ARgon For Email

July 2022

Version 5.4.3

July 15, 2022

New Features
  • Enhanced protection is now included by checking the reputation of entered URLs against the Sophos Real-time Malicious URL List. This list contains up-to-date information of all known and emerging malware and is regularly updated to offer maximum security.

Enhancements
  • In the Detectable Types selection list within the Detect Lexical Expression, Detect Media Types and Redact Text content rules, support has been added for iCalendar. This means the ARgon Server can provide better deep content inspection of some types of meeting requests and calendars.

  • Proactive Alerts have been modified to restrict any potentially sensitive information being sent to Clearswift via unsecured email. An ability to modify the message body of the Proactive Alerts emails has been introduced, so when working with customer support, and with communication over TLS, more diagnostic information can be sent. Please note that using the Proactive Alerts feature requires a license.

  • Detailed logging is available from the Policy Enforcement service. Logging levels is configurable from the System > Gateway Settings > Policy Engine Settings, and provides more assistance with problem investigations when required.

  • When a message triggers multiple content rules in a policy route, the Policy Summary tab under the Messages > Held Messages only displayed a filtered list of these rules, whereas all the triggered rules were listed under the Structure tab > PrimaryRules and SecondaryRules properties. Now, all the triggered content rules are listed under the Policy Summary tab, and the rule(s) which caused the message to be held are displayed in bold.

  • The product icon has been updated.

  • For increased security, the PostgreSQL database has been upgraded from V9.6 to V13.3.

  • Extra two rows added to the Product Information table on Cockpit Clearswift page to show whether Red Hat or Clearswift online updates are enabled.

Fixes
  • A fix has been applied to an issue where informs were not sent correctly if the Analyze Properties content rule was configured to detect multiple document properties, and to generate an inform.

  • A fix has been applied to an issue with Cockpit where Software Updates > Check for Updates could contain out-of-date information. Now, the caches are correctly cleared by clicking the Check for Updates button.

  • A fix has been applied to an issue where SCOM server configuration in Cockpit could be lost after a product upgrade.

  • A fix has been applied to an issue where the ARgon Server’s UI rejected an input of special characters which were eligible to be used for the local part of the email address.

  • In response to the recent global security alerts on Apache Log4j, we have fixed the vulnerability on the affected versions of the ARgon for Email product.

  • It was previously not possible to sanitize active content for xlsm created in the recent version of M365. This has now been fixed.

  • A fix has been applied to an issue where the Redact Text content rule only redacted the first portion of the UK postcodes (which consist of multiple parts, e.g. AB1 0CD).

  • The SMTP Inbound Transport service can now be restarted from the Admin UI control button.

  • The 'remove potential embedded data' (anti-steganography) option in the Sanitize Document Content rule is now working on files generated using Xiao Steganography.

  • A fix has been applied to an issue where the UI rejected some valid characters in a URL, such as #, |, @, [, and ] when creating a new Custom URL List.

  • A fix has been applied to an issue where Microsoft Project (.mpp) files were failing to process with errors.

  • A fix has been applied to the Sanitize Active Content rule, whereby active content was being incorrectly detected.

  • Computer Graphics Metafile (CGM) files were not available in the Detectable Types selection list within the Detect media types content rule. This has now been resolved.

  • The install process on systems with large RAM and hard disk capacities has been streamlined.

  • A fix has been applied to an issue where the Clearswift product name was not clearly identified within Cockpit.

  • PDF files are now created correctly following steganography or text redaction changes.

  • A fix has been applied to an issue where the "Upgrade is available" alarm would never be raised if using a non-English system locale.

  • A fix has been applied to an issue where new SCOM servers could not always be added in the Monitoring Services page in Cockpit.

  • A fix has been applied to the issue where the 5.2 upgrade overwrites the keystore, reverting the custom UI certificate back to the Clearswift self-signed cert.

  • A fix has been applied to a display error where URL links to the anti-virus update servers, such as sav-update, sometimes displayed old version numbers under System > Connectivity Test.

  • A fix has been applied to an issue where multiple lines defined in the System > Gateway Branding > Front Page Text are displayed in a single line.

  • If you define a Relay Server disposal action with a long hostname and use this as the default disposal action for a policy route, the formatting of the Mail Policy Routes page becomes distorted. This has now been fixed.

  • A fix has been applied to an error where a viewed or tracked message in Microsoft Edge (build number 40.* onwards) returns a blank page and a warning message.

June 2021

Version 5.2.0

June 3, 2021

Enhancements
  • IP addresses have been updated to support the use of IPv6, enabling users to accept emails from email servers with IPv6 addresses. The Classless inter-domain routing (CIDR) format will be used to add and display addresses within the ARgon Server.

Fixes
  • PDF rendering has been improved, following steganography or redaction changes applied by the ARgon Server.

  • XLSX files were being detected as active content when no active content was present. This has now been fixed.

  • Processing documents such as PDFs and RTFs has been improved, resulting in more efficient detection of active content.

  • PDF detection and processing has been enhanced in this release to correct a number of issues, including the ARgon Server becoming unresponsive.

  • You can now disable XLM macros from being detected, by adding a configuration to the CDA and ZIP format managers. For more information, refer to the online help topic on Sanitization.

  • The gdb and valgrind RPMs can now be removed after product installation. This should be performed using the yum utility in Cockpit Terminal. Please note that these will be automatically reinstalled upon every product upgrade, so the removal process will need to be repeated each time.

March 2021

Version 5.1.0

March 1, 2021

Enhancements
  • Branding changes have been applied to the user interface including new product logos.

  • ARgon for Email now has its own unique installation ISO and download location.

Fixes
  • A number of message processing failures have been fixed in this release.

  • Static Hostnames can contain alias names of over 40 characters.

  • Excel macro detection has been significantly improved in this release.

  • A custom setting has been added to help FTP backups work more effectively.

  • Certificate store is now not restarted when applying configuration, unless its configuration has changed. This has made the Apply Configuration process faster.

  • The option to search for ‘Imported or generated’ certificate store has been removed and replaced with ‘unknown’.

September 2020

Version 5.0.0

September 08, 2020

New Features
  • Red Hat Cockpit replaces server console for administrators. Cockpit is an integrated web interface used for managing your network configuration, software updates, and system management.
Enhancements
  • This version of the ARgon Server runs on RHEL 7.8, enabling more accessible software updates, a number of technical improvements from RHEL 6, timely security fixes, and a more robust operating system.
  • You can now use the Search text box at the top of a reference list to search for a particular entry within a list. This includes Lexical Expressions, Content Rules, Hosted Domains, Email Routing, and MTA Groups.
  • Support for the SMBv1 protocol is no longer mandatory, due to security vulnerabilities. This version of Clearswift ARgon For Email still supports SMBv1, but SMBv2 will take precedence if available. The ARgon Server no longer requires a server to support SMBv1 in order to establish a connection.
  • You can now configure a lexical expression to ignore any duplicates of a unique string that matches that expression. This reduces false positives, where a string might be repeated in a file or attachment.
  • Detection of lexical expressions has been enhanced, so that the count of multiple matches is recorded per attachment or document.
  • The user interface has been resized to be more responsive to screen-size. Additionally, sensitive terminology has been updated where possible, replacing slave/master with worker/controller in log files. Blacklists and whitelists are now referred to as block lists and allow lists respectively.
Fixes
  • A weighted term now only counts once if it is repeated across multiple worksheets, if ‘Each expression may trigger only once for each part of the message’ is selected.
  • UI access controls have been significantly updated and tightened, restricting permissions to the correctly privileged users.
  • An admin account opening multiple tabs while logged in to the Gateway, presented the risk of cross-site-request forgery (CSRF) if a malicious page was open in a browser. This vulnerability has been resolved in this release.
  • Only the Installation Wizard page is accessible if the Gateway has not been fully configured.
  • The certificate store is now automatically restarted if it crashes.
  • The branding text appears on the login page, and was editable without authentication. This has been resolved in this release.
  • Failure to detect 'undisclosed-recipients:;' in the To: field when configured as a lexical expression. This issue has been resolved.

September 2020

Version 4.11.2
  • The %localdate% token in a Message Area Release Notification could show the incorrect timestamp for messages sent from the local time zone.

  • Occasionally, applying configuration could result in the loss of Message Tracking events relating to the delivery of the message.

  • The Sanitize Message rule could fail to detect some formats of URL in HTML href links.

  • The handling of attachments with incorrectly encoded filenames has been improved. It is now possible to inspect the held message.

  • Where a message was processed on multiple policy routes, it was possible for the attachments of the message to be duplicated in the Message Transaction log.

  • Various problems with message formats have been fixed in this release.

October 2019

Version 4.11.1
Enhancements
  • Sanitization of URLs in documents.

  • Improved searchability of Lexical Expressions, Email Addresses, and URL Lists.

Fixes
  • Line breaks in Annotation Content written in plain text did not appear in emails received in Outlook.

  • When configuring the ARgon Server using the installation wizard, licenses were marked as invalid if you selected the Turkish locale (tr_TR.UTF-8) with US keyboard settings and the time zone GMT+2, using the Server Console.

  • In the ARgon Server, the ability to search for messages with an empty sender by specifying <> in the Sender field was not working.

  • OCR extraction did not work on all images due to a problem with processing.

August 2019

Version 4.11.0
Enhancements
  • Sanitization and redaction of metadata in GIFs and PNGs

  • Detect and inspect content in RAR5 archive files

  • Content sanitization occurs regardless of the read-only flag in XMP data

Fixes
  • Reports did not filter on parameters containing an underscore character "_". This issue was resolved and reports are displayed as expected.

  • The ARgon Server offered a limited set of ciphers and there was no customer-override available. If none of the ARgon for Email Server ciphers were supported by the SFTP server, the SFTP option could not be used. This has been resolved in this release by replacing the low-security cipher.

  • When reprocessing the original or modified message, the reprocessing sometimes failed with a different error message than was given during processing the first time. Reprocessing will now give the same result given for initial processing.

April 2019

Version 4.10.0
New Features
  • Mail Domains and Routing enables you to add load balancing and failover hosts for message delivery.

  • The ARgon Server can now use Optical Character Recognition (OCR) to redact text in images.

Enhancements
  • Additional TLS information (version and cipher name) is now provided on inbound and outbound connections in Message Tracking and SMTP logs.

  • You can now detect and process High Efficiency Image File formats (HEIF and HEIC).

Fixes
  • A problem has been fixed where email addresses of the form 'abc@local' could not be used in the Identify function on the Mail Policy Routes page.

  • A problem has been fixed where Sanitize Active Content sometimes failed on PDF files held in 7z compressed files.

  • A problem has been fixed where the Memory Low and Memory Critical alarms failed to trigger correctly when configured in specific instances.

  • The performance of tracking data processing has been improved by the addition of a new database index. Previous issues with delays in processing audit data have now been fixed.

  • Occasionally, random lines in the transaction logs were truncated in the message subject. This caused issues for messages exported to management systems.

  • Postgres configuration settings have been increased to improve the performance of large queries, for example, when retrieving a list of a user's PMM messages.

Back to Clearswift Products