Below is a list of special considerations and notes that you may need to be aware of when upgrading to MDaemon version 17.5.0 from a previous version.
| • | BlackBerry Enterprise Server (BES) for MDaemon is not compatible with MDaemon 17.5 or newer. There will not be a new version of BES for MDaemon that is compatible. MDaemon's installer will disable BES if it is detected. Uninstall BES to not be prompted about it. Screens about BES have been removed from the MDaemon UI. |
| • | Added quarantine exclusion lists to allow password-protected files from or to configured senders and recipients. At Security » AntiVirus, enable "Allow password-protected files in exclusion list..." and click the "Configure Exclusions" button. Note that as of SecurityPlus 5.1.0, the ClamAV Plugin may quarantine password-protected files before the main AV engine can scan them. An option is to disable the ClamAV Plugin. |
Version 17.0.0
| • | WorldClient Instant Messenger (WCIM) now uses the XMPP protocol for instant messaging, which is not compatible with the old chat protocol. Users who do not update to the new version will not be able to instant message with users who have updated. Address book synchronization with Outlook has been removed from WCIM. |
| • | The option "Enable APOP & CRAM-MD5" found at Server Settings » Servers has changed to disabled by default for security and technical reasons. Using TLS is the preferred way to avoid transmission of passwords in the clear. |
| • | In-browser WorldClient Instant Messenger (WCIM) has been removed from the LookOut and WorldClient themes due to incompatibility with the new XMPP WCIM server. |
| • | The new password option to "Store mailbox passwords using non-reversible encryption" is disabled by default for existing installs, to avoid breaking anything for anyone who depends on incompatible features. However, for security reasons we recommend enabling it if you can. |
Version 16.5.0
| • | This version of MDaemon is not compatible with previous versions of BlackBerry Enterprise Server (BES) for MDaemon. BES will be disabled when MDaemon is installed. To continue running BES, update to BES for MDaemon version 2.0.3. |
| • | When MX record lookups during message delivery get a DNS server failure result, the message will be left in the queue for attempted delivery during the next processing cycle. This change is to conform with RFC guidelines. Previously, MDaemon would attempt direct delivery and, failing that, immediately bounce the message in some configurations. |
| • | For new installations, the default IPv6 setting to use IPv6 with outbound hosts has changed to disabled/off. |
| • | The Log Mode option to "log...based on the day of the week" (i.e., Monday.log, Tuesday.log, etc) was deprecated and removed. As a result, the option to overwrite log files was no longer necessary and also removed. When upgrading to MDaemon 16.5.0 or later, those set to use the old option are switched to the "log...based on the date" option (i.e., MDaemon-2016-02-22-X.log, etc). Further, there is a new option to let you set the number of .OLD backups that are created once the max log file size is reached (previously only one was possible). Finally, hyphens were added to the file names to make the dates easier to read. |
| • | SMTP Authentication has a new option to require all incoming messages from local IPs to use authentication or otherwise be rejected. Trusted IPs are exempt. This setting is enabled by default for new installations. When upgrading, however, it is disabled to avoid delivery problems from clients or other services that don't authenticate and aren't currently listed as a trusted IP. Please enable this option if you can as it is a good security practice. |
Another new SMTP Authentication option requires the credentials used for AUTH to match those of the address in the FROM header. This prevents cases where a sender authenticates as one user while claiming within the message to be another user. This option is enabled by default and handles aliases as if they were the real email account. Further, to support gateway mail storage and forwarding, there is a corresponding option located on the Global Gateway Settings screen that will "Exempt gateway mail from AUTH credential matching requirements" by default.
| • | A new Global Gateway Settings option to "Perform verification lookups on senders as well as recipients" makes it possible for you to use gateway address verification to verify senders, whereas previously only recipients could be verified. This option is enabled by default, which means that it is now possible for messages sent from addresses that cannot be verified to be refused in some cases where they might have been accepted before. If this is not to your liking then disable the new option. |
| • | The Mail Pruning and Public Folder Pruning options have been changed. Previously, the Last Modified Date of each message file was used when determining which messages to delete based on their age. Now the Date: header within the message itself is used. If there is no Date: header or it doesn't comply with standards, then the Last Modified Date file property is used. |
| • | On the Logging » Maintenance dialog, there is a new option that governs the maximum number of days that the Antivirus update log (i.e. avupdate.log) will keep data. At midnight each night, and also whenever MDaemon starts after upgrading, older data will be deleted from the file. By default the last 30 days of data are kept. |
| • | Options were added to Gateway Editor » Verification and Active Directory » LDAP to allow you to choose whether or not to chase referrals in LDAP connections. Sometimes an LDAP server doesn't have a requested object but may have a cross-reference to its location, to which it can refer the client. If you want MDaemon to chase (i.e. follow) these referrals, you can enable the option on the associated screen. Previously MDaemon chased referrals by default and there was no option to disable it. Now it is disabled by default. |
| • | The default settings for the MDPGP options below were changed for new installations. They are not changed when upgrading, but it is recommended that you compare them to your current installation, and that you review the new MDPGP options, to see if the new settings would work better for you: |
"Enable MDPGP" (enabled by default)
"Authorize all local MDaemon users for all services" (enabled by default)
"Sign mail automatically if sender's private-key is known" (disabled by default)
"Encrypt/Sign mail sent to self" (enabled by default)
"Email public-keys when requests are made (--pgpk command)" (enabled by default)
"Email details of encryption failures to sender (--pgpe command)" (enabled by default)
"Expires in 0 days" (changed to 365 by default)
Even though most of these settings are now enabled by default (including the entire MDPGP service itself) no encryption/decryption related actions can be taken until keys are known and have been added to the key-ring. However, with this version of MDaemon there are now more ways to get that done automatically.
Version 16.0.0
| • | Minger queries now include the email address (sender) making the request. This allows personal blacklists to be checked. If the sender is on the Minger recipient's personal blacklist then a result of "user unknown" will be returned to the Minger client. This change is backward compatible with older Minger servers. As a result of this change the LDAPCache.dat file format had to be changed. Your old LDAPCache.dat file has been renamed LDAPCache.dat.old. |
| • | The Archive to Public Folders feature was redesigned, as it was causing slow performance. You can no longer archive specifically to "public folders." Instead, you can archive messages to a specific mail folder and then use the Access Control List to share that folder as needed. The default location for this folder is C:\MDaemon\Archives\Email\, but you can set it to any folder you choose. You can choose to archive inbound messages that are to your local users, outbound messages from your local users, or both. Mailing list messages, messages being relayed, and those with a virus will not be archived. Inbound and outbound messages will be stored in \In\ and \Out\ subfolders, respectively. They can be further subdivided by using the ...archive based on recipient address and ...archive based on sender address options. Also, separate archives can be maintained for each domain by using the Provide separate archives for each MDaemon domain option.
Archived messages are saved in the final state in which they appear in the local user's mail folder, or in the "ready to be delivered" state for outbound messages. This means that if you, for example, have the content filter make some change to a message, such as adding a header to it, then the archived message will contain that change.
To browse the archive folder use one of your mail accounts (or create a new one) and point its Mail Folder to the same folder used for the archive. If multiple people need access to the archive then log in to the archive account and share the desired folder using its Access Control List.
Note: The old "Mail Archive" public folder is no longer updated. It was left in place, however, so that you can decide what to do with it. For example, move it or copy it somewhere else and then delete the original. In any case, you should remove it from MDaemon's Public Folders directory, as that can greatly improve the performance of the server for all users. The installation and update process does not do this for you automatically because that would cause the update process to take too long, and it could lead to confusion about the status and location of the archive. |
| • | MDPGP: The option to share encryption keys across one or more aliases has been removed. Aliases should have their own set of keys so that various identities are safely kept separate. Although the following is not recommended, if you have special circumstances where you need to preserve previous behavior, you can add "Aliases=Yes" (without the quotes) to the [MDPGP] section of \App\Plugins.dat and restart MDaemon. |
| • | MDaemon no longer leaves Everyone@, MasterEveryone@, and DomainAdmins@ mailing list .GRP files in the APP folder when the options to use those lists are disabled. Leaving those files in the APP folder caused problems because the API assumed the lists were valid if the files existed. If you do not want these files updated or deleted then you can change their file attribute in Windows to Read-only (although this is not recommended). A better approach in such cases would be to create your own lists which can use the same "Send to everyone" macros that these system maintained lists can. |
| • | MDaemon was not honoring the mailing list setting that hides the mailing list from the domain's public contacts folder. This has been fixed. When this version of MDaemon starts for the first time, any errors in the contact folders related to mailing lists will be corrected. If a contact is found when it should not be, the contact is removed and any missing mailing list contacts are created. This will trigger a re-sync of the contact folder for all devices that are linked to it. |
| • | A fix to a long standing content filter parsing bug could potentially (rarely) lead to the following issue: In the past, content filter rules which compare the value of a message header would fail to work if the test string being looked for started with a space character. For example, testing whether a header contained the string ' test ' (note the spaces) would sometimes fail. This problem has been fixed but it could mean that rules which previously did not match, now might. |
| • | The "Account can modify the public address book" setting was removed from Account Editor and Template Manager. Access to any public address book is now managed only through the Access Control List (ACL) editor for the specific address book folder in question (including any defaults which will apply to newly created accounts). As a result of these changes the MD_SetCanModifyGAB() function in the API has been deprecated and changed to do no work (but left in place for backward compatibility). Also, the CanModifyGAB member of MD_UserInfo structure is now read-only. Any changes you make to this member will not be saved. Changes to ACLs are strictly a function of the ACL editor from here forward. |
| • | MDaemon's list engine no longer uses the message-id value of the original list message. Each list message will get the same, single, newly generated message-id. The mailing list engine makes many changes to the original list message. Thus it must take ownership and issue a new message-id. However, the old option to Replace Message-ID with unique value for each member still works but has been disabled by default for new lists and should not be used unless special circumstances require. |
| • | Experimentation has revealed several host screen values that are effective in blocking unwanted connections. These have been added as defaults to HostScreen.dat for new MDaemon installations. If you are upgrading MDaemon, you can rename or remove HostScreen.dat and restart MDaemon to get this new version. |
| • | The default "low disk space value" (the value below which MDaemon starts warning you about it) was changed from 100MB to 1000MB. Likewise, the "auto-shutoff value" (the value below which MDaemon will disable mail services due to critically low disk space) was changed from 10MB to 100MB. Please check and change the values on the Preferences » Disk screen if those values present a problem for you. |
Version 15.5.0
| • | The daily quota report now includes a column showing the last date and time the account was accessed (via IMAP, POP, WorldClient, etc). This required a change to the QuotaReport.dat template file. Your old file was saved as QuotaReport.dat.old in case you have customized it. If so, you may want to similarly customize the new template file. |
| • | The default setting for Use colors in UI logs was changed from disabled to enabled. If you don't wish to use colorized logs you can change the setting at: Preferences » UI. |
See:
Introduction
New in MDaemon 17.5
MDaemon's Main Display
