Igaware Version 13.4.6 released #Igaware #linuxsbs

New in Version 13.4.6 [Aug 25 2018]
======================================

* New Features and Improvements *

  • Update the Z-Push active-sync software to version 2.4.3
  • Update Kopano Webapp to version 3.4.17
  • Updated the Kopano server to version 8.6.4 for some sites.
  • Added a feature to allow the addition and modification of login permissions for the Web Config interface. New login users can be added and permissions given to configure different parts of the system.
  • Updated Mattermost to version 5.1. This allows the use of /mattermost sub-path.
  • Updated the transaction-isolation level to READ-COMMITED for Kopano database server. Performance improvement.
  • Modified the Email Activity Report to show high and low spam in different colours.
  • Added the SSL VPN logs to log viewer ( BETA)
  • Monitor the Kopano Search service as part of the System Health scripts.

* Fixes *

  • Fixed a rare problem with Sophos AV updates.
  • Added extra WAN interface to IP routing tables.
  • Do not check DNS RBL lists for LAN side email server.
  • Boost no longer required for kopano > 8.3. Removed.
  • Fixed a problem with the smfs socket directory file permissions.

Posted in Linux Small Business Server, System Updates | Leave a comment

Igaware Version 13.4.5-2 released #Igaware #linuxsbs

New in Version 13.4.5-2 [Jun 20 2018]
======================================

* New Features and Improvements *

  • A Kopano user can now be set to automatically accept meeting requests.

* Fixes *

  • During a network interface failover event, the failover daemon process would not restart properly.
  • There was a problem with the new code that checked for duplicated domains/ IP addresses in LAN config.
  • Fix a false system health report with regard to the MailScanner being stuck.

New in Version 13.4.4 [Jun 14 2018]
=====================================

* New Features and Improvements *

  • Updated the XML2 libraries.
  • Added a new option to the Kopano General config’ to  disable reminders for shared stores.
  • Added checks for duplicated LAN domains and IP subnets when defining a new LAN network.
  • Added an option to enable the Web Proxy Auto-Discovery Protocol (WPAD). This will provide a wpad.dat file for Web browsers to automatically configure their proxy settings.
  • Increased the limit for PHP memory usage.
  • Added a ‘zero-hour’ facility to the Anti-Spam system.
  • Updated the Samba software to the latest version.
  • Updated the Kerberos libraries to the latest version.
  • Updated the compression libraries ( zlib) to the latest version.
  • Updated the Razor anti-spam software to the latest version.
  • Updated the BIND DNS software to the latest version.
  • Accept_unresolvable domains from LAN side for sendmail.
  • Letsencrypt certs no longer need port 80 opened. The port will open and close automatically.
  • WARNING: loaded tcmalloc in kopano-server rc.d
  • WARNING: added innodb_buffer_pool_dump_at_shutdown ( & load at startup) to my.cnf for mysql >=5.6
  • WARNING: disabled THP at boot – transparent_hugepage=never added to boot params
  • Added new params to my.cnf local – lock wait timeout , etc.
  • New domain blacklists replace old ones – porn/ads/gambling
  • Added spamassassin dnsbl.spfbl.net check
  • For port input allow choice of all interfaces, not just WAN ones
  • Update the MailScanner phishing update scripts
  • Updated BIND to latest version
  • Exclude Python from rsync if NOT running Kopano
  • Added health script for Dyn DNS client.
  • Added bridged mode to SSL VPN.

* Fixes *

  • Fixed several problems with the Web config’ interface that were intoduced after changes to address PCI compliance and other security issues.
  • Fixed a few duplicate PHP function errors introduced with a previous update.
  • Fixed named ( BIND) nameserver, random timeouts
  • Fixed porn blocking list – removed expressions. They were too aggressive.
  • Fixed a problem with Hardware sensors not working for M2 ASUS boxes.
  • Fixed email image signature – use correct image extension not just .jpg 🙂
  • Enabled the DMZ LAN option. Enabled the firewall.dmz OS script and in bin/firewall.iptables
  • Fixed – Set “from” domain properly in zarafa user for vacation in .forward file.

Posted in Linux Small Business Server, System Updates | Leave a comment

Igaware Version 13.4.0 released #Igaware #linuxsbs

New in Version 13.4.0 [May 28 2018] =====================================

* New Features and Improvements *

  • Updated the Samba software to the latest version.
  • Updated the Kerberos libraries to the latest version.
  • Updated the compression libraries ( zlib) to the latest version.
  • Updated the Razor anti-spam software to the latest version.
  • Updated the BIND DNS software to the latest version.
  • Accept_unresolvable domains from LAN side for sendmail.
  • Letsencrypt certs no longer need port 80 opened. The port will open and close automatically.
  • Added new params to my.cnf local – lock wait timeout , etc.
  • New domain blacklists replace old ones – porn/ads/gambling
  • Added spamassassin dnsbl.spfbl.net check – For port input allow choice of all interfaces, not just WAN ones
  • Update the MailScanner phishing update scripts
  • Updated BIND to latest version
  • Exclude Python from rsync if NOT running Kopano
  • Added health script for Dyn DNS client.
  • Added bridged mode to SSL VPN.
  • NOTE libboost no longer required for kopano 8.3

* Fixes *

  • Fixed named ( BIND) nameserver, random Timeouts
  • Fixed porn blocking list – removed expressions. They were too aggressive.
  • Fixed a problem with Hardware sensors not working for M2 ASUS boxes.
  • FIXED email image signature – use correct image extension not just .jpg 🙂
  • Enabled the DMZ LAN option. Enabled the firewall.dmz OS script and in bin/firewall.iptables
  • FIXED – set from domain properly if zarafa user for vacation in .forward file.

New in Version 13.3.17-2 [May 23 2018] ========================================

* New Features and Improvements *

  • Updated the SSL VPN server software.
  • Updated the jQuery css file.

* Fixes *

  • Fixed a syntax error during “Commit Changes”
  • Milter Regex – ignore “ehlo” if auth_authlen is not null.

New in Version 13.3.16-20 [May 16 2018] ========================================

* New Features and Improvements *

  • Security updates for IPSec VPN.
  • Updated the jQuery library software to the latest version for PCI compliance.
  • Updated the IMAP server to the latest version.
  • Hardware health monitoring
  • Updated the spec files.
  • Updated the Web config’ interface login code.
  • Updated the GDBM database software to the newest version.
  • Re-compiled the NTOP server to use the new GDBM libraries.

* Fixes *

  • Blocked a potential leak of hidden javascript test files. This is not a serious problem, but access to the web server directory hierarchy has been tightened.
  • Fixed a problem with web visit monitoring in health script.
  • Various small fixes.
  • Fixed a problem with the MySQL config file, for versions of MySQL >= 5.6.

New in Version 13.3.16-17 [May 04 2018] ========================================

* New Features and Improvements *

  • Non-activity timer set to 30 mins for logins to the Web Config interface.
  • Updated the SSL VPN server to the latest version. Changed the compression algo to lz4.
  • Reverted change of algo from lz4 to lzo.
  • Added “Login Audit” to Activity Reports. This shows any login attempt to the Igaware Web Config interface. – Added “Connecting Host” to PPTP VPN activity report.

* Fixes *

  • Fixed a bug with the Web Config interface login. Text in the ‘user name’ field was forced to display as lowercase.
  • Fixed a problem with ntop where inactive interfaces where wrongly used.
  • Fixed a bug with the Email “HELO” milter check. The check was being performed regardless of the configuration setting.
  • Fixed the Legacy Web visits report to report correctly on machine name.

New in Version 13.3.16-10 [Apr 14 2018] ========================================

* New Features and Improvements *

  • Changed the MTU of PPTP connections
  • Clamped MSS in firewall.pptp.up/down.sh
  • Re-enable Telnet Server.
  • Major updates to the DNS “out of zone” config. This is for the new “Simple DNS” server feature.
  • Added a regex milter for sendmail. This will allow very fine control of Spam email. This is BETA and is not yet available on the Configuration interface for most servers.
  • The legacy Web Visits report now allows the selection of machines from multiple LAN’s.
  • Updated various help options.
  • Added a time interval to load average graphs.
  • Added innodb_file_format=Barracuda to mysql.cnf for mysql version >= 5.5. This allows Compact ( compressed) table formats.
  • New bridged networking mode added to SSL VPN configuration option.
  • Enforce the 2nd level authentication for SSL VPN. Some legacy installs used SSL VPN without the username/password 2nd level of authentication. That was still secure as the first level is an RSA certificate.

* Fixes *

  • SMTP outgoing email blocked by security update.
  • Reduced disk usage for the boot partition.
  • Fixed an error when Committing Changes.
  • Fixed a DNS problem with out of zone records.
  • Fixed a bug with the DNS “out of zone” config. Under some circumstances the OOZ DNS zone files would be written after every “Commit Changes”.
  • Updated the “Scan LAN network” feature to catch a problem caused if a user updates devices on the scan list when someone else has since deleted a device.

New in Version 13.3.15-3 [Mar 22 2018] =======================================

* New Features and Improvements *

  • Updated the safe phishing domain list.
  • Updated the Mattermost server.
  • The Z-push Status feature is now at final status. This allows you to list the Active-Sync status for all devices and users. Device profiles may be deleted or forced to re-sync.

* Fixes *

  • Fixed an undefined function error when committing changes.
  • The Log Cleardown script had a bug causing the cleardown to fail.
  • The network json config files where stored with the wrong permissions.
  • Log activity collection has been fixed. A bug prevented the logs from being processed quickly.
  • Fixed a problem where the Zarafa Server Status screen would sometimes not load.
  • Fixed a problem with email delivery to Active Directory users. If the account name included upper case characters, then, the email could be delayed. This is no longer the case.
  • The Mattermost initial configuration file was not installed.
  • Squashed a few small bugs with Mattermost.
  • Fixes to the Web configuration interface.

New in Version 13.3.14-3 [Mar 15 2018] =======================================

* New Features and Improvements *

  • The Mattermost Instant Messaging server is now included as a service.
  • Updated the Anti-Virus server to the newest version. This is a Security update.
  • Added Mailwatch to the Email Activity reporting. This shows a lot more information about sent and received emails. It also allows emails to be released from the quarantine, amongst many other things.
  • Improved the Activity reports.
  • Modified the MTA to listen on port 465 (SMTPS) for SSL/TLS connections. Note: Port 25 will accept STARTTLS connections.
  • Changed the Kopano Gateway ( POP/ IMAP) server to allow insecure SSL chipers for Microsoft Outlook.
  • Updated the mail server SASL auth software to newest version.
  • Re-compiled sendmail to use the new SASL libraries.

* Fixes *

  • [For 13.3.14-3] Removed multiple Subject headers that could be added to messages after scanning. This problem was introduced in version 13.3.14-1.
  • [For 13.3.14-2] Fixed a problem with the Log collection routines.
  • [For 13.3.14-1] Fixed the SSL VPN activity report.
  • [For 13.3.14-1] Increased the password security for the MySQL server.
  • [For 13.3.14-1] Fixed the Web Activity report.
  • Fixed some graphs that weren’t refreshing properly.
  • Fixed a problem with Outlook and DIGEST-MD5 authentication.
  • Other small Web Configuration fixes.

Posted in Uncategorized | Leave a comment

Igaware Version 13.3.13-1 released #Igaware #linuxsbs

New in Version 13.3.13-1 [Feb 20 2018]
=======================================

* New Features and Improvements *

  • Improved the MailScanner “phishing” database. This will improve detection of phising email scams.
  • Fixed the “pornography” category in the Website blocking list – removed the expressions list. It was too aggressive.
  • Added a new option to the IPSec VPN config. SA Lifetime – this determines when an connection expires and should bere-keyed. If the remote end won’t accept an inbound keying attempt, then, this should be greater than the lifetime set
    on the remote device.
  • Letsencrypt certificate creation/ renewal no longer requires port 80 to be left open. The port will open and close automatically.
  • Updated the BIND DNS nameserver to the latest version.
  • Added secure flag for cookies in HTTP resonce headers ( for PCI compliance).
  • Installed Python Dateutil & Six modules ( for Kopano-Search).
  • Created new System Status load average information and graphs.
  • Added/ optimized the 64-bit version of Mysql.
  • Added ssl vpn activity report
  • Update Python with sqlite3 database.
  • Improved network intrusion prevention to use less memory.
  • Testing Kopano version 8.5.0 at some sites.
  • Updated Web configuration help pages.

* Fixes *

  • Fixed a bug that prevented Kopano Orphaned stores from being removed.
  • System Internet speed test. Fixed. The new version of Python broke it.
  • Fixed some random network timeouts for the named ( BIND) DNS nameserver. – removed max ttl setting.
  • Fixed searching in Shared Stores for Kopano.
  • Converted all of the PHP MySQL database routines to use the new OO interface.
  • Several Config interface fixes.

Posted in Linux Small Business Server, System Updates | Leave a comment

The Igaware Linux Small Business Server – a cure for small business IT growing pains #SMEIT #linuxsbs #sbsserver

As your small business grows, the Igaware Linux Small Business Server becomes a great solution to avoid IT growing pains, enabling you to implement enterprise quality IT services that match a small business budget.

Start-up businesses tend to begin life using a mix of public IT services e.g.  gmail and drop box. This get starts you communicating and sharing information at minimum cost but, as your business grows, making your email and data private and secure is increasingly important as there is more to lose if things go wrong.

As your business grows there will come a time when having email and data secured and supported becomes a priority. Most businesses realise they have reached this point when problems occur with their current IT setup – growing pains if you like.

Growing pains come in a number of forms:

  • Problems sending and receiving emails.
  • Email spam and scams cause business disruption.
  • Frustration with email or data services not working as they should.
  • Lack of functionality – e.g. no shared calendars, difficulty sharing data
  • Lack of support – can’t get things fixed quickly
  • Need to adhere to data privacy and security standards such (PCI & GDPR)

The Igaware Linux Small Business Server is the perfect fit for your growing businesses as you scale up. It brings email and data under your control; private and secured on-premise. It delivers email and groupware services, central file sharing, data backup, and secure remote access for staff out and about.

The Igaware Linux Business Server incredibly robust and includes a UTM firewall that ensures your data and email is secured. Continuous automatic updates means there are no software updates to download and install, meaning no downtime, and no security holes.

And it’s easy to use too. Setting up a new email address or connecting a new device to your network can be done without having to call the cavalry – it’s all done through an easy to use web interface.

So if you’re ready to grow your business with IT pain, check out the Igaware Linux Small Business Server.

Posted in Linux Small Business Server | Leave a comment

Careful what you twitter – the fraudsters are watching!

I was chatting with one of our customers today who recently came close to becoming a victim of a banking scam, all because of a rant on twitter.

With a mortgage due for renewal they had contacted their bank who basically cocked up the process such that a rant on twitter was in-order. In response to the rant a very apologetic guy from the bank’s customer services department contacted them and promised to resolve the issue in person.

To get the mortgage through they were asked to resubmit an application online, and email proof of ID – photos of passports.

The application was successful and 50k was paid into their bank account ready to be transferred to a new account the bank had setup. The 50k showed up in their on-line banking as did the new account. It all looked legit.

It was only at the last minute when the customer service guy phoned them to ask them to go in person to the bank to authorise the transfer, that the customer thought, hold on, something’s not right.

It turns out the customer service guy was a fraudster and the 50k was a fraudulent loan setup in the customer’s name .

Next time you want to post something on-line, be it twitter or anywhere else, be aware that fraudsters are watching!

Posted in Privacy matters | Leave a comment

Keeping your data and email private #linuxsbs #GDPR #dataprivacy

The Igaware Linux Small Business Server delivers privacy and security that simply isn’t available with the Cloud.

In contrast to Cloud and other proprietary email and data services, Igaware offers a private platform where you have total control of your data and communications.

  • Igaware offers modern communication behind an enterprise class UTM Firewall.
  • Your IP address, your usage patterns, the contents of your messages—Cloud providers know more about your company than you do. In contrast, Igaware provides the benefits of modern communication without sacrificing privacy.
  • Data protection laws, data regulations, GDPR and even non-disclosure agreements are complex and ever-changing, with heavy penalties for breach. Having your email and data on the Igaware Linux Small Business Server simplifies compliance and reduces risk.

Posted in GDPR, Linux Small Business Server | Leave a comment

Kopano Groupware just gets better and better #igaware #linuxsbs #kopano

Kopano Groupware is a powerful communications platform that delivers email, calendars, tasks, shared folders, video conferencing, real time chat, file sharing and email encryption.

As part of the Igaware Linux Small Business Server it offers a highly secure, robust and easy to use communications suite.

Kopano Groupware is constantly being developed through customer feedback.

Learn about recent developments:

https://kopano.com/releases/kopano-releases-in-november-2017/

Posted in Kopano, Linux Small Business Server | Leave a comment

GDPR – Don’t be nuts! #igaware #linuxsbs #GDPR

If you don’t know where your data is and who has access to it then you will have a problem come May 2018 when the General Data Protection Regulations come into force.

GDPR makes you responsible for keeping your data safe. You will need to know precisely where your data is and who has access to it.

It would, of course, be nuts to hand your data and email over to a third party if it then means you have no idea where it is, who has access to it and what laws govern it. But that’s exactly what businesses do when they sign up for cloud services!

If you are using a US cloud provider you will likely have no idea where your data actually is or who has access to it. In fact 96% of cloud providers are not GDPR compliant*.

No matter who you do business with, you need to know where your data is physically stored, and that such storage and processing is compliant with current laws.

GDPR compels organisations to take responsibility for their data and email instead of just trusting a third party who’s business model is reliant on you handing over control of your data, on their terms, but with the liability with you. It’s not a good deal, and not a safe one.

So what’s the smart option? Well keeping your data and email on a server under your control makes sense. For SME businesses the Igaware Linux Small Business Server puts your data under your control, securely located in your office or a trusted physical location that you can access 24 x 7.

Be smart!

*http://www.securityweek.com/94-cloud-services-not-gdpr-compliant-report

Posted in Cloud, GDPR, Linux Small Business Server | Leave a comment

Complexity steals your time, money, and puts your data at risk #igaware #linuxsbs

The software market has long been dominated by ‘Corporateware’ – software that has been developed for large enterprises. Such software has a ‘million and one’ ways to be configured so that it can be flexible enough to meet the complex needs of large enterprise customers. That’s fine if you are a large enterprise with a dedicated IT department, but for an SME business such complexity is expensive to manage and a serious threat to data security – increased complexity increases introduces too many opportunities for error.

Igaware software, on the other hand, has been engineered specifically for the needs of SMEs customers, with a focus on simplicity, ease of use and keeping data private and secure.

The Igaware Small Business Server and UTM Firewall were launched in 1999, developed specifically for SME businesses to provide enterprise class security and services but without the burden of complexity.

Complexity introduces too many opportunities for error, so keep it simple!

Posted in Linux Small Business Server | Leave a comment