date: header or it doesn't comply with standards, then the Last Modified Date file property is used. |
| • | On the Logging » Maintenance dialog, there is a new option that governs the maximum number of days that the Antivirus update log (i.e. avupdate.log) will keep data. At midnight each night, and also whenever MDaemon starts after upgrading, older data will be deleted from the file. By default the last 30 days of data are kept. |
| • | Options were added to Gateway Editor » Verification and Active Directory » LDAP to allow you to choose whether or not to chase referrals in LDAP connections. Sometimes an LDAP server doesn't have a requested object but may have a cross-reference to its location, to which it can refer the client. If you want MDaemon to chase (i.e. follow) these referrals, you can enable the option on the associated screen. Previously MDaemon chased referrals by default and there was no option to disable it. Now it is disabled by default. |
| • | The default settings for the MDPGP options below were changed for new installations. They are not changed when upgrading, but it is recommended that you compare them to your current installation, and that you review the new MDPGP options, to see if the new settings would work better for you: |
"Enable MDPGP" (enabled by default)
"Authorize all local MDaemon users for all services" (enabled by default)
"Sign mail automatically if sender's private-key is known" (disabled by default)
"Encrypt/Sign mail sent to self" (enabled by default)
"Email public-keys when requests are made (--pgpk command)" (enabled by default)
"Email details of encryption failures to sender (--pgpe command)" (enabled by default)
"Expires in 0 days" (changed to 365 by default)
Even though most of these settings are now enabled by default (including the entire MDPGP service itself) no encryption/decryption related actions can be taken until keys are known and have been added to the key-ring. However, with this version of MDaemon there are now more ways to get that done automatically.
Version 16.0.0
| • | Minger queries now include the email address (sender) making the request. This allows personal blacklists to be checked. If the sender is on the Minger recipient's personal blacklist then a result of "user unknown" will be returned to the Minger client. This change is backward compatible with older Minger servers. As a result of this change the LDAPCache.dat file format had to be changed. Your old LDAPCache.dat file has been renamed LDAPCache.dat.old. |
| • | The Archive to Public Folders feature was redesigned, as it was causing slow performance. You can no longer archive specifically to "public folders." Instead, you can archive messages to a specific mail folder and then use the Access Control List to share that folder as needed. The default location for this folder is C:\MDaemon\Archives\Email\, but you can set it to any folder you choose. You can choose to archive inbound messages that are to your local users, outbound messages from your local users, or both. Mailing list messages, messages being relayed, and those with a virus will not be archived. Inbound and outbound messages will be stored in \In\ and \Out\ subfolders, respectively. They can be further subdivided by using the ...archive based on recipient address and ...archive based on sender address options. Also, separate archives can be maintained for each domain by using the Provide separate archives for each MDaemon domain option.
Archived messages are saved in the final state in which they appear in the local user's mail folder, or in the "ready to be delivered" state for outbound messages. This means that if you, for example, have the content filter make some change to a message, such as adding a header to it, then the archived message will contain that change.
To browse the archive folder use one of your mail accounts (or create a new one) and point its Mail Folder to the same folder used for the archive. If multiple people need access to the archive then log in to the archive account and share the desired folder using its Access Control List.
Note: The old "Mail Archive" public folder is no longer updated. It was left in place, however, so that you can decide what to do with it. For example, move it or copy it somewhere else and then delete the original. In any case, you should remove it from MDaemon's Public Folders directory, as that can greatly improve the performance of the server for all users. The installation and update process does not do this for you automatically because that would cause the update process to take too long, and it could lead to confusion about the status and location of the archive. |
| • | MDPGP: The option to share encryption keys across one or more aliases has been removed. Aliases should have their own set of keys so that various identities are safely kept separate. Although the following is not recommended, if you have special circumstances where you need to preserve previous behavior, you can add "Aliases=Yes" (without the quotes) to the [MDPGP] section of \App\Plugins.dat and restart MDaemon. |
| • | MDaemon no longer leaves Everyone@, MasterEveryone@, and DomainAdmins@ mailing list .GRP files in the APP folder when the options to use those lists are disabled. Leaving those files in the APP folder caused problems because the API assumed the lists were valid if the files existed. If you do not want these files updated or deleted then you can change their file attribute in Windows to Read-only (although this is not recommended). A better approach in such cases would be to create your own lists which can use the same "Send to everyone" macros that these system maintained lists can. |
| • | MDaemon was not honoring the mailing list setting that hides the mailing list from the domain's public contacts folder. This has been fixed. When this version of MDaemon starts for the first time, any errors in the contact folders related to mailing lists will be corrected. If a contact is found when it should not be, the contact is removed and any missing mailing list contacts are created. This will trigger a re-sync of the contact folder for all devices that are linked to it. |
| • | A fix to a long standing content filter parsing bug could potentially (rarely) lead to the following issue: In the past, content filter rules which compare the value of a message header would fail to work if the test string being looked for started with a space character. For example, testing whether a header contained the string ' test ' (note the spaces) would sometimes fail. This problem has been fixed but it could mean that rules which previously did not match, now might. |
| • | The "Account can modify the public address book" setting was removed from Account Editor and Template Manager. Access to any public address book is now managed only through the Access Control List (ACL) editor for the specific address book folder in question (including any defaults which will apply to newly created accounts). As a result of these changes the MD_SetCanModifyGAB() function in the API has been deprecated and changed to do no work (but left in place for backward compatibility). Also, the CanModifyGAB member of MD_UserInfo structure is now read-only. Any changes you make to this member will not be saved. Changes to ACLs are strictly a function of the ACL editor from here forward. |
| • | MDaemon's list engine no longer uses the message-id value of the original list message. Each list message will get the same, single, newly generated message-id. The mailing list engine makes many changes to the original list message. Thus it must take ownership and issue a new message-id. However, the old option to Replace Message-ID with unique value for each member still works but has been disabled by default for new lists and should not be used unless special circumstances require. |
| • | Experimentation has revealed several host screen values that are effective in blocking unwanted connections. These have been added as defaults to HostScreen.dat for new MDaemon installations. If you are upgrading MDaemon, you can rename or remove HostScreen.dat and restart MDaemon to get this new version. |
| • | The default "low disk space value" (the value below which MDaemon starts warning you about it) was changed from 100MB to 1000MB. Likewise, the "auto-shutoff value" (the value below which MDaemon will disable mail services due to critically low disk space) was changed from 10MB to 100MB. Please check and change the values on the Preferences » Disk screen if those values present a problem for you. |
Version 15.5.0
| • | The daily quota report now includes a column showing the last date and time the account was accessed (via IMAP, POP, WorldClient, etc). This required a change to the QuotaReport.dat template file. Your old file was saved as QuotaReport.dat.old in case you have customized it. If so, you may want to similarly customize the new template file. |
| • | The default setting for Use colors in UI logs was changed from disabled to enabled. If you don't wish to use colorized logs you can change the setting at: Preferences » UI. |
Version 15.0.0
| • | Dynamic Screening has changed. The "Watch accounts" checkbox was redundant and therefore removed. The options to freeze accounts and email the postmaster were made into a separate checkboxes, and you can now designate the sources that will trigger the email: SMTP, IMAP, or POP. As in previous versions, this email is not sent when the account in question is already frozen. Further, the Dynamic Screening settings were reverted to installation defaults, therefore you should check them if you prefer a non-default configuration. Finally, the WorldClient-related options were moved to their own Dynamic Screen page under WorldClient (web mail). |
Version 14.5.0
| • | On the Preferences » Headers screen, the options: "Hide local IPs when processing message headers" and "...also hide LAN IPs" have been deprecated and removed. They have been replaced by a single option that hides reserved IP addresses: "Hide reserved IPs when creating message headers." This option is enabled by default and prevents reserved IP addresses from appearing in certain MDaemon created message headers. Reserved IP addresses are as defined by various RFC's and include: 127.0.0.*, 192.168.*.*, 10.*.*.*, and 172.16.0.0/12. If you also wish to hide your domain IPs (including LAN domains) from the headers then you can set the following switch in MDaemon's app\MDaemon.ini file manually: [Special] HideMyIPs=Yes (default is No). |
| • | The option "POP3, IMAP, and WorldClient passwords are case sensitive" has been deprecated and removed from Preferences » Miscellaneous. Passwords are now always case-sensitive. Allowing otherwise breaks security best practices and is incompatible with hash-based authentication mechanisms (APOP, CRAM-MD5) and secure (hash-based) password storage. As a result of this, some of your users may need to update their password in their mail client. |
| • | The SPF cache file now caches a domain's actual SPF policy record taken from DNS rather than the final result of SPF processing. Your old SPFCache.dat file can not be migrated and was therefore renamed to SPFCache.dat.old in case it contains settings you need to refer to. You can delete SPFCache.dat.old at any time. |
| • | The HashCash feature was removed. It was an outdated feature that was never widely used. |
| • | All support for the now obsolete Sender-ID feature was removed. |
| • | All support for the original DomainKeys message authentication system has been removed. DomainKeys is obsolete and has been replaced by the acceptance and adoption of DKIM. |
Version 14.0.1
| • | WebAdmin has been renamed to MDaemon Remote Administration. |
| • | ComAgent has been renamed to WorldClient Instant Messenger. |
Version 14.0.0
| • | The product registration system has been updated to utilize a digitally signed XML based license file. This approach allows for greater flexibility, and will enable ALT-N to offer new innovative purchasing and renewal options. The installation process will automatically download the license file. Product activation has been replaced by a scheduled mechanism that will update the license file on a periodic basis. The system is able to accommodate temporary connectivity outages, but communication with the licensing service is required for continued use of the product. |
| • | The new WorldClient theme is now the default theme for new installations. When updating, the installer will ask if you want to change your default to this new theme. |
| • | WorldClient's Simple theme has been renamed to Lite. MDaemon Lite now uses this theme in WorldClient. |
| • | The Standard theme is no longer included in new installations of MDaemon, but it will still be available as a separate download. If you are updating and the Standard theme is already installed, it will not be removed. |
Version 13.6.1
| • | The default settings for two SMTP authentication related values have changed. The option to require SMTP authentication when mail is from local accounts and the option to require authentication credentials to match that of the email sender are both now enabled by default. If you wish to disable either of these options, they are located on the SMTP Authentication screen. |
| • | An option was added to Preferences » Headers to hide MDaemon's software version and other identifying information when creating Received headers or responding to various protocol requests. The option is disabled by default. As part of this process, MDaemon's Received header construction was simplified and no longer includes extraneous data. Also, the following undocumented MDaemon.ini settings were removed: [Special] SecureReceivedHeaders=Yes/No and [Special] ReceivedHasAuthedUser=Yes/No. |
| • | The STARTTLS Required List is now also applied to the MAIL FROM value during an SMTP session (in addition to the EHLO and IP). If MDaemon receives a MAIL command followed by an email address that is on the STARTTLS Required List during a session that has not been secured, then the MAIL command will get a "454 STARTTLS Required" response. |
Version 13.6.0
| • | MDaemon Standard has been renamed to MDaemon Lite. |
| • | The trial period for MDaemon, SecurityPlus, Outlook Connector, and ActiveSync has been reduced from 60 days to 30 days. |
Version 13.5.2
| • | The way smart hosts are used has changed. In the past the smart host for a domain was only used when the Delivery routing option to send mail to domain smart hosts was enabled. This made it impossible to use smart hosts for only some domains while simultaneously using standard direct delivery for others. Now if a smart host is configured and enabled for a specific domain under the Domain Manager, then that domain's outbound mail will be routed to the smart host regardless MDaemon's main delivery setting. So, now it is possible to specify and use smart hosts for some (and not necessarily all) of your domains. Please note that use of smart hosts had to be reset to OFF for all domains due to this change. So, if you want to enable smart hosts for one or more domains use the domain manager to do so. |
| • | The WebAdmin log rollover and storage options have changed. WebAdmin will now rollover its logs on the same schedule as MDaemon (F2 | Logging in the MDaemon GUI). Weekly and Monthly rollovers are no longer supported. Additionally, new installs starting with this release will have their WebAdmin logs stored in the same location as the MDaemon logs (\MDaemon\Logs by default). Lastly, the WebAdmin-specific logging options that remain have moved under the general Log Options menu in WebAdmin. |
Version 13.5.0
| • | Please note that MDaemon's BlackBerry Enterprise Server does not (and can not) work with BlackBerry OS 10 devices. BlackBerry OS 10 devices are managed through MDaemon's ActiveSync server or with different management tools obtained directly from BlackBerry. MDaemon's BlackBerry Enterprise Server management features are for devices running BlackBerry OS 7 or earlier. |
| • | The operation of has changed. Hosts and IP addresses listed here will now require TLS on both incoming and outgoing connections from any host or IP on the list. In the past, the list only applied to outgoing connections. Also, IPs listed here can now be specified in CIDR notation. |
| • | Prior to 13.5.0, public folders could not be deleted automatically when a domain was deleted. Now there is a new option on the Public & Shared Folders screen to control this. Enable the "Delete domain public folders when domain is deleted" option if you wish to delete a domain's public folders as well. Enabling this option is recommended, but in order to preserve existing behavior it is disabled by default. |
| • | When 13.5.0 is started for the first time it will perform a one-time migration of account settings from WEBACCES.DAT into the accounts' HIWATER.MRK file, which is a more appropriate place for these configuration settings. The WEBACCES.DAT file is no longer used and will be removed as part of this migration process. Further, the Web Services settings on the New Accounts template only apply to newly created accounts, not to existing accounts. A new "Apply installation defaults" button reverts all the settings on this page to installation defaults |
| • | The content of the NoComd.dat file is obsolete. Depending on your configuration, this file was emailed like an autoresponder to anyone who submitted an MDaemon command email that failed to contain valid commands for MDaemon to process. The content of the file contained instructions on how to ask for help, which were also obsolete. A new NoCommand.dat file has been created which no longer contains this errant instructions. If you would like to provide instruction to non-local users on (for example) how to send a SUBSCRIBE or UNSUBSCRIBE command email you can easily modify the NoCommand.dat file to do so. If you have previously modified the NoComd.dat file you can move your modifications into NoCommand.dat from the backup of NoComd.dat which was created as part of the installation process or from a backup created by the nightly config file backup feature. |
| • | MDaemon no longer supports extraction of attachments into an account's FILES folder. This folder was rarely accessible. Instead, this option extracts attachments into the account's Documents IMAP folder which is accessible via WorldClient. Each account's FILES folder will be left in place in case there are files there that should not be deleted. However, no further use of this folder is made by MDaemon. As part of this, the $FILEDIR$ macro was removed. |
| • | The format of log file lines in colorized logs has changed to include a two-digit color code in each line immediately following the time-stamp. |
| • | It is possible to accidentally configure a valid account to receive bounces from mailing lists in such a way as to cause the list pruning operation to delete the account's other (non-list) related mail. To help prevent this we have updated the documentation with warnings and have reversed the default settings for two existing options located at Mailing List Settings. "Mailing list pruner deletes messages that it can't parse" is now disabled by default, and "Mailing list pruner saves messages that cause list member removal" is enabled by default. Please set these options to how you want your system to behave. For more information see: Enhanced List Pruning. |
| • | MDaemon will no longer bounce messages on a 5XX error from your smart host if one or more of the MX hosts from the receiving domain returned a temporary error earlier in the delivery session. This is on the theory that maybe one of the receiving domain's servers will correct itself before the next queue run. However, it is an indication of a bad site configuration if you are using a smart host and that smart host refuses to accept mail from your MDaemon server. It is expected that this will not ordinarily be the case. A new option was added to Server Settings » Delivery called "Bounce message on 5XX error from smart host" which defeats this mechanism and causes the message to go ahead and immediately bounce. If the message is not bounced it becomes part of the standard retry queue mechanism. If all of the receiving domains MX hosts return 5XX errors and the smart host returns 5XX errors then the message has nowhere else to go and is bounced regardless of any other settings. |
See:
Introduction
New in MDaemon 16.5
MDaemon's Main Display
