History - XWall for Microsoft Exchange

XWall · The Mail Filter

History

History:

v3.61 2025-04-17

New: Support for RFC 8058 - Signaling One-Click Functionality for List Email Headers
New: Block country during connection (InboundBlockCTYConnection=True)
New: Support for RFC 8463 DKIM ED25519 algorithm
Chg: OpenSSL updated to v3.3.1
Chg: Send message even if DKIM sign fails
Chg: SLS/RBL validation IP address

v3.60 2024-03-11

New: Support for ClamAV alternate directory
New: Midnight Maintenance
New: Exclude by SPF or DKIM (InboundExclSPFOrDKIM=True)
New: Support for 0.0.0.0/0 and ::/0 as IP range
Chg: OpenSSL updated to v3.1.1
Fix: Admin no longer optimizes a host or file with wildcards

v3.59 2023-03-06

New: Sublime Security E-Mail Reputation (https://emailrep.io/) (Options->Spam->SER)
New: Support for Powershell for Approve and UDM script
New: Support for RFC 2831 - Digest Authentication
Chg: Show country of connecting ip address
Chg: OpenSSL updated to v3.0.7
Fix: Senderbase changed initialization
Fix: Log error in case a virus scanner deleted a message during handling
Fix: No longer log error in case a message is discarded
Fix: Temporary SMTP error on mandatory TLS policy
Fix: Workaround for wrong Exchange 2016 extended error 5.1.10

v3.58 2022-02-16

New: Support für Bitcoin Bech32
New: Address Rewrite für inbound messages (InboundSMTPAddressRewrite=True, ISPEdition only)
New: Support for RFC 5802 - SCRAM-SHA-1
New: Support for RFC 7677 - SCRAM-SHA-256 / SCRAM-SHA-512
Fix: Approve script returns method and action not approved
Fix: Pack White List erroneously removed record when e-mail ended with an internal domain
Chg: DKIM prefers an aligned signature in case of multiply signatures
Chg: Exclude by DKIM honors only aligned signature
Chg: Address Rewrite targets only addresses for domains on Exchange
Chg: OpenSSL updated to v3.0.1
Chg: TLS RC4-MD5 and RC4-SHA is no longer supported
Chg: Windows 2000 is no longer supported

v3.57 2021-02-09

New: Mark subject for messages with an external source (InboundMarkSubjExternal=True)
New: Mark subject for messages that are received using a TLS connection (InboundMarkSubjTransferTLS=True)
Hew: Heuristic method checks for Zero-width space
New: Drop connection on failed SMPT authentication (InboundBlockAUIP=True)
New: Support for 7Zip with method PPMd
New: Support for Zip with method PPMd, DEFLATE64 and BZIP2
Fix: SMIME policy must not apply for non-SMIME messages
Fix: SMIME policy for non-removable signature
Fix: SMIME decrypt with a certificate in ALT directory
Fix: Reject DNS answer that is too long
Fix: EAI permits unencoded UTF-8 in message subject
Fix: DANE-TA and PKIX-TA
Fix: MTA-STS cache result
Chg: Archive with a CRC or IO error is handled like a password protected archive exploit
Chg: OpenSSL updated to v1.1.1i

v3.56 2020-02-03

New: Bitcoin address (Options->Blocking->Bitcoin)
New: Block Common countries (Options->Blocking->Country->Add Common)
New: Remove only the script from HTML (InboundRemoveHTMLScriptV2=True)
New: Archive with a very large content (Zip-Bomb) is handled like a password protected archive exploit
New: Restart on certificate pem file change
New: Support for Server Name Indication (SNI)
New: Exploit and attachment method handles HTML with an embedded file like a ZIP archive
New: SURBL and GURBL scan HTML attachments for an URL
New: Check for Office files inside TNEF with SMIME
Fix: Extended characters when running as a console application
Fix: SURBL parse URL with invalid character
Fix: FQDN when bound to a specific IPv6 address
Fix: DKIM sign with multiple Received: lines
Fix: PDF with literal dictionary in encrypted data
Fix: NTLM authentication with LM hash
Chg: Global Absolute Exclude also excludes from HTML and HTML-Script remove
Chg: DNS check uses Cloudflare rather than OpenDSN
Chg: Screen optimized for Linux WINE
Chg: Terminate with ESCAPE and SPACE when running as a console application
Chg: Faster startup with a lot of messages in MSG-IN or MSG-OUT
Chg: OpenSSL updated to v1.1.1d
Chg: Removed the term "Blocked" from the "Why:" section in the logfile
Chg: SPF processes ip mechanisms first, because no DNS lookup is required
Chg: DNS query with NXDOMAIN and CNAME against Windows DNS server

v3.54 2018-02-17

New: Detect Mailing List (Options->Spam->Maillist)
New: Global Absolute Exclude from all methods and virus scan (Options->Global Exclude->Exclude - Other->Absolute Exclude)
New: Google Safe Browsing (https://safebrowsing.google.com/) (Options->Spam->GURBL)
New: Exploit and attachment method handles PDF with an embedded file like a ZIP archive
New: SURBL and GURBL scan PDF attachments for an URL
New: Detect VBA Macros in OpenXML
New: Exclude from E-Mail Block method (InboundExclBlockAdrFromAddress=xxxx@domain.com)
New: Exclude URL from Phishing Method (InboundExclBlockPhiURL="xxx")
New: Disable sending a non-delivery report to an UCEPROTECT MTA, which is a honeypot for ips.backscatterer.org (OutboundSMTPUCEPROTECT=True)
New: Support for TIFF image files
New: SURBL supports URL with Internationalized Domain Name (IDN)
New: Heuristic method detects Dingbats and Miscellaneous Symbols
New: Support for Unicode characters larger than UCS2 (0xFFFF)
New: CSV file as UTF-8 (StatisticFileUseANSI=False)
New: Support for SMIME RFC 5652 Cryptographic Message Syntax (CMS) (CMS vs PKCS7)
New: Support for RFC 8162 SMIMEA using DANE (InboundSMIMEVerifySMIMEA=True,OutboundSMIMEVerifySMIMEA=True)
New: SMIME download certificate using SMIMEA with domain wildcard
Fix: multi error line after BDAT from GMail
Fix: Optional startup delay failed in rare cases
Fix: No need to query White List when the sender is exclude from the White List
Fix: SPF record with a macro that refers to the HELO/EHLO FQDN
Fix: UnRAR DLL v5.40 with a directory
Fix: Filename in an archive with a white-space at the beginning or end
Fix: Outbound SMIME policy with e-mail mismatch
Fix: DKIM hash with a single tab in an empty body text
Fix: no global SPF exklusion after a restart
Fix: Allow DSN message for action "Send non-delivery report" to be signed (DSNAllowSign=True)
Fix: Country block with an IP address in the last tenth fail to resolve
Fix: Detection of X-Mailer in heuristic method
Fix: Erroneous detection of a DSN
Fix: DKIM with optional canonicalization tag
Fix: SMIME format in statistic file
Fix: SURBL and GURBL with recursive URL Shortening Services
Fix: DKIM for an empty message with "simple" Body Canonicalization Algorithm
Chg: Update for private Enhanced Status Codes in Office 365
Chg: Relaxed detection of newsletter
Chg: TLS as server enforce highest possible cipher (needed to get an A at www.ssllabs.com)
Chg: OpenSSL updated to v1.1.0g
Chg: Exclude Safe Links from URL Phishing Method
Chg: Exclude Common Domains from SURB and GURBL

v3.53 2017-02-27

New: Detect Microsoft Office VBA Macros (Options->Block->Office)
New: Detect password protected Microsoft Office documents (Options->Block->Office)
New: Detect Microsoft Office document with an extension mismatch (Options->Blocking->Office)
New: Detect Microsoft Office VBA Macros using ClamAV (Options->ClamAV->Macro)
New: Optional scan attachments for ClamAV community rules (ClamAVUnofficialRuleScanAtt=True)
New: Limit inbound concurrent connection from a single host (InboundSMTPConcurrentConnections=100)
New: A non-delivery report as an action of a spam method is only sent when the sender is not faked (InboundSMTPDiscardDSNToFakedSender=True)
New: AES256 encryption and compression when sending a message to another XWall (InboundESMTPXBDATAAESA=True,OutboundESMTPXBDATAAESA=True)
New: Drop connection when the connection is from PushDo/Cutwail botnet
New: SPF block even when the sender is on the white list (InboundBlockSPFStrict=True;InboundBlockSPFStrictFromAddress=@a1.net)
New: SPF block of SPF excluded sender (InboundBlockSPFStrictExclFromAddress=True)
New: Exploit and attachment method handles 7Zip, GZip and TAR and MSOLExxx.bin archives like ZIP archives
New: SURBL exclude base URL from query (InboundExclBlockSURBLBaseURL=baseurl.com)
New: Adaptation for Windows 2016 and Windows 10
New: Support for Barracuda Sender Spoof Protection (btv1)
New: Support for RFC 2231 long filename
New: Inbound and Outbound exclude from history (KeepMessageFileInboundExclToAddress=@domain.com,KeepMessageFileOutboundExclFromAddress=@domain.com)
New: Heuristic method detects spam-cloud
New: Support for private Enhanced Status Codes in Exchange 2013 and Office 365
New: For DNS query in IPv6 environment use two queries rather than one, e.g. A and AAAA instead of ALL (DNSQueryTweak=False)
Chg: DiskFullAlert unit from bytes to megabyte to prevent overflow (check value at View->Advanced Configuration->Advanced)
Chg: CPS are converted to Kibit/s or Mibit/s
Chg: Queue messages when Exchange returns a temporary Error
Chg: Messages for the DSN From: E-Mail address are no longer accepted when relaying is disabled
Chg: Country block uses GeoLite database, IPv6 is also supported
Chg: Different error text for exploit with an archive with an unknown compression algorithm
Chg: SURBL method checks the new small base domain like "aa.at"
Chg: Attachments with an unknown filename get an extension based on the file type
Chg: File extensions in statistic CSV file
Chg: Windows NT 4.0 is no longer supported
Chg: Exe signed with SHA256, signature only valid on Windows 2008 R2 and above
Chg: SSLv2 and SSLv3 is no longer supported
Chg: RC4-MD5 and RC4-SHA is no longer supported for inbound connections
Chg: SMIME RFC 5751 (micalg=sha1 to micalg=sha-256)
Chg: Support for application/pdf Media Type (RCC 3778)
Chg: Support for Office 2007 File Format MIME Types
Chg: OpenSSL updated to v1.1.0e
Del: RAS, ETRN and SOCKS
Fix: Len of password for SMTP authentication with Amazon SES
Fix: Approve script with quoted file name
Fix: SMIME with an e-mail address that starts with a reserved filename
Fix: MBAdmin disable inbound authentication when old settings are still in place
Fix: Office File from iPhone crashed XWall
Fix: MBAdmin wrote INI in wrong directory after a common dialog changed the current directory
Fix: INI entry with a semicolon in a quoted string
Fix: DMARC ignored SPF policy
Fix: DNS MX query missed EDNS0 option
Fix: SPF with IPv6 for mechanism a, mx und exists
Fix: MIME coding for filename with an Umlaut and an ASCII body text
Fix: DKIM signing for non-delivery-message
Fix: SMIME quote e-mail with a leading space

v3.52 2016-01-22

New: Detect Malware and spam using SecuriteInfo community rules (http://www.securiteinfo.com) (Options->ClamAV->SecInfo)
New: TLS Mutual authentication with intermediate certificate (IncaMail of Swiss Post)
New: SMIME: extended error reporting; caching the verification result for five minutes; signing is faster by 43%, encrypting by 35%
New: Support for RFC 7505 - Null MX for Domains That Accept No Mail
New: Reject TLS on weak signature algorithm (Options->TLS/SSL->Policy)
New: TLS connection information of temp key for ECDHE and DHE
New: Show OpenSSL version at startup when diagnostic logging is enabled
New: Prevent TLS POODLE attack by disabling SSLv3 (TLSServCipherList=@NOSSLV3)
New: Show rules for SecuriteInfo and Sanesecurity (VerboseCAxCR=True)
New: XWall slows down the connection when the sending server is greylisted for more than 5 e-mail addresses ( honeypot, teergrube )
New: UDM method gets Bayes and heuristic values and spam information
New: Optimized reading of large certificate chains
New: Enhanced TLS security from and to Exchange (InboundExchTLSSecurity=True,OutboundExchTLSSecurity=True)
New: Added Facebook and Yahoo to Major ISP exclude
New: Detect suspicious messages by subject
New: Field Format with TLS in SS*.csv
Chg: Enhanced Status Codes updated to match RFC 7372
Chg: SMIME file operations under heavy load and virus scanner
Chg: SMIME RFC 5751 (x-pkcs7 to pkcs7)
Chg: DMARC (RFC 7489) requires that DKIM uses RFC5322.From as SDID
Chg: Disk Full Alert to 3 GB
Chg: DKIM signing algorithm from rsa-sha1 to rsa-sha256 to comply with RFC 6376
Chg: OpenSSL updated to v1.0.2e
Fix: Close outbound connection when TLS policy changes
Fix: Honor RBL white list in RCPT TO command
Fix: SMIME added the sign certificate twice to smime.p7s
Fix: TLS outbound policy and weak protocol
Fix: SMIME file error/undefined behavior in the Microsoft C run-time library (CRT)
Fix: Block attachment in TNEF with SMIME
Fix: SPF macro "v"
Fix: SMTP Forward with forwarded e-mail address already in the list of recipients
Fix: non-standard SMTP port for MX resolved host
Fix: Error text for domain based SLS/RBL

v3.51 2015-02-04

New: Announce inbound SMTP authentication only after TLS is established (InboundSMTPAuthTLS=True)
New: SURBL expands shortened URLs like http://goo.gl/u6U1n0 (Options->SURBL->expand shortened URLs)
New: Force quick restart after configuration change (Signal->Restart)
New: Native ClamAV is checked every 8 hours; Postmaster gets a notification if warning after startup is enabled
New: Ignore IP address when resolving MX records, because the DNS of GMail returns a bad IP address (OutboundSMTPConnectIgnoreIP=74.125.201.108)
New: E-Mail Address Rewrite for outbound messages (View->E-mail Address Rewrite) (ISPEdition only)
New: Remove HTML for spam messages where the subject is marked (InboundRemoveHTMLSpam=True)
New: DNS support for large UDP packets
New: Phishing method uses Domain-based Message Authentication, Reporting and Conformance (DMARC)
New: Support for GB18030 (Chinese) codepage
New: Verify the recipients e-mail address dynamically using a SMTP query to Exchange (Options->Session->Recipient)
New: S/MIME policy for messages that are not signed or encrypted
New: Support for Server Name Indication (SNI)
New: Verify sending IP address using Forward-confirmed reverse DNS (FCrDNS) (Options->Spam->FCrDNS)
New: Enforce TLS using key word in subject (Options->TLS/SSL->TLS Outbound policy)
New: TLS Mutual authentication (Options->TLS/SSL->TLS Outbound policy)
New: Adaptation for Windows 10
New: Inbound SMTP authentication using a list of User/Pass, a script, query to Exchange or NTLM into Windows (Options->General->Authentication)
New: Reject TLS on weak protocol (Options->TLS/SSL->Policy)
New: Support for Public Suffic List (https://www.publicsuffix.org)
New: S/MIME encryption permits a void certificate
New: Support for UTF-16LE and UTF-16BE codepage
New: Heuristic method detects homoglyphs
New: Remove Outlook Hyperlinks in body text after HTML was removed for spam messages (InboundRemoveHTMLHyperlink=True)
Chg: Error text when a message expired without being sent
Chg: Show SLS/RBL even when the data is from cache
Chg: Search for included INI file in the program directory
Chg: zLib updated to v1.2.8
Chg: Exclusions are checked against the sending MTA and not against the connecting MTA
Chg: DKIM: better error description, relaxed DNS handling and parsing
Chg: Missing S/MIME sign or encryption triggers policy
Chg: Script method name from "phi" to "phishing", "heuristic" to "heur" and "from-us" to "internal-from"
Chg: SPF updated to comply with RFC 7208
Chg: DNSWL test IP address
Chg: OpenSSL updated to v1.0.1j
Chg: Relaxed parsing of white list feed subject for an e-mail address
Fix: Decoding of MIME word with folded lines and several linear white spaces
Fix: DSN error for an IPv6 host when IPv6 is disabled
Fix: Ignore local IP address 127.0.1.1 on Linux
Fix: OpenSSL CVE-2014-0160 (http://heartbleed.com)
Fix: Exclude using domain based White List
Fix: Backscatter with a DSN without an IP address
Fix: Received header line with a literal IPv6
Fix: Space in SPF record for facebookmail.com
Fix: Dovecot Mail Delivery Agent (AON) creates invalid messages with bare CR
Fix: Global DKIM exclusion honors message From: e-mail address
Fix: Workaround for TLS Auto-Negotiate with Cisco IronPort C370 (IronPort sends wrong ciphers)
Fix: Parsing header line with all spaces
Fix: Invalid MX using 127.0.0.0/8
Fix: Missing "Closing connection" after a temporary error
Fix: Outbound virus scan before S/MIME, because S/MIME may encrypt the message

v3.50 2014-02-22

New: TLS with Perfect Forward Secrecy (PFS) using ECDH und DHE (proposed by C't magazine for computer technology)
New: Protection against connection flooding from a botnet (Options->Blocking->Drop)
New: View->Advanced Configuration->SMTP->Close connection after rejecting MAIL FROM (Note: This violates the RFC)
New: ClamAV virus scanner in native mode (Options->Virus->ClamAV)
New: Detect Phishing, Scam and Malware using Sanesecurity rules (http://www.sanesecurity.com) (Options->Spam->SaneSecurity)
New: Automatically exclude major ISP from Greylisting (Gmail,Hotmail,Office,MessageLabs,Postini,GMX)
New: Support for Microsoft Security Client Antimalware as on-demand scanner
New: Heuristic checks for phishing html attachments
New: More options for Kaspersky virus scanner
New: Enforce user based message size limit during the SMTP session
New: TLS inbound and outbound type and policy (Options->TLS/SSL)
New: Temporary SMTP error on mandatory TLS connection (InboundSMTPTLSRequiredError4xx=True)
New: Support for Thai ISO 8859-11, TIS-620 and Windows 874
New: Heuristic method supports GTUBE (Generic Test for Unsolicited Bulk E-Mail)
Chg: Optimized adding of a disclaimer at the end of a very large HTML message
Chg: Disable QuickEdit-Mode when running as a console application
Chg: Blocking a host or IP address during the SMTP session is done after the MAIL FROM and a second time after the RCPT TO
Chg: Ignore IPv6 MX record when IPv6 is not enabled
Chg: SMTP session no longer accepts a RCPT TO after a rejected MAIL FROM command
Chg: S/MIME cipher changed from DES3 with 168 bit to AES with 256 bit
Chg: Enhanced TLS peer certificate verification removed (OutboundSMTPTLSVerify=True)
Chg: Support for DANE TLSA certificate verification removed (OutboundSMTPTLSVerifyDANE=True)
Chg: Prevent white list pollution by omitting e-mail addresses that are excluded by SPF or DKIM
Chg: X-Message-Flag: header line removed
Chg: SPF with more than one TXT record result in an error
Chg: SPF ignores ip4:0.0.0.0/1, because that IP range enables everything
Chg: Yield CPU when decoding large HTML messages
Chg: OpenSSL updated to v1.0.1f
Chg: Global excluded IP address or host is also checked against the sending MTA
Fix: SPF ignore empty txt record
Fix: Add outbound DKIM and disclaimer only when the sender is on Exchange
Fix: Add outbound DKIM and disclaimer for a Star-Match-All only when the sender is on Exchange
Fix: Server query for an userbased white list
Fix: Phishing method with an URL that is folded using a CRLF
Fix: SPF ignore invalid ip4:hostname
Fix: SMTP AUTH PLAIN for some versions of Android
Fix: DKIM verify when the TXT record is quoted
Fix: Decoding recursive TNEF message
Fix: Phishing method failed to show the DKIM result
Fix: Bug for user based message size limit when relaying
Fix: Bug global exclude for TLS connections
Fix: Decoding MIME attachments where a line with a space is between the boundary
Fix: Check for Out-of-Office subject uses specific rather than generic text
Fix: Query for local IP addresses on Windows 2012 R2
Fix: Options->Spam->CCS im Demo Mode
Fix: Calculate queue object for system messages with a from routing

v3.49 2013-01-15

New: Add inbound header based on sender or recipient (InboundHeader=)
New: Support for Exchange 2010 Importance header line
New: S/MIME sign and encryption of pre-signed and/or pre-encrypted messages
New: Reassemble of S/MIME signed, detach signed and encrypted messages
New: Support for DANE TLSA certificate verification (OutboundSMTPTLSVerifyDANE=True)
New: Support for DomainKeys Identified Mail Signatures (DKIM)
New: DKIM verification using Author Domain Signing Practices (ADSP)
New: Heuristic checks for identical URL
New: Phishing method uses DKIM
New: Added additional DKIM error messages
New: Terminate connection after a client tried two messages without any valid sender or recipient address
Chg: Accept an E-Mail address with a user part longer than 64 bytes
Chg: SPF reject during the SMTP session is immediately after the MAIL FROM
Chg: Country blocking is for IPv4 addresses only and ignores IPv6 addresses
Chg: SLS/RBL IPv4 lists are only used for IPv4 addresses, IPv6 lists only for IPv6 addresses
Chg: Removed support for Domain-Based E-Mail Authentication Using Public Keys Advertised in the DNS (DomainKeys)
Chg: MX query for inbound domains uses old cached IP addresses in the case the DNS server is not available
Chg: Protect SLS and SPF global exclusion against faked header lines
Chg: Updated domains in Options->Global Exclude->DKIM->Add common
Chg: Exploit method handles RAR archives like ZIP archives
Fix: S/MIME remove signature for outgoing messages
Fix: Disable TLS/SSL cipher DES-CBC-SHA
Fix: Virus scanner in a directory with an Umlaut
Fix: DNS server that can not handle EDSN records
Fix: History added non-delivery reports even then outbound history was disabled
Fix: no DKIM check for messages using an inbound domain as the sender
Fix: Domain in global SPF exclusion
Fix: UnRAR DLL v4.20 with a RAR volume
Fix: TLS with more than one intermediate certificate shows wrong status

v3.48 2012-08-06

New: Compiled with ASLR (address space randomization) and NX (no execution)
New: Support status query using Nagios
New: Verify a certificate using the CommonName and the subjectAltName
New: Connection cache to Exchange (OutboundExchConnectionCache=True)
New: Global exclusion for TLS required sender (InboundExclTLSRequired=True)
New: Enhanced TLS peer certificate verification (OutboundSMTPTLSVerify=True)
New: Prevent test for On-Access scanner at startup (VirusScannerOnAccessStartupCheck=False)
New: SPF reject during the SMTP session only on FAIL, even when SOFTFAIL or NEUTRAL is enabled (InboundBlockSPFSMTPLevelOnlyFail=True)
New: Drop connection based on blocked host name
New: Support for Online Certificate Status Protocol (OCSP)
New: Heuristic scans for word with upper chars like ThereAreHugeDiscountOnTheseDrugs
New: Zip archive with an unsupported compression method is handled like a password protected zip archive
New: The Format column in the statistic file indicates a IPv6 connection
Chg: Outbound TLS connection use TLSv1, omit SSLv2, and reconnect with SSLv3 when TLSv1 fails
Chg: Removed announcement for NTLM AUTH for SMTP clients
Chg: No longer checking a Backup MX for SLS/RBL and other methods during the SMTP session
Chg: Senderbase and Country skip the backup MX
Chg: Heuristic value for tags in a html page
Chg: IPv6 DNS query using ALL and fall back to A/AAAA for server that don't support it
Chg: SPF favors spf1 over spf2.0
Chg: Removed unnecessary information from block statistic file to make it smaller
Chg: Caching of SLS/RBL positive answers
Chg: Avoid SLS/RBL queries for excluded senders
Chg: Optimized text scan and e-mail compare with wildcards
Chg: Persistent cache for SLS, SURBL, SPF and Senderbase
Chg: Default Greylisting exclusions removed
Chh: SPF detect useless record "v=spf1 ?all"
Fix: Checking for an exploit in a zip file
Fix: Reject internal From: address during the SMTP session was not working
Fix: Inbound connection manager stopped when out of resources
Fix: Binding to a IPv6 address erroneously enabled inbound IPv6
Fix: MBAdmin crashed in Options->Global Exclude
Fix: Message-id was not unique when created within one tick
Fix: S/MIME certificates with an e-mail only in subjectAltName
Fix: On-Access virus scanning with file extensions enabled resulted in a false positive when the extension was very long with non-ASCII characters
Fix: Heuristic failed to proper scan HTML source
Fix: Unnecessary restart when timezone changes
Fix: Very large attachment filled with ASCII zeros takes a long time to decode
Fix: SPF for IPv6
Fix: SPF exists method with a macro
Fix: FQDN on a machine with more than one IP address
Fix: S/MIME encryption with missing cert file failed with wrong error
Fix: Write blocking statistic when the connection is dropped because of a blocked IP address

v3.47 2011-06-22

New: IPv6 support (InboundSMTPIPv6=True OutboundSMTPIPv6=True OutboundExchIPv6=True)
New: Remove x-originating-ip header line, added by Exchange 2010 SP1 (OutboundRemoveHeaderXOriginatingIP=True)
New: Received header line shows TLS cipher information (TLSv1/SSLv3:AES256-SHA:256)
New: Show IP address of the sending MTA (VerboseDomainMX=True)
New: At startup XWall queries the public name server from Google and
opendns.org for the MX records of the inbound domain (CheckDNSQueryMXPublicNS=True)
New: Timeout of 10 minutes for on-demand virus scanner (VirusScannerTimeout=10000)
New: Enforce TLS for authenticated users (InboundSMTPTLSRequiredAuthUsers=True)
New: Relaying for IP address and MAIL FROM address
New: TLS information shows the algorithm and bits of the public certificate
Chg: Graceful shutdown with CTRL_CLOSE_EVENT in Windows 7/2008
Chg: Quoted Printable encodes a dot at the beginning of a line,
because Exchange 2003 sometimes has a problem it
Chg: OpenSSL updated to v1.0.0a
Fix: DNS query for Exchange, smart host and static route used wrong name server
Fix: S/MIME CRL with Comodo certificate
Fix: invalid A records are no longer showing an IP address of 255.255.255.255
Fix: MX query with a CNAME using a Bind name server
Fix: DSN for persistent temporary failure had a status field of 5.x.x rather than 4.x.x.
Fix: SPF records which is sent in several parts without a delimiter in between
Fix: CCS DNS packets rejected by a Cisco PIX
Fix: Folded header line that start with a white space
Fix: Parsing a very long Content-Type: header line
Fix: Quote the filename for UDM and Approve script when the TEMP directory contains a space

v3.46 2010-08-17

New: Options->Global Exclude->Exclude dnswl
New: Blacklist (http://www.dataenter.co.at/doc/xwall_undocumented_config.htm#blacklist)
New: S/MIME verbose output for certificate rule (VerboseSMIMECert=True)
New: The Format column in the statistic file indicates a TLS connection
New: SPF detect useless record "v=spf1 +all"
New: Checking on-demand virus is at startup
New: Switches for ClamAV virus scanner
New: Native support for ClamAV (VirusScannerClamAVNative=True)
New: Remove HTML format only when there is a script (InboundRemoveHTMLScript=True)
New: Send information message after restart and startup (SendStartupAlways=True)
New: White list domain based in ISP Edition (OutboundAddressWhiteListDomainBased=True)
New: CCS acts as a global heuristic spam repository
New: Closing connection after some "relaying denied"
New: Disable automatic fix of recipient e-mail address (InboundESMTPRepairInvalidRecipient=False)
New: Reject self-sending-spam during the SMTP session (InboundBlockFromUsSMTPLevel=True)
New: Partial support for SPF spf2.0/pra
New: Inbound bandwidth limit per message in byte per second (InboundSMTPBandwidthThrottling=16384)
New: Outbound bandwidth limit per message in byte per second (OutboundSMTPBandwidthThrottling=16384)
New: SMTP with SSL/TLS on port 465 (vergin.net as smart host)
Chg: XWall uses only one write on the socket for the EHLO response, or else the Axway Firewall can't handle the data when TLS is active
Chg: Testing for SLS/RBL updated to RFC 5782
Chg: Packing the White list removes all internal e-mail addresses, you can disable this using OutboundAddressWhiteListPreventInboundDomain=False
Chg: SPF skips the backup MX
Chg: InboundDomainMX honors CIDR notation
Chg: Update switches for McAfee Command Line Scanner v6.x
Chg: Updated e-mail address parser for RFC 3696, RFC 5321 and RFC 5322
Chg: In a TLS session the whole certificate chain is sent to the client
Chg: Self-sending spam method blocks only when the senders and recipients domain are on the same Exchange server
Chg: Suppress non-delivery report to an internal domain only when the domain is on the same Exchange server
Chg: Reassemble message removes header lines with more than 998 chars
Chg: Removed special handling for Netscape Mailer after the DATA command
Fix: Status of CryptoFilter license was shown when no license was installed
Fix: Workaround for a bug in Exchange 2010 when a message has no body text and plain text attachment
Fix: Outbound S/MIME and Disclaimer didn't work together
Fix: S/MIME ignores lonesome smime.p7m attachment
Fix: SLS/RBL/RHSBL work with dbl.spamhaus.org
Fix: SURBL work with dbl.spamhaus.org
Fix: Outbound attachment blocking with action "Forward to Admin"
Fix: Unique ID after a missing RSET

v3.45 2010-01-20

New: View->Statistic
New: Callback sender verification (Options->Session->Verify)
New: Sign outbound messages using DomainKey (Options->DomainKeys)
New: Block messages with a invalid DomainKey (Options->DomainKeys)
New: Global exclude messages with a valid DomainKey (Options->Global Exclude->DomainKeys)
New: Remove DomainKey signature for inbound messages (Options->System->Format)
New: Verify and/or remove S/MIME encryption and/or signature for inbound messages (Options->S/MIME) (add-on to XWall, extra license needed)
New: Block image spam (empty message with a png picture) (Options->Spam->Image)
New: Payload limit for outbound messages (message size x recipient count) (OutboundPayloadLimit=xxx)
New: Add the extension of the attachment to the temporary file name with on-access scan ( VirusScannerOnAccessUseExt=True)
New: Disable TLS/SSL weak cipher (TLSServOmitWeakCipher=True, TLSClientOmitWeakCipher=True)
New: Country block also checks Hotmail's X-Originating-IP: header line
New: ISP Edition may use different DSN From: e-mail addresses for each e-mail or domain
New: Options->Session->Greeting delay can be adjusted
New: Set limit of bad e-mail addresses in an inbound SMTP session (InboundSMTPMaxBadMailSession=x)
New: Support for RFC 2319 - Ukrainian Character Set KOI8-U
Chg: If TLS is enforced and the recipients server returns a temporary error, the message is rescheduled rather then sending a non-delivery report (happens with Bank of America)
Chg: If the codepage is US-ASCII but the disclaimer is non-ASCII, the codepage is auto detected
Chg: Default codepage from UTF-7 to UTF-8 because some free mailer don't support UTF-7
Chg: High chars in codepage US-ASCII are converted using the local codepage of Windows
Chg: Outbound messages scheduler performs better when there are a lot of messages in the queue
Chg: Timeout for DATA set to the values of RFC 5321
Chg: Montenegro and Serbia added, Yugoslavia removed from country selection
Chg: Exploit ignores an identical double extension (file.pdf.pdf)
Chg: Greylisting default exclude for double-bounce@*, because this address is used in callback
Chg: Using Microsoft VCC rather then Watcom for 32bit application
Chg: In 64bit XWall, MBAdmin is a native 64bit application
Chg: Support for BATV adjusted to the latest draft
Fix: Image spam was not detected when the body text was not empty
Fix: MBAdmin removed trailing space from words
Fix: Blocking of header lines when the header had the same line more than once
Fix: Reassembling for html messages with a Content-ID that contains a equal sign
Fix: SSLv2 security flaw (SSLv2 is still in place or else SSLv3/SSLv2 clients can't auto-negotiate)
Fix: Faster shutdown when a lot of SSL connections are open
Fix: Possible numeric overflow of the TTL of the white list
Fix: parenthesis in Received: header line
Fix: Backscatter method was not able to detect its own message

v3.44 2009-02-20

New: Support for GBK (Chinese) codepage
New: Block outbound messages that are not from an internal domain (OutboundBlockAddressOnlyInternal=True)
New: Optional startup delay in the case the virus scanner or DNS server is not starting fast enough ( StartupDelayFresh=5)
New: XWall.ini allows comments using a semicolon
New: Comment for every list field
New: Send information message after startup (SendStartup=True)
New: Send information message when there was a warning after startup (SendStartupWarn=True)
New: Hide SLS service info in error message; needed for Trend Micro Reputation Service (InboundESMTPHideSLSInfo=True)
New: Warning when ini is read-only or no read-write ACL
New: Heuristic checks for text obfuscation with HTML tags in plain text
New: Verbose logging for disclaimer (VerboseDisclaimer=True)
New: The logfile shows which e-mail template was used to block an e-mail address
New: Recommended SLS/RBL b.barracudacentral.org
Chg: yahoogroups.com removed from default exclusion
Chg: Update of X-Mailer in Options->Blocking->Header
Chg: Files for disclaimer can be in any directory, default is XWall directory
Chg: UAC is requireAdministrator for MBSever.exe and highestAvailable for MBAdmin.exe
Fix: Ignoring MIME Content-Disposition header fields with longer value like "filenamexxx"
Fix: White List was not properly updated when the message was sent to more than one recipient
Fix: Exchange 2007 is not able to decode a MIME subject with more than 225 bytes word len
Fix: Disclaimer and S/MIME address with a star was not working as expected
Fix: Reassemble message uses codepage UTF-7 when the original codepage is US-ASCII, but the text contains non-ASCII characters
Fix: DNS validation is repeated several times in the case of a DNS error
Fix: Manifest and UAC elevation also for MBServer.exe
Fix: ESMTP AUTH LOGIN with Microsoft .NET Framework (Namespace System.Net.Mail)
Fix: non-delivery report for a message with a 4xx and 5xx error showed the reason for the 4xx rather then 5xx error

v3.43 2008-08-03

New: Detect Backscatter (Options->Spam->Backscatter)
New: Block DSN/NDR only for specific recipient e-mail address (Options->Blocking->DSN)
New: Support for Exchange 2007 X-Auto-Response-Suppress header line
New: Support for RFC 5064 Archived-At message header
New: RFC 3834 XWall adds the Auto-Submitted header line and sets DSN to NEVER for Out-Of-Office messages
New: restart.sig forces a restart of XWall
New: Setting DSN to NEVER for inbound Out-Of-Office and spam messages
New: Converting DSN NEVER to a NULL-Sender in the MAIL FROM command, because Exchange sends Out-Of-Office messages back even when DSN is NEVER
New: Each record in AdrOWL-A.dat (white list) has a human readable timestamp
New: XWall removes BATV from MAIL FROM address before checking the white list
New: XWall adds a header line to detect faked DSN
New: XWall connects to every IP address when the MX host is multi-homed
New: White List add/del sends back a confirmation message
Chg: Outbound messages with "auto" in the subject followed by a double dot are not added to the white list
Chg: A non-delivery report will be sent only when the first MX points to localhost, a backup MX that points to localhost is ignored
Chg: DNS queries use udp rather then tcp
Fix: NDR for phishing method shows the reason why the message was blocked
Fix: Workaround for the Cisco ESMTP-Fixup bug which sometimes fails to mask the ESMTP verbs
Fix: Failed to connect to the backup MX when the first MX returned a 400 error
Fix: Error after MAIL FROM with PIPELINING was not reading all data for the following RCPT TO
Fix: Wrong size limit was announced
Fix: Decreased DNS recursion because of problems with DNS resolution
Fix: Ignoring a space when checking for an exploit with double extensions
Fix: Omit ESMTP STARTTLS when a TLS connection is active
Fix: Decoding of HTML with hex notation
Fix: Detect proper HTML codepage when no codepage is defined
Fix: Admin had a problem reading the certificate list
Fix: Last line of a Unicode disclaimer file was corrupt
Fix: GB2312 to Unicode codepage had invalid characters
Fix: DNS queries with corrupt pointer result in a crash
Fix: ESMTP PIPELINING with several RCPT TO and all of them get a different error
Fix: EMSPT SIZE error was skipped
Fix: Transcript in NDR missed some information
Fix: Decoding of the attachment filename in an invalid Content-Disposition line
Fix: Block an outbound e-mail during the smtp session
Fix: Wrong error in non-delivery-report when MTA responds with 452 Too busy, please try later.
Fix: Duplicating outbound messages was on domain
Fix: Service dialog didn't show the correct service name
Fix: Decoding of Apple Mail with two different codepages for the body text
Fix: Decoding of messages with UTF-8

v3.42 2008-01-19

New: MBServer is now also available for both the Intel and AMD processors supporting EM64T and AMD64 architectures running on 64bit operating system like Windows 2003 64bit (x64)
New: Force the application to run in Admin Approval Mode when UAC (User Account Control) is enabled in Vista or Windows 2008
New: Block ecard / postcard (Options->Spam->Image)
New: Send statistic (Options->General->Statistic)
New: ISP Edition allows different settings for mark subject based on e-mail address or domain
Chg: Options->Spam->Envelope->Faked MX is no longer in use; use Options->Spam->SPF instead
Chg: Heuristic checks PQDN and PTR
Chg: SLS/RBL uses the first IP that is not on the server itself or the backup MX
Chg: Phishing handles obfuscated URL like http://www.microsoft.com@5342760458/
Chg: Exclude from detection of suspicious messages supports wildcards
Chg: Static route accept a wildcard for the domain
Chg: XWall no longer changes the codepage to iso-8859-1, because this conflicts with Cyrillic
Chg: If the subject has no codepage, the codepage of the HTML or body text is used
(Outlook can't display a HTML message where the subject and HTML have a different codepage)
Chg: Reduced the size of CCS packets so that they better fit into a DNS query
Chg: Method internal From: automatically excluded for authenticated users
Fix: Inbound NTLM pass-through authentication on Windows 2003 x64
Fix: Unicode to ANSI conversion in csv file
Fix: Illegal ASCII characters are wrong encoded in quoted printable
Fix: Max worker thread count is exceeded
Fix: Query for non-existing domains when there is more than one DNS
Fix: DNS query using UDP with a very fast DNS server

v3.41 2007-08-10

New: Better support for x64 operating systems
New: Detect mail traffic spikes from a domain or IP address using senderbase
(http://www.senderbase.org) (Options->Spam->Senderbase)
New: Block PDF spam in Options->Spam->Image
New: Block RAR-ZIP spam in Options->Spam->Image
New: Support delay between SMTP commands (Throttling)
New: Heuristic checks for stock offers
New: Manage the White List by send a message with an e-mail in the subject
Options->Global Exclude->White List)
New: On startup XWall creates the directories for the statistic, the logfile and the history
New: History can be limited to inbound or outbound messages
New: History can be limited to specific e-mail addresses
New: Multi line SMTP banner
New: FQDN of the sender in the block statistic file
New: Support for converting an Exchange IMCEAFAX address to a eFax SMTP address
New: The logfile shows when processing a DomainKey or DKIM message
New: Image spam allows user defined size
New: SPF exclude can be limited to a list of e-mail addresses
New: SMTP authentication using a custom application
New: SMTP authentication proxy against the Exchange
Chg: XWall no longer uses the system TEMP directory,
XWall creates a temp directory below the XWall directory
Chg: HTML   is now a word delimiter
Chg: DSN/NDR to Lotus Notes always includes the full message
Chg: Stack from 64KB to 32KB to minimize the memory footprint when running a lot of threads
Chg: Heuristic weighted a large subject with a higher value
Chg: Dropping the connection once the inbound max connection limit is reached
Chg: Heuristic for stock spam is less aggressive and ignores signatures
Chg: No non-delivery report is sent in response to a message
where the subject starts with "Non delivery report:"
Fix: AOL sends WinWord doc files encoded as quoted printable with an extra LF in it
Fix: UDM method didn't delete all temp files
Fix: Spam and Exclude data for the Approve script are permuted
Fix: Purging statistic files
Fix: SPF in Phishing was not checked in a bad formatted HTML message
Fix: SLS/RBL test of the first Received: IP address when no Received: line was added
Fix: Phishing failed to compare an encoded URL
Fix: EHLO error string when ESMTP is disabled
Fix: The wrong record was selected in a sorted list in MBAdmin

v3.40 2007-02-19

Fix: invalid non-delivery report could result in 100% CPU usage

v3.39 2007-02-12

New: Block image spam (message with a background picture) in Options->Spam->Image
New: Automatically block IP addresses that send spam messages (Options->Blocking->Auto IP)
New: Any on-access virus scanner can be used to scan the messages (Options->Virus->On-Access Scan)
New: Global White List shared among all customers
(Options->Global Exclude->White List->Global White List)
New: French, Italian and Spanish are now available, together with the previous English and German
New: XWall auto detects the language based on the language of Windows,
but you can manually set it in Options->Advanced->Language
New: Each incoming messages gets a unique ID and the logfile shows the ID when the message is processed and sent
New: field UniqueID in SR*.csv
New: Exe are now digitally signed
New: XWall automatically disables ESMTP CHUNKING if the receiving server can't handle it
New: SURBL can use multiply services
New: Heuristic detects prose stock spam
New: Heuristic checks for large paragraphs
Chg: Moved Options->Blocking->Verify to Options->Session->Verify
Chg: Moved Options->Spam->Session to Options->Session->Session
Chg: Moved Options->Blocking->Recipient to Options->Session->Recipient
Chg: relays.ordb.org is out of business and should be removed from Options->Spam->SLS
Chg: DNS query also accepts a non-authoritative answer for missing MX records
Chg: The white list does no longer add e-mail address that coming in and immediately going out to prevent pollution from auto responders or Outlook rules
Chg: Block image spam ignores messages with a "href="http:"
Chg: S/MIME sign adds the whole certificate chain from the PEM file to the message
Chg: Remove HTML does no longer remove HTML on a meeting request
Chg: LDAPQuery.vbs searches the AD including child domains; new switch for Lotus Notes
Chg: Immediately send a non-delivery report when the recipient domain does not have a MX or A record
Chg: Exchange creates invalid MIME messages for a meeting request (vCalendar) and so XWall does not change anything on such a message
Chg: Delivery Status information is added to the text part of a failed DSN (non-delivery report)
Chg: Verbose logging for SURBL, Phishing and CTY more verbose and less confusing
Chg: ApproveAction.vbs can return a error level for not approving an action
Chg: Optionally the UDM method gets the parsed message data and attachments like the Approve method. To enable this add <DATAFILE> to the argument field. A sample UDM.vbs can be found in the Approve-UDM-Toolkit.zip
Fix: ApproveAction.vbs crashed when something prevented XWall from writing out all data files. XWall no longer calls the script when there is problem with the data files and also the script was updated to gracefully terminate when something is missing.
Fix: HTML decode with a large <body> definition followed by a <style>
Fix: Outbound HTML blocking used the strings of outbound text blocking
Fix: multipart/alternative and multipart/related messages had a empty boundary
Fix: a TLS outgoing connection was not terminated when the other side dropped the TLS in the middle of a session
Fix: Testing the name server didn't work when two name servers are defined and the first one was not responding
Fix: SR CSV was not written to the user defined directory

v3.38 2006-08-08

New: Block image spam (empty message with a picture) in Options->Spam->Image
New: New: Approve the method and action using an external program (Options->Spam->Approve)
New: Heuristic checks for a space in RCPT TO: command
New: Suppress disclaimer on reply and forward
(Options->Transit->Disclaimer->No disclaimer on reply or forward)
New: At startup XWall checks if the name server can resolve a MX record
Chg: E-mail address blocking works now like any other method. If at least one e-mail address is blocked, then the action is performed. If there is least one exclusion and exclusions for e-mail are enabled, then the message is not blocked. As a result of this, a message sent to two recipients where one of them is blocked, blocks the whole message. Previously XWall removed the blocked e-mail address from the recipients list and delivered the message to the remaining recipients. To revert back to the previous behavior add the lines
InboundBlockAddressActionOnOneAddress=False
OutboundBlockAddressActionOnOneAddress=False
to XWall.ini
Chg: System messages (non-delivery reports) get a low priority
Chg: Heuristic does not longer detect empty messages with an image, use Options->Spam->image instead
Chg: .google.com excluded from Greylisting, because gmail.com uses it as the host domain
Chg: Statistic values are preserved between a restart
Fix: validate domain was not working when a smart host was selected
Fix: Options->Blocking->Verify->Verify the senders domain was grey when using a smart host
Fix: MBAdmin truncated a partial file name
Fix: Fix: Memory allocation on large HTML messages
Fix: Outbound e-mail blocking honors the global exclusions
Fix: SPF ignores the ip6 mechanism
Fix: Two static route to same host with different port after a restart
Fix: Tar pitting plain text authentication after some unsuccessful authentication requests
Fix: A low priority method with Mark Subject was preferred for a higher priory method with
Mark subject and move to junk-e-mail folder
Fix: MRTG values are no longer reset at midnight
Chg: When the message is reassembled, the original header lines will come first
and the new header lines at the end
Fix: Quoted-printable attachment always had had an CR LF at the end
Fix: Reject during the SMTP session even when the sender was on the white list on a white list master

Note: In the case you are using XWALLFilter, you need to upgrade it to 2.0.7638.62 or higher

v3.37 2006-05-03

New: heuristic method checks for empty messages with a picture
New: Decoding of recursive encoded attachments like the one created by Nyxem-D, Generic Malware.a and MyWife.d virus
New: Reject the SMTP session for a blocked IP address (Options->Blocking->IP)
New: SPF blocks on softfail and optionally on neutral
New: Limit the amount of messages that are accepted in a single inbound connection
New: Session timeout to prevent an infinite connection with a honey pot or a faulty TLS session
New: ESMTP PRIO (priority) command
New: XWall processes messages based on priority
Chg: XWall no longer converts an invalid sender address to a NULL-address
(to revert to the previous behavior add InboundESMTPConvInvalidReturnPathToBlank=True to XWall.ini)
Chg: Auto detecting the DNS server is more reliable when using more than one adapter
Chg: Excluding non-delivery reports from SLS/RBL
Chg: Heuristic pays attention to SPF softfail and neutral
Chg: Using DNS server queries even when all messages are relayed to a smart host
Fix: Get name of local ip addresses in Windows 2003 and XP
Fix: CCS packets are blocked by a Cisco PIX with DNS fixup enabled
Fix: Decoding of a corrupt TNEF attachment
Fix: NDR for CTY and CCS had the wrong description
Fix: A MX with a non-existing A record was incorrectly resolved
Fix: Adding a message header to a binary message corrupted the binary data
Fix: Unique file name in HIST folder
Fix: If the MAIL FROM was blocked using a 4xx error, the DATA was blocked with a 5xx rather than a 4xx error
Fix: Original-Envelope-Id in DSN
Fix: Slow outbound SMTP scheduler under heavy load
Fix: Orphaned txt files in MSG-OUT when restarting under heavy load

v3.36 2005-12-05

New: S/MIME signing and/or encryption (Options->Transit->S/MIME)
New: Block messages by country (Options->Blocking->Country)
New: Limit the amount of recipients for an inbound message (Options->General->Connections)
New: Optionally remove all characters from the subject that prevent OWA / IIS from opening the message (& % \ ./ ..)
New: Start/stop/install/remove XWall service from MBAdmin View->Service
New: Parsing of invalid Outlook addresses like "user@domain.com" <'user@domain.com'>
New: XWall immediately sends back a NDR in the case Exchange rejects the message with a 4xx error
New: Deleting multiply entries in a list box in Admin
New: postmaster@* is excluded from Greylisting, because Postfix uses this address to validate of a recipient exists
New: CCS ignores Yahoo standard attachment mails
New: Action "Forward to recipient" which does nothing than to log; useful for
testing a method or for different customer configuration in the ISP Edition
Chg: a NDR is sent for a message to reaches the max attachment count
(previously the message was discarded without an NDR)
Chg: Faster queue scheduling when sending messages to Exchange
Chg: Priority of CCS is now lower than the priority of attachment and exploit blocking
Fix: Empty record in datauser.dat cause XWall to hang
Fix: Faster importing of AdrOWL-A when the white list is full
Fix: Rescheduling of a message after a timeout in RSET
Fix: Decoding of a corrupt TNEF attachment

v3.35 2005-08-29

Fix: Domain translation was not working when there was user translation
Fix: Send NDR when Exchange blocks the recipient

v3.34 2005-08-03

New: Central Checksum Service (CCS) (Options->Spam->CCS)
New: Block messages by charset (Options->Blocking->Charset)
New: Block delivery-status-notification and non-delivery reports (Options->Blocking->DSN
New: User defined spam blocking method (Options->Spam->UDM)
New: Support for white list SLS/RBL (Options->Exclude->SLS)
New: XWall immediately sends back a NDR in the case Exchange
does not accept the message after the DATA/BDAT command
New: SMTP greeting delay to protect against SMTP slammers
New: SMTP tar pitting / honey pot / teergrube to protect against a directory harvest attack
New: XWall decodes UUENCODE inside a MIME Content-Type: text/plain section
New: ISP Edition allows different settings for a e-mail address or domain (/doc/xwall_isp_edition.htm#ubs)
New: XWall converts a plain text or html with more than 4MB into an attachment
Chg: XWall no longer discards messages with a text or html size with more then 4MB
Chg: Changed priorty for action "Mark subject and move to Junk-E-Mail folder" and "Mark subject"
Chg: XWall verifies the TLS/SLL certificate at startup and
disables TLS/SSL when the certificate is not valid
Chg: Pending messages are no longer rescheduled when XWall restarts
Chg: No SPF checking when the sender is excluded
Chg: removed "Verify that the sender uses an e-mail address",
use Options->Blocking->DSN instead
Chg: The GUI for recipient checking is either static or dynamic, but not both
Chg: Inbound address translation takes place immediately
after the address is received and before performing all other checks
Fix: Blocking a host name in the message header

v3.33 2005-05-04

Chg: White list synchronize uses port 12177 udp (alternate port 25 tcp)
Fix: Control chars are converted to a space before the screen is updated (else BEL beeps)
Fix: Decoding of application/x-pkcs7-mime messages without any subtype
Fix: Heuristic shows "text part missing" even on a non-MIME message
Fix: LDAP query failed when cache was disabled
Fix: McAfee does no longer find a variant of New Malware.b in
MBAdmin when using the /ANALYZE switch
Fix: More checking of the error level of LDAPQuery.vbs
Fix: Outbound exclusion of exploits didn't work
New: /SILENT as argument for McAfee scanner
New: Exclusion for inbound and outbound virus scanning
New: German translation on a German Windows
New: Greylisting caches properly rescheduling servers,
because there is no need to delay this hosts
New: Range checking for the Greylisting values in MBAdmin
New: SURBL scans the plain part of the message for an URL
New: XWall ISP Edition (unlimited amount of inbound domain and Exchange servers)

v3.32 2005-02-10

Chg: MBAdmin asks if XWALLFilter is installed in the case it can't detect it
Chg: Default action is Mark subject rather than
Mark subject and move to Junk-E-Mail folder
Chg: Action Mark subject and move to Junk-E-Mail folder is only
available when XWALLFilter is installed
Chg: Exclusion for authenticated users is now on by default
Chg: Blocking all attachments does no longer block a HTML or TNEF message
Chg: XWall will not longer send to a domain where the MX record points to 127.0.0.0/24
Chg: localhost is resolved without using name server
Chg: .cpl is an unsafe extension
Chg: Recipient tab is now in Blocking rather than in Spam section
Fix: SPF cache could be wrong when the sender used a different IP address
Fix: Remove HTML with a lot of tabs in each line
Fix: SURBL with question mark in the URL
Fix: Infinite loop in message decoding
Fix: No HTML signature is added when outbound HTML is removed
Fix: SPF of redirect mechanism (_spf.microsoft.com)
Fix: Quoting of VBScript when XWall is installed in a directory with a space
Fix: RFC 3462 defines text/rfc822-headers and not message/rfc822-headers
Fix: removing of the Bayes tag from the subject for outgoing messages
Fix: Decoding of plus sign in DSN ORCPT
Fix: Recipients server returns 4xx and 5xx and 2xx status in one SMTP session
Fix: Removed the dot at the end of a TMP file, because Sophos 3.29 can't find such a file
New: DNS resolution optionally uses UDP
New: Exclusions for Exploits
New: Heuristic method checks for corrupt messages generated by some spam software
New: Corrupt messages are automatically reassembled
New: Reject at the SMTP level is now an additional action in SPF, IP/Host and E-mail blocking
New: Logfile shows the type of the message (HTML, TNEF, DSN and so on)
New: Support for Korean ISO-2022-KR and EUC-KR messages
New: Negative SLS/RBL queries are cached for 4 hours
New: Optionally blocking of executable files
New: Check of MBAdmin and MBServer are the same version
New: Advanced configuration has a tab for ESMTP settings
New: Blocking Windows and DOS executables,
even when they renamed and/or in zip files (exploit)
New: Virus count in MRTG (slot 29 and 30)
New: Greylisting optionally accepts all IP addresses from a Class C net
New: Triplet and status of Greylisting in the block statistic file
New: Mark subject with one text for all methods
New: LDAP query for validating the recipient (Options->Spam->Recipient)
New: The demo version sends a message to postmaster before it expires
New: Context specific help for the option menu
New: Checking of the message size immediately after the data was received
New: Exclusion for known mail servers that have a problem with Greylisting
New: Default Greylisting Exclusions

v3.31 2004-09-15

New: SURBL (Spam URI Realtime Blocklists, see http://www.surbl.org)
New: Greylisting (see http://projects.puremagic.com/greylisting);
at present by far the best way to block spam, some 80% with nearly no false positive;
Note: make sure the spammer do not bypass Greylisting by sending over your backup MX
(use XWall or a server that can handle Greylisting on your backup MX)
New: XWall slows down the connection when the sending server sends a message to more than 20 invalid e-mail addresses ( honeypot, teergrube, tarpitting)
New: To prevent mail bombs files that are larger than 1 GB are no longer unzipped
New: Messages blocked after the RCPT TO are in the SMTP blocking statistic and in MRTG
New: SPF results are cached for 8 hours
New: Support for vCard and vCalendar messages
New: User defined header lines that should be preserved when reassembling the message
New: X-XWall-SURBL: header line
Chg: Block at the SMTP level is now an additional action in SLS/RBL; for upgrade reasons SLS is disabled by default and you need to enable it again
Chg: sbl-xbl.spamhaus.org as new common in Options->Spam->SLS and sbl.spamhaus.org should be removed
Chg: The From: address of a DSN (non-delivery report) is now the postmaster from the first responsible domain
Chg: Outbound authentication is performed against the smart host
Chg: The default SPF record is used when the domain does not publish a valid SPF TXT record
Chg: Default SPF checks the subnet of the sender (v=spf1 ptr a/24 mx/24 -all)
Chg: MBServer restarts only when the configuration files can be locked
Chg: Verify the recipient does no longer block addresses that are the source of a translation
Chg: No SPF test for non-delivery reports
Chg: When reassembling the message all NULL chars are removed from plain text and HTML
Chg: HTML images are no longer flagged as attachments
Chg: If a message has a address translation or an e-mail forwarding then it is automatically excluded from the BCC blocking
Fix: Mark subject for heuristic couldn't be changed in MBAdmin
Fix: MBAdmin Virus options "Scanner needs to be serialized" and "Scanner supports EML message format" interchanged
Fix: unzipping files with some directories
Fix: XWall prevents sending a non-delivery message to an internal e-mail address for all methods
Fix: Removing of the HTML tag <a href></a> without adding some space
Fix: SPF with an include mechanism did not query for the included TXT record
Fix: Removing of HTML does not longer trash the previous decoded text when a second <body> is found

v3.30 2004-05-14

Chg: Encapsulate and forward a virus to postmaster removes the attachment
Chg: X-XWall-Heuristic: header line is added every time the heuristic value is more than zero
Chg: XWall now uses CIDR notation for all IP addresses (10.0.0.0/24).
MBAdmin converts the old IP addresses automatically to CIDR when you change something.
Make a backup of your XWall. ini in the case you want to use an older version of XWall.
Chg: Resolving of A records now goes through the defined name server
and not through the TCP/IP stack of Windows.
Fix: RFC822 deep counting of a message
Fix: The action for an Exploit was not triggered in some configurations
Fix: Converting message date from UT to local time zone with a day boundary
Fix: Encapsulate and forward to postmaster didn't add the BCC for forwarded-reports
Fix: Zip files in TEMP directory was not deleted after decoding
Fix: Check for PTR honors the white list and authenticated users
Fix: Fixed stripping of "a href" html tags
Fix: Decoding of UUENCODE attachments with invalid digits in front of the filename
New: Blocking of attachments in zip files
New: A password protected zip files is handles as an exploit
New: X-XWall-Excl: header line which shows why the message was excluded
New: SPF (Sender Permitted From see http://spf.pobox.com)
New: Exclude messages that pass SPF (Sender Permitted From)
New: Support for KS_C_5601-1987(Korean) message decoding
New: Added /ARCHIVE to the default switches for F-Prot
New: The header of the original message are added to the DSN/NDR to
aid debugging of the problem
New: Packing of the white list at midnight when XWall is idle
New: XWall prevents sending a non-delivery message to an internal
e-mail address for a inbound message, because the e-mail address is faked
New: Blocking of blank sender and NULL e-mail address;
this blocks all system and non-delivery reports and is not allowed by the RFC
New: XWall discards messages with a text or html size with more then 4MB,
because they may slowdown XWall and Exchange
New: Support for F-PROT 3.x virus scanner (Windows version)
New: If XWall is bound to a specific IP address then it will use that IP address
for outgoing connections too

v3.29 2004-02-05

Chg: Forwarded e-mail address is accepted even when the address is not valid on Exchange
Chg: New DSN error 5.9.8 for Bayes and Heuristic non-delivery reports
Chg: blackholes.easynet.nl is out-of-business and you
should remove it from Options->Spam->Spam
Chg: Global e-mail address exclusion, white list and verify for internal From:
checks the MAIL FROM: address and the From: address of the message
Chg: E-mail Address blocking checks the MAIL FROM: address and
the From: address of the message
Chg: Static route for a specific e-mail domain has now an optional port
Chg: renamed global-addr to global-e-mail, addr to e-mail in mark subject, logfile and statistic
Chg: Calculating the Bayes value is now a lot faster
Fix: Rebuilding white list when separate user list is disabled
(AdrOWL-B.dat was not correctly rebuilt from AdrOWL-A.dat)
Fix: Message date in statistic file when 4 digits are requested
Fix: Encoding of the marked subject
Fix: Not adding Bayes classify address to the white list
Fix: Action for exploit used the action from attachment blocking
Fix: TNEF attachments when message is reassembled without removing TNEF
Fix: Service could not be started when it was installed in a directory with a space
Fix: Test for faked MX didn't correctly detect the first host with domains
with more than one A record
Fix: Plain text body is now created from the HTML in the case of a forwarded DSN message
Fix: Check for responding SLS waits on idle and stops all other threads
Fix: Check that server with a host name of localhost really has an IP of 127.0.0.1
Fix: Parsing of the IP address from an invalid Received: line
Fix: Statistic file may have wrong date around midnight under heavy load
Fix: Statistic file had the wrong virus description
Fix: Blocking a long word with a ? wildcard in a long text
Fix: MBAdmin allows wildcards for attachment blocking
Fix: Encoding of very long quoted printable lines
New: Using a honeypot for mailers that use the AUTH command to probe for valid users
New: Pack white list (AdrOWL-A.dat)
New: MBAdmin shows the logfile in real time in the main window
New: Remove TNEF and/or HTML format for outgoing messages
New: Validating of the directories in Admin can be disabled
New: Blocking of inbound message that use an internal domain as the From: address
New: number sign ("#") is a wildcard for one or more digits
(to block ip addresses in html use http://#.#.#.#/)
New: "Mark Subject and move to Junk-E-Mail folder" for SCL in Exchange 2003
New: Heuristic spam blocking (commonly called as Spam Assassin)
New: Exclude messages sent from a mailing list
New: Exclusion for common addresses
New: Directory for the history files can be changed
New: Option to purge old history files
New: Support of Domain based Spam Lookup Services
New: Option that Bayes ignores common words while gathering
New: User-defined non-delivery reports can be UTF-8 to support foreign characters
New: New: SLS service and attachment type in statistic file
New: When the recipients server points to localhost then a
non-delivery report is immediately sent to the sender

v3.28 2003-10-03

Chg: Workaround for Verisign Sitefinder service which captures all
non-existing .com and .net domains and breaks the verification of non-existing domains
Chg: XWall ignores IP addresses that point to a top level wildcard A record
Chg: The IP address that a SLS/RBL returns must be 127.0.0.x or 127.1.0.x or
else it will be ignored (in some configuration the name server did not work in
the past and now due to Verisign Sitefinder service it now returns an
ip address for every host)
Chg: A repeating e-mail address is added to AdrOWL-A.dat only after 2 days
Chg: By default the automatic white list does no longer exclude for
blocked attachments and exploits
Chg: By default the global exlusion does no longer exclude for
blocked attachments and exploits
Chg: Removed the fix in the DSN for the Exchange 2000/2003 public folder
Chg: A message with a lot of html comments gets a higher Bayes value
Chg: Removed all enhanced tabs from View->Options to make the tabbed dialog less confusing
Chg: Added enhanced checking of system messages to exclude them from the white list
Chg: relays.osirusoft.com is out-of-business and you should remove it from
View->Options->Spam
Fix: Received header lines with a empty host name are now properly decoded
Fix: Local IP range is 172.16.0.0 through 172.31.255.255 and
not 172.16.0.0 through 172.16.255.255
Fix: Empty Bayes database was corrupted after an internal restart
Fix: Rebuild AdrOWL-B.dat from AdrOWL-A.dat when AdrOWL-B.dat does not exist
Fix: Manually adding an address without a timestamp into AdrOWL-A.dat
Fix: IP exclusion for SLS in the header is now checked against every IP address
Fix: A space at the beginning of a host name are no longer removed
Fix: TNEF attachments show up twice when message is reassembled without removing HTML
Fix: HTML to plain text convert added more lines break and spaces to make it better readable
Fix: 100% cpu with a SSL connection on some ISA servers
Fix: Timeout of a non-delivery message when the message had a BCC to an internal address
Fix: Auto disabling inbound SMTP connections because of Exchange connection failure
Fix: Decoding a message with a single carriage return at the beginning of a new line
Fix: Outgoing message that is blocked is now in the spam column of the statistic file
Fix: Unfolding of html code when converting to plain text
New: Support for Windows 2003
New: Optionally process a message independent for each recipient
New: Option to send back the whole message in a DSN, because Notes 6.0
has a problem decoding a message/rfc822 with consist of only a header
New: Option to change the number of worker threads
New: Options to tell XWall which methods should be excluded by the automatic white list
New: Option to add the "mark subject" string on the left side rather
than the right side of the subject
New: Column in the statistic file that shows the reason why a message was excluded
New: Logfile shows the reason why a message was excluded
New: Support for message/rfc822-headers
New: Support for automatic white list in a server farm
New: Exclude messages sent using a TLS/SSL connection
New: Exclude messages sent from authenticated users
New: Feeding Bayes with good messages by sending them to an e-mail address
New: Option to purge old statistic files
New: Manual feeding of Bayes gets twice the emphasis
New: Option to set the DSN RFC or Exchange conforming
New: Option to accept only messages for e-mail addresses that are valid on Exchange
New: IP address and host name added to the statistic file
New: Options to block all messages that are not excluded
New: Options to tell XWall which methods should be excluded by the global exclusion
New: Exclusion from address blocking; allows blocking of a
whole domain and exclude specific e-mail addresses
New: blackholes.easynet.nl as a common SLS in in View->Options->Spam
New: Check SLS every 8 hours to make sure the SLS (Spam Lookup Services)
are responding and return valid data
New: Extra timeout for non-delivery reports (default is 4 hours)
New: Support for MIME type disposition-notification
New: The From: address of the message is checked against the white list
(useful for mailing lists)
New: The logfile shows the From: of the message and the return path
(MAIL FROM:) in the case they are different

v3.27 2003-06-04

Fix: HTML as attachment is now removed from a forwarded DSN message
Fix: Reassemble of application/x-pkcs7-mime
Fix: Parsing of Received: line with fakes hostname
Fix: Inbound pipelining sometimes missed the QUIT command at the end of the SMTP session
Fix: Blocking of an e-mail address with "*something*"
Fix: TNEF attachments show up twice when message is reassembled without removing TNEF
Chg: XWall accepts no MX records coming from a forwarding DNS
Chg: Messages in the history folder are now longer byte stuffed
Chg: Format of Bayes-B.dat and Bayes-G.dat
(automatic conversation from the old to the new format)
Chg: The Spam column of the statistic file shows the type of spam
Chg: Block Text scans the text AND the html part of the message
(html tags are removed before scanning)
Chg: Block HTML scans the raw html part (html tags are not removed)
Chg: Mark subject [adr] to [bcc] , [faked-from] and [addr]
Chg: A message that triggers the Bayes action is goes now into the Bayes bad word list
Chg: orbs.dorkslayers.com is dead and you may want to remove it from
View->Options->Spam
New: Optionally delete invalid header lines that confuse Exchange 2000
New: Support for Content-Encoding: binary
New: Global exclusion based on subject, note text, html text, IP or host
New: MBAdmin does not longer overwrite xwall.ini
when the file was changed manually or through MBServer
New: Common spam phrases for subject, text and HTML blocking
New: Common header lines for spam x-mailer blocking
New: SLS/RBL/MAPS groups (the ip must be listened at each member service)
New: User-defined field delimiter for the CSV file
New: Automatic white list; every outgoing e-mail address is
added to the white list and will bypass the spam filter
New: Bayes column in the statistic file
New: sbl.spamhaus.org as a common SLS in in View->Options->Spam

v3.26 2003-03-28

Fix: crash with blocked header when the message has two "x-mailer" lines
Fix: Bayes Robinson more than 100
Fix: Writing of the Bayes dat file even in lean mode
Fix: Decoding of quoted printable pdf files sent by Exchange 5.5
Fix: HTML is also removed from a forwarded DSN message
Fix: Timing-based attack on SSL/TLS
Fix: When Exchange blocks an address at the SMTP level,
then only a non-delivery report for this address is sent and all others are delivered
Chg: Bayes Robinson spam value from 60 to 70
Chg: The SMTP HELO and the greeting shows the name of the IP address to which XWall is bound to and not the main machine name
Chg: Decoding of a filename which is longer than 256 bytes
Chg: XWall will not longer send to a domain where the MX record point to localhost
Chg: Exploits are now an extra section and do no longer use the action of blocked attachments
Chg: XWall no longer uses an authoritative name server answer
to detect if a domain is not existing
Chg: XWall no longer supports the old file based registration method
New: X-XWall-Spam: header line with a list why the message was spam
New: more actions for SLS and Bayes handling
New: FQDN of XWall can be changed
New: Blocking of files with double extension (filename.exe.txt)
New: Feeding Bayes with spam messages by sending them to an e-mail address
New: Outgoing spam in the statistic file
New: XWall stops messages exceeding the limit as early as possible
New: Block messages with external attachments (message/external-body)
New: Message with the recipients address as From: address is
considered to be a Faked From: address
New: Blocking by IP address or hostname
New: more actions for blocking addresses
New: Wildcards are now allowed in IP addresses, e-mail addresses and host names
New: A string with a * in it can be blocked by
escaping the * with a second * (to block "f*ck", use "f**ck")
New: Blocking of messages that are not originated by the MX of the sending domain
New: Decoding of yEnc, Deflate-8bit and Deflate-Base64
New: Support for 8BITMIME (RFC 1652)
New: XWall removes comments like in "Horn<!19656>y" before scanning the HTML text
New: XWall encodes strings like "2%30%30.1%358.%39.4%32:8080/some.htm"
before scanning the HTML text

v3.25 2003-01-16

Fix: Encoding BIG5 messages a temp file was not deleted
Fix: Option forward to admin without warning with attachment
was also sending to the original recipient
Chg: Speeded up Bayes by app. 65%
Chg: Speeded up outgoing messages under heavy load
New: Different algorithm in Bayes (Robinson or Graham algorithm)
New: Blocking of header lines
New: More actions when blocking BCC and faked From

v3.24 2002-12-04

Fix: Typo in a delivery status notification
Fix: Sometimes the non-delivery report for blocked subject/text/HTML
showed the wrong string
Chg: XWall allows a CNAME as an MX records;
this is prohibited by RFC 1713 and 2181, but a lot of sites use it
Chg: Renamed "message loop" to "suspicious message",
because it's not always a looping message
New: XWall stops accepting messages when the disk has less then 20MB free space
New: /PROGRAM as argument for McAfee scanner
New: Verify FQDN only when the user is not authenticated
New: MRTG and statistic values for the count of blocked and spam messages
New: statistic values for the format of a message (HTML,TNEF,DSN,SIGN,ENCRYPT)
New: Exclusion by IP and e-mail address for SLS, Bayes,
dns verify, remove format and envelope
New: XWall shows now the name of the virus as long as the scanner
is able to give back this information

v3.23 2002-10-16

Fix: Encoding of foreign display name when body text is plain ASCII
Fix: HTML decoding is done before a check for a blocked string in the text
Fix: In a non-delivery report the header and the body text was sent back
rather than only the header
Fix: Contacted the authoritative name server of a domain even
when the local name server provided an authoritative answer
Fix: Decoding of Big5 HTML messages
Fix: Rotation of the logfile at midnight
Chg: ESC value for blocked text and blocked html from 5.7.0 to 5.9.7
New: Block a sending host with an invalid FQDN
(full qualified domain name) in the HELO/EHLO
New: Block a sending host if no reverse lookup of the IP address exist (missing DNS PTR)
New: Block all attachments
New: Check of the name server at startup to make sure it is working
New: Dump Mark Subject data to the logfile
New: More actions when detecting a SLS/RBL/MAPS message
New: More actions when text blocking a message
New: The logfile and the NDR now shows the SLS service and
the IP that blocked the message
New: XWall writes the SLS/RBL/MAPS blocking database and the IP address
of the sending host to the header of the message so that this information
is quickly available in Outlook
New: Block partial attachments (message/partial)
New: Field in the statistic file to indicate spam mail
New: Support for ISO-2022-JP (Japanese Characters)
New: Wildcards can be used for blocking attachments, text, HTML and subject
New: The logfile and the non-delivery-report now shows the line in
which a blocked string was found
New: Logging to screen is disabled when XWall runs as a service
New: Statistical approach with the Bayesian filter to filter out spam messages

v3.22 2002-08-09

Fixed domain validating when a relay host is defined
Fixed adding a disclaimer to a message/report
Fixed a timeout problem with SSL/TLS
Fixed decoding of an Unicode tnef attachment name
Changed the handling of a SSL/TLS connection when the target host has no CN
(common name)
Added a check at startup to make sure the SLS (Spam Lookup Services) are responding
(to prevent timeouts when queries a not working SLS)
Added the option to mark the subject for faked From: addresses
Added the option check the IP of the message header against SLS/MAPS
Added the IP address to the message that will be shown to the
sending server when blocked by MAPS/SLS
Added the option to define the temp path without changing the TEMP environment variable

v3.21 2002-05-30

Fixed html parser for <style> tag
Fixed decoding of utf-7 messages
Fixed a bug when a disclaimer with no blank line at the
beginning was added to a empty note text
Fixed a extra char problem when adding a disclaimer to a html message
Fixed a special html char problem when adding a disclaimer to a html message
Changed the handling of a SSL/TLS connection when the target host
has not CN (common name)
Added support for nested digest messages
Added a statistic file for spam blocking and virus

v3.20 2002-05-03

Fixed blocking of attachments with an extension of .eml
Fixed HELO when ESMTP is disabled
Fixed html remove so that it works better with Exchange 5.x
Fixed deleting of the xxxx.tmp files after a invalid BDAT transfer
Changed the removing of the HTML formatting; making it more human readable
Added the option to mark the subject for BCC messages
Added the option to block e-mail addresses
Added the option to exclude e-mail addresses from blocking
Added the option to reassemble the messages for
protection against badly formatted messages and viruses
Added the option to block files with a dot as the last char (file.vbs.)
Added the option to add a disclaimer to outgoing messages
Added the option to remove the TNEF part of a message
Added a check for an on-access virus scanner at start

v3.19 2002-02-27

Fixed the announcement of authentication in inbound ESMTP
Fixed the multiply host name announcement in ETRN
Fixed html remove with signed messages
Fixed auto detect of dns server when running under a user account
Added diagnostic logging for the virus scanner
Added a more verbose logging when blocking a message
Added support for RFC 2480
Added more verbose logging when blocking an IP address by using SLS
Added support for virus scanning in the EML message format
Added support for blocking files with a CLSID extension
Added support for SSL / TLS encryption

v3.18 2001-11-29

Fixed detection of Aliz virus
Added the option to perform an online check for a new program version
Added the option to notify the postmaster in the case a new program version is available
Added the option to exclude e-mail addresses from html/text/subject blocking
Added the option to exclude IP addresses from SLS/MAPS blocking
Added the option to remove the HTML part of a message

v3.17 2001-10-18

Fixed setting of the expiration time of a message when XWall restarts
Fixed the decoding so that it does not take forever to normalize a message with a very large body text
Changed definition of MAPS, because MAPS is now a pay service
Added user defined Spam Lookup Services
Added support for Sophos Anti-Virus 3.x

v3.16 2001-08-10

Fixed SMTP authentication with servers that announce only AUTH and PLAIN
Fixed a problem decoding the attachments of a multipart/related message
Fixed a bug when an out-of-range SMTP DATA command crashes XWall
Changed the default charset for non-deliver-messages from ISO-8859-1 to UTF-7
Removed support for the ORBS spam list, because the list is no longer working
Combined MAPS RBL, DUL and RSS into one lookup
Added inbound and outbound SMTP authentication
Added inbound SMTP authentication using NTLM
Added an option to relay messages for authenticated users
(allow XWall to act as a relay for POP3 clients)
Added infinite message loop detection
Added the option to manually define spam dns lookup services
Added the option to show real time statistic using MRTG (Multi Router Traffic Grapher)
Added "mark subject" as an action when a message is blocked
Added the option to automatically BCC every message to a specific e-mail address
Added the option to CC every blocked message to a specific e-mail address

v3.15 2001-06-07

Fixed decoding of messages with more than 40000 Content-Type definitions
Fixed console screen buffer handling when running on Windows 2000/2003
Changed that no error is generated when the Exchange does not allow authentication
Added a check for an on-access virus scanner, because the scanner will block XWall from accessing its files
Added additional checking when reading queued messages from disk
Added checking of the senders domain as an optional spam check

v3.14 2001-05-04

Fixed detection of Magistr virus
Changed the parsing of the header of a message to
accept only a blank line with CRLF as end-of-header
Added the option to scan embedded TNEF (WINMAIL.DAT) for viruses

v3.13 2001-04-11

Changed the logfile to use UTF-8 rather than ASCII
Changed the .dat and .ini files to use ANSI and UTF-8 rather than ASCII
Changed the orbs blocking to use the new outputs.orbs.org
Changed the maps blocking to use the new dialups.mail-abuse.org
and blackholes.mail-abuse.org
Changed the blocking of the subject to scan for strings rather than comparing from left to right
Changed the default action for a blocked inbound attachment to "discard"
Fixed the DNS query for the MX record to stop after the first server in the case a domain has no MX
Fixed the DNS query for the MX record to query for an
A record even one of the DSN servers is down
Added support for messages encoded in UTF-7 and UTF-8
Added blocking based on string in the html part of a message
Added support for KOI8-R (Russian) and Big5 (Chinese) message decoding
Added support for code page 1255 (Hebrew) message decoding

v3.12 2001-02-10

Added support for RFC 2554 (SMTP AUTH LOGIN)
Added support for RFC 2595 (SMTP AUTH PLAIN)
Added support for RFC 2195 (SMTP AUTH CRAM-MD5)
Added support for SMTP AUTH NTLM
Changed the default SMTP connection limit to 100 concurrent connections

v3.11 2000-12-21

Fixed virus scanning with the newer versions of F-PROT
Added support for blocking based on ORBS spam list

v3.10 2000-10-27

Fixed handling of yahoo multipart messages where a blank line is missing
Added a switch to allow relaying for client from an internal IP address
Added support for command pipelining (RFC1854)
Added support for message chunking (RFC1830)
Added support for virus scanning of html pages
Fixed relaying for domains with a static route when a smart host was specified

v3.09 2000-09-11

Fixed handling of a message with contains hundreds of sub messages
Added option to also deliver to the original e-mail address after forwarding
Added a workaround for servers that deny the RSET command
Added support for F-PROT 3.x anti-virus scanner
Added support for blocking a normalized subject
Added blocking of a message by message text
Added option to define static routes for specific e-mail domains

v3.08 2000-07-18

Added the option to send a NDR when blocking an inbound attachment or subject
Added the option to check for a blocked subject case sensitive and case insensitive
Added support for CHUNKING (RFC 1830) for better sending to an Exchange 2000
Added authentication for secure sending to an Exchange 2000
Added complete support for RFC 1891 (Delivers Status Notification)
Added signal to send the current logfile to postmaster
Added option to purge old logfiles
Updated option to remove return-receipt for the new Exchange 2000 read receipt

v3.07 2000-05-08

Added blocking of a message by subject to block viruses like "ILOVEYOU"
Added blocking of an outbound message by attachment name
Added From: address to DNS messages

v3.06 2000-04-27

Fixed name server Auto Detect in Win2000

v3.05 2000-02-25

Added support for forwarding to a group of addresses and for recursive forwards
Fixed console screen when running as a interactive service
Added workaround for Win2000 which reports an error when shutting down the service

v3.04 2000-01-08

Fixed forwarding of e-mails with viruses to go to the address postmaster@xxxxxx.xxx

v3.03 1999-12-02

Removed Norton Anti Virus from the supported scanner options,
because it does not return a proper errorlevel in the newest versions
Added support to limit concurrent connections
Added user defined message size limit
Added message compression when sending to another XWall (30 - 80% depending of the attachments in the message)

v3.02 1999-09-27

Fixed quoting in CSV file
Added optional removing of Return-Receipt-To: for inbound and outbound messages
Added dialup, SOCKS, ETRN and relaying
Added address translation to translate e-mail domains,
mailboxes or a complete domain to one single address

v3.01 1998-08-06

Released