v5.2.1

Changelog

• Corrected PHP 8.x compatibility bug in mb-filter reading geolocations for IP addresses with no location information on Ubuntu 22.04.
• Corrected PHP 8.x compatibility bug in the SPF library expander on Ubuntu 22.04.
• Added postfix smtpd_relay_before_recipient_restrictions options to default configuration to suppress Postfix info messages on Ubuntu 22.04.
• Corrected PHP 8.x compatibility bug in mb-summary that prevented summary emails being sent on Ubuntu 22.04.

How to Upgrade

Run the following commands as the root user:

apt-get update
apt-get dist-upgrade

Ubuntu 22.04 LTS

The end of (free) support for Ubuntu 22.04 is in April 2027.

Ubuntu 20.04 LTS

The end of (free) support for Ubuntu 20.04 is in April 2025.

Ubuntu 18.04 LTS

Support for Ubuntu 18.04 ended in April 2023. If you have not upgraded to Ubuntu 20.04, we suggest that you do so. However, we do recommend that you contact Mailborder support prior to doing the upgrade. It is not straight forward and requires manually correcting the PHP FPM module.

v5.2.0

Changelog

• Ubuntu 22.04 LTS is now supported.
• Added Spamassassin KAM ruleset. This ruleset is large and not enabled by default. It can be enabled and disabled using the mb-sa-kam command on each Mailborder server.
• Added option to create missing swap file on new installations.
• Reorganized opendkim and opendmarc structures for future GUI release.
• Improved Vita logging service wait throttle handling.
• Added version control to dovecot.
• Added opendmarc ignored hosts file.
• Disabled helo_checks by default in SPF checks for new installs. Old installations will still be enabled.
• Disabled verify_sender by default in SPF checks for new installs. Old installations will still be enabled.
• Updated DTRX with latest version.
• Changed time limit measurement from ctype_digit to ctype_numeric in mb-filter.
• Fixed Office 365 duplicate attachments getting random file extensions resulting in quarantined items.
• Changed how mb-milter checks sender addresses for RFC compliance to allow for bounce tracking email addresses.
• Updated mb-spamc to include more example uses in help menu.
• Updated mb-spf-eval to filter user constraints.
• Updated CLI library to reflect --multiscan parameter in ClamAV.
• Reduced stream socket timeout from 30 to 5 seconds for connections to 127.0.0.1 when injecting emails back into the SMTP process after filtering before requeuing delivery attempts.
• Reduced streeam socket attempts from 12 to 2 for connections to 127.0.0.1 when injecting emails back into the SMTP process after filtering before requeuing delivery attempts.
• Typo correction in CLI library.
• Restructured active process checks in daemon library for Mailborder service.
• Changed jail cleanup from 30 days to 5 days in daemon library for Mailborder service.
• Changed corrupt cleanup from 30 days to 5 days in daemon library for Mailborder service.
• Revamped the entire send process for messages in daemon library increasing processing speeds.
• Updated GeoIP library.
• Updated PHP ixed loaders.
• Removed Firefox ban from GUI loads.
• Corrected Thai language file.
• Updated QR code generator for 2FA.
• Updated Postfix master.cf to include override options when injected back into the SMTP system.
• Added smtp_milter to Postfix master.cf for DKIM signing when injected back into the SMTP system.
• Updated rsyslog to ignore more repetitive Mailborder syslog entries.
• Modified date formatting in ado/process for the Master GUI.
• Disabled autocomplete in some GUI fields.
• Added DKIM table to database for future GUI integration.
• Added automatic rebuild task if configuration is older than 2 hours.
• Corrected some depricated PHP items.

How to Upgrade

Run the following commands as the root user:

apt-get update
apt-get dist-upgrade

Ubuntu 22.04 LTS

The end of (free) support for Ubuntu 22.04 is in April 2027.

Ubuntu 20.04 LTS

The end of (free) support for Ubuntu 20.04 is in April 2025.

Ubuntu 18.04 LTS

Support for Ubuntu 18.04 ended in April 2023. If you have not upgraded to Ubuntu 20.04, we suggest that you do so. However, we do recommend that you contact Mailborder support prior to doing the upgrade. It is not straight forward and requires manually correcting the PHP FPM module.

v5.1.9

Changelog

• Added the option to disable or enable spam and virus checks within Process Policies.
• Updated the logic within the filter to skip spam checks for whitelisted and blacklisted email.
• Fixed minor bug for adding new Networks under Ubuntu 20.04.
• Updated control packages to include Imagick.

How to Upgrade

Run the following commands as the root user:

apt-get update
apt-get dist-upgrade

Ubuntu 20.04 LTS

This upgrade is supported, but is not required. You may continue to run Ubuntu 18.04 LTS.

This upgrade can easily take an hour on a fast connection. Plan accordingly.

To upgrade from Ubuntu 18.04 to 20.04:

• First, upgrade to the latest version of Mailborder as shown above.
• Take a snapshot or full backup of some kind.
• Edit /etc/apt/sources.list and change the bionic reference to focal for the Mailborder repository. (deb.mailborder.com) Do this after upgrading to the latest version of Mailborder and before running the next step.
• Run as root: do-release-upgrade --allow-third-party
• If you need or want help, contact Mailborder support.

v5.1.8

Changelog

Added the option to enable two-factor authentication (2FA) for both Master administrator accounts and Portal user accounts.

Administrators

• 2FA can be used with any compatible authenticator such as Google Authenticator or Authy.
• To enable 2FA for your own admin account: [ master GUI > top menu > user icon > preferences ]
• If required, 2FA can be disabled for administrative accounts from the command line using the mb-reset command.
• 2FA can be disabled for other administrator accounts: [ master GUI > top menu > cluster > administrators ]

Portal Users

• Portal users can enable 2FA for their own accounts: [ portal GUI > top menu > user icon > preferences ]
• 2FA can be required for all Portal users: [ master GUI > top menu > portal > global settings ]
• If 2FA is required for all Portal users, new and existing users will automatically be prompted to setup 2FA at the next user login.
• 2FA cannot be setup by an administrator during account creation, but the administrator can view the Portal user's authenticator token in the Master GUI when editing the Portal user's account. (After the Portal user has setup 2FA for the first time.)
• 2FA can be disabled for Portal user accounts: [ master GUI > top menu > portal > portal users ] but will have no impact if 2FA is required under the Portal global settings.

Google reCaptcha

• The reCaptcha will still work and can be used with 2FA enabled.

How to Upgrade

Run the following commands as the root user:

apt-get update
apt-get dist-upgrade

Ubuntu 20.04 LTS

This upgrade is supported, but is not required. You may continue to run Ubuntu 18.04 LTS.

This upgrade can easily take an hour on a fast connection. Plan accordingly.

To upgrade from Ubuntu 18.04 to 20.04:

• First, upgrade to the latest version of Mailborder as shown above.
• Take a snapshot or full backup of some kind.
• Edit /etc/apt/sources.list and change the bionic reference to focal for the Mailborder repository. (deb.mailborder.com) Do this after upgrading to the latest version of Mailborder and before running the next step.
• Run as root: do-release-upgrade --allow-third-party
• If you need or want help, contact Mailborder support.

v5.1.7

Changelog

• Bug fix: corrected Postfix whiteliting mechanism during rebuilds.
• Moved executable dtrx to mb-dtrx

Upgrade Notes

This update may require a special switch as fail2ban was added as an additional package. To upgrade:

apt-get update
apt-get --with-new-pkgs upgrade

Optional Updates

If you wish to manually update your Nginx TLS support to the new model, edit the Mailborder files in /etc/nginx/site-available and change the ssl_protocols parameter to this: ssl_protocols TLSv1.2 TLSv1.3;

Ubuntu 20.04 LTS

This upgrade is supported, but is not required. You may continue to run Ubuntu 18.04 LTS.

This upgrade can easily take an hour on a fast connection. Plan accordingly.

To upgrade from Ubuntu 18.04 to 20.04:

• First, upgrade to the latest version of Mailborder as shown above.
• Take a snapshot or full backup of some kind.
• Edit /etc/apt/sources.list and change the bionic reference to focal for the Mailborder repository. (deb.mailborder.com) Do this after upgrading to the latest version of Mailborder and before running the next step.
• Run as root: do-release-upgrade --allow-third-party
• If you need or want help, contact Mailborder support.

v5.1.6

Changelog

• Added the option to verify sender address syntax during SPF checks. There is also a whitelist for certain domains that regularly violate RFC 5321.
• Moved RBL evaluation from the standard Postfix method to a policy service. This allows logging RBL rejections to the to the database.
• Updated mb-read to read "mailborder_version" strings behind comment (#) lines.
• Updated rejection text in SPF from RFC 3696 to RFC 5321.
• Updated SPF domain whitelists to properly trim whitespace from a list of domains.
• Updated build process to convert generated configuration files to Unix removing the BOM.
• Updated mb-os-check to check for /var/lib/mailborder
• Updated mb-os-check to check for more file, directories, and permissions
• Reorganized mb-rebuild structure and build order to make more effective use of Postfix hash, pcre, and regex.
• Updated all Nginx configurations to remove TLSV1 from new installations and add TLSV1.3 support to new installations.
• /etc/mailborder/conf.d/rbls.conf has been moved to /etc/mailborder/conf.d/rbl.cf with more options. Enter any custom RBLs on the custom_rbl_list line. The old /etc/mailborder/conf.d/rbls.cf is safe to delete.
• Added fail2ban to package requirements and added an SASL monitor to automatically ban remote hosts probing SASL with random logins.
• Corrected an index name on the log_spf_reason database table.

Upgrade Notes

This update may require a special switch as fail2ban was added as an additional package. To upgrade:

apt-get update
apt-get --with-new-pkgs upgrade

Optional Updates

If you wish to manually update your Nginx TLS support to the new model, edit the Mailborder files in /etc/nginx/site-available and change the ssl_protocols parameter to this: ssl_protocols TLSv1.2 TLSv1.3;

Ubuntu 20.04 LTS

This upgrade is supported, but is not required. You may continue to run Ubuntu 18.04 LTS.

This upgrade can easily take an hour on a fast connection. Plan accordingly.

To upgrade from Ubuntu 18.04 to 20.04:

• First, upgrade to the latest version of Mailborder as shown above.
• Take a snapshot or full backup of some kind.
• Edit /etc/apt/sources.list and change the bionic reference to focal for the Mailborder repository. (deb.mailborder.com) Do this after upgrading to the latest version of Mailborder and before running the next step.
• Run as root: do-release-upgrade --allow-third-party
• If you need or want help, contact Mailborder support.

v5.1.5

Updates

• Mailborder now logs SPF rejections to the database. The menu item is located in [ system > SPF reject log ]. You can use this information to whitelist certain IP addresses or domains from SPF checks. However, this should only be done on a short term basis until the remote domain's SPF record is corrected. The configuration file with the SPF settings is here: /etc/mailborder/spf.cf but put your edits in /etc/mailborder/conf.d/spf.cf
• Added Spanish (Spain) language.
• Fixed minor bug in Nginx for new installations.
• Added bi-directional flows for both inbound and outbound email for Portal users and groups.

Ubuntu 20.04 LTS

This upgrade is supported, but is not required. You may continue to run Ubuntu 18.04 LTS.

This upgrade can easily take an hour on a fast connection. Plan accordingly.

To upgrade from Ubuntu 18.04 to 20.04:

• First, upgrade to the latest version of Mailborder as shown above.
• Take a snapshot or full backup of some kind.
• Edit /etc/apt/sources.list and change the bionic reference to focal for the Mailborder repository. (deb.mailborder.com) Do this after upgrading to the latest version of Mailborder and before running the next step.
• Run as root: do-release-upgrade --allow-third-party
• If you need or want help, contact Mailborder support.

v5.1.4

Service Changes

• Mailborder now uses its own native SPF evaluation engine. The new engine does a better job at evaluating newer SPF records with wildcard formats. It is set to sane values out of the box. The configuration file with the settings is here: /etc/mailborder/spf.cf but put your edits in /etc/mailborder/conf.d/spf.cf
• You can now add custom Postfix smtpd_milters by editing the file /etc/mailborder/conf.d/postfix.cf and adding them to the appropriate line. Your custom milters will be added after the Mailborder DKIM and DMARC evaluation during configuration rebuilds.
• An automatic ClamAV fix was added. As many people found out, there is a change between Ubuntu 16 and 18 with systemd which would cause ClamAV to fail and email would stop being processed. This automatic fix checks for the right settings and autocorrects them. A server suffering from this will need to be rebooted for the changes to take effect. This check will automatically run every time Mailborder is upgraded. It can be manually executed with the command: mb-os-check -r as the root user or with sudo.

Ubuntu 20.04 LTS

This upgrade can easily take an hour on a fast connection. Plan accordingly.

To upgrade from Ubuntu 18.04 to 20.04:

• First, upgrade to the latest version of Mailborder as shown above.
• Take a snapshot or full backup of some kind.
• Edit /etc/apt/sources.list and change the bionic reference to focal for the Mailborder repository. (deb.mailborder.com) Do this after upgrading to the latest version of Mailborder and before running the next step.
• Run as root: do-release-upgrade --allow-third-party
• Select the default option to keep everything except /etc/apparmor.d/usr.sbin.clamd which needs to be replaced with the new version.
• If you need or want help, contact Mailborder support.

v5.1.3

Bug Fixes

• Core API session checks corrected to eliminate false warnings
• Removed DNSRBL as it is now defunct
• Removed Abuseat RBL as their format no longer works with Mailborder's MTA
• Updated CPU reporting graphs to adjust load based on the number of system processors

Updates and Features

• Updated the Mailborder filter to identify pattern matches made in the Scan Report
• DrWeb AV handler updated to handle scanner errors
• Postfix master.cf updated to lift processing limits for milter on 127.0.0.1 (elimination of self-throttling)
• Enabled Spamassassin spoof checks to check senders with obfuscated from addresses
• Enabled Spamassassin Phishing checks with data from Phishtank and OpenPhish
• Moved Spamassassin from GUI to /etc/mailborder/conf.d/spamassassin.cf
• Added Spamassassin Razor directory and updated to use local servers
• Modified Spamassassin config to use the caching DNS server on the local server
• Revised and reordered MTA settings in GUI
• Removed default spam score from MTA settings as it was confusing and not used
• Moved Postfix max queue time from GUI to /etc/mailborder/conf.d/postfix.cf
• Updated Postfix SPF evaluation mechanism
• Moved SPF configuration file to /etc/mailborder/spf.cf

Performance Notes

Some major performance enhancements are included with this update in regard to scanning speed with this release. DNS checks slow scanning speed on Mailborder servers. Mailborder server configurations have been updated to find and use Razor and Pyzor DNS services that are closer in geographical location and faster in replies. This typically results in spam scanning that is 4 to 8 times faster than the previous model for Mailborder customers outside of the United States. This also improves spam scanning speed for customers within the United States that is 2 to 4 times faster.

Spamassassin has also been modified to use the local caching DNS server at 127.0.0.1 that runs on all Mailborder servers regardless of the server's network configuration. This will also provide moderate to extreme scanning speed increases depending on each server's network and location.

How to Upgrade

To update your Mailborder server(s), run the following commands with root privileges from the command line:

• apt-get update
• apt-get dist-upgrade

Ubuntu 20.04 LTS

This upgrade can easily take an hour on a fast connection. Plan accordingly.

To upgrade from Ubuntu 18.04 to 20.04:

• First, upgrade to Mailborder 5.1.2 as shown above.
• Take a snapshot or full backup of some kind.
• Edit /etc/apt/sources.list and change the bionic reference to focal for the Mailborder repository. (deb.mailborder.com) Do this after upgrading to 5.1.2 and before running the next step.
• Run as root: do-release-upgrade --allow-third-party
• Select the default option to keep everything except /etc/apparmor.d/usr.sbin.clamd which needs to be replaced with the new version.
• If you need or want help, contact Mailborder support.

v5.1.2

Bug Fixes

• Fixed potential records count bug in database if similarly named table existed in another database.
• Fully updated mb-os-checks during installation and upgrades.
• Corrected some local timezone issues on the GUI dashboard.
• Fixed portal quarantine report table dates to match portal user timezone correctly.

Updates and Features

• Updated ClamAV frequency checks to 24.
• General code cleanup.
• Logrotate updated.
• mb-filter updated.
• GUI fonts updated.

To update your server(s), run the following commands with root privileges from the command line:

• apt-get update
• apt-get dist-upgrade

Ubuntu 20.04 LTS

This upgrade can easily take an hour on a fast connection. Plan accordingly.

To upgrade from Ubuntu 18.04 to 20.04:

• First, upgrade to Mailborder 5.1.2 as shown above.
• Take a snapshot or full backup of some kind.
• Edit /etc/apt/sources.list and change the bionic reference to focal for the Mailborder repository. (deb.mailborder.com) Do this after upgrading to 5.1.2 and before running the next step.
• Run as root: do-release-upgrade --allow-third-party
• Select the default option to keep everythingexcept /etc/apparmor.d/usr.sbin.clamd which needs to be replaced with the new version.
• If you need or want help, contact Mailborder support.