0 GA
Release Notes
FortiMail v5.0.0 GA Release Notes February 26, 2013 Copyright 2013 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, and FortiGuard are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance metrics contained herein were attained in internal lab tests under ideal conditions, and performance may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to the performance metrics herein. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet s internal lab tests. Fortinet disclaims in full any guarantees. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.
Technical Documentation Knowledge Base Customer Service & Support Training Services FortiGuard Document Feedback
Table of Contents
Introduction ...................................................................................................... 4
Supported Platforms ........................................................................................... 4
Introduction
This document provides a summary of new features, support information, upgrade/downgrade instructions, and resolved issues in FortiMail v5.0.0 GA release build 0107.
Supported Platforms
FortiMail v5.0.0 GA release supports the following platforms: FortiMail-100C FortiMail-200D FortiMail-400B FortiMail-400C FortiMail-2000A FortiMail-2000B FortiMail-3000C FortiMail-3000D FortiMail-4000A FortiMail-5001A FortiMail-5002B FortiMail-VM
New Features
The following list highlights some new features and enhancements in FortiMaIl v5.0.0 GA release.
Hardware
A new 3000D platform is supported in this release.
Antispam
Extended URL blocking by category
Extended FortiGuard URL filtering service to block URLs by categories, such as child abuse, adult content, malware distribution and so on. This option is under Profile > AntiSpam > URI Filter on the GUI.
Antivirus
Zip bomb protection
Zip bomb, or decompression bomb, is a malicious archive file designed to crash the system or program reading it. This option is added under Profile > AntiVirus on the GUI.
Grayware scan
Improved antivirus granularity with added options to scan for grayware (such as adware, spyware, trackware, and other malicious software) when enabling antivirus scanning under Profile > Antivirus > Antivirus.
Content scan
Limit on number of email attachments
Ability to limit the number of attachments allowed per email under Profile > Content > Other Setting on the GUI.
MTA
Improved MTA controls, such as address rewriting, mail routing, access control, DSN, and remote logging can now be configured in session profiles and applied to IP-based policies.
Server mode
Calendar server and address book enhancement in server mode
Calendar clients, such as Microsoft Outlook and Thunderbird Lightning, can now connect to FortiMail and share calendars. Mail clients can connect to FortiMail to retrieve the address book through LDAP.
System
Scheduled configuration backup
Configuration can be backed up to a remote FTP/SFTP server on a scheduled basis.
Special Notices
TFTP firmware install
Using TFTP via the serial console to install firmware during system boot time will erase all current FortiMail configurations and replace them with factory default settings.
Upgrade path
For any older v3.0 release
Any v3.0 release older than v3.0 MR5 Patch 4 v3.0 MR5 Patch 4 (Build 531) v4.0 GA Patch 5 (Build 146) V5.0 GA (Build 107)
After every upgrade, verify that the build number and branch point match the image that was loaded. To do this, go to Monitor > System Status > Status.
Firmware downgrade
Downgrading from v5.0 GA to v4.0 releases
Downgrading from v5.0 GA to any v4.0 release is not fully supported. If you have to downgrade, follow these steps: 1. Back up the v5.0 configuration. 2. Install the older v4.0 image.
3. In the CLI, enter execute factoryreset to reset the FortiMail unit to factory defaults. 4. Configure the device IP address and other network settings. 5. Reload the v5.0 backup configuration if needed.
10
Resolved Issues
This section lists the resolved issues in this release, but is not a complete list. For inquires about a particular bug, please contact Fortinet Technical Support.
Antispam
Table 1: Resolved antispam issues Bug ID 196294 Description Email with digital signature is detected as having an application/octetstream attachment. URI of International Domain Name (IDN) should be handled correctly.
169329
MTA
Table 2: Resolved MTA issues Bug ID 170898 191557 191970 Description Spam reports should be sent to LDAP group owners, not the individuals. SMTP session limit does not apply to the proxy in transparent mode. Headers of original email should not be inserted in IBE pull notification and push email. Mailfilterd was not able to handle email address with single quotes during address mapping lookup.
197777
Webmail
Table 3: Resolved webmail issues Bug ID 195985 Description Webmail users should not be allowed to change the From field when composing email.
Management GUI
Table 4: Resolved GUI issues Bug ID 192680
Fortinet Technologies Inc.
Description Under System > High Availability > Configuration, the On failure action
11 FortiMail v5.0.0 GA Release Notes
cannot be changed. 192002 No more than 23 IP addresses can be created in an IP group under Profile > Group > IP Group. Domain level disclaimers in incoming and outgoing message headers should not allow spaces. In server mode webmail, disk usage information (percentage) does not update without re-login after some email are deleted.
176388
167710
System
Table 5: Resolved system issues Bug ID 191439 183355 Description More granular control for administrator access is required. Mailfilterd sub-process may get stuck and consume too much CPU resource, thus defer SMTP connections. IBE database HA synchronization stops working periodically and does not recover. Under System > High Availability > Configuration, changes to the On failure action take no effect. Haysyncd process may exit unexpectedly on the HA slave unit. TLS profiles are not checked properly in access control delivery policies. In transparent mode, email with auth NTLM is altered by the FortiMail proxy. In transparent mode, the SMTP proxy may retrieve incorrect session profile configurations. DNS cache is not cleaned after DNS server changes. Mailfilterd may crash at image scan.
193918
192680
195051
195489 196330
114253
175896
Deleting a report folder and individual reports in the folder at the same time may cause an error message.
13
Image Checksums
The MD5 checksums for all Fortinet software and firmware releases are available at the Fortinet Customer Service and Support website (https://support.fortinet.com). 1. Log on to the web site. 2. Click Firmware Image Checksums in the Download section. 3. For File Name, enter the firmware image file name, including the extension. 4. Click Get Checksum Code.
14
15