Softpedia >Windows >Internet >Servers >E-mail Servers >hMailServer >  Changelog

hMailServer Changelog

What's new in hMailServer 5.6.9 Build 2607 Beta

Mar 12, 2023
  • Issue 453: Incorrectly formatted SPF record can lead to crash
  • Issue 454: Upgraded to OpenSSL 1.1.1q

New in hMailServer 5.6.9 Build 2602 Beta (Jul 22, 2022)

  • Issue 434: Upgraded to OpenSSL 1.1.1q

New in hMailServer 5.6.9 Build 2587 (Mar 16, 2022)

  • Issue 425: Upgrade to OpenSSL 1.1.1n

New in hMailServer 5.6.8 Build 2574 (Jan 15, 2022)

  • Issue 389: Upgrade to OpenSSL 1.1.1l

New in hMailServer 5.6.8 Build 2538 Beta (Mar 29, 2021)

  • Issue 352:
  • Upgrade to OpenSSL 1.1.1k

New in hMailServer 5.6.8 Build 2534 Beta (Dec 31, 2020)

  • Issue 352: Upgrade to OpenSSL 1.1.1i.

New in hMailServer 5.6.8 Build 2501 Beta (Apr 24, 2020)

  • Issue 327: Upgrade to OpenSSL 1.1.1g

New in hMailServer 5.6.8 Build 2494 Beta (Nov 3, 2019)

  • Upgrade to OpenSSL 1.1.1d

New in hMailServer 5.6.8 Build 2451 Beta (Aug 26, 2019)

  • Issue 271: Support for TLS 1.3 added
  • Issue 271: Support for SSL 3.0 removed
  • Issue 271: Upgrade to OpenSSL 1.1.1c

New in hMailServer 5.6.8 Build 2444 (Aug 1, 2019)

  • Issue 289: Upgrade to OpenSSL 1.0.2s

New in hMailServer 5.6.8 Build 2431 (Mar 28, 2018)

  • Issue 255: Upgrade to OpenSSL 1.0.1o

New in hMailServer 5.6.7 Build 2425 Beta (Dec 15, 2017)

  • Issue 243: OpenSSL upgraded to 1.0.2n.

New in hMailServer 5.6.7 Build 2420 Beta (Nov 12, 2017)

  • Issue 240: Upgraded to OpenSSL 1.0.2m.

New in hMailServer 5.6.7 Build 2415 Beta (Jul 10, 2017)

  • Issue 225: Fixes an issue where TLS would not be used if the sending server did not use the proper syntax for the STARTTLS command.

New in hMailServer 5.6.7 Build 2407 Beta (Feb 20, 2017)

  • Various security-related improvements have been made to hMailServer WebAdmin, primarily to reduce the risk of attacks using XSS and CSRF.
  • OpenSSL has been upgraded to 1.0.2k

New in hMailServer 5.6.7 Build 2405 Beta (Jan 6, 2017)

  • Issue 208: If the cipher list contains unsupported ciphers, hMailServer will now report an error but continue running. This change will prevent hMailServer from stop working after an upgrade (which previously happened if the cipher list contained ciphers supported in the old but not in the new version)

New in hMailServer 5.6.7 Build 2399 Beta (Jan 5, 2017)

  • OpenSSL upgraded from 1.0.1u to 1.0.2j. OpenSSL 1.0.1* is no longer supported by the OpenSSL team (starting 2017-0-01). This update does not contain any security fixes, but is made to make sure hMailServer is using a supported version of OpenSSL.

New in hMailServer 5.6.6 Build 2383 (Jan 5, 2017)

  • OpenSSL upgraded to 1.0.1u.

New in hMailServer 5.6.5 Build 2367 Beta (Jun 8, 2016)

  • Issue 173: Improved address syntax validation.

New in hMailServer 5.6.5 Build 2360 Beta (May 4, 2016)

  • OpenSSL has been upgraded to 1.0.1t.
  • Deleting an account with an empty account address deletes the data directory.
  • Issue 127: hMailServer should be able to accept email from and deliver email to quoted mailboxes containing spaces.
  • Issue 166: When hMailServer is running, it should accept to OS-shutdown requests from Windows (this should reduce the number of errors logged when a server running hMailServer reboots).

New in hMailServer 5.6.5 Build 2339 Beta (Apr 25, 2016)

  • When installing the client tools for hMailServer, now all necessary dependencies are installed as well.
  • The installation program is now rendered properly on high-DPI screens. Previously, some texts were truncated.
  • Issue 149: When searching for messages using IMAP and a "Not Deleted" criteria, sometimes incorrect email messages were returned in the response.

New in hMailServer 5.6.5 Build 2329 Beta (Mar 21, 2016)

  • Custom script files are no longer uininstalled when uninstalling hMailServer.
  • The error message when trying to create two IP ranges with the same name has been improved.
  • A confirmation dialog has been added when deleting or emptying an IMAP folder in hMailServer Administrator.
  • OpenSSL has been upgraded to 1.0.1s.
  • The hMailServer service is now registered in Windows with a quoted path, to prevent the service from being vulnerable to "Unquoted service path". Unquoted service paths would allow a user with access to the server where hMailServer runs, but with less privileges than hMailServer, to gain the privileges of hMailServer by creating a new executable and placing it in C:\Program\Files\hMailServer\hMailserver.exe.
  • OpenSSL upgraded to 1.0.1q

New in hMailServer 5.6.5 Build 2293 Beta (Dec 4, 2015)

  • OpenSSL upgraded to 1.0.1q

New in hMailServer 5.6.4 Build 2283 (Aug 8, 2015)

  • OpenSSL upgraded from 1.0.1o to 1.0.1p to solve a security issue related to certificate validation: http://openssl.org/news/secadv_20150709.txt

New in hMailServer 5.6.4 Build 2271 Beta (Jun 22, 2015)

  • OpenSSL has been upgraded from 1.0.1m to 1.0.1o.
  • Sometimes when stopping the server, an error regarding "abandoned wait" was reported.
  • If the log file was locked by an external processed, a crash dump file was created.
  • Issue 99: If a TCP disconnect occurs during TLS handshake, the connection is not immediately released

New in hMailServer 5.6.3 Build 2249 Beta (Apr 4, 2015)

  • The new ini file setting DisableAUTHList allows you to specify a comma-separated list of SMTP ports which authentication should not be enabled for. This is useful when working with legacy systems with malfunctioning SMTP support.
  • Issue 94: When upgrading hMailServer, the list of languages in hMailServer.ini is no longer over-written.
  • Issue 97: When TLS is used, elliptic crypto should be available.

New in hMailServer 5.6.2 Build 2234 Beta (Mar 23, 2015)

  • OpenSSL upgraded from 1.0.1l to 1.0.1m

New in hMailServer 5.6.2 Build 2223 Beta (Mar 13, 2015)

  • OpenSSL upgraded from 1.0.1k to 1.0.1l.
  • Issue 86: Server did not restart after the delivery queue was manually cleared.

New in hMailServer 5.6.1 Build 2208 Beta (Jan 26, 2015)

  • Issue 77: Domain administrators should not be able to change server administrator password (security)

New in hMailServer 5.6.1 Build 2205 Beta (Jan 9, 2015)

  • OpenSSL upgraded to 1.0.1k

New in hMailServer 5.6 Build 2145 Beta (Nov 13, 2014)

  • Sometimes an error was logged when hMailServer received a message over SMTP (issue has not existed prior to 5.6)
  • The number of current TCP connections were not always counted properly (normally 2-3 extra connections were shown), leading to incorrect info on Status page. Issue occurred when you had multiple ports set up for same protocol.

New in hMailServer 5.6 Build 2136 Beta (Oct 30, 2014)

  • Issue 50: Forwarding of message should update From-address to forwarding account address.

New in hMailServer 5.6 Build 2132 Beta (Oct 18, 2014)

  • The "Received"-headers in email message now contains SSL/TLS cipher details
  • Created a default SSL/TLS cipher list, disabling old broken ciphers. Follows Mozillas recommendations.
  • Added TCP/IP port 587 as new port for SMTP (affects new installations only)
  • Reverse DNS lookup now works for IPv6
  • Added support for DH ciphers for TLS. Enables Perfect Forward Secrecy.
  • Added setting to disable SSLv3, TLSv1.0, TLSv1.1 and TLSv.2
  • Added setting to disable certificate verification.
  • Renamed Security node in UI to SSL/TLS

New in hMailServer 5.5.2 Build 2129 (Oct 16, 2014)

  • Upgraded to OpenSSL 1.0.1j

New in hMailServer 5.5.1 Build 2107 Beta (Oct 4, 2014)

  • IOCP: Server would sometimes stop responding when clients disconnected incorrectly.

New in hMailServer 5.5.1 Build 2103 Beta (Oct 3, 2014)

  • A session timeout issue could cause hMailServer to stop responding.

New in hMailServer 5.5.1 Build 2094 Beta (Oct 3, 2014)

  • When an unhandled error occur, hMailServer now generate a minidump with detailed error information.
  • hMailServer now allows certificates with purpose SERVER_GATED_CRYPTO and SGC_NETSCAPE to take part in certificate chains.

New in hMailServer 5.5.1 Build 2090 Beta (Sep 27, 2014)

  • An unknown issue is causing hMailServer to stop responding. An attempt has been made to address this.
  • Message delivery failed if recipient server did not support EHLO.

New in hMailServer 5.5 Build 2074 Beta (Sep 5, 2014)

  • If an IP address is specified as Target SMTP Host for a SMTP Relayer or SMTP Route, hMailServer would always attempt to deliver to 127.0.0.1 and the delivery would fail.
  • An experimental fix has been made to an issue related to session counting. Previously, hMailServer could assume that the number of current sessions were higher than they actually were.
  • When communicating with other SMTP servers, hMailServer will now assume that they support ESMTP, even if they do not advertise that in the initial greeting. This solves an issue where hMailServer would not use STARTTLS even if the remote server supported it.
  • When communicating with MySQL, hMailServer will now use the utf8mb4 character set for the connection if MySQL supports it. Previously hMailServer as using the utf8 character set.
  • WebAdmin has been updated to use UTF-8, which means that entering for example a signature with Japanese characters now works.
  • Issue 18: If several attachments were blocked in the same email, hMailServer now adds the same number of new attachments describing that the original attachment was removed. Previously only one attachment was added.
  • Issue 21: The SMTP error code for "Recipient not in route list" has been changed from 421 to 550, to indicate that this is a permanent error.

New in hMailServer 5.5 Build 2058 Beta (Aug 16, 2014)

  • Delivery of messages larger than 64kb to remote hosts was likely to fail.
  • WebAdmin has been updated to include new settings related to STARTTLS.

New in hMailServer 5.5 Build 2053 Beta (Aug 16, 2014)

  • In hMailServer Administrator, it's now possible to import the recipients of a distribution list.
  • Support for STARTTLS

New in hMailServer 5.4.2 Build 1964 (Jun 9, 2014)

  • Security: Upgrade to OpenSSL 1.0.1h

New in hMailServer 5.4 Build 1950 (Jul 2, 2013)

  • An error occured when adding a new external account using WebAdmin

New in hMailServer 5.4 Build 1949 (May 28, 2013)

  • hMailServer now consolidates outgoing email messages smarter when routes and SMTP relayer is in use. This results in fewer connections to the SMTP
  • relay / route server.
  • Sometimes using SpamAssassin resulted in corrupt email messages due to incorrect parsing by SpamAssassin response.

New in hMailServer 5.4 Build 1948 (May 7, 2013)

  • Sometimes files remained in temp directory after SpamAssassin had been invoked.

New in hMailServer 5.4 Build 1947 (May 1, 2013)

  • Quotes have been added around 7bit to be RFC3501 compliant.
  • Mailbox sometimes remained locked after a timeout.
  • All recipients to particular route kept combined instead of split into individual emails.
  • File permissions of 7z backup could be admin-only or incorrect when backing up messages due to 7za temp folder usage. Now using hmail's temp folder instead of system temp.
  • Issue 409: Issue with forwarding (Auto-Submitted header)
  • UseSSL setting has been added for external accounts in WebAdmin.
  • Issue 405: Whitelisting didn't work with IPv6 addresses.
  • SQL Compact did not work properly on Windows 2000.
  • Issue 393: SURBL lookup sometimes failed.
  • Added Auto-Submitted header. Will contain the value auto-replied for messages which is generated using auto-reply funcitonality or rules. Also prevents hMailServer from auto-replying to auto-submitted messages.
  • Internet Explorer is no longer required when installing hMailServer, which makes hMailServer runnable on Windows Server 2008 R2 Core.
  • Full paths are no longer stored in the database. Only message file name is now stored in the hm_messages table.
  • hMailServer is now open source.

New in hMailServer 5.3.4 Build 1913 (Dec 13, 2010)

  • Stability fixes. In certain scenarios, hMailServer could stop processing incoming requests.

New in hMailServer 5.3.3 Build 1879 (Aug 5, 2010)

  • Issue 312: In some cases, the POP3 server returned incorrect data which could lead to corrupt attachments. Changes have been made to prevent this error. The error was apparent when retrieving PDF files which had been sent using Outlook Express.
  • Issue 313: If hMailServer was configured to download messages from a server which did not support UIDL, hMailServer timed out. hMailServer has been changed to disconnect immediately and report an error when this happens. The External account functionality in hMailServer does not work with POP3 servers not supporting UIDL.
  • Issue 314: If DKIM was enabled and a user sent an email with no text in the body, hMailServer did not correctly sign the message.
  • Issue 1879: OpenSSL has been upgraded to version 0.9.8o.

New in hMailServer 5.3.3 Build 1846 Beta (May 13, 2010)

  • Issue 288: The live log in hMailServer Administrator could stop work, and Administrator could hang, if there was a high throughput in hMailServer.
  • Issue 306: If a DNS blacklist returned several DNS records, hMailServer only analyzed one of them.

New in hMailServer 5.3.2 Build 1769 Beta (Jan 27, 2010)

  • If hMailServer tries to report statistics to hMailServer.com, and hMailServer.com is not available, the SMTP delivery will stop. Messages will still be queued up so no email will be lost.
  • When Spamhaus were used, false positive were sometimes reported (under high Spamhaus load?). In the DNS blacklist settings, it's now possible to specify ranges by using -, for example 127.0.0.1-5. It's also possible to specify more than one address by using |, for example 127.0.0.1|127.0.0.25. This makes it possible to specify more granular values than before.
  • In some cases hMailServer extracts the senders IP address from the Received headers in email when doing anti-spam. If hMailServer was unable to do this extraction, the anti-spam tests were aborted. This has now been changed so that hMailServer still does the anti spam tests, but skips the ones which are dependent on the IP address (DNS black lists and SPF).

New in hMailServer 5.3.1 Build 1748 Beta (Jan 9, 2010)

  • Issue 284: If a message is sent to an alias, which forwards the message to a route, and that route only has the aliased address listed - not the original address, hMailServer will not accept the message delivery.

New in hMailServer 5.3.1 Build 1746 Beta (Dec 22, 2009)

  • hMailServer sometimes reported an error about being unable to notify IMAP clients about mailbox changes. The problem occurred if the client had disconnected in an incorrect way.

New in hMailServer 5.3 Build 363 (Sep 14, 2009)

  • When an error occurs it's logged to the hMailServer error log and the standard log (if application logging is enabled). In the normal log file, the first column of the error line contained APPLICATION rather than ERROR. It now says ERROR which makes it easier to locate error-lines in the standard log file.
  • If a DNS lookup fails, this was reported as an error before. DNS lookups may fail if the recipients DNS server is not properly configured, and this is not an error in the hMailServer installation. Due to this, this is no longer reported as an error to the hMailServer log, but rather mentioned in the bounce message.
  • Issue 247: When a new message is added to a folder using an IMAP client, hMailServer now explicitly tells the same client that a new message has been added to the folder. This should solve problems with listing of Draft messages in Thunderbird.
  • Issue 249: If spam protection was enabled, but header tagging was not, hMailServer would fail to download messages from external accounts containing spam messages.
  • Issue 250: If SPF test passed, but another spam test failed and the message was rejected during the SMTP conversation, sometimes the rejection description sent to the client was empty.
  • Issue 253: When clearing the delivery queue, orphaned rows were left behind in the hm_messagerecipients table.

New in hMailServer 5.3 Build 362 (Sep 14, 2009)

  • hMailServer now supports IPv6.
  • It's now possible to bypass grey listing if a connection arrives from a MX or A record for the sending domain.
  • In the SpamAssassin settings, there's now a Test button which allows you to easily confirm that the SpamAssassin connection information is correct.
  • In the MX query, you can now right click on rows and copy to clipboard.
  • There was some inconsistencies related to IMAP folder hierarchy delimiter. When creating rule actions, the only valid IMAP folder delimiter is the one specified in the IMAP settings. If you've selected that . is the delimiter, specifyinng the IMAP folder name FolderSubFolder will cause a folder with the name "FolderSubFolder" to be created, rather than one named Folder and a second named SubFolder.
  • A new event has been added, OnExternalAccountDownload.
  • Issue 238: IMAP: hMailServer sometimes produced a BODYSTRUCTURE response with a syntax error.
  • Issue 240: If you tried to add route members prior to saving the route, an error was shown.
  • Issue 244: IMAP: The Recent flag not removed properly, which made duplicate messages appear in RoundCube.
  • Issue 245: The AD integration in hMailServer Administrator didn't always add correctly configured hMailServer accounts.

New in hMailServer 5.2.1 Build 361 (Sep 14, 2009)

  • Issue 243. When restoring a backup, addresses specified in a route were not restored.

New in hMailServer 5.2.1 Build 360 Beta (Aug 15, 2009)

  • Issue 241. When IMAP clients requested body structure information for a message, hMailServer were in some cases unable to create this, which resulted in the message not being shown to the client. An error message related to PartStructure were logged when this error occurred.

New in hMailServer 5.2 Build 354 Beta (Jul 15, 2009)

  • Message indexing for improved performance
  • Improved SMTP authentication methods to reduce spam
  • Built-in diagnostics tool to make troubleshooting easier
  • IMAP UIDNEXT implemented
  • New rule actions and criterias have been added
  • It's now possible to skip greylisting if SPF passes

New in hMailServer 5.1.2 Build 436 (May 30, 2009)

  • Issue 216: SMTP connection sometimes dropped during DKIM verification. This problem occurs if a the DNS server publishing the publi key publishes a CNAME record which points at the TXT record which contains the actual public key.

New in hMailServer 5.0 Build 321 Beta (Jan 6, 2009)

  • It wasn't possible to display messages having an attachment with file names containing specific character.