<> Trend Micro Incorporated March 25, 2023 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) InterScan(TM) Messaging Security Virtual Appliance 9.1 SP1 - Build 2164 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: This readme file was current as of the date above. However, all customers are advised to check Trend Micro's website for documentation updates at: http://www.trendmicro.com/download TIP: Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro website. Register during installation or online at: https://clp.trendmicro.com/FullRegistration?T=TM Contents ========================================================== 1. About InterScan Messaging Security Virtual Appliance 1.1 Overview of This Release 1.2 Who Should Install This Release 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation 5.1 Installing 5.2 Uninstalling 6. Post-Installation Configuration 7. Known Issues 8. Release History 9. Files Included in This Release 10. Contact Information 11. About Trend Micro 12. License Agreement ========================================================== 1. About InterScan Messaging Security Virtual Appliance ======================================================================== InterScan Messaging Security Virtual Appliance (IMSVA) integrates multi-tiered spam prevention and anti-phishing with award-winning antivirus and antispyware. Content filtering enforces compliance and prevents data leakage. This easy-to-deploy appliance is delivered on a highly scalable platform with centralized management, providing easy administration. Optimized for high performance and continuous security, the appliance provides comprehensive gateway email security. 1.1 Overview of This Release ===================================================================== This SP includes all patches and critical patches released after IMSVA 9.1 GM Build 1600. 1.2 Who Should Install This Release ===================================================================== Install this SP if you are currently running any package released before IMSVA 9.1 SP1 Build 2164. 2. What's New ======================================================================== NOTES: - Please install the SP before completing any procedures in this section (see "Installation"). - If you are using Apex Central 2019 to manage IMSVA 9.1, you need to install Apex Central 2019 HF5639 or later after installing this SP. - You must restart all IMSVA devices as scheduled after applying this SP. 2.1 Enhancements ===================================================================== The following enhancements are included in this SP: Enhancement 1: This SP1 upgrades OpenSSL. Enhancement 2: This SP1 upgrades CentOS to 3.10.0 from 2.6.32. Trend Micro recommends backing up IMSVA before upgrading the operating system. Procedure Do any of the following tasks to back up IMSVA: • Ghost the entire computer where IMSVA is installed. • Take a snapshot for IMSVA if it is installed on a virtual machine. • Back up the app_data partition of IMSVA. a. Open the operating system shell console and run the following commands: /opt/trend/imss/script/imssctl.sh stop service crond stop b. Mount an external disk to /var/udisk. c. Copy all files to the disk: cp -rf --preserve /var/app_data/* /var/udisk/app_data_backup/ If IMSVA is deployed in the parent-child mode, you need to perform the backup procedure on all IMSVA devices. Do not restart IMSVA until you have completed the upgrade process. During the upgrade, IMSVA settings will be retained, and no customized operating system settings migrate, except the host name, root account, network, and gateway settings. To retain your original customized settings, do the following: a. Mount the original root partition to a path on the server you have upgraded, for example, /root/original_root: mount /dev/mapper/IMSVA-Root2 /root/original_root b. Find the original settings in the mounted path. c. Add the original settings to the server After successful installation of SP1, the previous HF or Patch will not be rolled back. Enhancement 3: This SP1 upgrades javaJRE. 2.2 Resolved Known Issues ===================================================================== This release resolves the following issues: Issue 1: Some information may be missing from InterScan Messaging Security Virtual Appliance (IMSVA) reports because the information is missing from the database. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This SP ensures that all required information is properly saved in the database so that IMSVA reports contain complete and accurate information. Issue 2: IMSVA uses the wrong SNMP Trap message ID for "Switched to Conventional Scan". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This SP corrects the "Switched to Conventional Scan" SNMP trap ID. Issue 3: The "X-TM-AS-GCONF" email header displays incorrect information. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This SP ensures that the "X-TM-AS-GCONF" email header displays the correct information. Issue 4: An issue prevents the Product Registration (PR) module from validating product Activation Codes (AC) correctly during Daylight Saving Time (DST). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This SP upgrades the PR module to ensure that it can validate ACs correctly during DST. Issue 5: Users cannot create admin accounts using LDAP authentication when they have previously accessed the "Administration > End-User Quarantine" page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This SP resolves the issue so users can create admin accounts using LDAP authentication without issues. Issue 6: Some temporary files under the "/tmp/" folder are not purged automatically. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This SP ensures that IMSVA purges temporary files under the "/tmp/" regularly. Issue 7: wrsagent does not work if the hostname exceeds 32 bytes. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This SP ensures that wrsagent can handle hostnames that exceed 32 bytes. Issue 8: Users cannot create an admin account using Sun iPlanet LDAP authentication. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This SP ensures that users can create admin accounts using Sun iPlanet LDAP authentication. Issue 9: imssd may stop working while scanning certain email messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: This SP ensures that imssd can scan email messages normally. Issue 10: IMSVA may submit a URL sample to Trend Micro Deep Discovery Analyzer when the URL is very long or when all the URLs are in cache but the Deep Discovery Analyzer report is not ready. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: This SP ensures IMSVA submits the correct URL samples to Deep Discovery Analyzer for analysis. Issue 11: The IMSVA "Password protected zip files (unscannable files)" policy does not work if it scans an email after receiving the Virtual Analyzer reports. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: This SP ensures that the policy works normally. Issue 12: An error message is added into the IMSVA database log. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: This SP resolves the error. Issue 13: Sometimes, the Sender Policy Framework (SPF) approved list in IMSVA does not work. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: This SP ensures that the SPF approved list works normally. Issue 14: This SP enables SPF to support EDNS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 14: This SP resolves the issue. Issue 15: Previously, IMSVA does not treat adding an X-header to an email message as modifying the email and does not split the email. This SP provides to configure IMSVA to treat this event as email modification. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 15: To configure IMSVA to treat adding an X-header to an email message as email modification: 1. Install this SP (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set its value to "yes": [general] InsertXHeaderTagIfModifyMsgBody=yes 4. Save the changes and close the file. 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99IMSS restart ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 15: This SP resolves the issue. Issue 16: The InterScan Messaging Suite Virtual Appliance (IMSVA) scanner may stop unexpectedly when the "Smart Scan" is enabled and "Pattern update" is disabled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 16: This SP updates the Smart Scan module to resolve the issue. Issue 17: If the local server management module cannot access the database during initialization, it will not be able to work normally even after the database is back to normal. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 17: This SP ensures that the local server management feature works normally once the database is back to normal. Issue 18: If the IMSVA product license has expired but is still within the renewal grace period, Trend Micro Control Manager(TM) will not be able to deploy components like pattern files and search engines to IMSVA. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 18: This SP resolves the issue. Issue 19: The IMSVA queue monitor thread may calculate the archive and quarantine sizes incorrectly and will be triggered to notify the administrator that the queue is almost full. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 19: This SP ensures that IMSVA calculates the queue size correctly. Issue 20: The message tracing module may not be able to parse the maillog under certain conditions. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 20: This SP ensures that the message tracing module can parse the maillog correctly. Issue 21: The IMSVA delivery service may not be able to start if it takes a long time to connect to the database and eventually fail to connect to the database. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 21: This SP enables the manager service to attempt to start the delivery service repeatedly until the service starts successfully. Issue 22: The "Header keyword expressions" filter may not be able to detect some certain types of email messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 22: This SP ensures IMSVA can detect email messages normally. Issue 23: Under certain special network conditions, the End User Quarantine (EUQ) console displays an exception error while refreshing 20 minutes after users log in. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 23: This SP resolves this issue. Issue 24: "Virtual Analyzer Settings" and "DKIM Signature Event" notifications display the wrong SNMP trap IDs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 24: This SP defines new SNMP trap IDs for these two event notifications. Issue 25: URLs in the web reputation approved list are still rewritten because the approved list is case-sensitive. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 25: This SP makes the list case-insensitive. Issue 26: The imsscmagent service may encounter high CPU usage issues. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 26: This SP prevents the issue. Issue 27: Sender Filtering logs incorrectly indicate that DMARC connections are "dropped". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 27: This SP ensures that the DMARC connection status is correct. Issue 28: Macrowave can detect first-wave malware. This SP enables InterScan Messaging Security Virtual Appliance (IMSVA) to detect unknown malware in an email attachment based on machine learning technology. This technology is integrated with the IMSVA anti-spam policy and is enabled by default. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 28: This SP resolves the issue. Issue 29: Sometimes, when users modify a bookmark in a different operating system, the line endings will be different which prevents IMSVA from recognizing the bookmark. This SP enables IMSVA to recognize modified bookmarks. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 29: This SP resolves the issue. Issue 30: The InterScan Messaging Security Virtual Appliance (IMSVA) content filter may encounter performance issues when using certain kinds of expressions. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 30: This SP upgrades the eManager(TM) module to the latest version to prevent the performance issues. Issue 31: Expressions may be saved with an unnecessary ".*" at the beginning or at the end which may impact IMSVA performance. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 31: This SP enables IMSVA to automatically remove ".*" from the beginning or end of old expressions before scanning and to remind users to remove the ".*" at the beginning or at the end of an expression when saving it. Issue 32: The "bounce_queue_lifetime" key is set to "0" by default which may not be suitable under certain scenarios. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 32: This SP changes the default value of "bounce_queue_lifetime" to "1d". Issue 33: The IMSVA program is affected by a certain vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 33: This SP resolves the vulnerability. Issue 34: This SP allows users to configure the allowed maximum DFA node number and maximum regex match times to prevent performance issues. This SP also enables IMSVA to display the DFA node number of a configured policy and to generate logs if the DFA exceeds the configured maximum number in "contentFilterMaxDFANodeLimit" or when match times exceed the configured number of times in "contentFilterMaxRegMatchLimit". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 34: This SP resolves the issue. Issue 35: This SP improves the End User Quarantine (EUQ) digests performance enhancing ldapcache and changing euqutil to multi-threads. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 35:To set a number of threads for each EUQ database in the Digest process: 1. Install this SP (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set it to the maximum number of threads. Trend Micro recommends setting it to "10". [general] DigestThrdNumPerEUQDB=10 4. Save the changes and close the file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 35: This SP resolves the issue. Issue 36: The "Administration > Transport Layer Security > Messages Exiting IMSVA" settings are not exported after users click the "Export" button at the bottom of the page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 36: This SP ensures that the settings can be exported normally by clicking on the "Export" button at the bottom of the page. Issue 37: On rare instances, the imssd process may not be able to start after an Active Update. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 37: This SP adds a new exclusive lock to ensure that imssd can start successfully after an Active Update. Issue 38: Some temporary files remain in the "/tmp" folder. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 38: This SP removes the unused temporary files from the "/tmp" folder. Issue 39: DMARC reports from InterScan Messaging Security Virtual Appliance (IMSVA) may contain invalid domain selectors. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 39: This SP resolves the issue. Issue 40: Email messages with invalid message-id's cannot be sent to Virtual Analyzer. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 40: This SP ensures that these email messages can be sent to Virtual Analyzer successfully. Issue 41: There is a minor bug in "marco wave" enhancement ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 41: This SP resolves the issue. Issue 42: This SP enables IMSVA to send out notifications using the first anti-virus or Web Reputation Service (WRS) policy notification when triggered by suspicious objects (SO) and the SO-URL policy. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 42:To enable the notification 1. Install this SP (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "policy_server" section and set its value to "true". [policy_server] EnableSORuleNotifyAction=true 4. Save the changes and close the file. 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99POLICY restart ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 42: This SP resolves the issue. Issue 43: The syslog output is sent to the terminal console when InterScan Messaging Security Virtual Appliance (IMSVA) cannot connect to the syslog server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 43: This SP prevents IMSVA from sending the syslog output to the terminal console when it cannot connect to the syslog server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 43: This SP resolves the issue. Issue 44: dtasagent may send a large number of unnecessary error notifications to administrators. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 44: This SP resolves this issue. Issue 45: A case-sensitivity issue related to the DFA table prevents the eManager(TM) 7.5 module from matching file names properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 45: This SP updates the eManager module to resolve this issue. Issue 46: There are proposed Active Update (AU) security enhancements for Trend Micro Deep Discovery Email Inspector in InterScan Messaging Security Virtual Appliance (IMSVA). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 46: This SP applies these enhancements to IMSVA. Issue 47: The IMSVA services restart even when the expiration date has not been renewed manually online. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 47: This SP resolves this issue. Issue 48: Users encounter a "Fail to Create Scan Option for eManager" error when creating a policy with keywords or expressions that contain "人種差別". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 48: This SP ensures that users can create policies normally. Issue 49: An issue related to the Archive Area size calculation triggers IMSVA to send out notifications. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 49: This SP increases the sub-folder calculation count from 4 to 16 to help prevent the issue. Issue 50: The Data Loss Prevention(TM) (DLP) policy blocks certain attachments incorrectly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 50: This SP updates the eManager module to resolve this issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 50: To apply the changes: 1. Install this SP (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set it to "no": [general] KeepOriginTypeForEncryptedFile=no 4. Save the changes and close the file. 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99IMSS restart Issue 51: InterScan Messaging Security Virtual Appliance (IMSVA) sends Web Reputation Services (WRS) queries without the product GUID. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 51: This SP adds the product GUID information in WRS queries. Issue 52: An issue prevents IMSVA from detecting spoof email messages that contain a double at sign "@@" in the sender domain. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 52: This SP updates "libFilterAntiSpoof.so" to resolve this issue. Issue 53: The blocked domain list supports only up to 5000 entries. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 53: This SP allows users to set the maximum supported entries for the blocked domain list on CPF. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 53: To apply the changes: 1. Install this SP (see "Installation"). 2. Insert a record into the IMSVA database by running the following SQL statement: insert into tb_global_setting (section, name, value, inifile) values ('pre-filter', 'approved_sender_list_limit', '5000', 'imss.ini'); insert into tb_global_setting (section, name, value, inifile) values ('pre-filter', 'blocked_sender_list_limit', '5000', 'imss.ini'); 3. Run the following command in the IMSS backend: /opt/trend/imss/script/S99ADMINUI restart Issue 54: An issue prevents IMSVA from inserting stamps in text/plain entities on specific messages from any iOS platform. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 54: This SP upgrades the third-party TmMsg module to resolve this issue. Issue 55: The "TaskTimeout" setting for smart_scan remains at 1500 (ms) after the value of "query_timeout_ms" has been updated to 3500 (ms). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 55: This SP updates "libFilterVirus.so" to resolve the issue. Issue 56: Trend Micro Deep Discovery Analyzer returns a server error when it receives a URL sample that contains square brackets in the domain part from other Trend Micro products. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 56: This SP updates some internal modules to fix this issue. Issue 57: This SP provides a way to export the TLS status from message tracking reports. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 57: This SP resolves the issue. Issue 58: The view of message header only shows up to 2 KB on the Mail Areas & Queues Management in the Management Console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 58: This SP allows users to configure the maximum length of message header shown on the Mail Areas & Queues Management within a range between 2048 and 10240. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 58: To show up to 10240 bytes (10 KB) of the message header: 1. Install this SP (see "Installation"). 2. Connect to the IMSVA database by running the following command. /opt/trend/imss/PostgreSQL/bin/psql imss sa 3. Insert the new row for MsgHeaderMaxLimit into the table tb_global_setting by running the SQL command one line by one line. INSERT INTO tb_global_setting VALUES ('general','MsgHeaderMaxLimit','10240','imss.ini','' ); 4. Quit the psql program by running the following command. \q 5. Restart the Manager service by running the following command. /opt/trend/imss/script/S99MANAGER restart Issue 59: The handoff message does not display and the "unknown mail transport error" message appears instead when the hostname for the handoff host is too long. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 59: This SP updates the corresponding regular expression in the header_checks file to ensure that the handoff message displays normally when the handoff host hostname is long. Issue 60: The non-default Active Update settings support https protocol. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 60: This SP updates the "libtmau.so" to resolve this issue. Issue 61: This SP provides a way to apply SMTP throttling to specific senders only. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 61: This SP resolves the issue. Issue 62: All outbound encrypted email messages mistakenly triggered scanning exceptions and were quarantined.. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 62: This SP upgrades the cryptoSDK module to resolve this issue. Issue 63: There are several improvements to the record sorting mechanism in widgets. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 63: This SP adds a common string ascending or descending comparison algorithm for sorting records in widgets which can be activated using the new "Sort" button on the list box. Issue 64: If users repeatedly add and delete keywords and expressions without saving the changes, the case-sensitivity setting may not work during keyword and expression matching. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 64: This SP updates the caseSensitiveItems setting for mapped IDs to resolve the issue. Issue 65: There are several improvements to Web Reputation Service (WRS) logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 65: This SP updates the WRS Score Result log level from "NORMAL" to "DIAGNOSTIC" to reduce the number of logs. Issue 66: Encrypted email messages trigger scanning exceptions for all outbound secure messages and are quarantined. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 66: This SP upgrades the cryptoSDK module to resolve this issue. Issue 67: An out of memory issue occurs and the imssd process stops on IMSVA. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 67: This SP upgrades the eManager module to resolve this issue. Issue 68: Email is not quarantined when email encryption fails and the recipient can still retrieve the email that has not been encrypted. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 68: This SP resolves this issue. Issue 69: The imsva_91_en.criticalpatch1993.tar.gz critical patch cannot be applied to the parent IMSVA device. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 69: This SP repacks the critical patch as imsva-91-en.criticalpatch-B1993-r1.tar.gz to resolve this issue. Issue 70: Sometimes, intended users do not to receive End User Quarantine (EUQ) digests. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 70: This SP updated euqutil function to ensure that all intended users receive EUQ digests. Issue 71: The eManager(TM) component encounters a memory leak issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 71: This SP enables InterScan Messaging Security Virtual Appliance (IMSVA) to set "error_code=0" before calling the eManager API to prevent the memory leak issue. Issue 72: The SPF record checking results in DMARC will appear as "failed" when it encounters an SPF record that includes macros. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 72: This SP updates "libopendmarc.so" to resolve this issue. Issue 73: Sometimes, IMSVA sends out notification that the MsgTracing function has stopped unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 73: This SP enables IMSVA to reserve certain local ports to resolve this issue. Issue 74: Additional End User Quarantine (EUQ) Log Action Details are needed in logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 74: This SP enables EUQ to generate logs when end users take action. Issue 75: The tagged subject information does not appear in policy event and message tracking logs when there is no subject field in the original email header. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 75: This SP updates "libFilterAction.so" to ensure that the tagged subject information appears in policy event and message tracking logs. add a hidden key to control this behavior as follows: insert into tb_global_setting (section, name, value, inifile) values ('MessageModule', 'LoggingTaggedBlankSubject', 'yes', 'imss.ini'); Issue 76: A typo which should be split rather than splitted in imssd log. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 76: This SP corrects the typo to resolve this issue. Issue 77: Some long URLs may become unavailable after InterScan Messaging Security Virtual Appliance (IMSVA) re-writes them. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 77: This SP resolves the issue by ensuring that IMSVA rewrites long URLs correctly. Issue 78: An issue prevents the "Header keyword expressions" filter in IMSVA from matching certain types of S/MIME email messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 78: This SP ensures that the "Header keyword expressions" filter works normally. Issue 79: An exception error appears when IMSVA attempts to display a quarantined message. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 79: This SP ensures that IMSVA can query quarantined messages correctly. Issue 80: The OpenSSH module in IMSVA is affected by a certain vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 80: This SP updates the OpenSSH module to resolve the vulnerability. Issue 81: An issue prevents users from querying the status of a Log Query and receiving the delivery feedback. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 81: This SP enables the "Message Tracking" page of the IMSVA web console to display the delivery status of the handoff action. Issue 82: Credit card information in email messages cannot be matched. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 82: This SP updates the eManager(TM) module to resolve this issue. Issue 83: ActiveUpdate (AU) may not work when the Legion Object Identifier (LOID) exceeds 2 GB. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 83: This SP upgrades "libtmau.so" to resolve this issue. Issue 84: This SP enables IMSVA to support Trend Micro Email Security (TMEMS) migration. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This SP resolves the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 84: To enable IMSVA to support TMEMS migration: 1. Install this SP (see "Installation"). 2. Insert one record into the IMSVA database by running the following SQL statements: insert into tb_global_setting (section, name, value, inifile) values ('imp_exp', 'enable_ems_migrate', '1', 'imss.ini'); Issue 85: This SP merges the policy search tool for InterScan Messaging Security Suite (IMSS) 9.1 with IMSVA 9.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 85: This SP resolves the issue. Issue 86: Under certain conditions, InterScan Messaging Security Virtual Appliance (IMSVA) inserts inaccurate dmarc check result in the email header. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 86: This SP ensures that IMSVA inserts the correct information to email headers. Issue 87: Some valid DKIM signed email messages are tagged as failed verification by mistake. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 87: This SP resolves this issue. Issue 88: The IMSVA program is affected by a certain vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 88: This SP resolves the vulnerability. Issue 89: When there are too many files to be sent to Trend Micro Deep Discovery Analyzer, the IMSVA cache for virtual analyzer fills up which may cause analysis to take too long. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 89: This SP improves the cache query speed to resolve the issue. Issue 90: There are extra spaces in the DKIM signature DNS Record in the web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 90: This SP removes the extra spaces from the DKIM signature DNS record. Issue 91: This SP enables users to specify a DNS for anti-spam engine use only. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 91: This SP resolves the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 91: To set a DNS for anti-spam engine use only: 1. Install this SP (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.inis" using a text editor. 3. Locate or add the "[in-the-cloud]" section and add the following value: [in-the-cloud] dns_for_tmase=ww.xx.yy.zz (specific DNS server, accepts only one DNS server) 4. Save the changes and close the file. 5. Restart the scanner using the following command: /opt/trend/imss/script/S99IMSS restart Issue 92: This SP disables port 8009 for external devices. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 92: This SP resolves the issue. Issue 93: When InterScan Messaging Security Virtual Appliance (IMSVA) imports information from the database into a file, some IP addresses may not appear in the approved list of the Email Reputation Service (ERS). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 93: This SP helps ensure that all required and relevant information is imported correctly. Issue 94: An issue prevents the IMSVA true file type policy from detecting "LHA" and "LZH" files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 94: This SP resolves the issue. Issue 95: IMSVA scanner does not work when there are no matching policies and the "Suspicious URL list" is enabled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 95: This SP resolves the issue. Issue 96: Sensitive words were used in the IMSVA web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 96: This SP replaces sensitive words on the IMSVA web console. Issue 97: Inaccurate logs display on the IMSVA web console when users click the back button on the browser. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 97: This SP resolves the issue. Issue 98: The message tracing feature may stop unexpectedly due to an exception. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 98: This SP improves the stability of the message tracing module to resolve this issue. Issue 99: The IMSVA program is affected by a certain vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 99: This SP updates the Java(TM), Apache(TM), and Tomcat(TM) modules to resolve the vulnerability. Issue 100: This SP enables users to configure IMSVA to notify administrators by email message or SNMP trap if there is insufficient free space on the root partition. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 100: This SP resolves the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 100: To enable the notification for insufficient free space in the root partition: 1. Install this SP (see "Installtion"). 2. Ensure that the "Delivery Settings" in the "Administration > Notifications > Delivery Settings" page have been configured, otherwise, IMSVA will not be able to notify administrators. 3. Connect to the database by running the following command: /opt/trend/imss/PostgreSQL/bin/psql imss sa 4. Add the following hidden keys in the database by running the following commands in order: 4.1 To configure notification by email message, run: INSERT INTO tb_global_setting VALUES ('General-Notification', 'FreeRootPartitionEmail', 'yes', 'imss.ini', NULL); 4.2 To configure notification by SNMP trap, run: INSERT INTO tb_global_setting VALUES ('General-Notification', 'FreeRootPartitionSNMP', 'yes', 'imss.ini', NULL); 4.3 To configure the notification threshold for root partition size, for example, to set it to 1024 MB (Default), run: INSERT INTO tb_global_setting VALUES ('General-Notification', 'FreeRootPartitionSize', '1024', 'imss.ini', NULL); 4.4 To configure the email subject, run: INSERT INTO tb_global_setting VALUES ('General-Notification', 'FreeRootPartition_Subject', 'Free disk space (%FREESPACE%) of root partition %FOLDERPATH% on scanner(%HOSTNAME%) is below threshold.', 'imss.ini', NULL) NOTE: This is optional, if not configured, IMSVA will use the data partition notification template in the "Administration > Notifications" page. Click "Data partition free space on any host is less than" to edit and use the "%FOLDERPATH%" variable to replace the hardcoded partition name. 4.5 To configure the email message, run: INSERT INTO tb_global_setting VALUES ('General-Notification', 'FreeRootPartition_Message', 'Free disk space (%FREESPACE%) of root partition %FOLDERPATH% on scanner(%HOSTNAME%) is below threshold.', 'imss.ini', NULL); NOTE: This is optional. 4.6 To configure the SNMP message, run: INSERT INTO tb_global_setting VALUES ('General-Notification','FreeRootPartition_SNMPMes sage', 'Free disk space (%FREESPACE%) of root partition %FOLDERPATH% on scanner(%HOSTNAME%) is below threshold.','imss.ini', NULL); NOTE: This is optional. 5. Close the database connection using the following command: \q 6. Restart the monitor service using the following command. /opt/trend/imss/script/S99MANAGER restart To disable the notification for insufficient free space in the root partition: 1. Connect to the database by running the following command: /opt/trend/imss/PostgreSQL/bin/psql imss sa 2. Update the hidden keys in the database by running the following commands: 2.1 Disable the email notifications by running the following command. update tb_global_setting SET value = 'no' where section = 'General-Notification' AND name = 'FreeRootPartitionEmail'; 2.2 Disable the SNMP trap notifications by running the following command. update tb_global_setting SET value = 'no' where section = 'General-Notification' AND name = 'FreeRootPartitionSNMP'; 3. Close the database connection using the following command: \q 4. Restart the monitor service by running the following command. /opt/trend/imss/script/S99MANAGER restart Issue 101: Users cannot set the "Non-existing recipients exceeds" value of the DHA Attack rule to "0". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 101: This SP allows users to set the DHA Attack rule "Non-existing recipients exceeds" value to "0". Issue 102: The Active Update (AU) module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 102: This SP updates the AU module to resolve the vulnerability. Issue 103: This SP allows users to configure InterScan Messaging Security Virtual Appliance (IMSVA) to send BCC email messages in a new session. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 103: This SP resolves the issue. Issue 104: This SP enables IMSVA to support synchronizing custom attributes as email addresses. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 104: This SP resolves the issue. Issue 105: Sensitive words were used in the IMSVA web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 105: This SP replaces sensitive words on the IMSVA web console. Issue 106: Some DMARC event logs are not imported into the database successfully. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 106: This SP resolves the issue. Issue 107: The scanner process stops unexpectedly while installing a SP. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 107: This SP resolves the issue. Issue 108: An issue prevents the TMASE engine from rewriting certain URLs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 108: This SP updates the TMASE engine to resolve the issue. Issue 109: Some internal issues have been found in InterScan Messaging Security Virtual Appliance (IMSVA). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 109: This SP resolves the internal issues. Issue 110: InterScan Messaging Security Virtual Appliance (IMSVA) may replace the certificate of the End User Quarantine (EUQ) service. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 110: This SP resolves the issue. Issue 111: A user requests to update some Operating System bundled modules. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 111: This SP upgrades these modules. Issue 112: The root partition may be used up when there is high network traffic. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 112: This SP moves the maillog from the root partition to the data partition to free up some space in the root partition. Issue 113: Some mail transfer agents (MTA) may reject email messages with line lengths exceeding "998". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 113: This SP sets "smtp_line_length_limit=998" to keep line lengths manageable. Issue 114: Some PDF files causes the imssd process to run out of memory. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 114: This SP resolves the issue. Issue 115: The ATSE/VSAPI engines cannot handle certain CHM files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 115: This Critical Patch upgrades the ATSE/VSAPI engines to resolve this issue. Issue 116: InterScan Messaging Security Virtual Appliance (IMSVA) may not able to flush some email messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 116: This SP ensures that IMSVA can flush email messages normally. Issue 117: IMSVA may not able to clean expired logs when DMARC report is enabled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 117: This SP ensures that IMSVA can clean expired logs normally when DMARC report is enabled. Issue 118: The SPF in DMARC checks may send a notification when it detects a macro %{h} in the SPFrecord. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 118: This SP resolves this issue. Issue 119: Certain messages may trigger a coredump issue in the opendmarc process. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 119: This SP resolves this issue. Issue 120: Users with read-only privileges can edit the policy action which triggers a 403 error. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 120: This SP ensures that only users with the required permissions can edit the policy action. Issue 121: When users configure the IMSVA firewall to allow a third party tool to connect to the IMSVA database but it is not connected through the "Internal Communication Port", the IMSVA manager may restart repeatedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 121: This SP resolves this issue. Issue 122: Kerberos login fails under certain LDAP settings. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 122: This SP resolves the issue. Issue 123: Users cannot add email addresses that contain an underscore to the policy rule. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 123: This SP resolves this issue. Issue 124: An issue prevents InterScan Messaging Security Virtual Appliance (IMSVA) from correctly matching certain special URLs to the Web Reputation Approved List. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 124: This SP resolves the issue. Issue 125: The polevt.imss.xxx log cannot record attachments when there are more than 10 attachments. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 125: This SP resolves the issue. Issue 126: An extra white space in the global setting prevents users from accessing the End User Quarantine (EUQ) page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 126: This SP removes the extra white space from the global setting. Issue 127: A large number of temp files fill up the inode. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 127: This SP updates the ActiveUpdate (AU) module to resolve this issue. Issue 128: By design, IMSVA sends all content logs to Trend Micro Apex Central(TM). This SP provides an option to allow IMSVA to send only the content logs for the "Delete entire message", "Delete attachment", and "Quarantine" action. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 128: This SP resolves the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 128: To allow IMSVA to send only the content logs for the "Delete entire message", "Delete attachment", and "Quarantine" action: 1. Install this SP (see "Installation"). 2. Connect to the IMSVA database by running the following command: /opt/trend/imss/PostgreSQL/bin/psql imss sa 3. Run the following SQL statement in a single line. insert into tb_global_setting values('cmagent','ContentLogOnlySendQtOrDel','yes' ,' imss.ini'); 4. Log off from the database server by running the following command: \q 5. Restart the cmagent service using the following command: /opt/trend/imss/script/S99CMAGENT restart Issue 129: This SP provides an option to allow users to replace flagged URLs with customized text. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 129: This SP resolves the issue. Issue 130: Some accounts created from the adminUI may not be able to access the command line interface on protected computers running on CentOS 7. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 130: This SP resolves the issue. Issue 131: An issue prevents IMSVA from matching certain special URLs with the Web Reputation Approved List. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 131: This SP resolves the issue so IMSVA can match URLs to the Web Reputation Approved List. Issue 132: Postfix may stop delivering email messages to the scanner for a certain period of time after a pattern update. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 132: This SP resolves the issue. Issue 133: Sensitive words are used in the DKIM UI. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 133: This SP resolves the issue. Issue 134: TLS certificates may become corrupted after users close the detail page of certificates. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 134: This SP resolves the issue. Issue 135: IMSVA may not trust some valid certificates. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 135: This SP ensures that IMSVA can correctly recognize trusted certificates. Issue 136: This SP adds a feature that enables IMSVA to send audit logs to the syslog server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 136: This SP resolves the issue. Issue 137: InterScan Messaging Security Virtual Appliance (IMSVA) uses a version of the libxml2 third-party library that is affected by a certain vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 137: This SP resolves the issue. Issue 138: This SP updates the WRSAGENT API. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 138: This SP resolves the issue. Issue 139: After upgrading the TMASE engine, InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 may treat a normal sample as spam. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 139: This SP resolves a null pointer issue to ensure that normal samples are not treated as spam. Issue 140: Sometimes, TLS does not work normally. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 140: This SP resolves this issue by adding "smtpd_tls_eecdh_grade=strong" to the "$IMSS_HOME/postfix/etc/postfix/main.cf" file. Issue 141: Certain special LDAP settings prevent users from logging in to the InterScan Messaging Security Virtual Appliance (IMSVA) End User Quarantine (EUQ) console. When this happens, the IMSVA LDAP connection must be disconnected after authentication, and a new LDAP connection established for the next user. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 141: This SP provides an option to configure IMSVA to always disconnect the LDAP connection after authentication. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 141:To configure IMSVA to always disconnect the LDAP connection after authentication: 1. Install this SP (see "Installation"). 2. SSH to the IMSVA parent device and connect to the database by running the following command. /opt/trend/imss/PostgreSQL/bin/psql imss sa 3. Run the following SQL command. insert into tb_global_setting values('LDAP','always_disconnect_auth_ldap','yes','i mss.ini'); 4. Close the database connection by running the following command. \q 5. Restart the IMSVA EUQ console by running the following command on all IMSVA parent and child devices. S99EUQ restart Issue 142: A user requests for a way to be able to set a one-time DNS query timeout value in SPF. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 142: This SP allows users to set a one-time DNS timeout value. Issue 143: The IMSVA file sandbox may not work if there are two URL sandbox policies before the file sandbox policy. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 143: This SP ensures that the IMSVA file sandbox works normally. Issue 144: This SP adds the TMASE eureka feature to improve phishing mail detection. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 144: This SP resolves the issue. Issue 145: Users may not able to import certificates when the private key password contains certain special characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 145: This SP resolves this issue by enabling the certificate import function to support private key passwords with special characters. Issue 146: Multiple message tracking logs are created when port 10025 is temporarily unavailable. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 146: This SP resolves the issue. Issue 147: The %UPDATEERROR% variable displays garbled characters in scheduled update notifications. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 147: This SP resolves this issue by encoding the "aumsg.*" files in UTF-8. Issue 148: An issue prevents InterScan Messaging Security Virtual Appliance (IMSVA) from matching certain special URLs to the Web Reputation Service (WRS) approved list. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 148: This Critical Patch resolves the issue these special URLs can be matched correctly with the WRS approved list. Issue 149: InterScan Messaging Security Virtual Appliance (IMSVA) still uses OpenSSL 1.0.2. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 149: This SP upgrades OpenSSL from version 1.0.2 to 1.1.1. Issue 150: Some outdated files cannot be purged successfully. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 150: This SP ensures that outdated files are purged promptly. Issue 151: Message Tracking Logs show duplicate entries when the page is set to display 15 logs per page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 151: This SP resolves this issue. Issue 152: An issue prevents InterScan Messaging Security Virtual Appliance ( IMSVA) from blocking encrypted PDF files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 152: This SP updates the dtsearch module to resolve the issue. Issue 153: This SP provides a way to configure IMSVA to lock an account after multiple failed login attempts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 153: This SP resolves the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 153: To configure IMSVA to lock an account after multiple failed login attempts: 1. Install this SP (see "Installation"). 2. Connect to the IMSVA database by running the following command. /opt/trend/imss/PostgreSQL/bin/psql imss sa 3. Run the following command in a single line: update tb_global_setting set value=1 where section='general' and name='account_lock_feature' Issue 154: This SP provides an option to configure IMSVA to monitor the number of email messages in the reprocess/reprocessbig queue so that if it exceeds the threshold, an email notification or SNMP trap message will be sent out. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 154: This SP resolves the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 154: To enable the notification: 1. Install this SP (see "Installation"). 2. SSH to IMSVA and connect to the database by running the following command: /opt/trend/imss/PostgreSQL/bin/psql imss sa 3. Run the preferred command below in a single line: - To enable email notification if reprocess/reprocessbig queue exceeds the threshold: insert into tb_global_setting values('General-Notification', 'ReprocessQueueNotifyByEmail','on','imss.ini'); - To enable SNMP notification if reprocess/reprocessbig queue exceeds the threshold (optional, default is disabled): insert into tb_global_setting values('General-Notification', 'ReprocessQueueNotifyBySNMP','on','imss.ini'); 4. Set the threshold on the number of email messages in the reprocess/reprocessbig queue by running the following command. The default threshold is 1000. insert into tb_global_setting values('General-Notification', 'ReprocessQueueMailNumThreshold','2000','imss.ini'); 5. Close the database connection by running the following command. \q 6. Restart the manager by running the following command. S99MANAGER restart Issue 155: This SP updates the Webhelp document. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 100: This SP resolves the issue. Issue 156: When the system downloads quarantined, achived or postponed emails, users notice that the content is empty. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 156: This SP resloves it by updating the Gsoap program. Issue 157: Users encounter an "Invalid selector" error message when attempting to add a DKIM Signature setting with multiple subdomains. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 157: This SP ensures that users can add DKIM Signature settings with multiple subdomains normally. Issue 158: The Cloud Pre-filter license status check does not work. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 158: This SP ensures that the Cloud Pre-filter license status check works without issues. Issue 159: Some users are not able to login to the End-User Quarantine (EUQ) console until the EUQ service restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 159: This SP resolves this issue by changing the UTF-8 string decoded with Base64. Issue 160: The tlsagent process uses up too much memory. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 160: This SP resolves this issue. Issue 161: InterScan Messaging Security Virtual Appliance (IMSVA) may write incorrect log entries onto the system event log. When this situation occurs, the management console shows some error log entries. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 161: This SP ensures that IMSVA only adds correct logs into system event log. Issue 162: The polkit's pkexec vulnerability may affect InterScan Messaging Security Virtual Appliance (IMSVA) 9.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 162: This SP upgrades the pkexec package to resolve this issue. Issue 163: When LDAP query is slow causing a delay in policy queries in InterScan Messaging Security Virtual Appliance, email messages may be moved to the deferred queue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 163: This SP enhances the LDAP query cache to improve policy query performance. Note: Since query performance is dependent on the LDAP server, it is recommended that you identify the root cause of the delay to resolve this issue. Issue 164: After adding DTASAGENT threads, database queries may become unsuccessful when the number of connections is not increased. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 164: This SP resolves this issue by increasing the number of database connections when DTASAGENT threads are added. Issue 165: On the Smart Feedback screen, the word “anonymous” should be replaced with a proper term. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 165: This SP replaces the word “anonymous” with “protected” on the Smart Feedback screen and includes a hyperlink to the Smart Protection Network (SPN) whitepaper. Issue 166: A vulnerability found in the openssl library prevents InterScan Messaging Security Virtual Appliance from processing certificate files properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 166: This SP updates the openssl library to resolve this issue. Issue 167: On the Smart Protection configuration screen, the maximum number of characters for the proxy server name is 64. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 167: This SP increases the maximum to 253 characters. Issue 168: Setting the local time zone to St. John's, Canada may prevent InterScan Messaging Security Virtual Appliance from delivering quarantined email messages properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 168: This SP updates the time zone settings to resolve this issue. Issue 169: Exporting an excessive number of message tracking logs from the database may lead to high memory usage or cause an insufficient memory issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 169: This SP provides an option to save logs to an output file at specified intervals to resolve this memory usage issue. To enable this option: (1) Install this SP. (2) Run the following command to insert a hidden key into the database. /opt/trend/imss/PostgreSQL/bin/psql -U sa imss -c "insert into tb_global_setting values('adminui', 'msgWriteContentByHour', '4', 'imss.ini', '')" where '4' sets the system to save logs in a file every 4 hours. You can change this value based on your requirement. Issue 170: InterScan Messaging Security Virtual Appliance is unable to perform the DKIM verification process successfully for some email messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 170: This SP resolves the issue. Issue 171: When request bodies are discarded due to errors, the Apache HTTP server (version 2.4.52 or earlier) is unable to close inbound connections, potentially exposing the system to HTTP request smuggling attacks. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 171: This SP updates the Apache HTTP server to the latest version to resolve the issue. Issue 172: IMSVA 9.1 cannot trigger the detection report directly when the Aggressive Level is set to 0, 1, and 2. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 172: This SP allows IMSVA9.1 to trigger the detection report directly when the Aggressive Level is set to 0, 1, and 2. Notes: 1. Add a hidden key in the "general" section of "imss.ini". vi /opt/trend/imss/config/ imss.in [general] ... detection_aggressive_level=4 :wq 2. Restart the IMSS service. S99IMSS restart Issue 173: After SP 2099 was applied, imssd might stop working while scanning certain kinds of email messages based on "Global DKIM Enforcement rule". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 173: This SP resolves the issue. Issue 174: Syslog settings did not work properly during the migration from IMSS 9.1 to IMSVA 9.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 174: This SP resolves the issue. Issue 175: On the management console of IMSVA, a banner notification was added on the top of the "Dashboard" screen, to promote a free trial of Trend Micro Email Security, a cloud-based email gateway solution. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 175: This SP resolves the issue. Issue 176: After IMSVA inserts a stamp into a Zoom meeting invite, the message body becomes blank with only the stamp being visible. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 176: This SP resolves the issue by upgrading tmmsg. Issue 177: On the InterScan Messaging Security Virtual Appliance (IMSVA) management console, the message tracking log was delayed for certain encoded message IDs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 177: This SP provides a solution to render this type of message IDs without delay. Issue 178: For emails with some special message headers, their subject could not be shown on the Dashboard. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 178: This SP resolves the issue. Issue 179: A vulnerability was found in the openssl library, which prevents IMSVA from processing certificate files properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 179: This SP updates the openssl library to resolve the issue. Issue 180: Sometimes, the Simple Network Management Protocol (SNMP) notification feature does not work. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 180: This SP ensures the SNMP notification feature works normally. Issue 181: IMSS does not purge quarantined files according to their expiration setting. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 181: This SP makes sure IMSS purges quarantined files according to their expiration setting. Issue 182: The Attachment Content Filter does not work properly on certain iCalendar format files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 182: This SP updates eManagerFIlter to resolve this issue. Issue 183: Sometimes, the imssd process cannot start successfully after a pattern upgrade. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 183: This SP ensures that the imssd process can start successfully after a pattern upgrade. Issue 184: The web console may stop unexpectedly when users attempt to delete a large number of Keywords & Expressions. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 184: This SP prevents this issue. Issue 185: End User Quarantine (EUQ) digests are delivered late. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 185: This SP helps ensure that EUQ digests are sent out on time by updating the euqutil and ldapcache processes and providing a way to optimize the performance of these processes. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 185:To set a maximum number of threads for each EUQ database in the Digest process: 1. Install this SP (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set it to the maximum number of threads: [general] DigestThrdNumPerEUQDB=10 4. Save the changes and close the file. Issue 186: The dashboard does not display after users run the "imssctl.sh restart" command. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 186: This SP resolves the issue. Issue 187: InterScan Messaging Security Suite (IMSS) cannot detect a sample when the target string is inside an HTML tag. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 187: This SP changes some default settings for the eManager(TM) module. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 187:To apply the changes: 1. Install this SP (see "Installation"). 2. Insert a record into the IMSS database by running the following SQL statement: insert into tb_global_setting (section, name, value, inifile) values('general','EnableExtractPlainTextFromOriginal Content', 'all', 'imss.ini') 3. Run the following command in the IMSS backend: /opt/trend/imss/script/imssctl.sh restart Issue 188: Several IMSS UI scripts may run simultaneously which may cause the UI to behave abnormally. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 188: This SP ensures that when the IMSS UI script is called two or more times, the instances run one by one. Issue 189: An issue prevents IMSS from starting the imssd process. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 189: This SP adds a new exclusive lock to sync imssmgr and imsstasks for when the Active Update (AU) monitor thread is updating AU patterns. Issue 190: The tmmsg module may modify the "Reply-To" header unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 190: This SP prevents this issue. Issue 191: IMSS cannot display the dashboard because the page reloads repeatedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 191: This SP updates the corresponding php file to support IPV6 and enable it to access the dashboard. Issue 192: An eManager(TM) update from SP 1232 may cause a memory leak issue that triggers IMSS to create the following log entry: tmem_hf_closeScanSection_error:-2117004511. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 192: This SP resolves the error. Issue 193: The wrong InstallMethod setting is specified in the BIF file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 193: This SP corrects the InstallMethod setting in the BIF file. Issue 194: The "check_outboundIP.sh" tool is missing in IMSS 9.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 194: This SP adds the "check_outboundIP.sh" tool. Issue 195: IMSS services restart even when the expiration date has not been renewed manually online. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 195: This SP adds a condition that helps ensure that IMSS services restart only when the PR has been updated successfully. Issue 196: Under certain extreme scenarios, the InterScan Messaging Security Suite (IMSS) End User Quarantine (EUQ) service may not be able to retrieve some settings from the database because the database is not ready. Once this happens, the EUQ service applies the "Use LDAP for EUQ authentication" setting by default. If the "Use SMTP Server for EUQ authentication" setting is enabled, the end user will not be able to login to the EUQ service until the service restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 196: This SP creates a pid file that enables the manager to restart the EUQ service under the scenario described above. Issue 197: After updating to IMSS 9.1, IMSS may take a long time to reprocess email messages from the quarantine queue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 197: To apply the changes: 1. Install this SP (see "Installation"). 2. Insert a record into the IMSS database by running the following SQL statement: insert into tb_global_setting (section, name, value, inifile) values('general','policy_evt_log_lock', '0', 'imss.ini') 3. Run the following command in the IMSS backend: /opt/trend/imss/script/imssctl.sh restart Issue 198: The IMSSqueue monitor thread may calculate the archive and quarantine sizes incorrectly and will be triggered to notify the administrator that the queue is almost full. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 198: This SP ensures that IMSS calculates the queue size correctly. Issue 199: Web Reputation Service (WRS) queries are sent without the product GUID. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 199: This SP adds the product GUID information in WRS queries. Issue 200: A buffer overflow issue causes the imssd process to stop unexpectedly while uploading an email with a long subject containing characters that require URL-encoding. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 200: This SP resolves the issue by updating the output length checking mechanism for email subject URL encoding. Issue 201: A web console issue prevents users from configuring the keyword list setting successfully. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 201: This SP resolves the issue. Issue 202: The "Log Query" page does not display any information if users input wildcard characters in the "Recipient" field. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 202: This SP ensures that the field can support wildcard characters. Issue 203: The Proxy Server information is limited to 64 characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 203: This SP extends the limit to 128 characters. Issue 204: The following error message is generated while IMSS processes email messages. "[NORMAL]Fail to extract text, errcode:0x81d11318, textExtracted.nVecSize:0, filetype:6015" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 204: This SP resolves the error so that IMSS can process email messages normally. Issue 205: A critical patch for Patch 1 that has been applied to a parent IMSS first cannot be applied to a child IMSS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 205: This SP ensures that updates can be applied successfully on IMSS child devices. Issue 206: The IMSSD process encounters a memory leak issue when it uses eManager(TM) to scan certain special samples. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 206: This SP prevents the memory leak by enabling IMSS to reset the "errcode" parameter to zero after calling the eManager API to resolve an error. Issue 207: Administrators cannot flush the Postfix queues after applying Patch 1 Build 1335. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 207: This SP ensures that administrators can flush the Postfix queues normally. Issue 208: A user requests for certain updates on Web Reputation Service (WRS) logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 208: This SP applies the updates on WRS logs. Issue 209: This SP enables IMSS to supports Active Update through HTTPS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 209: This SP resolves the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 209: To enable Active Update through HTTPS: NOTE: The default setting in EN version for this SP is HTTPS. 1. Install this SP (see "Installation"). 2. Connect to the IMSS database by running the following command. /opt/trend/imss/PostgreSQL/bin/psql imss sa 3. Update the values of the "UpdateServer" and "TMASEServerurl" parameters in the "tb_global_setting" table by running the following SQL commands. UPDATE tb_global_setting SET value = 'https://imss91-p.activeupdate.trendmicro.com/acti veupdate' WHERE section = 'Update' AND (name = 'UpdateServer' OR name = 'TMASEServerurl' ); 4. Quit the psql program by running the following command. \q 5. Run the following command in the IMSS backend: /opt/trend/imss/script/imssctl.sh restart Issue 210: imssd didn't start when the anti-spam pattern got updated at 23:00. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 210: This SP upgrade process imsstask to fix this issue Issue 211: The default value of RetryCount ("1") is too small for the logs failing to be sent to the TMCM server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 211: This SP updated the default value of retryCount to 4. Issue 212: The term "splitted file name" appears in InterScan Messaging Security Suite (IMSS) logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 212: This SP corrects the typographical error so "split file name" displays on IMSS logs. Issue 213: When IMSS rewrites long URLs, some long URLs may appear broken. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 213: This SP ensures that IMSS can rewrite long URLs correctly. Issue 214: Boeing DB search tool for IMSS 7.1 needs to be updated for use with IMSS 9.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 214: This SP adds the Boeing DB search tool in IMSS 9.1. Issue 215: This SP enables IMSS to support Trend Micro Email Security (TMEMS) migration. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 215: Procedure 1: To enables IMSS to support TMEMS migration: 1.Install this SP (see "Installation"). 2.Insert two records into the IMSS database by running the following SQL statements: insert into tb_global_setting (section, name, value, inifile) values ('imp_exp', 'enable_ems_migrate', '1', 'imss.ini'); Issue 216: Previously, when users add a stamp on the web console, InterScan Messaging Security Suite (IMSS) trims empty strings at the beginning or end of the stamp. This SP allows users to configure IMSS not to trim empty strings at the beginning or end of stamps. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 216: This SP resolves the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 216: To prevent IMSS from trimming empty strings at the beginning or end of stamps: 1. Install this SP (see "Installation"). 2. Open the "${IMSS_HOME}/UI/adminUI/ROOT/WEB-INF/classes/i mssDefine.properties" file. 3. Add the following key and set its value to "1". policy.stamp.notTrimEmpty=1 NOTE: To allow IMSS to delete empty strings at the start or end of stamps, set this value to "0" or delete the key. 4. Save the changes and close the file. 5. Restart the adminUI by running the following command: ${IMSS_HOME}/script/S99ADMINUI restart Issue 217: This SP enables IMSS to support Japanese (double-byte characters) keywords in the "Policy > Policy Objects > Keywords & Expressions" page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 217: This SP resolves the issue. Issue 218: An issue prevents InterScan Messaging Security Suite (IMSS) from replicating configuration files from Trend Micro Apex Central(TM). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 218: This SP resolves the issue. Issue 219: AU may not work when the Legion Object Identifier (LOID) exceeds 2 GB. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 219: This SP upgrades "libtmau.so" to resolve this issue. Issue 220: This SP replaces certain sensitive words on the Online Help document and on the IMSS web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 220: This SP resolves the issue. Issue 221: Sometimes, the Management Console does not restart as scheduled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 221: This SP resolves this issue. Issue 222: This SP replaces certain sensitive words on the InterScan Messaging Security Suite (IMSS) web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 222: This SP resolves the issue. Issue 223: Sometimes, an issue prevents imssmgr from starting the localservermgmt process. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 223: This SP resolves the issue. Issue 224: The Active Update (AU) module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 224: This SP updates the AU module to resolve the vulnerability. Issue 225: InterScan Messaging Security Suite (IMSS) is affected by a certain vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 225: This SP updates the Java(TM), Apache(TM), and Tomcat(TM) modules to resolve the vulnerability. Issue 226: IMSS scanner cannot work when there are no matching policies and "Suspicious URL list" is enabled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 226: This SP resolves the issue. Issue 227: This SP replaces certain sensitive words on the IMSS web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 227: This SP resolves the issue. Issue 228: InterScan Messaging Security Suite (IMSS) may use too much memory when scanning a specific email message. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 228: This SP resolves this issue by adding an option to configure IMSS to skip the pivot table when scanning attachments. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 228:To enable IMSS to skip the pivot table when scanning attachments: 1. Install this SP (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set its value to "yes". [general] EnableSkipExcelPivotTables=yes 4. Save the changes and close the file. 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99IMSS restart Issue 229: The IMSS program is affected by a certain vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 229: This SP resolves the vulnerability. Issue 230: The ATSE/VSAPI engines cannot handle certain CHM files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 230: This Critical Patch upgrades the ATSE/VSAPI engines to resolve this issue. Issue 231: When pattern update is enabled both from the InterScan Messaging Security Suite (IMSS) Active Update server and Trend Micro Apex Central(TM), some backup files may remain in the backup folder. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 231: This SP ensures backup files are cleaned promptly. Issue 232: An issue prevents InterScan Messaging Security Suite (IMSS) from importing the "Preferred charset" setting. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 232: This SP resolves the issue. Issue 233: Extra spaces are added to specific message subject lines when IMSS executes the "tag subject" action. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 233: This SP resolves the issue. Issue 234: An issue prevents InterScan Messaging Security Suite (IMSS) from correctly matching certain special URLs to the Web Reputation Approved List. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 234: This SP resolves the issue. Issue 235: An issue prevents InterScan Messaging Security Suite (IMSS) from correctly matching certain special URLs to the Web Reputation Approved List. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 235: This SP resolves the issue. Issue 236: This SP updates some default CMAgent settings. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 236: This SP resolves the issue. Issue 237: Extra spaces are added to specific message subject lines when IMSS executes the "tag subject" action. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 237: This SP resolves the issue. Issue 238: When 9.1.0 (IMSS) uses Trend Micro Anti Spam Engine 8.6, the Macrowave feature, implemented in build 1323, may treat normal email messages as spam. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 238: This SP resolves this false positive issue. Issue 239: InterScan Messaging Security Suite (IMSS) uses a version of the libxml2 third-party library that is affected by a certain vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 239: This SP resolves the issue. Issue 240: The Tomcat module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 240: This SP updates the Tomcat module to resolve the vulnerability. Issue 241: An issue prevents users from deploying pattern and engine updates from Trend Micro Apex Central(TM) to InterScan Messaging Security Suite (IMSS) installed on Red Hat(TM) Enterprise for Linux(TM) (RHEL) 8. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 241: This SP resolves the issue. Issue 242: IMSS file sandbox may not work if there are two URL sandbox policies before the file sandbox policy. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 242: This SP resolves the issue. Issue 243: This SP integrates the Email Behavior Analysis (EBA) feature to TMASE to improve phishing mail detection. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 243: This SP resolves the issue. Issue 244: An issue prevents InterScan Messaging Security Suite (IMSS) from detecting certain spam samples. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 244: This SP resolves the issue. Issue 245: The Apache(TM) module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 245: This SP updates the Apache module to resolve the vulnerability. Issue 246: When the imssmgr process restarts, some logs are written into the "/" path unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 246: This SP resolves this issue. Issue 247: When DTSAGENT threads are added, the number of connections does not increase which causes database queries to fail. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 247: This SP ensures that the database connection count increases with the number of DTSAGENT threads. Issue 248: When users attempt to change a specific policy rule's "Special Viruses" setting and save the changes, the new setting is not applied and users are redirected to the login screen. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 248: This SP ensures that users can change a specific policy rule's "Special Viruses" setting. Issue 249: An issue occurs wherein users cannot set the proxy server to the Smart Protection Server when the length of the proxy server name is longer than 64 characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 249: This SP resolves this issue by increasing the acceptable length of the proxy server to 128 characters. Issue 250: This SP ensures that InterScan Messaging Security Suite (IMSS) can add stamps to the calendar. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 250: This SP resolves the issue. Issue 251: IMSS could not deliver quarantined email messages when the local time zone was set to that of St. John's, Canada. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 251: This SP resolved the issue. Issue 252: On the management console of IMSS 9.1, an improper term "anonymous" was used to describe the threat information Smart Feedback shares with the Smart Protection Network for analysis. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 252: This SP resolved this issue by changing the term "anonymous" to "protected" on the "Smart Protection Network" screen with a whitepaper link provided for reference. Issue 253: IMSS cannot trigger the detection report directly when the Aggressive Level is set to 0, 1, and 2. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 253: This SP resolves the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 253: This SP allows IMSS to trigger the detection report directly when the Aggressive Level is set to 0, 1, and 2. 1. Add a hidden key in the "general" section of "imss.ini". vi /opt/trend/imss/config/ imss.in [general] ... detection_aggressive_level=4 :wq 2. Restart the IMSS service. S99IMSS restart Issue 254: Policy matching is slow when there are many emails whose "Envelop From" is empty or does NOT include "@" in the string. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 254: This SP improves the performance in the above scenario. Issue 255: Some users were not able to log on to the End-User Quarantine (EUQ) console until the EUQ service restarted. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 255: This SP resolves this issue by transforming the UTF-8 streams decoded with Base64 to UTF-8 String. Issue 256: This SP adds the "Reprocess.sh" script under "$IMSS_HOME/script/" directory to reprocess emails quarantined by specific policies. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 256: Follow the steps to use the "Reprocess.sh" script: USAGE:./Reprocess.sh start_time end_time policy_name example:./Reprocess.sh "2022-03-11 00:00+08" "2022-03-28 00:00+08" "Default spam rule" Issue 257: IMSS logs account creation but cannot log account deletion in the Audit Logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 257: This SP resolves the issue. Issue 258: When IMSVA reboots, the IMSVA application may start before time sync with the ntpd server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 258: This SP ensures IMSVA syncs time before the application starts. Issue 259: If expressions with tags were defined in policies, IMSVA could not match the expressions as intended in XML header/scheme attachments. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 259: This SP resolves the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 259: This SP resolves the issue. Notes: (1) Add a hidden key in the "general" section of "imss.ini". vi /opt/trend/imss/config/imss.ini [general] EnableMsScanAsPlainText=yes (2) Restart the IMSS service. S99IMSS restart Issue 260: This SP provides an option to change the restart time of cmagent. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 260: This SP resolves the issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 260: Procedure: (1) Open the "/opt/trend/imss/config/imss.ini" file. (2) Add "cmagent_restart_hour=x" into the following section in the "/opt/trend/imss/config/imss.ini" file: [cmagent] (add the "[cmagent]" section if it does not exist) e.g. [cmagent] cmagent_restart_hour=10 Note: The value 10 means cmagent restarts at about 10:00. Set value to -1 to disable the restart. The default value is 4. (3) Save and close the file. (4) Start tasks by running the following command: S99SCHEDULED start Issue 261: InterScan Messaging Security Virtual Appliance (IMSVA) deleted the Cloud Pre-Filter domains when the Activation Code expired. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 261: This SP resolves the issue. When the Activation Code expires, IMSVA will not delete the Cloud Pre-Filter account and domains; when the Activation Code gets renewed, IMSVA will reload the previous Cloud Pre-Filter account and domains. Issue 262: The audit logs sent to the syslog server did not include the administrator name. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 262: This SP adds the administrator name to audit logs before sending them to the syslog server. NOTE: Since the new audit logs sent to the syslog server include the administrator name, the format of audit logs changes from: Timestamp\tDescription To Timestamp\tAdministrator Name\tDescription Issue 263: In some scenarios, it took too long to shut down the IMSVA machine due to the slow response to stop IMSVA applications. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 263: This SP speeded up the response to stop IMSVA applications. Issue 264: For emails with some special message headers, their subject could not be shown on the Dashboard. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 264: This SP resolves it. Issue 265: For emails with some special message headers, their subject could not be shown on the Dashboard. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 265: This SP resolves the issue. Issue 266: The IMSVA management console was not accessible and showed an error message saying "Unavailable service". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 266: This SP fixed the issue. Issue 267: ERS Link in respond message for blocked list is not OK ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 267: This SP resolves the issue. Issue 268: Error on adding Domain to "Messages Exiting IMSVA" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 268: This SP resolves the issue. Issue 269: [IMSVA] Replace new TM logo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 269: This SP resolves the issue. Issue 270: Emails being delivered with delay ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 270: This SP resolves the issue. Issue 271: About warning of rsyslogd in messages after upgrade to build 2076 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 271: This SP resolves the issue. 3. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com In addition to this Readme file, the documentation set for this product includes the following: - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining IMSVA. - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying IMSVA. - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining IMSVA. - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. To access the Support Portal, go to http://esupport.trendmicro.com 4. System Requirements ======================================================================== Trend Micro recommends installing IMSVA 9.1 or IMSVA 9.1 Patch 1 or IMSVA 9.1 Patch 2 or IMSVA 9.1 Patch 3 before installing this SP. You can download the package from: http://www.trendmicro.com/download/ 5. Installation ======================================================================== This section explains key steps for installing the SP. NOTE: You must install this SP on all computers running IMSVA if you are using distributed deployment mode. Trend Micro recommends backing up IMSVA before upgrading the operating system. Procedure Do any of the following tasks to back up IMSVA: • Ghost the entire computer where IMSVA is installed. • Take a snapshot for IMSVA installed on a virtual machine. • Back up the "app_data" partition of IMSVA. a. Open the operating system shell console and run the following commands: /opt/trend/imss/script/imssctl.sh stop service crond stop b. Mount an external disk to /var/udisk. c. Copy all files to the disk: cp -rf --preserve /var/app_data/* /var/udisk/app_data_backup/ If IMSVA is deployed in the parent-child mode, you need to perform the backup procedure on all IMSVA devices. Do not restart IMSVA until you have completed the upgrade process. During the upgrade, IMSVA settings will be retained, and no customized operating system settings migrate, except the host name, root account, network, and gateway settings. To retain your original customized settings, do the following: a. Mount the original root partition to a path on the server you have upgraded, for example, /root/original_root: mount /dev/mapper/IMSVA-Root2 /root/original_root b. Find the original settings in the mounted path. c. Add the original settings to the server. After successful installation of SP1, the previou HF or Patch will not be rolled back. 5.1 Installing ===================================================================== To install: 1. Log on to the IMSVA management console. 2. Go to "Administration > Updates > System & Applications". 3. Select the SP package and upload it. 4. After a few minutes, check the latest uploaded package information to make sure the management console successfully uploads the SP package to IMSVA. 5. If you have set up a group of IMSVA devices, select all child devices in the "Current status" section. Otherwise, select the parent device. 6. Click "Update". 7. If a group has been set up, wait for all child devices to finish updating before selecting the parent device in the "Current status" section. Otherwise, go to step 10. 8. Click "Update". 9. Wait until the upgrade is completed, and do not power off or reboot IMSVA during the upgrade. It may take about 30 minutes to apply this SP to upgrade from CentOS 6 to CentOS 7. In addition, the management console may restart several times. 10. Go to "Administration > Updates > System & Applications". 11. Ensure that the "OS version"/"Application version" values for all items in the "Current status" section matches this patch version: OS Version: 3.10.0 Application Version: 9.1.0.2164 12. If you are using Apex Central 2019 to manage IMSVA 9.1, install Apex Central 2019 hf5639 or later. Contact the Trend Micro Support group for the patch package. 13. Restart all IMSVA devices as scheduled. 5.2 Uninstalling ===================================================================== To roll back to the previous build: 1. Log on to the IMSVA management console. 2. Go to "Administration > Updates > System & Applications". 3. Under "Host Name", click the name of the device you want to view. A summary screen appears, showing the updates and related log information. 4. Click "Rollback" to remove an update. 6. Post-installation Configuration ======================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 7. Known Issues ======================================================================== After you install this SP1, previou HF, CP or Pathch will not be rolled back. Due to OS switch, some original files may not be used. To retain your original customized settings, do the following: a. Mount the original root partition to a path on the server you have upgraded, for example, /root/original_root: mount /dev/mapper/IMSVA-Root2 /root/original_root b. Find the original settings in the mounted path. c. Add the original settings to the server. 8. Release History ======================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 9. Files Included in This Release ======================================================================== Filename Build No. --------------------------------------------------------------------- lib/libcrypto.so.1.1 9.1.0.2164 lib/libcrypto.so 9.1.0.2164 lib/libssl.so.1.1 9.1.0.2164 lib/libssl.so 9.1.0.2164 Python/* 9.1.0.2164 OpenLDAP/* 9.1.0.2164 lib/aumsg.* 9.1.0.2164 lib/AuPatch 9.1.0.2164 lib/cert5.db 9.1.0.2164 lib/x500.db 9.1.0.2164 lib/expapply.so 9.1.0.2164 lib/liblwtpciu32.so 9.1.0.2164 script/imssctl.sh 9.1.0.2164 /etc/ntp/step-tickers 9.1.0.2164 lib/american-name.txt 9.1.0.2164 lib/libdlpEngine.so.0 9.1.0.2164 bin/ 9.1.0.2164 bin/report 9.1.0.2164 lib/ 9.1.0.2164 ui/admin/AdminAccountAction.class 9.1.0.2164 ui/system/WizardActionAppliance.class 9.1.0.2164 ui/system/WizardActionAppliance$1.class 9.1.0.2164 script/passwd_verify.py 9.1.0.2164 imss6Summary.properties 9.1.0.2164 imss6Summary_en.properties 9.1.0.2164 imss6Sql.properties 9.1.0.2164 ui/framework/ShowWidgetPage.class 9.1.0.2164 ui/summary/SummaryPageAction.class 9.1.0.2164 jsp/framework/ems.jsp 9.1.0.2164 jsp/framework/iframe_widget.jsp 9.1.0.2164 jsp/framework/left_0530.jsp 9.1.0.2164 jsp/framework/top.jsp 9.1.0.2164 css/trend-style.css 9.1.0.2164 images/en/icon_info.png 9.1.0.2164 images/en/icon_free.png 9.1.0.2164 images/en/button_trial.png 9.1.0.2164 policy_smart_protection_scanservice.jsp 9.1.0.2164 policy_smart_protection_editsource.jsp 9.1.0.2164 policy_smart_protection_addsource.jsp 9.1.0.2164 ui/modelobjects/logs/MsgLogs.class 9.1.0.2164 ui/modelobjects/logs/MsgLogs$2.class 9.1.0.2164 ui/modelobjects/logs/MsgLogs$MsgLogComparator.class 9.1.0.2164 ui/modelobjects/logs/MsgLogs$1.class 9.1.0.2164 lib/libopendkim.so.9.0.1 9.1.0.2164 bin/dkim 9.1.0.2164 bin/opendkim 9.1.0.2164 imss6System.properties 9.1.0.2164 imss6System_en.properties 9.1.0.2164 /usr/bin/pkexec 9.1.0.2164 check_prefilter_PR.sh 9.1.0.2164 ResetGWAccount.class 9.1.0.2164 script/S99CMAGENT 9.1.0.2164 ui/modelobjects/admin/AdminDAO.class 9.1.0.2164 ui/modelobjects/admin/AdminUser.class 9.1.0.2164 imssSql.properties 9.1.0.2164 UI/adminUI/ROOT/help/en/webhelp/ 9.1.0.2164 /opt/trend/imss/lib/AgentSDK 9.1.0.2164 /opt/trend/imss/lib/sasl2 9.1.0.2164 /opt/trend/imss/ldaprep 9.1.0.2164 /opt/trend/imss/postfix/usr 9.1.0.2164 /usr/lib/libsasl2.so.2.0.23 9.1.0.2164 /usr/lib/libgnutls.so.26 9.1.0.2164 /usr/lib/libgnutls.so.26.14.12 9.1.0.2164 /usr/lib/libtasn1.so.3 9.1.0.2164 /usr/lib/libtasn1.so.3.1.6 9.1.0.2164 ui/system/MTASettingAction* 9.1.0.2164 lib/liblogin.so 9.1.0.2164 script/UserSync.py 9.1.0.2164 UI/euqUI/bin/Tomcat.sh 9.1.0.2164 libProductLibrary.so 9.1.0.2164 script/postfix 9.1.0.2164 db_maintain 9.1.0.2164 dmarcreport_sender.py 9.1.0.2164 dmarcreport_sender.sh 9.1.0.2164 TmFoxFilter 9.1.0.2164 opendmarc 9.1.0.2164 ImssCsrfRequestMatcher.class 9.1.0.2164 imssmgrmon 9.1.0.2164 select_addr_exception.jsp 9.1.0.2164 validation.jsp 9.1.0.2164 libatse.so 9.1.0.2164 libvsapi.so 9.1.0.2164 openssh-5.3p1-124.el6_10.x86_64.rpm 9.1.0.2164 openssh-clients-5.3p1-124.el6_10.x86_64.rpm 9.1.0.2164 openssh-server-5.3p1-124.el6_10.x86_64.rpm 9.1.0.2164 openssl-1.0.1e-58.el6_10.i686.rpm 9.1.0.2164 openssl-1.0.1e-58.el6_10.x86_64.rpm 9.1.0.2164 UI/euqUI/ROOT/help/pl/ 9.1.0.2164 UI/euqUI/ROOT/images/pl/ 9.1.0.2164 Apache.sh 9.1.0.2164 DKIMWhiteListSettingAction.class 9.1.0.2164 S99NTPD 9.1.0.2164 anvil 9.1.0.2164 bounce 9.1.0.2164 cfgtool.sh 9.1.0.2164 chage_default_pass.sh 9.1.0.2164 cleanup 9.1.0.2164 configure_network.sh 9.1.0.2164 configure_network.xml 9.1.0.2164 discard 9.1.0.2164 error 9.1.0.2164 flush 9.1.0.2164 funcs.sh 9.1.0.2164 glcfg.sh 9.1.0.2164 hostname.sh 9.1.0.2164 imss6Common_pl.properties 9.1.0.2164 imss6Errors_pl.properties 9.1.0.2164 imss6Euq_pl.properties 9.1.0.2164 imsscmagent 9.1.0.2164 install_util.sh 9.1.0.2164 ipcheck.sh 9.1.0.2164 libcurl.so.4 9.1.0.2164 libexpat.so.0 9.1.0.2164 lmtp 9.1.0.2164 local 9.1.0.2164 main.cf 9.1.0.2164 main.py 9.1.0.2164 master 9.1.0.2164 master.cf 9.1.0.2164 nqmgr 9.1.0.2164 oqmgr 9.1.0.2164 pickup 9.1.0.2164 pipe 9.1.0.2164 post-install 9.1.0.2164 postalias 9.1.0.2164 postcat 9.1.0.2164 postconf 9.1.0.2164 postdrop 9.1.0.2164 postfix 9.1.0.2164 postfix-files 9.1.0.2164 postfix-script 9.1.0.2164 postfix-wrapper 9.1.0.2164 postkick 9.1.0.2164 postlock 9.1.0.2164 postlog 9.1.0.2164 postmap 9.1.0.2164 postmulti 9.1.0.2164 postmulti-script 9.1.0.2164 postqueue 9.1.0.2164 postsuper 9.1.0.2164 proxymap 9.1.0.2164 qmgr 9.1.0.2164 qmqpd 9.1.0.2164 root.xml 9.1.0.2164 scache 9.1.0.2164 sendmail 9.1.0.2164 showq 9.1.0.2164 slapd 9.1.0.2164 smartsearch.jsp 9.1.0.2164 smtp 9.1.0.2164 smtpd 9.1.0.2164 spawn 9.1.0.2164 step.py 9.1.0.2164 tlsmgr 9.1.0.2164 top.css 9.1.0.2164 trivial-rewrite 9.1.0.2164 utility.py 9.1.0.2164 verify 9.1.0.2164 virtual 9.1.0.2164 AddDomainAction.class 9.1.0.2164 AddSenderAction.class 9.1.0.2164 ipfilter/AddWhiteIPAction.class 9.1.0.2164 ipfilter/ApplyWhiteList.class 9.1.0.2164 ipfilter/DelWhiteIPAction.class 9.1.0.2164 ipfilter/UpdateWhitelistAction.class 9.1.0.2164 ipfilter/WhitelistAction.class 9.1.0.2164 policy/DKIMWhiteListSettingAction.class 9.1.0.2164 jsp/framework/smartsearch_imss.dat 9.1.0.2164 jsp/framework/smartsearch.dat 9.1.0.2164 jsp/ipfilter/ip_whitelist_add.jsp 9.1.0.2164 jsp/ipfilter/ip_whitelist_details.jsp 9.1.0.2164 jsp/ipfilter/ip_whitelist.jsp 9.1.0.2164 jsp/ipfilter/left_ipPage.jsp 9.1.0.2164 jsp/policy/add_white_list.jsp 9.1.0.2164 jsp/policy/dkim_white_list_import.jsp 9.1.0.2164 ip_settings_dha.jsp 9.1.0.2164 lib/libFilterAction.so 9.1.0.2164 LdapCacheSync$1.class 9.1.0.2164 LdapCacheSync.class 9.1.0.2164 EmailSync.class 9.1.0.2164 UI/adminUI/ROOT/error_404.jsp 9.1.0.2164 UI/euqUI/ROOT/error_404.jsp 9.1.0.2164 UI/javaJRE/ 9.1.0.2164 UI/tomcat/ 9.1.0.2164 QtQueryAction.class 9.1.0.2164 foxdns 9.1.0.2164 imss6Policy_en.properties 9.1.0.2164 imss6Policy.properties 9.1.0.2164 sys_dkim_sign_show_DNSRecord.jsp 9.1.0.2164 AccountParser$AccountContentHandler.class 9.1.0.2164 AccountParser.class 9.1.0.2164 AccountParserTest.class 9.1.0.2164 AddBlockIPAction.class 9.1.0.2164 AddRuleAction.class 9.1.0.2164 AddWhiteIPAction.class 9.1.0.2164 AddrGroupAction.class 9.1.0.2164 AdminDBAction$1.class 9.1.0.2164 AdminDBAction.class 9.1.0.2164 BackupAction$1.class 9.1.0.2164 BackupAction$ConfigFileNameFilter.class 9.1.0.2164 BackupAction.class 9.1.0.2164 BatchParser$BatchContentHandler.class 9.1.0.2164 BatchParser.class 9.1.0.2164 BouncedSettingAction.class 9.1.0.2164 BundleParser$BundleContentHandler.class 9.1.0.2164 BundleParser.class 9.1.0.2164 ComplianceLogParser.class 9.1.0.2164 ComplianceTemplateInterface.class 9.1.0.2164 ComplianceTemplateWSAction.class 9.1.0.2164 ComplianceTemplatesAction$EntityComparator.class 9.1.0.2164 ComplianceTemplatesAction.class 9.1.0.2164 ConditionAction.class 9.1.0.2164 ConnBasicAction.class 9.1.0.2164 ConnChildIPAction.class 9.1.0.2164 ConnLDAPAction$1.class 9.1.0.2164 ConnLDAPAction.class 9.1.0.2164 ConnNTPAction.class 9.1.0.2164 ConnSettingAction.class 9.1.0.2164 ConnTMCMAction.class 9.1.0.2164 DDAServerMgmtAction.class 9.1.0.2164 DDASettingAction$1.class 9.1.0.2164 DDASettingAction.class 9.1.0.2164 DHASettingAction.class 9.1.0.2164 DLPExpressionInterface.class 9.1.0.2164 DLPFileAttributeInterface.class 9.1.0.2164 DLPKeywordInterface.class 9.1.0.2164 DMARCSettingAction.class 9.1.0.2164 DataIdentifierWSAction.class 9.1.0.2164 DelBlockIPAction.class 9.1.0.2164 DelWhiteIPAction.class 9.1.0.2164 DeployAPIKeyAction.class 9.1.0.2164 DkimSignAction$1.class 9.1.0.2164 DkimSignAction$LogLevel.class 9.1.0.2164 DkimSignAction.class 9.1.0.2164 DomainListAction.class 9.1.0.2164 DomainParser$DomainContentHandler.class 9.1.0.2164 DomainParser.class 9.1.0.2164 DomainParserTest.class 9.1.0.2164 DomainPolicyParser$DomainPolicyContentHandler.class 9.1.0.2164 DomainPolicyParser.class 9.1.0.2164 DomainPolicyParserTest.class 9.1.0.2164 DomainSettingParser$DomainSettingContentHandler.class 9.1.0.2164 DomainSettingParser.class 9.1.0.2164 DomainSettingParserTest.class 9.1.0.2164 DstServerListAction.class 9.1.0.2164 EuqHttpFilter.class 9.1.0.2164 EuqMessagesAction.class 9.1.0.2164 ExpressionAction.class 9.1.0.2164 FileAttributeAction.class 9.1.0.2164 InboundServerParser$InboundServerContentHandler.class 9.1.0.2164 InboundServerParser.class 9.1.0.2164 InterAddrAction.class 9.1.0.2164 InternalHostAction$PageList.class 9.1.0.2164 InternalHostAction.class 9.1.0.2164 JobParser$JobContentHandler.class 9.1.0.2164 JobParser.class 9.1.0.2164 KeywordListsAction.class 9.1.0.2164 LogSettingAction.class 9.1.0.2164 LogSyslogSettingAction.class 9.1.0.2164 LoginAction.class 9.1.0.2164 MailTrackParser$MailTrackContentHandler.class 9.1.0.2164 MailTrackParser.class 9.1.0.2164 MailTrackParserTest.class 9.1.0.2164 MoveBlockIPAction.class 9.1.0.2164 MtaQueryAction.class 9.1.0.2164 MtaQueryActionTask.class 9.1.0.2164 MtaSummaryAction.class 9.1.0.2164 MtaSummaryActionTask.class 9.1.0.2164 NRSSettingAction.class 9.1.0.2164 OutboundIPParser$OutboundIpContentHandler.class 9.1.0.2164 OutboundIPParser.class 9.1.0.2164 PolicyWSAction.class 9.1.0.2164 PostfixQueueMgmtAction.class 9.1.0.2164 PrefilterErrorParser$PrefilterErrorContentHandler.class 9.1.0.2164 PrefilterErrorParser.class 9.1.0.2164 ProcQueueQueryAction.class 9.1.0.2164 PwdProtectAction.class 9.1.0.2164 QtEditAreaAction.class 9.1.0.2164 QtSettingsAction.class 9.1.0.2164 RcptDeletedParser$RcptDeletedContentHandler.class 9.1.0.2164 RcptDeletedParser.class 9.1.0.2164 RecipientParser$RecipientContentHandler.class 9.1.0.2164 RecipientParser.class 9.1.0.2164 RecipientParserTest.class 9.1.0.2164 RegionAddressParser$RegionAddressContentHandler.class 9.1.0.2164 RegionAddressParser.class 9.1.0.2164 RuleActionNamedObjAction.class 9.1.0.2164 RuleActionNotifyAction.class 9.1.0.2164 RuleActionStampAction.class 9.1.0.2164 RuleActionTagAction.class 9.1.0.2164 RuleAttrAntiSpoofAction.class 9.1.0.2164 RuleAttrCCCAAction.class 9.1.0.2164 RuleAttrDKIMEnforcementAction.class 9.1.0.2164 RuleAttrGraymailAction.class 9.1.0.2164 RuleAttrKeywordAction.class 9.1.0.2164 RuleAttrMIMEAction.class 9.1.0.2164 RuleAttrNameAction.class 9.1.0.2164 RuleAttrSpamAction.class 9.1.0.2164 RuleAttrTimeRangeAction.class 9.1.0.2164 RuleAttrTrueFileAction.class 9.1.0.2164 RuleAttrWrsAction.class 9.1.0.2164 RuleDetailAction.class 9.1.0.2164 RuleListAction.class 9.1.0.2164 SameSiteCheck.xml 9.1.0.2164 ScanModeAction.class 9.1.0.2164 SecViolateAction.class 9.1.0.2164 SelectAddrAction.class 9.1.0.2164 SenderParser$SenderContentHandler.class 9.1.0.2164 SenderParser.class 9.1.0.2164 SenderParserTest.class 9.1.0.2164 SessionFilter.class 9.1.0.2164 SmartProtectionLocalSourceAction$1.class 9.1.0.2164 SmartProtectionLocalSourceAction.class 9.1.0.2164 SmartProtectionScanServiceAction.class 9.1.0.2164 SmartProtectionWRServiceAction.class 9.1.0.2164 SpamSettingAction.class 9.1.0.2164 ThreatSummaryParser$ThreatSummaryContentHandler.class 9.1.0.2164 ThreatSummaryParser.class 9.1.0.2164 ThreatSummaryParserTest.class 9.1.0.2164 TotalTrafficParser$TotalTrafficContentHandler.class 9.1.0.2164 TotalTrafficParser.class 9.1.0.2164 TotalTrafficParserTest.class 9.1.0.2164 UpdateBlockIPAction.class 9.1.0.2164 UpdateWhitelistAction.class 9.1.0.2164 VirusRuleAction.class 9.1.0.2164 VirusSettingAction.class 9.1.0.2164 AuditLogJNI.class 9.1.0.2164 UIEvtLogDAO.class 9.1.0.2164 PrefilterEntryAction.class 9.1.0.2164 aucmd 9.1.0.2164 certagent 9.1.0.2164 cgiCmdNotify 9.1.0.2164 close_handle_sh 9.1.0.2164 config.lua 9.1.0.2164 c_rehash 9.1.0.2164 db_maintain 9.1.0.2164 dkim 9.1.0.2164 dkim-genkey 9.1.0.2164 dkim-genzone 9.1.0.2164 dtasagent 9.1.0.2164 euqlimpexp 9.1.0.2164 euqop 9.1.0.2164 euqutil 9.1.0.2164 forceUpdate 9.1.0.2164 foxdns 9.1.0.2164 ibe_job_doer 9.1.0.2164 ibe_job_getter 9.1.0.2164 ibe_reg 9.1.0.2164 ibes 9.1.0.2164 imp_exp 9.1.0.2164 imssausched 9.1.0.2164 imssauutil 9.1.0.2164 imsscmagent 9.1.0.2164 imssd 9.1.0.2164 imssdps 9.1.0.2164 imssdump 9.1.0.2164 imssmgr 9.1.0.2164 imssmgrmon 9.1.0.2164 imssps 9.1.0.2164 imsstasks 9.1.0.2164 IpcCleaner 9.1.0.2164 is_euq_enable 9.1.0.2164 is_ipfilt_enable 9.1.0.2164 ldaputil 9.1.0.2164 localservermgmt 9.1.0.2164 logtransfer 9.1.0.2164 nrslog_parser 9.1.0.2164 opendkim 9.1.0.2164 opendmarc 9.1.0.2164 openssl 9.1.0.2164 pack_tool 9.1.0.2164 passwd_util 9.1.0.2164 pemverify 9.1.0.2164 PolicyAgent 9.1.0.2164 prcmd 9.1.0.2164 purge_by_dbsize 9.1.0.2164 purge_scanner_info 9.1.0.2164 rc4 9.1.0.2164 rt_mail_traffic 9.1.0.2164 rtstat 9.1.0.2164 smtp_conn_agent 9.1.0.2164 soapclient 9.1.0.2164 tlsagent 9.1.0.2164 TmFoxFilter 9.1.0.2164 TmFoxProxy 9.1.0.2164 TmFoxPurgeLog 9.1.0.2164 TmFoxServiceOP 9.1.0.2164 wrsagent 9.1.0.2164 smart_reporter 9.1.0.2164 predata_gen 9.1.0.2164 dblog_janitor 9.1.0.2164 traffic_summary_gen 9.1.0.2164 libFilterAntiSpoof.so 9.1.0.2164 libpatch.so 9.1.0.2164 libGsoapClient.so 9.1.0.2164 libgssrpc.so 9.1.0.2164 libTMNotify.so 9.1.0.2164 libem_debug.so 9.1.0.2164 libssl3.so 9.1.0.2164 libspf2.so 9.1.0.2164 libssldap60.so 9.1.0.2164 libSSO_PKIHelper.so 9.1.0.2164 liblogin.so 9.1.0.2164 libsmime3.so 9.1.0.2164 libviewmail.so 9.1.0.2164 libpq.so 9.1.0.2164 libFilterSpsTmase.so 9.1.0.2164 libldif60.so 9.1.0.2164 libkdb5.so 9.1.0.2164 libImssPolicy.so 9.1.0.2164 libImssEncrypt.so 9.1.0.2164 liblogwtr.so 9.1.0.2164 libplc4.so 9.1.0.2164 libodbcinst.so 9.1.0.2164 libkrad.so 9.1.0.2164 libkadm5clnt.so 9.1.0.2164 libcrc0filter.so 9.1.0.2164 libtmau.so 9.1.0.2164 libldap60.so 9.1.0.2164 dtv_pdfcrypto.so 9.1.0.2164 libprldap60.so 9.1.0.2164 libFoxParser.so 9.1.0.2164 icudata.so 9.1.0.2164 libxerces-c-3.1.so 9.1.0.2164 libnss3.so 9.1.0.2164 libPolicyCaller.so 9.1.0.2164 libicutoolutil.so 9.1.0.2164 libsqlite3.so 9.1.0.2164 libnssdbm3.so 9.1.0.2164 libIMSSjni.so 9.1.0.2164 libtmmsg.so 9.1.0.2164 libFilterEmgrPlugin.so 9.1.0.2164 libFilterWrs.so 9.1.0.2164 libTmIbeCryptoSdk.so 9.1.0.2164 libSSO_PKIHelper.so 9.1.0.2164 libcurl.so 9.1.0.2164 libEn_Utility.so 9.1.0.2164 libTrendAprWrapper.so 9.1.0.2164 libapr-1.so 9.1.0.2164 liblowlib.so 9.1.0.2164 libodbcpsqlS.so 9.1.0.2164 libFilterAction.so 9.1.0.2164 libkrb5support.so 9.1.0.2164 libidn.so 9.1.0.2164 libdb-4.so 9.1.0.2164 libtmactupdate.so 9.1.0.2164 libkadm5srv_mit.so 9.1.0.2164 libpcrecpp.so 9.1.0.2164 libicudt.so 9.1.0.2164 libPolicyUtility.so 9.1.0.2164 libFilterGraymail.so 9.1.0.2164 libtmpr.so 9.1.0.2164 libdb-4.8.so 9.1.0.2164 libpcre.so 9.1.0.2164 libodbc.so 9.1.0.2164 libtmlogwpr.so 9.1.0.2164 libkrb5.so 9.1.0.2164 libGsoapMtaClient.so 9.1.0.2164 libxml2.so 9.1.0.2164 libopendmarc.so 9.1.0.2164 libGuid.so 9.1.0.2164 libkadm5clnt_mit.so 9.1.0.2164 libem_helpr.so 9.1.0.2164 libodbcpsql.so 9.1.0.2164 liblogmgt.so 9.1.0.2164 libk5crypto.so 9.1.0.2164 libcme_dll.so 9.1.0.2164 libtmfbeng.so 9.1.0.2164 libplds4.so 9.1.0.2164 libfreeblpriv3.so 9.1.0.2164 libicudt18l.so 9.1.0.2164 imsva_pd_util 9.1.0.2164 libfreebl3.so 9.1.0.2164 libImssCrypto.so 9.1.0.2164 libnspr4.so 9.1.0.2164 libICRCHdler.so 9.1.0.2164 libtmprapi.so 9.1.0.2164 libICRCPerfLib_Cli.so 9.1.0.2164 libcom_err.so 9.1.0.2164 libdkim.so 9.1.0.2164 libtmprapid.so 9.1.0.2164 libImssRule.so 9.1.0.2164 libTMNotifymt.so 9.1.0.2164 libnsssysinit.so 9.1.0.2164 libdb.so 9.1.0.2164 libTmIntLog.so 9.1.0.2164 libcme_vxe_dll.so 9.1.0.2164 libdtsearch.so 9.1.0.2164 libProductLibrary.so 9.1.0.2164 liblogshr.so 9.1.0.2164 libstrl.so 9.1.0.2164 libustdio.so 9.1.0.2164 libicuuc.so 9.1.0.2164 libkadm5srv.so 9.1.0.2164 libEUQjni.so 9.1.0.2164 libicui18n.so 9.1.0.2164 libcme_vxe_dll_static.so 9.1.0.2164 libFilterVirus.so 9.1.0.2164 libnssckbi.so 9.1.0.2164 libgssapi_krb5.so 9.1.0.2164 libImssDKIM.so 9.1.0.2164 libxslt.so 9.1.0.2164 libmimepp.so 9.1.0.2164 libImssCommon.so 9.1.0.2164 libFilterDkimEF.so 9.1.0.2164 libnssutil3.so 9.1.0.2164 libsysinfo.so 9.1.0.2164 libciuas32.so 9.1.0.2164 libexslt.so 9.1.0.2164 libImssDAO.so 9.1.0.2164 libTmFoxSocketLib.so 9.1.0.2164 libsoftokn3.so 9.1.0.2164 libapr-1.so 9.1.0.2164 libeuq.so 9.1.0.2164 libEmExpression.so 9.1.0.2164 libtmalc.so 9.1.0.2164 libverto.so 9.1.0.2164 libpcreposix.so 9.1.0.2164 liblogrdr.so 9.1.0.2164 libi18n.so 9.1.0.2164 postalias 9.1.0.2164 postcat 9.1.0.2164 postconf 9.1.0.2164 postdrop 9.1.0.2164 postfix 9.1.0.2164 postkick 9.1.0.2164 postlock 9.1.0.2164 postlog 9.1.0.2164 postmap 9.1.0.2164 postmulti 9.1.0.2164 postqueue 9.1.0.2164 postsuper 9.1.0.2164 sendmail 9.1.0.2164 anvil 9.1.0.2164 bounce 9.1.0.2164 cleanup 9.1.0.2164 discard 9.1.0.2164 error 9.1.0.2164 flush 9.1.0.2164 lmtp 9.1.0.2164 local 9.1.0.2164 master 9.1.0.2164 nqmgr 9.1.0.2164 oqmgr 9.1.0.2164 pickup 9.1.0.2164 pipe 9.1.0.2164 postfix-script 9.1.0.2164 postfix-wrapper 9.1.0.2164 post-install 9.1.0.2164 postmulti-script 9.1.0.2164 proxymap 9.1.0.2164 qmgr 9.1.0.2164 qmqpd 9.1.0.2164 scache 9.1.0.2164 showq 9.1.0.2164 smtp 9.1.0.2164 smtpd 9.1.0.2164 spawn 9.1.0.2164 tlsmgr 9.1.0.2164 trivial-rewrite 9.1.0.2164 verify 9.1.0.2164 virtual 9.1.0.2164 policy_DDA_setting.jsp 9.1.0.2164 policy_DDA_server_mgmt.jsp 9.1.0.2164 DDAServer.class 9.1.0.2164 DDAServerDAO.class 9.1.0.2164 DDASetting.class 9.1.0.2164 ProcQueueQueryDAO.class 9.1.0.2164 DDAServerMgmtAction.class 9.1.0.2164 DDASettingAction$1.class 9.1.0.2164 DDASettingAction.class 9.1.0.2164 DdaSettingForm.class 9.1.0.2164 UrlSandBoxExemptWordsSetting.class 9.1.0.2164 RuleAttrWrsForm.class 9.1.0.2164 Constants.class 9.1.0.2164 RuleAttribute.class 9.1.0.2164 UrlSandBoxExemptWordsDAO.class 9.1.0.2164 XMLAttributes.class 9.1.0.2164 SessionKeys.class 9.1.0.2164 RuleAttrWrsAction.class 9.1.0.2164 Utility.class 9.1.0.2164 BifInfo.class 9.1.0.2164 BifInfo$1.class 9.1.0.2164 BifConnect.class 9.1.0.2164 BifConnect$1.class 9.1.0.2164 rule_attr_wrs.jsp 9.1.0.2164 rule_attr_wrs_import.jsp 9.1.0.2164 url_sandbox_words_import.jsp 9.1.0.2164 url_sandbox_words_setting_home.jsp 9.1.0.2164 wrs_setting_home.jsp 9.1.0.2164 imss6Errors.properties 9.1.0.2164 imss6Errors_en.properties 9.1.0.2164 imss6Errors_ja.properties 9.1.0.2164 imss6Logs.properties 9.1.0.2164 imss6Logs_en.properties 9.1.0.2164 imss6Policy.properties 9.1.0.2164 imss6Policy_en.properties 9.1.0.2164 LogConst.class 9.1.0.2164 imss6Common_en.properties 9.1.0.2164 imss6Common.properties 9.1.0.2164 imss6Sql.properties 9.1.0.2164 imss6UIEvtLogs.properties 9.1.0.2164 imss6UIEvtLogs_en.properties 9.1.0.2164 imssOLH.properties 9.1.0.2164 imssOLH_en.properties 9.1.0.2164 imss6Backup.properties 9.1.0.2164 imss6Backup_en.properties 9.1.0.2164 imss.dat 9.1.0.2164 imss.root 9.1.0.2164 root.res 9.1.0.2164 apache 9.1.0.2164 php 9.1.0.2164 tomcat 9.1.0.2164 add_white_list.jsp 9.1.0.2164 smartsearch.dat 9.1.0.2164 dbscript.conf 9.1.0.2164 smtp_conn.jsp 9.1.0.2164 smtp_rule.jsp 9.1.0.2164 sys_patch_history.jsp 9.1.0.2164 sys_patch_progress.jsp 9.1.0.2164 imsa8WrsCategory.properties 9.1.0.2164 imsa8WrsCategory_en.properties 9.1.0.2164 imsa7patch_en.properties 9.1.0.2164 imsa7patch.properties 9.1.0.2164 PolicyLogs.class 9.1.0.2164 librule.so 9.1.0.2164 MsgTracing-0.2-py2.7.egg 9.1.0.2164 MsgTracing-0.2-py2.7.egg-info 9.1.0.2164 PatchInfoDAO.class 9.1.0.2164 PatchInfo.class 9.1.0.2164 LogQueryPolDAO.class 9.1.0.2164 QtQueryDAO.class 9.1.0.2164 ProcQueueQueryForm.class 9.1.0.2164 ProcQueueQueryAction.class 9.1.0.2164 PatchAction.class 9.1.0.2164 RuleAttrKeywordAction.class 9.1.0.2164 SmartProtectionScanServiceAction.class 9.1.0.2164 CommonParams.class 9.1.0.2164 ConditionAction.class 9.1.0.2164 LogQueryMsgDAO.class 9.1.0.2164 ConfigDomain.class 9.1.0.2164 DigestInlineActionAction.class 9.1.0.2164 EuqMessagesAction.class 9.1.0.2164 EuqViewMessageAction.class 9.1.0.2164 EuqDistributionListAction.class 9.1.0.2164 sys_dkim_sign_setting_detail.jsp 9.1.0.2164 LogQueryIpDAO.class 9.1.0.2164 kernel-3.10.0-1062.el7.x86_64.rpm 9.1.0.2164 linux-firmware-20190429-72.gitddde598.el7.noarch.rpm 9.1.0.2164 10. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 11. About Trend Micro ======================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2023, Trend Micro Incorporated. All rights reserved. Trend Micro, InterScan, Control Manager, eManager, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: www.trendmicro.com/us/about-us/legal-policies/license-agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide