Release Notes CBS 5.0.12

Collax Business Server
11.03.2010

New in this Version

GUI: Login and Hostname Display

From this version some improvements are included for the administration interface. The login dialog includes the IP address of the server and the product name. Additional the entire host name is indicated in the header of the administration gui. Loading the data for a form is marked by a tip.

Collax Net Security: Single Sign-On for Multi Level Firewall

With the Multi Level Firewall it is possible to include Users, Operating Systems and Applications to the Firewall rules and to raise flexibility and network security. From this update the Multi Level Firewall supports comfortable Single Sign-On for Active Directory or NT domain environment. After the users login at the work station the user is automatically protected by the Multi Level Firewall

System Management: CPU Load (%) by Service

The analysis of the CPU Load (%) by Service in the form System -> Monitoring/Analysis -> Status -> System Information is extended with this update by the services Webproxy, SMTP, IMAP/POP3, LDAP and MySQL. With it the CPU utilisation of running services can be observed even easier.

Hardware: Support of IBM x3250 M3 Type 4252 Model EAG (Chipset Intel 3420)

With this update Collax Server support IBM x3250 M3 Type 4252. The driver for the SATA controller has been rebuild. Collax Server can be installed and run on IBM x3250 M3 Type 4252.

Misc: Zarafa 6.30.11

With this Collax software update the new version 6.30.11 of Zarafa Groupware is available. This version includes mainly improvements and some new funcionality for Zarafa Webaccess. Please find details here:

http://download.zarafa.com

Misc: Zarafa Brick Level Backup

The backup tool allows to save individual e-mail boxes and to recover single elements of e-mail boxes or public folders. In the form * Settings-> Mail and Messaging-> Zarafa Groupware-> Bricklevel backup * a 1-, 2-, 3-day full backup can be defined. When required also one to 4 hourly incremental backups can be executed. Saved backups are browsed with the help of an index in the form * System-> System Operation -> Zarafa Groupware-> Bricklevel Restore * and single elements can be recovered from it.

Note: Assuming the very first backup is type incremental, the Zarafa Brick Level Backup is going to gather and save all data of the e-mail stores, like a full backup does.

Issues Fixed in this Version

Security: Linux Kernel 2.6.25

In the source code of the Linux kernel security holes have been discovered. These holes will be closed within these patches for the Linux kernel 2.6.25.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2005-4881 CVE-2009-1633 CVE-2009-2848 CVE-2009-2903 CVE-2009-2910 CVE-2009-3001 CVE-2009-3002 CVE-2009-3238 CVE-2009-3547 CVE-2009-3612 CVE-2009-3621 CVE-2009-3726 CVE-2009-3939 CVE-2010-0007 CVE-2010-0415

Security: Internet Domain Name Server Bind

In the source code of the Internet Domain Name Server security holes have been discovered. These holes will be closed within this patch update for Bind version 9.5.2.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2010-0382 CVE-2010-0290 CVE-2010-0097

Security: Cryptography Toolkit OpenSSL

In the source code of the cryptography toolkit OpenSSL 0.9.8k security holes have been discovered. These holes will be closed within this Collax software update.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-4355

Security: Compression Utility gzip

In the source code of the compression utility gzip security holes have been discovered. These holes will be closed within this patch update for the gzip 1.3.12.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-2624 CVE-2010-0001

GUI: Support of Firefox 3.6

The Firefox browser version 3.6 uses a new method getBoundingClientRect to provide offset coordinates of an element. Previous Firefox versions use the method getBoxObjectFor. Both methods are supported by the administration GUI from this update on. Operations, like right mouse click can be executed using Firefox 3.6.

E-Mail: Fetch Emails and Email Lists

When fetching emails from external email boxes the option Forward to mailing list can be used. If no mailing list was defined this led to the fact that the service to fetch emails had not been launched. With this update the field will be validated, thereby a faulty input is not possible any more.

E-Mail: Train Spam Filter; manual and automatic

Up to now it was not possibly to train the spam filter exclusive by hand with spam and Ham folder. From this update it is possibly to feed the spam and ham folder by hand at first. In the following the option Automatic training can be used to reach the best possible spam filtering result.

E-Mail: Release of Held Emails

If e-mails are stopped by defined filters for attachments or MIME under circumstances it was not possible to release this e-mail again. The release of such to hold e-mails is corrected with this update. If e-mails are released via the administration GUI they are passed to the next instance of the SMTP server and they are delivered to the receiver.

VPN: Multiple IP Addresse in PPTP connection

If a VPN (PPTP) with several IP addresses was used for a secure remote access, the routing table had been set incorrectly from the third active client connection on. A network connection was thereby not possible. With this update the allocation between devices and IP addresses is being corrected. After the third incoming client connection by PPTP the routing table is correctly allocated with the IP address the device uses. Then the destination network can be reach with the established remote access connection.

VPN: VPN Nets with NAT

VPN tunnels can connect several networks securely. If one of these networks was translated by the Firewall via SNAT or DNAT the network packets had not been routed correctly via the VPN tunnel. From this update on the correct routing rules are set if VPN is used in combination with SNAT/DNAT. The network packets are going to be routed correctly between the VPN networks.

Fax: Missing Sender in Notification

If a facsimile is received a notification is sent by e-mail to the receiver. In this notification the sender was given only in the e-mail text. From this update the sender’s number is also displayed within the notifications subject.

Fax: Forwarding Fax to specific Mail Address

Receiving a facsimile and forwarding to a certain e-mail address, containing a hyphen resulted in not receiving faxes any more. This is repaired with this update, faxes can be receive and forwared to a certain e-mail address, even if the e-mail address contains a hyphen.

Collax Net Security: Intrusion Detection and Prevention System

The initialization of the intrusion detection system had not been worked correctly after the installation of the module Collax Net Security. With this update the described error is going to be corrected, the intrusion detection system will be initialized properly.

Collax Net Security: Multiple IP Addresse in PPTP connection

If a VPN (PPTP) with several IP addresses was used for a secure remote access, the routing table had been set incorrectly from the third active client connection on. A network connection was thereby not possible. With this update the allocation between devices and IP addresses is being corrected. After the third incoming client connection by PPTP the routing table is correctly allocated with the IP address the device uses. Then the destination network can be reach with the established remote access connection.

Collax E-Mail Archive: Forwarding to Receiver within Subdomains

In the search form of the Collax E-Mail Archive e-mails can be forwarded to certain receivers. The declaration of the receiver’s address was very restrictive up to now. Did the domain part contain more than one dot the e-mail was not forwarded. With this update this restriction is canceled. E-mails from the archive can be forwarded to any receivers.

Add-on Software: Log Rotation of Collax Virus Protection

The file scan executed by the Collax virus Protection generates log file entries for every search. The rotation of these log files had been irregular up to now. With this update this process is going to be integrated within the system-specific rotation for log files.

System Management: Service Alert when monitoring Webproxy with Nagios

If the system is monitored actively and the Webproxy service is enabled service alerts are reported sometimes, even if the Webproxy perfectly works. With this update the suitable Nagios check is corrected.

System Management: Monthly Log File Rotation is omitted

Up to now the contents of the system log file could be kept for 1 day, 1 week or 1 month. Then the file was saved and moved. To process and search through the system log file the optin to store the file monthly is cancelled and replaced with the weekly rotation from this update on.

Notes

Add-on Software: New Licensing of Avira Antivir

The Anti Virus product Avira Antivir will now be identically licensed as all Collax Modules. With this method a higher handling comfort is reached and the separate Avira Antivir-License integration is now redundant. Updating the license manually will not be necessary anymore.

Add-on Software: Download Progress Bar when using Avira Antivir Web-Virus-Filter

The anti virus product Avira Antivir displayed a special progress bar while scanning downloaded files. With the new anti virus technology within this update this progress bar becomes superfluous. From this update the progress bar of Avira Antivir is going to be removed.

Misc: Modulation in Registration of a License

To use the whole functionality of Collax servers the acquired licence is to be registered with the help of a wizard. The process with the wizard for registration is shortened by this update and simplifies therefore the commissioning of the Collax of server.

Misc: PHP update 5.3.6

In cause of the major-release of PHP 5.3.6 it is possible that files which use PHP have to be adapted.