Djigzo Open Source Email Encryption

Release notes

for help on upgrading.

Subdomain matching can now be set on MTA config page.
PFX passwords can be stored in the user preferences.
MTA authentication for external and internal relay host can be set (SASL passwords).
Virtual appliance has Fetchmail support (disabled by default).

When SELinux was enabled and postfix was restarted by Djigzo, postfix sometimes stopped working. This is now fixed.
Upgrading with the RPM package wasn't working. This has been fixed.
The owner and file mode of the SSL certificate was reset when upgrading the Debian packages. This has been fixed.

RPM packages for Red Hat/CentOS are now available. Install guides updated with instructions for Red Hat/CentOS.
S/MIME signatures can be selectively removed.
S/MIME can selectively be skipped for calendar items (text/calendar). Outlook cannot handle signed or encrypted meeting requests.
CRL downloader and SMS gateway can now access external resources via configurable HTTP Proxy.
Config files split into multiple files to make upgrades easier when local files have been changed.
Password setting "Send to originator" added. If it's checked generated passwords for the PDF will be sent to the "sender" of the message.
Force signing trigger can be used to trigger S/MIME signing of a message using a special email header.
Certificate Trust List added which can be used to "white list" or "black list" certificates.
Messages sent from BlackBerry (via BIS) can now be relayed through Djigzo.

Tomcat is now used by default instead of Jetty.
Most templates are now by default UTF-8. Templates now fully support Unicode.
Backup and restore now works accross different PostgreSQL versions.
Expired column is now shown in red when a certificate is expired.
The Virtual Appliance now contains a firewall which blocks access to ports that need not be externally accessible.
support for MAC OSX Java wrapper added (patch subumitted by Rainer Frey).
Original Message-ID of messages is retained if possible.
Subject trigger is now recursively removed.

Signature check sometimes failed for clear signed message which were clear signed.

Some "Received" headers were sorted in incorrect order (reported by Steven Geerts).
The mx setting on the MTA page was reversed (reported by Steven Geerts). upgrade notes
The telephone number on the subject was not picked up when the subject only contained the telephone number.
If the virtual appliance was given more than 2048 MB Djigzo did not start (reported by Stefan Schwarz).

The CRL distribution point did not contain an issuer. When Outlook option SigStatusNoCRL was enabled Outlook reported that the CRL was not available. The CRL distribution point is now moved to the end-user certificate. This has been reported by Mark van Voorden.
If a CA certificate was not yet setup and apply was selected on the CA select page an error occurred.

built-in CA added. The CA can issue certificates for internal and external users
Telephone numbers specified on the subject can be used as for the SMS Text message number
VMware tools can be rebuild from menu

BB add-on. Attachment not supported by the Blackberry are stripped. HTML only mail is converted to text
BB add-on. Large attachment are now supported
Root certificate is added when exporting certificates and when signing messages
CRLDistPointCertPathChecker added to certificate path builder. Critical CRL dist points are now accepted
Force "encrypt mode" added which overrules noEncryption
SMS Text message now expires in 24 hours if not sent (was 4 hours)
PDF reply allowed is now false by default
Default S/MIME encryption algorithm is now 3DES because not all Windows versions support AES
Administrator can see who (user, domain) is using a certificate
Rows per page for the grids can be set using a system property
Certificate and CRL algorithms and more properties can now be viewed
CRL certificate entries (the revoked serial numbers) can be downloaded as a text file
Password validity interval should now be set in minutes (old settings are converted)
Some user properties moved to advanced properties
Dialog shown on network configuration error
Jetty upgraded to 6.1.17

mail.mime.parameters.strict system property added. This is a workaround for mail created by Apple mac. The Apple mac mailer 'forgets' to quote filenames containing spaces

Automatic and manual system backup (encrypted) and restore to remote shares and local browser
Blackberry plugin support
Only sign when encrypt preference added
X-Djigzo-* headers are removed from incoming (to internal) email
Subject trigger is removed from incoming (to internal) email

Already signed messages are not signed again
Internal users and domains are marked with a 'star' icon
Certificates entries with a private key are marked with a key icon
Debian package dependency changed from SUN JRE to OpenJDK
Postfix mydestination can no longer be specified (can be re-enabled with system setting)