Software Update: Symantec Messaging Gateway 10.6.3

Symantec Messaging Gateway is a product for securing incoming and outgoing mail flows. It builds on Brightmail, which was acquired by Symantec in 2004. Although that happened more than twelve years ago, the old name is still mentioned in the product with the addition ‘powered by Brightmail’. The program offers anti-spam and anti-mailware options, advanced content filtering and data loss prevention, and also offers encryption options by integrating with Symantec encryption products. SMG can be run on a companion hardware appliance or virtually in VMware or Hyper-V. Version 10.6.3 has been released with the following changes:

What’s new in SMG 10.6.3

Symantec recommends that all customers using the SMG software update at their earliest convenience. This release fixes known defects and addresses known vulnerabilities.

New features include the following:

• Includes a patch installation process
• Integration with Content Analysis systems
• Improvements to MTA log
• Message IDs are now included in engine log messages that relate to that message

resolved issues

• In a multilevel embedded Microsoft PowerPoint document, Disarm replaces the Flash content with the first image in the Flash content, not with a white image as expected.
• The error message Failed to load hid_base_hv kernel module appeared during install of SMG 10.6. in a Hyper-V environment.
• The time that was used for the America/Santiago time zone was off by 1 hour.
• Content Filtering did not recognize AutoCAD 2013 files.
• Visio Diagrams (.vsdx files) were identified as Archive/ZIP files instead of as Microsoft Office Documents.
• The following error appeared in the MTA log: setting dns backend to ‘ares’.
• In some cases, the Message Audit Log showed a malformed subject line.
• Footer hides the attachment name when the message body is long, and scrolling is necessary to get to the bottom.
• Simplified Chinese GB2312 characters in a disclaimer caused the original email to arrive as an attachment with the disclaimer in the body of the email.
• End user Spam Quarantine did not show full subject lines in a tool tip.
• The description for the mta-control argument, num-msgs-by-rcpt-all-routes is incorrect in all documentation.
• SMG opened to the Informational Incident folders when an Admin logged on with rights limited to the Quarantine Incident folder. logged on
• After SMG was updated to 10.6.2, memory and swap utilization by the conduit process steadily rose.
• After the command cc-config limit-tlsv1.1 –offwas used, the SMG Control Center only supported TLS1 and did not return to the default state supporting TLS1.2.
• Content filters, set to detect text in attachment content, failed to find matches in PDFs created with the Microsoft Print to PDF feature.
• At INFO log level the MTA logged the message “Thread set thread name” twice a second regardless of system activity.
• Policy backup uses the same logic to calculate the required space as the full backup even though they back up data sets of different sizes.
• Email reception was delayed when remote logging by syslog used TCP as the transport, and the syslog server was unreachable.
• In some cases, when the LDAP server was unreachable, emails destined for Control Center Spam Quarantine were stuck in the delivery queue.
• When an SMG system processed no messages for more than 30 days and the scanner processes were not restarted, all messages received an unscannable verdict.
• In some cases, Office 2007 files that contained macros got a verdict of “Unscannable for Disarm” instead of being disarmed.
• When the “drop” mode of invalid recipients was used, the following error message appeared frequently in bmserver_log: Unexpected data found when parsing Invalid Recipient header.
• Messages accepted by the outbound interface were delayed by several second delays for new recipients.