fbpx

MailStore Server Version 13.0 – New Release

  • Note Following Microsoft’s major product renaming for consumer and SMB products, the name Office 365 has been replaced by Microsoft 365 throughout the software. All references to Microsoft 365 interchangeably apply to the Office 365 Enterprise plans and other plans that kept Office 365 in their name.
  • Note This release fully removes the support for establishing unencrypted connections to MailStore Server. This also includes the HTTP-to-HTTPS redirect option, which must be considered insecure without the use of properly configured HTTP Strict Transport Security (HSTS).
  • Note Mobile Web Access has been fully removed in this release. Many improvements and bug fixes applied to the responsive Web Access in this release make it a suitable, modern, and secure replacement on all supported mobile devices, including support of authenticating users directly against Microsoft 365 and Google G Suite.
  • Note To manage connections to remote SMB/CIFS network shares, the Service Configuration tool now provides built-in functionality as an easier and more secure alternative to the startup script method available in previous versions. It is highly recommended to replace existing “net use” commands in the startup script with the new built-in functionality. A corresponding warning will appear on the administrator’s dashboard as long as “net use” commands are found in the startup script file. Please note that the Startup Script section in the Service Configuration tool is only visible if the startup script file actually exists.
  • Note Microsoft has announced the removal of HTTP Basic Auth for Exchange Web Services (EWS) in Microsoft 365. As MailStore’s traditional Microsoft Exchange profiles support EWS with Basic Auth only, a new dedicated Microsoft 365 profile with support for modern OAuth authentication and a new Directory Service with support for authenticating users via OpenID Connect have been added. Customers of Microsoft 365 are advised to regularly check for Microsoft’s announcement on the timeline for removing HTTP Basic Auth, and should plan the migration to the new profiles in advance. Please note that IMAP access to the archive is no longer supported when using a directory service which authenticates users via OpenID Connect.
  • Note Google has announced the removal of basic authentication types for IMAP in G Suite. IMAP is used in MailStore when authenticating users against G Suite. The existing direcory service settings for G Suite have therefore been extended to support the modern OpenID Connect authentication method. Customers of G Suite are advised to regularly check for Google’s announcement on the timeline for removing basic authentication, and should plan the migration to the new setting in advance. Please note that IMAP access to the archive is no longer supported when using a directory service which authenticates users via OpenID Connect.
  • New Dedicated Microsoft 365 profiles for archiving and exporting emails using modern OAuth authentication as required by Microsoft. Please note that for technical and organizational reasons, these profiles are only available to MailStore administrators.
  • New Directory Services: New profile for Microsoft 365 using modern OAuth authentication, to synchronize users via Microsoft Graph API and to enable synchronized users to authenticate directly with Microsoft using OpenID Connect.
  • New Directory Services: Added OpenID Connect as authentication method to G Suite profile, which allows synchronized users to authenticate directly with G Suite.
  • New Two-step login process in Client, Outlook Add-in, and Web Access which supports the use modern authentication via OpenID Connect to authenticate users directly against Microsoft 365 and Google’s G Suite.
  • New Network share management added to Service Configuration tool as an easier and more secure alternative to using startup scripts.
  • New Group Policy templates for Client and Outlook Add-in are now bundled with MailStore Server.
  • Improved Options to allow unencrypted access via HTTP to MailStore Server fully removed in Service Configuration tool. This also includes the optional HTTP-to-HTTPS redirect.
  • Improved Outlook Add-in: Support for unencrypted access via HTTP to MailStore Server fully removed.
  • Improved Localization of Group Policy templates.
  • Improved Improved handling of logging job results for Jobs that did not create any output.
  • Improved Audit event MessageDelete is now set to “All Users” by default on new installations.
  • Improved Port on which MailStore Server should listen for Let’s Encrypt validation requests can now be changed in the Service Configuration tool. Please note that Let’s Encrypt still connects to port 80 on the resolved external IP address.
  • Improved The admin dashboard and recent profile results warn about potentially insecure (e.g. unencrypted, Ignore SSL warning set) outbound connections to email servers or directory services. This has been just an information since version 12.
  • Improved Client: Clicking on folder path in message view opens the folder and shows the messages therein.
  • Improved Web Access: Clicking on folder path in message view opens the folder and depending on display size shows the messages therein.
  • Improved Web Access: Show specific message if session has expired.
  • Improved Web Access: Major update of all underlying web framework components.
  • Improved Web Access: Increased available reading space for content in mobile view.
  • Improved Web Access: Search by “This Week” and “Last Week” filter take locale setting into account for first day of week.
  • Improved Web Access: Images attached to emails will be displayed in web browser instead of downloaded when opened.
  • Improved Unified handling of certificate validation across all clients that connect to MailStore Server. Please note that certificate thumbprints can no longer be whitelisted via Group Policies.
  • Fixed Messages of item class “IPM.Note.NotSupportedICal” cause ErrorAccessDenied exception when archiving from Microsoft 365 mailboxes.
  • Fixed Processing of Retention Policies does not mark broken search indexes as broken.
  • Fixed Audit Log cannot be opened when it contains an entry with a user name which includes a colon.
  • Fixed Passwords with leading or trailing space character cannot be used in Exchange/Microsoft 365 archiving profile, although supported by Microsoft 365.
  • Fixed Client: In contrast to the Legacy Web Access and Outlook Add-in, only the date is shown in message list, but no time information.
  • Fixed Web Access: Scrolling in sidebar does not behave as expected on iOS devices.
  • Fixed Web Access: Sidebar does not scroll to expected position while switching between search and folder view.
  • Fixed Web Access: Escape character visible in path property in message detail view.
  • Fixed Web Access: Folders become inaccessible when a large folder hierarchy exist in the archive.
  • Fixed Web Access: Microsoft Edge (Spartan) crashes when selecting a custom date.
  • Fixed Web Access: Content of emails with wide message body cannot be reached due to missing horizontal scroll bars in message view.
  • Fixed Web Access: In contrast to the Legacy Web Access and Outlook Add-in, only the date is shown in message list, but no time information.
  • Fixed Incorrect Dutch localization of “Uncheck all”.
  • Fixed Mobile Web Access is built upon the no longer maintained jQuery Mobile. To address security concerns and support modern OpenID Connect authentication method, Mobile Web Access has been removed in favor of the responsive Web Access.
  • Fixed Update of third party library, which fixes several minor issues in archiving, displaying and exporting of emails.
  • Fixed Various minor bug fixes and improvements.