Momentum 2.x Legacy Changelog from 2009-2013

April 14, 2020 Contributors

Ecelerity version 2.2.3.51 released on 2013-05-17

  • Fixed ticket MO-414: Fixed parsing error with nested multipart messages
  • Fixed ticket MT-10093: Fixed issue causing null pointer exception in TLS handler

Ecelerity version 2.2.3.50 released on 2011-12-19

  • Fixed ticket BZ4865: Replaced third party component used in bounce classification with improved Momentum Bounce Classifier. Beginning with version 2.2.3.50, the bounce_classifier module must be explicitly loaded in ecelerity.conf.

Ecelerity version 2.2.3.49 released on 2011-05-24

  • Feature ticket BZ2464: Added a new esmtp listener option, starttls_injection_policy, to resolve a recently identified industry-wide security issue for SMTP implementations whereby commands could be injected before the SSL negotiation completed (CVE-2011-0411). The default value, reject, will disconnect SMTP sessions if commands are sent after the STARTTLS command but before SSL negotiations are completed.
  • Feature ticket BZ1917: Installation of a Momentum upgrade will halt and provide an error message if prior Momentum version cannot be completely uninstalled. This prevents issues resulting from a partial uninstall.
  • Fixed ticket BZ3049: A message exceeding the ‘large_message_threshold’ value not forced to disk when force_fsync is configured.
  • Fixed ticket BZ2047: The disclaimer module no longer adds dots/periods to the ends of linesFixed ticket BZ: causing double-dots in the email messageFixed ticket BZ: when sending plain-text messages.
  • Fixed ticket BZ1924: Resolved situation with adding a new jlog subscriber whereby any subsequent jlog call from the new subscriber incorrectly indicated the subscriber didn’t exist.
  • Fixed ticket BZ1856: Changed error code send when protocol deviation is detected from a 550 to a 421.
  • Fixed ticket BZ1761: Resolved subaddress parsing issue for sieve comparison match.
  • Fixed ticket BZ2928: Updated bounce classifications for Momentum

Ecelerity version 2.2.3.48 released on 2011-04-19

  • Feature Ticket BZ2647: Momentum 2.x now compatible with Message Scope
  • Fixed ticket BZ2513: Resolved issue with configuration setting to convert lone linefeeds into a CRLF sequence (Lone_LF_in_Body = fix) which caused Momentum to crash under heavy message loads.
  • Fixed ticket BZ2264: New maximum length limit of 4K for MAIL FROM and RCPT TO commands. Note that other MTAs enforce smaller limits.
  • Fixed ticket BZ2026: Resolved an issue were a crash may occur when SMTP debugging or tracing is enabled and certain DNS MX conditions exist.

Ecelerity version 2.2.3.47 released on 2011-02-02

  • Fixed ticket #4562: The mbusd_monitor script now uses the correct group ID when checking permissions.
  • Feature ticket #5280: Added lifetime option to the sieve ec_dkim_sign action.
  • Fixed ticket #6990: Injecting over 2GB of messages on same connection will no longer trigger message size limit exceeded error.
  • Fixed ticket #7051: Resolved a possible fault on Solaris when using the cluster module and initiating a connection to a host with a long name
  • Fixed ticket #7264: Async DSN generation with Sieve could cause illegal memory accesses
  • Fixed ticket #7325: Memory leaks were possible when an action resulted in a message being tempfailed in the each_rcpt phase.
  • Fixed ticket #7722: Fixed a memory leak in the SMTP handler.
  • Fixed ticket #7773: Forwarding large volumes of mail requiring conversion from 8- to 7-bit character sets could result in crashes.
  • Fixed ticket #7878: Fixed issue preventing the SMTP callback verification module from supporting customizable callback verification domain mapping for the mail from phase.
  • Fixed ticket #7915: Malformed RFC2822 addresses could cause a crash when passed to the address sieve function.
  • Fixed ticket #7927: Momentum would incorrectly determine that a 251 response (user not local) received while delivering to a remote MTA was an error condition
  • Feature ticket #8070: Updated bounce classification rules.
  • Feature ticket #8072: The bounce classifier module leaked memory.
  • Fixed ticket #8074: The address sieve function would only match the first address in the requested header.
  • Feature ticket #8076: The SMTP and control listeners no longer have a restricted backlog.
  • Fixed ticket #8080: The disclaimer module could erroneously insert quoted-printable encoded newlines.
  • Fixed ticket #8081: A faulty ClamAV configuration could cause false positives on non-infected mail.
  • Feature ticket #8085: ec_dkim_domain will now correctly return the value of the d= tag when the i= tag is missing.
  • Feature ticket #8096: Resolved a crash when a domain record expires during TLS downgrade.
  • Fixed ticket #8097: The disclaimer module now removes any dot-stuffed dots from the message.
  • Feature ticket #8105: The smtp_should_session_shutdown hook may now be used to shut down an SMTP session after a failed delivery attempt.

Ecelerity version 2.2.3.46 released on 2010-08-03

  • Fixed ticket #2177: Improve diagnostics for statp errors.
  • Feature ticket #3688: host_fingerprint Passive OS fingerprinting support re-enabled.
  • Fixed ticket #4061: Recycled connections could cause hanging connections in rare cases.
  • Feature ticket #4299: Audit series now support a serialized flag that can be set when they are created. Serialized audit series are written to disk periodically.
  • Fixed ticket #5157: Certain broken domains could leave email in active queue which would not expire.
  • Fixed ticket #5190: The CSAPI module could leave behind temporary directories in /var/tmp when the server was shut down.
  • Fixed ticket #5216: Possible fault if a DNS record expired just as a message that had failed during the initial banner response was being requeued.
  • Fixed ticket #5246: Long DKIM identity could cause malformed DKIM signature due to improper wrapping.
  • Fixed ticket #5270: Antivirus modules would not properly set the xyz_status_info variable in the message vctx for infected files when the av action was set to pass where xyz is the name of the antivirus module.
  • Fixed ticket #5283: Fixed C++ compilation issues when building Momentum modules.
  • Fixed ticket #5286: The sieve :contains operator could assert when operating on a search string longer than 128 characters.
  • Feature ticket #5318: Audit series data is now persistent. The data is serialized to disk on shutdown and read in on start up.
  • Fixed ticket #5340: Header names longer than 997 characters could cause crash during spool-out.
  • Fixed ticket #5354: Disallow headers without values; correctly handle excessive whitespace in wrapped header values.
  • Feature ticket #5361: Allow Trace_Headers to be set in the Pathway scope.
  • Feature ticket #5380: The brightmail module has a new sieve action, brightmail_tracker, which formats the rules data in a format suitable for use as an X-Brightmail-Tracker header. The ec_header_add sieve function has been enhanced to add a :folded tag which, when set, will fold long header lines at 78.
  • Fixed ticket #5427: Allow setting more CSAPI scanner options.
  • Fixed ticket #5428: Use of SMTP authentication could cause a small memory leak
  • Fixed ticket #5444: The sched module could fault on startup if its database contained persistent jobs.
  • Fixed ticket #5445: The sched module stored jobs in the database with the user and command arguments reversed which would prevent jobs from running when Momentum was restarted.
  • Fixed ticket #5473: The CSAPI module could hang Momentum if the reopen logs console command was issued.
  • Fixed ticket #5642: Improved MX Fallback logic by trying other MXs immediately if there is a connection error.
  • Feature ticket #5650: Expose DKIM verification results as C API.
  • Fixed ticket #6019: Eliminate a small memory leak when using AUTH PLAIN.
  • Fixed ticket #6033: The Brightmail module would incorrectly report an error when handling messages with mixed case domains.
  • Fixed ticket #6237: Implemented Allow_Whitespace_In_Envelope and Allow_Whitespace_In_Command options that handle the trailing white spaces in the SMTP command and white spaces in between <> and the recipient address in the RCPT TO or MAIL FROM commands.
  • Fixed ticket #6256: RFC2822 { Max_Line_Length } is checked earlier during reception processing, to avoid increased CPU utilization in the face of extremely long headers.
  • Fixed ticket #6342: Quoted-printable decoder would not handle SMTP-transparency (aka dot-stuffing) correctly in some quoted-printable logical line extension cases.
  • Fixed ticket #6410: Reset the internal DNS query failure (domain MX or host query) count when querying for a domain’s MX returns result to prevent mails being wrongly purged due to intermittent domain MX lookup failures.
  • Fixed ticket #6508: Use of Suppress_spool could cause a hang in certain circumstances with large max_resident_messages.
  • Fixed ticket #6783: Defer connecting to the Goodmail multiplexor until we have determined whether or not the message needs to be imprinted. In previous releases, the connection to the multiplexor was made before determining whether or not the messaged needed to be imprinted.
  • Fixed ticket #6784: Fix a memory leak in the sieve header comparator when the header being tested is made up of multiple lines.
  • Fixed ticket #6785: Using the ec_set_routing_gateway sieve action could result in messages being stuck in the lookuptable and never being delivered.
  • Fixed ticket #6786: The maximum allowed length of MAIL FROM and RCPT TO commands is now limited to 4k to avoid increased CPU utilization in the face of extremely long command lines.
  • Feature ticket #6787: Added RFC2822 { Lone_LF_in_Body=’fix’} option to canonicalize newlines in the message body.
  • Feature ticket #6855: Added DNS resolution hooks to C API (core_pre_dns_handle_a_hook, core_post_dns_handle_a_hook, core_pre_dns_handle_mx_hook, core_post_dns_handle_mx_hook).
  • Feature ticket #6901: We now support Symantec CSAPI Antivirus engine.
  • Feature ticket #6902: We now support the Symantec Brightmail Engine Integration Kit (BEIK) as an in-process alternative to our existing (and still supported) bm_driver module.

Ecelerity version 2.2.2.45 released on 2009-11-06

  • Fixed ticket #4476: Large config would hit memory limit in webui. Temporary workaround – create file /opt/ecapache/etc/largeconfig – which will keep graphs working, but prevent editing the config.
  • Feature ticket #4989: Added replication of audit series and the ability to alter and inspect audit series counters.
  • Feature ticket #4990: Implemented console commands to add, subtract, delete and view gauge cache counters.
  • Fixed ticket #5064: Java bindings would not correctly handle messages larger than the Legacy_Message_Threshold and Large_Message_Threshold.
  • Fixed ticket #5099: ec_log_file sieve action was not threadsafe.
  • Fixed ticket #5108: Disclaimer module would corrupt certain messages with multiple rcptto’s. Only happened with MIME singleton messages with each_rcpt hook.
  • Fixed ticket #5132: Using asynchronous actions (such as ec_dns_lookup) in the undocumented sieve auth hook would prevent the server from processing mail.
  • Fixed ticket #5133: Don’t advertise the STARTTLS ESMTP extension in EHLO, after TLS has been established with STARTTLS.
  • Fixed ticket #5146: Large numbers of DuraVIP bindings could fail to replicate in cluster due to Spread buffer limit.
  • Fixed ticket #5157: Sending email to domains that had broken DNS (for example, a CNAME resolving to a CNAME) could result in an active queue which would not expire.
  • Fixed ticket #5174: The postfix logger could truncate the queueid, and fault if it processed a message that had been EM_FAILED_QUIET.
  • Fixed ticket #5175: ODBC datasource driver reconnection issues could cause the server to crash.
  • Fixed ticket #5192: auth_ds module had unterminated loop when using non-interpolated characters after an interpolation placeholder.
  • Fixed ticket #5207: ec_lic would hang forever (or segfaults) if clamav enabled in Ecelerity.conf.
  • Fixed ticket #5216: Messages failing during the initial banner with a DNS record that timed out while being added to the active queue could cause a crash.
  • Fixed ticket #5225: The MTA will now send a QUIT command when closing an SMTP delivery connection when the Max_Deliveries_Per_Connection limit is reached, or due to an smtp_should_session_shutdown hook.
  • Fixed ticket #5229: Sieve address :detail would actually return :all instead.
  • Fixed ticket #5248: Clamav module caused crashes with clamd 0.95 under load.

Ecelerity version 2.2.2.44 released on 2009-10-14

  • Feature tocket #3304: A new sieve action (ec_gmsi_sign) has been added, allowing scripts to trigger Goodmail signing of a message.
  • Fixed ticket #4498: Outbound connections could fail to retry secondary MX if initial connection failed during banner.
  • Fixed ticket #4614: Legacy modules could be invoked on messages larger than legacy_message_threshold if the message was swapped out to disk.
  • Feature ticket #4615: Add Scope_Max_Outbound_Connections, which acts like a scoped version of Server_Max_Outbound_Connections or Max_Outbound_Connections
  • Fixed ticket #4687: Header modification prior to a MIME parse on a malformed MIME message resulted in a length mismatch when rendering the message, causing it to be rejected. For example, calling ec_header_add before a call to ec_mime_parts would trigger the problem.
  • Fixed ticket #4689: Avoid compiler warnings when building modules with pure C++ hooks.
  • Fixed ticket #4760: A syntax error in a dynamically loaded sieve script could result in a memory leak.
  • Fixed ticket #4762: Include modules/validate/dkim.h file in public API
  • Feature ticket #4773: The sieve_inc_counter function is now a public API.
  • Fixed ticket #4804: Modules that use the avengine framework would unilaterally overwrite the smtp response, even when their mode is set to pass.
  • Fixed ticket #4805: The Vade Retro integration now supports setting the optional analysis profile (as provide by Vade Retro).
  • Fixed ticket #4820: The VadeRetro daemon did not honor the updates_dir setting in vaderetrod.conf, it always used /opt/Ecelerity/3rdParty/vaderetro/updates.
  • Fixed ticket #4828: STARTTLS could leak memory allocated for X509 peer certificate.
  • Fixed ticket #4829: Change gmsi_imprinter ‘optional_headers’ and ‘strip_sender ‘ default to ‘True’
  • Fixed ticket #4876: Disclaimer module could add disclaimer to certain non-text attachments due to improper headers generated by Apple Mail.
  • Fixed ticket #4895: Added a Signing_Stats option that can be set to one of all (the default), global or off to control whether signing stats are recorded per binding, as a global summary summary only, or to disable signing stats metrics. You might consider enabling this option if you have a very large number of bindings and don’t need to track message signing statistics (such as Domain Keys or DKIM) per binding (or even at all).
  • Fixed ticket #4904: ds_fetch from LDAP datasource could crash if ldap_get_values() returned null
  • Fixed ticket #4906: Sieve++ action ec_rfc3464_delivery_status did not work correctly in hash mode
  • Fixed ticket #4921: Disabling inline_transfail_processing could result in a message that received a transient failure being retried earlier than the retry parameters in the configuration file indicate.
  • Fixed ticket #4947: The Vade Retro integration could cause a crash when run from a spool phase sieve action.
  • Fixed ticket #4951: Added the ability to disable the memory counters entirely or to use a mutex or spinlock in place of the atomic operations normally used to update the counters.
  • Fixed ticket #4991: The Ecelerity Vade Retro integration has been reworked to provide significantly better performance and improved concurrency.
  • Feature ticket #4992: A hook has been added to allow modules to make changes to the message body before delivery.
  • Fixed ticket #5006: Update to latest 5.2 PHP release for bundles
  • Fixed ticket #5009: Add support clamav 0.95.x or later
  • Fixed ticket #5013: Fixed an undefined function error that could be triggered from the bounces tab of the webconsole.
  • Fixed ticket #5014: Improved memory counter lock performance on non-NUMA systems.
  • Fixed ticket #5036: ec_logger and custom_logger would always log the Pathway_Group as default
  • Fixed ticket #5059: hash_get and hash_set sieve functions now return an error when passed an argument that is uninitialized or not a hash.
  • Fixed ticket #5067: The dkim_sign and dk_sign modules would disable message batching when they were loaded but disabled.
  • Fixed ticket #5082: Potential use of memory after it was freed in the spf module that could result in a failure to expand spf macros under heavy load.
  • Fixed ticket #5083: Goodmail imprinting would invalidate the DKIM or DomainKeys signature. Note that the gmsi_imprinter module must still be loaded before DKIM or DomainKeys since it adds headers to the message.

Ecelerity version 2.2.2.43 released on 2009-06-22

  • Fixed ticket #4824: Fixed message move in a clustered configuration. The change in 2.2.2.42 to binding group selection logic resulted in messages being assigned to the default binding group when there were no local, unsuspended bindings when the message should have moved to another cluster node. Versions prior to 2.2.2.42 are not affected.

Ecelerity version 2.2.2.42 released on 2009-06-11

  • Fixed ticket #3957: Replication of outbound_domains metrics was only respected for bindings defined within a binding_group stanza
  • Fixed ticket #4034: Possible memory leak when attempting to query a non-existant SQLite database file.
  • Fixed ticket #4576: When using the auth_ds module and a datasource query fails, a 535 Sorry message was returned to the sender instead of a 550 Unexpected auth error.
  • Fixed ticket #4578: Rolling deployment of new IP addresses can cause DuraVIP fault
  • Fixed ticket #4580: Removing a non-existant SMTP tracer via ec_console would lead to a crash
  • Feature ticket #4607: Added xml memory to the available console commands, for consumption by machine.
  • Fixed ticket #4608: Possible watchdog when the system is under IO load when using custom_logger with a format string that pulls in message content or context variables
  • Fixed ticket #4610: The csapi module could hang the MTA when the version command was issued under heavy load.
  • Feature ticket #4615: Add new Scope_Max_Outbound_Connections and Cluster_Scope_Max_Outbound_Connections config options
  • Fixed ticket #4616: Adjusted the binding group selection logic distribute messages evenly amongst the bindings in a group. The selection logic had favored bindings defined towards the end of the binding group over those defined at the beginning.
  • Fixed ticket #4620: cluster message moves would unconditionally rebind messages in the scheduler thread, which could lead to a watchdog kill. If you are experiencing this symptom, you may now set unconditional_rebinding = false in your cluster stanza.
  • Fixed ticket #4645: Messages being moved internally between cluster nodes could end up being delayed beyond their expiration time with the message 451 4.4.1 [internal] No valid hosts (unable to make any connections)
  • Fixed ticket #4669: A race condition during spool import could prevent the import from completing.
  • Fixed ticket #4670: Some networks experience difficulties with ARP traffic when using the DuraVIP clustering feature. If you are experiencing ARP related issues, you may now set arp_all_hosts = false in your cluster stanza to limit the scope of the ARP traffic generated by DuraVIP moves.
  • Feature ticket #4683: Added core_validate_auth_hook
  • Fixed ticket #4715: Added locks around swap-out to prevent race conditions for sites with custom modules that act on messages asynchronously and concurrently with swap-out.
  • Fixed ticket #4739: Large messages with 8-bit transfer encoding could become corrupted on delivery when sending to a host that does not advertise support for the 8BITMIME SMTP extension. Setting Transform_8BITMIME = no is a partial workaround for this issue in prior releases, as is increasing your Large_Message_Threshold; the former will violate the RFC, and the latter will result in increased resource consumption while conforming to the RFC.
  • Feature ticket #4741: The Goodmail Checker gmsc_set_status_code sieve action can now be used in any phase that we have a valid message, rather than just in the data phase.
  • Feature ticket #4749: The product name has changed to Momentum, and this has been reflected throughout the web UI and installer with new styling and revised text.
  • Fixed ticket #4752: The daily update of antivirus definitions was not occurring. A workaround for previous versions is to run the csapi reload ec_console command periodically via cron.
  • Fixed Ticket #4785: The vade retro module will cause a crash unless the daemon option is specified in the vr_scan stanza. A workaround for earlier releases is to specify daemon=/var/vaderetro/daemon in the vr_scan stanza.

Ecelerity version 2.2.2.41 released on 2009-04-10

  • Feature ticket #3111: Custom SMTP response transcoding
  • Fixed ticket #3851: DNS cache leaks the query name
  • Fixed ticket #3984: SMTP listener does not fail TLS session when verify_mode = require and no client certificate was presented
  • Fixed ticket #4044: Using ec_dns_lookup in a hook that runs on the scheduler thread or in the accept phase when threaded accept is not enabled could cause a fault; it will now log an error instead.
  • Feature ticket #4066: Add disclaimer module
  • Fixed ticket #4083: LDAP driver does not perform a bind when no user is specified
  • Feature ticket #4168: ImageAnalyzer integration
  • Fixed ticket #4285: Inbound TLS session with no client cert causes a segfault when there’s an inbound TLS verify hook
  • Fixed ticket #4303: outbound_smtp_tls_verify_callback does not allow certificate verification errors to be overridden when using TLS_verify = ca
  • Feature ticket #4316: Add NS record caching to dns cache and support passing a stringlist to the cidrdb sieve actions
  • Fixed ticket #4395: corrupt messages in spool could cause a crash
  • Fixed ticket #4423: destination IP was not logged in temfails and permfails for messages after the first one in a batch delivery
  • Feature ticket #4433: Add option to spool import command to suppress adding trace headers on import
  • Fixed ticket #4439: Goodmail Checker was overly particular about the version of OpenSSL installed on the system
  • Fixed ticket #4473: Convert 8 bit MIME parts to 7 bit QP encoded
  • Feature ticket #4521: Add gmsc_set_status_code sieve action that allows overriding the Goodmail status of a message
  • Feature ticket #4537: make gmsc_is_imprinter sieve action work in the accept phase
  • Fixed ticket #4538: correctly log the sending IP address in the gmsc_checker log
  • Fixed ticket #4587: in-band bounces that were in the unknown connection stage (e.g. messages to an invalid domain) were being logged with the wrong stage number, and counted as out-of-band bounces in the real-time stats as a result
  • Fixed ticket #4613: Rejections by the antivirus module were sometimes logged as being rejected by another module.

Ecelerity version 2.2.2.40 released on 2009-02-27

  • Fixed ticket #3716: sieve reject sends MDN with subject Delayed Mail (still being retried)
  • Fixed ticket #3867: Potential fault in ecstream on a busy cluster
  • Feature ticket #4128: add hooks for batch annotation/assessment
  • Feature ticket #4129: allow sieve hook scripts to specify async mode
  • Fixed ticket #4172: legacy rfc2822_parse_message() leaks a dictionary
  • Feature ticket #4188: added hash_get function to sieve
  • Fixed ticket #4194: sieve ec_get_message_size could give wrong results for large messages
  • Fixed ticket #4205: Brightmail driver busy waits on EAGAIN
  • Fixed ticket #4263: binding summary command aggregates active queue size of binding groups incorrectly
  • Fixed ticket #4297: sieve brightmail verdict can now be used in set_binding as well as each_rcpt
  • Fixed ticket #4323: truncated spool file may prevent spool-in from completing

Ecelerity version 2.2.2.39 released on 2009-02-06

  • Fixed ticket #4052: valgrind warning when using ec_dns_lookup with an alternate DNS server
  • Fixed ticket #4132: ec_rotate fails to clean up when retention > 9
  • Feature ticket #4159: added ec_log_file sieve function to log to a specific log file
  • Fixed ticket #4179: fault in outbound SMTP delivery if a 550 is received before the body is loaded

Ecelerity version 2.2.2.38 released on 2009-01-23

  • Fixed ticket #3606: Added auto-update of eXpurgate data
  • Feature ticket #3904: Track number of AAAA DNS queries
  • Feature ticket #3968: Added Control_Listener_Idle_Timeout option
  • Fixed ticket #4053: ec_rt_stats dml replication may fault if the reason code contains a % character
  • Fixed ticket #4059: memory leaks from initiate_connection() error conditions
  • Fixed ticket #4065: Control channel authentication only works first time
  • Fixed ticket #4074: bounce rendering could crash if connection is recycled
  • Fixed ticket #4076: dns host refresh performs A lookups on literal IP addresses
  • Fixed ticket #4126: cidr matching affected by ordering of cidr ranges
  • Fixed ticket #4118: memory leak in cluster shared named throttles