Libraesva ESG V4.8.0 Release Notes

Welcome all for Email Security!

On July 20th 2020 our esteemed development team released version 4.8.0 of Libraesva ESG to the world stage, after a beta test period, we are now happy with the performance and stability of the version, and are happy to release it.

We thought it was best here at Libraesva to, for the first time, run through the release notes of this version and talk a little bit about why the new features were added, what they do briefly, their uses, and also some of the improvements.

All of our Libraesva Private Cloud customers will have their machine’s upgraded automatically at a time where the technical team see fits, however if you want to upgrade earlier, or are an on-premise user, visit this link here: https://docs.libraesva.com/download/libraesva-esg-4-7-to-4-8-upgrade/

All features and improvements are included as standard with all versions of Libraesva ESG, unless stated otherwise.

Highlights

New Features

 

  • Mail Intercept: allow recall of messages to unusual recipients

The Mail Intercept feature came about from user’s sending email by accident to the wrong person, or misspelling new email addresses, the system actively monitors your relationship using the Adaptive Trust Engine, and who you’ve sent email to before, the system will spot the inconsistencies and prompt user’s with a “First Time Recipient” style notification, allowing users to recall the message, as can be seen below.

Included with the SMTP Policy Quota option of Libraesva ESG

 

  • Social Graph: Social Interaction graph with other Organisations, based on Domain/User

The social graph came out of the update and upgrade of the Adaptive Trust Engine, our new and improved relationship monitoring system. The Social Graph uses the information caught from inbound and outbound monitoring of email to understand the email users, who they are and who they usually talk to, in the example below, you can see the user “[email protected]” and the graph which shows us quickly, and easily the most common communicated recipients and senders of email. In this case you can see the domains, then for a closer look, simply click on the domain and see the individual users within the organisation that are communicating to our user the most. This feature is available now, for free, for all of our production v4.8 users. You do however require inbound and outbound email to be processed by Libraesva ESG.

 

This is for non-MSP/ISP licenses only.

 

  • Microsoft 365 Authentication: added Support for OAuth2-based authentication

Microsoft/Office 365 Authentication has been something on the Libraesva road-map ever since it was implemented into the Email Archiver back in 2019, since then we have released a full integration with Office 365, including API access into the Users and Valid Recipients data, making rolling out the Libraesva ESG into the cloud, much easier. So now Libraesva are able to offer the full and complete package of Microsoft 365 Integration, with our new OAuth2-based authentication. This opens up Libraesva to being able to work with Azure AD’s multifactor authentication, and custom login screens.

Below is an example video of the user pparker, logging into the ESG with their email address, then automatically being detected as an O365 user, and being forced to authenticate with the Azure AD system.

 

Available now included with Libraesva ESG for Office 365

 

  • Gsuite Native Integration: added support for OAuth2-based authentication and native support for users and valid recipients import

With more and more of Libraesva’s customers adopting GSuite, or Google Apps as it may be known, Libraesva often found that we had been neglecting the GSuite space, this inclusion in 4.8 of the Gsuite Authentication expands our direct integration from Microsoft 365 to GSuite too, We can now import User and Valid Recipient data into the platform using the google APIs, we can also now use OAuth-2 based authentication similar to the above point, to detect a user is a GSuite account, and forward them off to Google for authentication, you can see a video example below of that process.

 

 

 

  • Enabled ports 465 (SMTPS) and 587 (Submission)

Allows the ESG machine to accept email on port 465 and 587 automatically, as before it was just port 25 (SMTP), this came about from needing to add more ways to get email into the appliance, some services and systems can already be populating the port 25 space, so adding more available ports was seen as a key benefit that Libraesva needed to add.

 

  • SMTP Auth Relay support LDAP Authentication

SMTP Auth Relay allows configuration of credentials for authenticated SMTP sessions, which will be relayed by Libraesva ESG. Libraesva ESG allows relay from any SMTP authenticated client, this addition now allows the authentication to be backed up and handled by an LDAP Service.

 

  • Variable %public-url% now available for reports and notifications

Allows Admins to specify the public URL of the ESG machine within the Logo & Messages section using a variable, within the Libraesva Console. You might want to send notifications out to your users which show them the public url of the appliance, in order to assist user adoption and get users accessing the web portal.

 

  • URL Blacklist Checks

URLs that are present in email, will now be checked against the Libraesva URL Blacklist, populated by data from many sources, including our proprietary URLSand Sandboxing service, which earlier in 2019 gained the attention of Palo Alto, you can read more about that here: https://www.libraesva.com/libraesva-and-palo-alto-networks/

 

  • Message Details: add link to original message for released ones

When messages are released from Libraesva ESG, they can create an email in the dashboard and the reports screen, usually marked with the trigger (OFF) as can be seen here

So when you are in this message, looking to understand why the message has been released, who did it and possible more technical information about that message, there is now a link in the technical details section, seen below.

This will link you directly to the original message before it was released, so you can fully analyse the message and its contents, making administrative life a little easier.

Improvements

Email Continuity Improvements

  • Outgoing email sent during email continuity will BCC the from address selected when sending the email for tracking and compliance purposes.
  • Download Email Button added, used to retrieve email sent directly to and from the Libraesva ESG console.

Dashboard Resource Usage Improvements

  • Load Avg gauge in Dashboard now show the last 5 minutes of value, because when the machine would undertake a high load of email processing, the machine would very quickly show high usage, which can be worrying, but its just a temporary increase, now we show the average load of the past 5 minutes, to show you a more realistic usage.

Reports and Quarantine Search Improvements

  • Message Details – Now shows information about Scan Time for each message in seconds
  • Message Reports – Can now be customised per domain and with a full HTML editor
  • Search – Export will include also the Sender IP
  • Quarantine – You can now search separately for Spam & High Spam Block Reasons

Other Minor Improvements

  • Whaling Description Change
  • Add Outlook Mail Messages to supported File Types in the Attachment Filters
  • Threat Remediation configuration for Zimbra now support non-default ports
  • Replaced AWL with the new TxRep plugin – This improvement is more significant than we might let on, the previous “AWL” stood for Automatic Whitelisting, which was an action performed by the machine when certain actions were performed, now this has been replaced with the TxRep, which adds and removes score dynamically based on historical email data for the recipient, sender and IP address. TxRep is the new version of AWL, with more features such as Automatic Learning when Bayesian Engines are triggered and has different weightings based on the action, watch this space.
  • LDAP Configuration: add new Type for Zimbra
  • License Count: correctly handle of sub-addressing addresses

Security Changes

  • Hostname changes will automatically execute reboot
  • New Hardware requirements for System Resources sizes
  • System Resources size will take effect also to the old ATP Profile

Bug Fixes/QOL Changes

  • Add missing SMTP Reject to Summary report
  • Decode MIME for Subject in Mail Queues
  • Add Audit Log for System Resources changes
  • Automatic cleanup of unused Let’s Encrypt certificates
  • Urlsand rewrite in Email Continuity now ignore A tag without href
  • Adaptive Trust Engine: revoke trust on recall, mark as spam and blacklist
  • Fix wrong warning on disk space detection before Backup
  • DNS Query for private class addresses will not be resolved on internet anymore
  • Domain text import wil execute automatically the Relay table rebuild
  • Trusted Network: fix wrong propagation of changes on Apply Settings button
  • Trusted Network: add check for duplicated networks before add/edit
  • Email Continuity: fix cid association of inline image
  • LDAP Authentication: fix bug on LDAP DN
  • Office365 Import: username will be assigned as alias, if is a valid email address