Spam Filter ISP Forums : Announcements

Spam Filter ISP Forums : Announcements https://www.logsat.com/spamfilter/forums/ Sat, 14 Mar 2026 02:26:03 +0000 Wed, 06 Feb 2019 22:09:36 +0000 http://blogs.law.harvard.edu/tech/rss Web Wiz Forums 11.04 30 https://www.logsat.com/spamfilter/forums/RSS_topic_feed.asp?FID=3 <![CDATA[Spam Filter ISP Forums]]> https://www.logsat.com/spamfilter/forums/forum_images/web_wiz_forums.png https://www.logsat.com/spamfilter/forums/ <![CDATA[Announcements : SpamFilter pre-release 4.7.6.265]]> https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7162&PID=14921&title=spamfilter-prerelease-476265#14921 Author: LogSat
Subject: SpamFilter pre-release 4.7.6.265
Posted: 06 February 2019 at 10:09pm

A new pre-release of SpamFilter (v4.7.6.265) is available in the registered user area.

Since the latest official release (v4.7.6.264), this version contains a just a one minor bug fix as follows:

// New to VersionNumber = '4.7.6.265';

{TODO -cFix : With SpamFilter ISP Standard, when using the Custom Domain Filters to disable the SPF filter for individual domains, the SPF filter was still being used to check the "From:" header in an email if the option to scan the "From:" headers is enabled in the general settings}

]]> Wed, 06 Feb 2019 22:09:36 +0000 https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7162&PID=14921&title=spamfilter-prerelease-476265#14921 <![CDATA[Announcements : SpamFilter 4.7.6.262 is officially released]]> https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7161&PID=14917&title=spamfilter-476262-is-officially-released#14917 Author: LogSat
Subject: SpamFilter 4.7.6.262 is officially released
Posted: 09 January 2019 at 10:25pm

We have officially released the new SpamFilter ISP and SpamFilter Enterprise v4.7.6.262. This release is available for download in the registered user area of our website. A free Evaluation copy is also available for all other users.

As always, this upgrade is free for all users with a current software maintenance.

The full list of changes since the latest official release (4.7.4.254) is as follows:

// New to VersionNumber = '4.7.6.262';

{TODO -cNew : Replaced the GeoIP.dat country lookup with a new database format - geoip.sqlite. This should improve misdetected Countries when perfoming lookups under heavy inbound loads. Requires the inclusion of the appropriate x32/x64 sqlite3.dll file included in both the binary-only and the full installer distributions}

{TODO -cFix : The Blacklist Country blacklist was showing a "0" instead of the correct, real-time number of email blocked for each country}

{TODO -cFix : Disabled the reporting of log events from the external AV updater SpamFilterAVUpdate.exe to SpamFilter as they were causing Access Violations. Logs from SpamFilterAVUpdate.exe are still being logged in their own logfiles}

// New to VersionNumber = '4.7.5.258';

{TODO -cFix : Fixed a regression error introduced back in 2016 for these errors that might appear in the logfiles and that could in some rare cases crash SpamFilter: "Access violation at address 000000000040EBDF"}

{TODO -cNew : Added a new "X-SF-SPF-Result" header in the emails indicating the result (pass/none/neutral/fail/softfail/error) of the SPF checks. It's to be noted that sometimes SPF checks are not performed if other filters have already detected the email to be spam before the SPF test is executed, or if the email is whitelisted}

{TODO -cNew : Added a new "X-SF-SPF-Result-From-Header" header in the emails indicating the result (pass/none/neutral/fail/softfail/error) of the SPF checks performed on the email address specified in the "From:" header. It's to be noted that sometimes SPF checks are not performed if other filters have already detected the email to be spam before the SPF test is executed, or if the email is whitelisted}

// New to VersionNumber = '4.7.5.257';

{TODO -cNew : Added a new "forcedelete" suffix to prevent spam emails from being quarantined anywhere the "nondr" and "null" suffixes are supported}

{TODO -cNew : SpamFilter is now scanning emails that are being force-delivered out of the quarantine for viruses. If SpamFilter detects a previously undetected virus in the archived email, the email will not be delivered. Instead the database quarantine record for that email will be updated to show it was stopped becuase of a virus. If at that point the user really wants the email force-delivered, they can re-request delivery. If an email is quarantined due to a virus, but the user decides to force-deliver it, it will be delivered}

// New to VersionNumber = '4.7.4.255';

{TODO -cFix : The SURBL filter was not checking URLs starting with https}

{TODO -cNew : Eliminated an extra redundant scan of the email for domains while checking the SURB and the 0-day filters}

{TODO -cFix : Resolved issue with MySQL (MS SQL Server is not affected) when quarantining emails having emojii or other encoding if the SpamFilter database server has a default character set/collation of utf8mb4 }

]]> Wed, 09 Jan 2019 22:25:30 +0000 https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7161&PID=14917&title=spamfilter-476262-is-officially-released#14917 <![CDATA[Announcements : SpamFilter 4.7.4.254 is officially released]]> https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7158&PID=14909&title=spamfilter-474254-is-officially-released#14909 Author: LogSat
Subject: SpamFilter 4.7.4.254 is officially released
Posted: 23 September 2018 at 9:00am

We have officially released the new SpamFilter ISP and SpamFilter Enterprise v4.7.4.254. This release is available for download in the registered user area of our website. A free Evaluation copy is also available for all other users.

As always, this upgrade is free for all users with a current software maintenance.

The full list of changes since the latest official release (4.7.4.246) is as follows:

// New to VersionNumber = '4.7.4.254';

{TODO -cNew : Added header in emails tracking the country of the IP connecting to SpamFilter: X-SF-OriginatingCountry}

// New to VersionNumber = '4.7.4.253';

{TODO -cFix : SpamFilter is unable to quarantine a spam email and will retry indefinitely leaving it in the \SpamFilter\quarantine folder if both of these conditions are true: (1) Your database is offline or unavailable when SpamFilter tries to quarantine the email, and the email is thus queued for a later re-try. (2) The subject line has a NULL character in it

// New to VersionNumber = '4.7.4.252';

{TODO -cFix : SpamFilter Enterprise was monitoring for changes every 60 seconds all files in the \SpamFilter\Domains directory structure. This monitoring process was redundant as changes in settings in the database changes automatically trigger a reload of the affected files, and was causing high CPU usage in installations hosting thousands of domains. This redundant safety check is now performed only once per hour}

// New to VersionNumber = '4.7.4.250';

{TODO -cFix : Outbound TLS connections were only being made with TLS 1.0, even if TLS 1.1 and TLS 1.2 were configured and in use correctly for inbound emails}

{TODO -cFix : Due to a regression error since v4.5, the AUTH LOGIN appeared in the welcome banner even if authentication was disabled in SpamFilter}

// New to VersionNumber = '4.7.4.247';

{TODO -cFix : Under a very unusual scenario, if using the new feature in 4.7.2.210 (the "FROM Emails" blacklist now supports the syntax: sender@domain.com|recipient@yourdomain.com), and the FROM emails blacklist also contains a wildcard entry (*@domain.com) where "domain.com" is also one of your own local domains (thus SpamFilter is configured to block all emails FROM your own domain), SpamFilter would incorrectly also block all emails addressed TO your domain}

{TODO -cFix : If using the :NULL suffix for the FROM Emails of the Domains blacklists, and the option to also check the various filters against the "From:" header in addition to the MAIL FROM, the :NULL suffix was being ignored if the filter is triggered on the "From:" header. This bug does not affect SpamFilter if the match was made on the MAIL FROM email address}

Edited by LogSat - 09 January 2019 at 10:25pm]]> Sun, 23 Sep 2018 09:00:16 +0000 https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7158&PID=14909&title=spamfilter-474254-is-officially-released#14909 <![CDATA[Announcements : SpamFilter 4.7.4.246 is officially released]]> https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7155&PID=14892&title=spamfilter-474246-is-officially-released#14892 Author: LogSat
Subject: SpamFilter 4.7.4.246 is officially released
Posted: 15 May 2018 at 10:04am

We have officially released the new SpamFilter ISP and SpamFilter Enterprise v4.7.4.246. This release is available for download in the registered user area of our website. A free Evaluation copy is also available for all other users.

As always, this upgrade is free for all users with a current software maintenance.

The full list of changes since the latest official release (4.7.4.241) is as follows:

// New to VersionNumber = '4.7.4.246';

{TODO -cNew : Fixed a typo in the settings GUI for the Keyword ::NULL option}

// New to VersionNumber = '4.7.4.245';

{TODO -cFix : Added new setting in the SpamFilter.ini file - MaxDomains_SF0Day_MaxEmails_SFDE - Limits the number of domains to perform lookups for the SF0Day filter, and the max number of email addresses to collect from an email when checking the SFDE filter. Useful to prvent overloads when filtering email chains with hundreds/thousands of recipient where everyone clicks on "Reply to all"}

{TODO -cNew : Added extra details when logging SpamFilter's routine maintenance tasks}

Edited by LogSat - 23 September 2018 at 9:00am]]> Tue, 15 May 2018 10:04:23 +0000 https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7155&PID=14892&title=spamfilter-474246-is-officially-released#14892 <![CDATA[Announcements : SpamFilter 4.7.4.241 is officially released]]> https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7153&PID=14888&title=spamfilter-474241-is-officially-released#14888 Author: LogSat
Subject: SpamFilter 4.7.4.241 is officially released
Posted: 01 November 2017 at 11:00pm

We have officially released the new SpamFilter ISP and SpamFilter Enterprise v4.7.4.241. This release is available for download in the registered user area of our website. A free Evaluation copy is also available for all other users.

As always, this upgrade is free for all users with a current software maintenance.

The full list of changes since the latest official release (4.7.3.217) is as follows:

// New to VersionNumber = '4.7.4.241';

{TODO -cNew : Added entries in activity logfiles to indicate when SpamFilter starts the routine process of removing old emamils from quarantine database (Starting TDeleteExpiredQuarantineThread) }

{TODO -cFix : Added support for BIGINT data type for the fields tblQuarantine.QuarID, tblQuarantine.MsgID, and tblMsgs.MsgID. This is needed if admins experience would experience an overflow when using the default INT data type for those fields}

{TODO -cFix : If the Blacklist Cache IP blocking filter is enabled, disabling it would still cause SpamFilter to check new inbound connection against the IPs present in the cache until they eventually age out a few minutes later (IPs for new connections will however not cause the IPs to be blacklisted in the cache - there was no bug in this behavior) }

// New to VersionNumber = '4.7.4.239';

{TODO -cFix : Disabled the advertising of BINARYMIME in the EHLO banner as that extension can only be used with CHUNKING (which is not available in SpamFilter)}

{TODO -cFix : Issue introduced in 4.7.4.232 - Running the standalone version of SpamFilter.exe did not automatically launch SpamFilter with elevated privileges - users had to manually "launch as administrator" the standalone version for it to work properly}

{TODO -cNew : Changed the behavior of the filter order - if a recipient is not in the "Authorized TO Emails", that recipient will be rejected even if a whitelist is active since that adddress is non-existent. If however the connection is being whitelisted, the DisconnectOnNonAuthorizedTO=1 option in the SpamFilter.ini will be ignored and the connection will not be forcefully disconnected}

// New to VersionNumber = '4.7.4.236';

{TODO -cFix : Resolved issue during Active Directory and LDAP SMTP Authentication for this error: Account failed: Error Opening Connection to Server}

// New to VersionNumber = '4.7.4.235';

{TODO -cFix : Undid this change in 4.7.3.235, as it may have been causing access violation errors: ---> 4.7.4.234: Increased the max stack size per thread from 1MB to 10MB to help reducing risk of stack overflows}

// New to VersionNumber = '4.7.4.234';

{TODO -cNew : To help troubleshooting, added log entries for when SpamFilter starts and finishes checking an email for keywords}

{TODO -cFix : Complex RegEx expressions that caused a large number of recursions can cause SpamFilter to crash abruptly with stack overflows errors which prevent any logging of the cause of the problem}

{TODO -cNew : Added new SpamFilter.ini option MaxRegExLimitRecursion to prevent stack overflow crashes when using complex RegEx expressions}

{TODO -cFix : Increased the max stack size per thread from 1MB to 10MB to help reducing risk of stack overflows}

// New to VersionNumber = '4.7.4.232';

{TODO -cFix : Starting from v4.7.3.217 a bug was introduced that prevented SpamFilter from looking at the "text/plain" section of the email, and only examined the html and decoded sections}

// New to VersionNumber = '4.7.4.231';

{TODO -cFix : Added an option in the "Customized Items" tab to specify a custom reject notice for emails blocked by the attachment filter. Previously the same rejection notice used by the keyword filter was also used by the attachment filter}

// New to VersionNumber = '4.7.4.230';

{TODO -cFix : Added SpamFilter.ini option SkipSPFWhenCheckingFromHeader - allows to optionally skip the SPF test of the From: header if using the option (disabled by default) to also test the email in the "From:" header in addition to the MAIL FROM against all blacklists/whitelistss/SPF (the SPF standard only recommends to test the MAIL FROM, not the From: header)}

// New to VersionNumber = '4.7.3.225';

{TODO -cFix : Regression error bug introduced in 4.7.2.184 that re-introduced a bug fixed in 4.7.1.150: If a DNS server is offline, SpamFilter will not cause a timeout and switch to a backup DNS server if one was specified}

// New to VersionNumber = '4.7.3.224';

{TODO -cNew : Included the testing of the SPF filter even for addresses specified in the "From:" header, if the new option in 4.7.2.217 is selected (Added an option to include the email address in the "From:" header) }

{TODO -cFix : Bug introduced in 4.7.3.219. The SPF test to incorrectly fail under one scenario: The sender specifies the "mx" mechanism in the SPF TXT record, and the IP address of the sender does not match the IP of the host in the MX record (thus failing the MX record check in SPF). The bug causes the entire SPF check to fail if the above scenario occurs, even if other entries in the SPF test would cause it to pass.}

{TODO -cFix : Some database errors while editing the filtering settings using SpamFilter's GUI could cause application crash screen to appear on screen even if they are harmless-non-critical}

// New to VersionNumber = '4.7.3.222';

{TODO -cNew : When using the option to include the email address in the "From:" header introduced in v4.7.3.217, we are now also comparing the From: header when testing the entries in the AutoWhitelistForceDelivery file}

{TODO -cFix : When using the option to include the email address in the "From:" header introduced in v4.7.3.217, SpamFilter was not logging the fact that the email was being whitelisted when the sender matched due to the From: hedaer}

{TODO -cFix : During an SPF filter TXT record check, if the TXT record is longer than 255 characters, and the DNS server used by SpamFilter has a bug that causes it to respond with a malformed packet (which will be flagged as such during a Wireshark capture), this can cause SpamFilter to max out the CPU and freeze after a few such queries}

// New to VersionNumber = '4.7.3.219';

{TODO -cFix : During an MX filter record check, if a DNS server does not allow SpamFilter to query it, SpamFilter incorrectly treats the error "DNS Server Reports Query Refused Error" as a "DNS Server Reports Query Name Error". As the latter (Query Name Error) indicates a non-existent record, the "Query Refused Error" makes SpamFilter think the MX record does not exist and thus the email is incorrectly rejected}

// New to VersionNumber = '4.7.3.218';

{TODO -cFix : Fixed issue with Bayesian filter introduced in 4.7.3.217: Exception occurred during GetMessageTokens: Error in regular expression at offset 2: unrecognized character after (? or (?- 00b2da8e SpamFilterSvc.exe System.RegularExpressionsCore}

Edited by LogSat - 15 May 2018 at 10:04am]]> Wed, 01 Nov 2017 23:00:15 +0000 https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7153&PID=14888&title=spamfilter-474241-is-officially-released#14888 <![CDATA[Announcements : SpamFilter pre-release 4.7.3.222]]> https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7149&PID=14870&title=spamfilter-prerelease-473222#14870 Author: LogSat
Subject: SpamFilter pre-release 4.7.3.222
Posted: 23 March 2017 at 9:00am

A new pre-release of SpamFilter (v4.7.3.222) is available in the registered user area.

This version contains a just a few minor bug fixes, along with the option to include the email address specified in the "From:" header when checking entires in the AutoWhitelistForceDelivery filter.

The full list of changes since the latest official release (4.7.3.218) is as follows:

// New to VersionNumber = '4.7.3.222';

// New to VersionNumber = '4.7.3.219';

{TODO -cFix : During an MX filter record check, if a DNS servers does not allow SpamFilter to query it, SpamFilter incorrectly treats the error "DNS Server Reports Query Refused Error" as a "DNS Server Reports Query Name Error". As the latter (Query Name Error) indicates a non-existent record, the "Query Refused Error" makes SpamFilter think the MX record does not exist and thus the email is incorrectly rejected}

Edited by LogSat - 01 November 2017 at 10:58pm]]> Thu, 23 Mar 2017 09:00:56 +0000 https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7149&PID=14870&title=spamfilter-prerelease-473222#14870 <![CDATA[Announcements : SpamFilter 4.7.3.217 is officially released]]> https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7147&PID=14864&title=spamfilter-473217-is-officially-released#14864 Author: LogSat
Subject: SpamFilter 4.7.3.217 is officially released
Posted: 30 January 2017 at 6:56pm

We have officially released the new SpamFilter ISP and SpamFilter Enterprise v4.7.3.217. This release is available for download in the registered user area of our website. A free Evaluation copy is also available for all other users.

As always, this upgrade is free for all users with a current software maintenance.

The full list of changes since the latest official release (4.7.2.209) is as follows:

// New to VersionNumber = '4.7.3.217';

{TODO -cNew : Added an option to include the email address in the "From:" header, in addition to the real envelope email address specified in the MAIL FROM command, when checking the sender's email agains the "FROM Emails" blacklist, the "Domains" blacklist, the "Excluded FROM Emails" whitelist, and the "Excluded Domains / IPs" whitelist}

{TODO -cNew : Replaced the internal RegEx library to improve speed and stability for keyword searches. RegEx search speed has dramatically increased by 16x. Sites using tens of thousands of RegEx expressions or more can see a tenfold reduction in CPU usage}

{TODO -cNew : Simiarly to how it's done for the "Subject:" header, added support for keyword blacklist/whitelist searches targeted specifically to the "From:" and the "To" headers by prefixing the keywords with "EmailFrom:" or "EmailTo", as well as to search thru ALL the headers by prefixing the keyword with "Headers:". For ex a RegEx keyword of EmailFrom:(test[1,2].com) will search for the RegEx expression "test[1,2]" in the email's "From:" hedaer}

{TODO -cFix : Some RegEx expressions with greedy serch options could cause stack overflows in SpamFilter if searching thru email content that casues the RegEX to peform a huge number of recursions to find the text.}

{TODO -cFix : A bug was introduced in build 4.7.2.210 that prevented SpamFilter from starting up unless a database connection had been established}

// New to VersionNumber = '4.7.2.210';

{TODO -cFix : In the 64bit version of SpamFilter, under high traffic scenarios (> 750,000 emails/day) SpamFilter could had times identify the wrong country when performing the IP-to-country database lookups}

{TODO -cNew : The "FROM Emails" blacklist now supports the syntax: sender@domain.com|recipient@yourdomain.com. Wildcards are supported for both the sender and the recipient. This will cause the sender (sender@domain.com) to be blacklisted only if one of the recipient in the email is recipient@yourdomain.com}

Edited by LogSat - 01 November 2017 at 11:01pm]]> Mon, 30 Jan 2017 18:56:30 +0000 https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7147&PID=14864&title=spamfilter-473217-is-officially-released#14864 <![CDATA[Announcements : New antivirus plugin update]]> https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7145&PID=14861&title=new-antivirus-plugin-update#14861 Author: LogSat
Subject: New antivirus plugin update
Posted: 16 December 2016 at 10:06am

We have just released a new version of the optional CYREN antivirus plugin - v5.4.30. This update resolves a memory leak in the previous versions.

The previous version was 5.4.23. You can verify which version of the antivirus plugin you are running by looking in the Anti Virus tab in SpamFilter as in the screenshot below.

To upgrade, simply stop SpamFilter's service, run the antivirus installer selecting SpamFilter's installation directory as the destination for the antivirus plugin, and restart SpamFilter.

]]> Fri, 16 Dec 2016 10:06:46 +0000 https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7145&PID=14861&title=new-antivirus-plugin-update#14861 <![CDATA[Announcements : SpamFilter pre-release 4.7.2.210]]> https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7143&PID=14858&title=spamfilter-prerelease-472210#14858 Author: LogSat
Subject: SpamFilter pre-release 4.7.2.210
Posted: 11 December 2016 at 10:14pm

A new pre-release of SpamFilter (v4.7.2.210) is available in the registered user area.

Starting from this version we are extending the existing "FROM Emails" blacklist to support the syntax:

sender@domain.com|recipient@yourdomain.com

This will cause the sender (sender@domain.com) to be blacklisted only if one of the recipient in the email is recipient@yourdomain.com. Wildcards are supported for both the sender and the recipient's email addresses

The full list of changes since the latest official release (4.7.2.209) is as follows:

// New to VersionNumber = '4.7.2.210';

{TODO -cFix : In the 64bit version of SpamFilter, under high traffic scenarion (> 750,000 emails/day) SpamFilter could had times identify the wrong country when performing the IP-to-country database lookups}

]]> Sun, 11 Dec 2016 22:14:32 +0000 https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7143&PID=14858&title=spamfilter-prerelease-472210#14858 <![CDATA[Announcements : SpamFilter 4.7.2.209 is officially released]]> https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7142&PID=14857&title=spamfilter-472209-is-officially-released#14857 Author: LogSat
Subject: SpamFilter 4.7.2.209 is officially released
Posted: 22 November 2016 at 6:00am

We have officially released the new SpamFilter ISP and SpamFilter Enterprise v4.7.2.209. This release is available for download in the registered user area of our website. A free Evaluation copy is also available for all other users.

As always, this upgrade is free for all users with a current software maintenance.

The full list of changes since the latest official release (4.7.2.206) is as follows:

// New to VersionNumber = '4.7.2.209';

{TODO -cNew : Fixed following (harmless) exception being logged very rarely: Exception occurred during TSpamFilterForm.PipeDataAvailable: EAccessViolation: Access violation at address 0000000000412900}

{TODO -cNew : Fixed following error occurring very rarely on the x64 version of SpamFilter: Exception occurred during DoIPChecksOnConnect: Access violation at address 0000000000D6D766 in module 'SpamFilter.exe'}

{TODO -cNew : When setting AutoWhiteListForceDeliveryEnabled=0, we know also prevent SpamFilter from adding an entry in the WL_AutoWhiteListForceDelivery.txt when delivering emails out of the quarantine, in addition to not checking that file for the whitelist on inbound emails}

]]> Tue, 22 Nov 2016 06:00:52 +0000 https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=7142&PID=14857&title=spamfilter-472209-is-officially-released#14857