Software Update: Symantec Messaging Gateway 10.6.2

Symantec Messaging Gateway is a product for securing incoming and outgoing mail flows. It builds on Brightmail, which was acquired by Symantec in 2004. Although that happened more than twelve years ago, the old name is still mentioned in the product with the addition ‘powered by Brightmail’. The program offers anti-spam and anti-mailware options, advanced content filtering and data loss prevention, and also offers encryption options by integrating with Symantec encryption products. SMG can be run on a companion hardware appliance or virtually in VMware or Hyper-V. Version 10.6.2 has recently been released with the following changes:

What’s new in SMG 10.6.2

Symantec recommends that all customers using version 10.6 of the SMG software update at their earliest convenience.

New features include the following:

• The ability to disable clickable URLs in messages.
• Previously, the MTA would immediately retry the first message in the queue for each domain when it was restarted. In this version, the MTA waits for the completion of the retry interval before it attempts delivery again.

This release also fixes known defects and addresses known vulnerabilities.

Resolved issues:

• The sensor for the CPU temperature status erroneously returned “Not Available” for some 8340s.
• Disabling SSLv3 in all SMTP conversations did not prevent RC4 ciphers from being used.
• On some 8340s a fan status error appeared.
• Control Center was unable to send updated configuration files to scanners if the configuration file is over 7MB.
• SSH weak MAC algorithms were enabled in SMG.
• A message had both “strip all attachments” and “strip and delay in suspect virus quarantine” actions. When the message was released from quarantine, all attachments were present.
• Replies to messages that were sent through the Symantec Content Encryption service failed Bounce Attack Validation.
• In some cases, the error “CReconstructor::LogStats: cannot create directory for Symantec Messaging Gateway$filenameSymantec Messaging Gateway with error:File exists.” erroneously appeared in the Disarm log.
• SMG did not support Elliptic Curve Cyphers.
• Addresses that were aliases with a subaddress failed recipient validation.
• Symantec Messaging Gateway closed the network connection prematurely when it delivered messages.
• Message Audit Log truncated the subject line on Russian emails, and showed different characters.
• Messages were rejected when LDAP server was offline.
• When the user added UTF-16 text to a content filtering Dictionary, content filtering rules silently failed.
• Changes made to remote logging levels were not propagated until the system was restarted.
• Messages with double-byte characters This issue has been resolved. in the subject line did not create an informational incident.
• A user was unable to copy a favorite report with a name longer than 254 characters.
• “DNS resolution failure: 4” appeared in MTA log at inappropriate level.
• In some cases, files within winmail.dat went undetected by content filtering policies.
• Conduit got stuck on an old submission ruleset.
• The Received header inserted by SMG omitted the hostname.
• In some cases, SMG was unable to deliver mail if configured to attempt TLS delivery, and was unable to negotiate an acceptable cipher.
• Sending Brightmail admin events to remote syslog were not enabled when a Control Center-only appliance was used.
• Control Center did not process new statistics due to a missing stats file.
• DNS latency detection/protection resulted in large numbers of ERROR level messages in the Brightmail Engine logs.
• In some cases, a Dictionary rule does not catch a non-US ASCII word in the subject.
• Some messages were garbled in the body of the message after they were processed through the SMG.
• Attempts to modify DDS sources failed with an invalid credentials error and/or information was not saved.
• Network connection errors appear in conduit_log during installation.
• Recipient Validation incorrectly rejected Recipients with a BATV tag.
• In some cases, setting the logging level in Disarm at INFO or DEBUG caused repeated msserver crashes