PureMessage for Lotus Domino, version 4.5 Release Notes

PureMessage for Lotus Domino, version 4.5 release notes

PureMessage for Lotus Domino version 4.5 has the following new features in this version:

  • The new credit card analyzer (soap.tk_ccanalyser.dll) can be used for credit card number searching within email bodies and file attachments.
  • As of PureMessage for Lotus Domino version 4.5, Domino servers < Version 8.0.1 are no longer supported.
  • As of PureMessage for Lotus Domino version 4.5, Microsoft Windows 2000 is no longer supported.
  • By default, during the installation procedure, the Domino databases and templates installed are signed with the ID of the current Domino server. To prevent this, set the following global parameter in the notes.ini file of the Domino server before installing: ToolKit_DBG_Setup_Nosign_DBS=1.
  • The maximum number of Grabber threads is no longer limited to 10 or 20 and can be freely increased. Note that a high number of threads has an impact on the server performance. In addition, the maximum number depends on the specific hardware deployed. It is recommended to increase the number gradually and monitor the performance of the server. Following an update, modify the configuration documents as follows:
    2. Set Possible values to “Any Number Integer”.
    3. Specify the number of threads in the Basics tab.
  • As of now, it is possible to enable or disable notification templates (Status field). Only active templates are used in the job. Following an update, any existing templates are considered “Active”.
  • Trailer Advanced: The conditional variable [COND] can be used to avoid empty fields in the email trailer, e.g. because the Domino address book does not contain a mobile phone number for any given user.
  • MIME parameters with RFC-2184 syntax are now supported.
  • The Wall Quarantine Notification database job provides a new option to resolve groups for quarantine summary notifications in Operations tab > Resolve groups . If set to No, the summary notification is sent to groups, as in the past (default). Group members receive both their own quarantine summary notification and the notification for the entire group. If set to Yes, the summary notification is sent to the group members only (no longer to the group).
  • New global parameter ToolKit_Summary_AddressFormat. This parameter allows you to specify the address format for the recipients of the quarantine summary notification. If set to INTERNET, the internet addresses of the email recipients stored in the Notes Address Book are used. Use this option for gateways that only support Internet addresses. If set to NOTES, the Notes addresses of the email recipients stored in the Notes Address Book are used (default). The following applies for both options: If no matching address is found in the Notes Address Book, the "consolidated recipient address" is used. This is the original Notes or Internet address of the email recipient, excluding additional phrases, comments, etc.
  • New global parameter ToolKit_Summary_DocAgeMaxDays. This parameter allows you to set the maximum age of quarantined emails for which a quarantine summary notification is created (default: 28 days). Possible values: 1 – 24.000 days
  • New global parameter Toolkit_DoNotServerDecrypt. This parameter allows you to prevent decrypting documents that were encrypted using the server ID (set to YES). If set to NO (default), documents are decrypted, if decryption is possible.
  • New global parameter ToolKit_WasEncryptedFlagFieldName. This parameter allows you to specify a field name. When an encrypted document is decrypted by using the Server ID, a text field is created in the document with the name specified and the value 1.

PureMessage 4 for Lotus Domino version 4.5 has the following fixes and improvements in this version:

  • Creation of Notes signatures can be activated within Action jobs: Operations > Execution mode > Sign documents . For MIME mails this procedure failed. This has been resolved.
  • In certain cases, tasks that were configured in the ToolKit_Secure parameter couldn’t be identified. This has been resolved.
  • Several character set adjustments have been made for user names and passwords with non ASCII signs.
  • The default timeout values of the GROUP Sandbox have been changed to:
    • ClientTimeoutMin: 210 s
    • ClientTimeoutMax: 210 s
    • ClientTimeoutIO: 90 s (tk_core: 1.200 s)
  • Improved thread management in the Grabber processes.
  • Until now processing start for emails within local mailboxes was delayed due to an error. This has been resolved.
  • When inserting the master server during installation, a button is available to check the servers' accessibility. In some cases the nnotes.dll could not be found resulting in an error message displayed. This has been resolved.
  • The enlargement of a MIME part e.g. by inserting a notification could lead to the error message "Field length stored in document is incorrect". The problem occurred if the MIME part was not transferred to a $FILE item and therefore had a size between 65.407 and 65.488. This has been resolved.
  • Due to an unusual behavior in the Windows memory management, a large amount of virtual memory was needed for processing archives with many files or large Office documents (OOXML format or ODF format). If many of these files were processed, the virtual memory usage could reach the 2 GB limit of applications on 32 bit Windows sys-tems, which could lead to a crash.
  • The Silent installation failed if the installation path contained blanks. This issue has been resolved
  • With ToolKit_LogToConsole=3, it is now possible to write server console log messages output to a separate file under %ExecDir%/grabber.log.
  • In MIME emails, text would only be inserted if the size of the MIME mail body did not exceed the size limit set with the global parameter ToolKit_MimeInMemoryLimit. This limit has now been removed. The global parameter ToolKit_MimeInMemoryLimit has been removed and will be ignored.
  • In certain cases, the notification text (rich text) was displayed with an offset when the notification template configuration documents were exported and imported back again. This has been resolved.
  • Any document or database links included in notification templates are now resolved correctly in the notification email.
  • In certain combinations of operating system and browser, the HTML content of trailer documents could under certain circumstances fail to display. This issue has now been resolved.
  • If the Silent installation was executed with invalid paths, this could lead to an incomplete installation. This issue has now been resolved. The path parameters are checked now before the installation.
  • Under Domino 8.5.1 with 64 bit, no notifications were sent if a document link was contained in the notification template. This issue has now been resolved.
  • The working directory of the S/MIME Engine (tk_smime.dll) can now be set with the --workingdir parameter. We recommend using the --workingdir=%workingdir% parameter to set the S/MIME Engine working directory to the correct working directory.
  • Simple Actions: The font format settings in notification templates are now preserved.
  • In rare cases, weekly quarantine statistics across year boundaries would result in errors. This issue has now been resolved.
  • When a rule from a job document was newly created, the field type rules could not be used. This issue has now been resolved.
  • The Domino log database log.nsf specified in the notes.ini file is used to check the license. As of now, if this database cannot be accessed, the log.ntf file used to check the version.

Installation information

PureMessage for Lotus Domino 4.5 is supported on Lotus Notes Domino from version 8.0.1 to version 8.5.3.

For more information on installing PureMessage on Lotus Domino 8, see the PureMessage for Lotus Domino startup guide.

For information on configuration and administration, see the PureMessage for Lotus Domino administrator guide.

The guides are available from the Sophos website (http://www.sophos.com/support/docs/Endpoint_Security_Control-all.html).

Upgrade information

If you have an earlier version of PureMessage, you will require a new license (toolkit.lic) file to use the latest version of PureMessage for Lotus Domino.

Known issues

  • Some passwords with non-ASCII characters were saved in LMBCS character set e.g. umlauts. All passwords are now saved in UTF 8. Therefore, after installation of PureMessage for Domino 4.5 or higher, such passwords have to be set again. If the same configuration data is used in a mixed system environment with PureMessage for Domino 4.5 and an older version, only ASCII passwords work reliably.
  • (DEF 30324) If you use an Anti-Spam/Content Mail Job based on the "DEFAULT-AntiSpam 1.2: Check Pattern by SASI" job, it may incorrectly identify internally-generated Lotus Notes mail as spam.
  • (DEF 29238) The "DEFAULT-To Internet" Mail Job does not allow users in the ALLOW-INTERNET group to send email to external recipients.
  • (DEF 29833) If you use a PM Action Database Job with the rule "DBManagerIsAdmin" (to check whether a database is owned by an Administrator), the job fails and does not send the error notification you specified.

Technical support

You can find technical support for Sophos products in any of these ways:

Legal notices

Copyright © 2012 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.

Sophos, Sophos Anti-Virus and SafeGuard are registered trademarks of Sophos Limited, Sophos Group and Utimaco Safeware AG, as applicable. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.