Release Notes CBS 7.0.32
Collax Business Server
To install this update please follow the following steps:
- It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
- In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
- Click Get Packages to download the update packages.
- Click Install. This installs the update. The end of this process is indicated by the message Done!.
- A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.
New in this Version
GUI: Extended System information
The dialog “Hardware -> System Devices and Components” display the system’s hardware resources. With this release the view is extended and additional information is beeing displayed. Virtual machines running on Collax V-Server hardware are displayed with the Name of the vm and on which Node (name and productversion) it is running. Servers from other vendors show additional dmi-data (desktop management interface) like manufacturer, product name, serial number and more information about the BIOS and the system.
GUI: Event e-mail notification
Zusätzlich wird nun bei der Benachrichtigung über Konfig-Aktivierungen eine detaillierte Übersicht über die gemachten Änderungen mitgeschickt.
In the dialog in the menu “Logging / Monitoring -> Event log”, the system can be used for certain events and independently send an e-mail to the administrator. The emails contained the text “Notification” without the appropriate event. With this update, the subject of the e-mail is adjusted, from which the event will be visible in the subject of the e-mail. Likewise, the information from which server the status mails are sent is adapted. Please consider to adjust your sieve filter rules if necessary.
GUI: Change history of the system configuration
The new tab “Change history” in the dialog “Configuration -> Configuration Management” lists all completed configuration changes and activations and summarizes them in blocks. The header of a block indicates when and by whom the changes were made. If the changes have been activated afterwards, there is an additional Go symbol in the header line, also indicating the time and the administrator who triggered the activation. The administrator specifies the login and the IP address from which the administration interface was accessed. Entries for “firstname.lastname@example.org” are changes and activations made automatically by the server. The current state is marked with a gear symbol at the beginning of the header line.
Starting with this version, false positive detections of the phishing filter of ClamAV can be avoided. ClamAV compares the displayed URL and the actual URL of a link in a mail and classifies it as a phishing attempt if the domains of the two URLs are too different. If this is the case, the mail is quarantined with the reason “Heuristics.Phishing.Email.SpoofedDomain”. Known is a case of an Amazon mail, which was considered a supposed phishing attempt. You will find the dialogue under “Mail -> Mail Security -> Spam White/Blacklist”. Please also see the online help with examples.
Web Proxy: Rule Analysis
Rule analysis is a tool that can be used to check the rules of the Web proxy. When users authenticate to the Web proxy, it can be tested whether they are allowed to access a particular Web page or not and on the basis of which proxy rule this is done. In addition, or for non-authenticated users, it is possible to check how the request is filtered if it is made from a specific IP address. If proxy rules are set up with a time period, a query can also be simulated at a certain point in time. This dialog is located under “Networking -> Web Security -> Rule Analysis”.
Kopano Groupware: Kopano Core 8.6
With this Collax software update the new version 8.6 of Kopano Core is going to be installed. Please find details here:
Kopano Groupware: Use Public Contact Folders
If an address folder is created in a public folder, the addresses entered here are not available when sending an e-mail. This is going to be fixed with this update.
Kopano Groupware: New version of Z-Push
With this Collax software update, Z-Push 2.4.4 is going to be installed. More information on:
Kopano Groupware: Z-Push memory limit canceled
In the configuration file of the Z-Push service, the variable for the memory limit was hard coded, which meant that 50 MB emails could not be sent. With this release we adapted this to the server configuration.
System Management: Linux Kernel 4.9.128
This update installs Linux kernel 4.9.128.
System Management: Different notification groups within Active Monitoring
This update extends the notifications for user groups in which groups should be alerted when a service fails. Users from groups will automatically receive email notifications from Nagios. Now it is possible to differentiate between notifications in case of warning, in critical condition and in the recovery of messages. This dialog is located in the “Permissions” tab under “Logging / Monitoring -> Monitoring -> Active”.
Hardware: UEFI-BIOS support
This update of the installation process of the ISO medium provides the support for systems with UEFI-BIOS.
Hardware: Gemini Lake™ support within installation process
This update of the installation process of the ISO medium provides the support for Intel® Gemini Lake™ platforms.
Collax Information & Security Intelligence: Component update
This update updates the elastic stack to version 6.4.0. In addition to many improvements in the background for example, new features of Kibana are visible. So auto-completion is integrated and for each visualization there is an inspector for a more detailed analysis of the data.
Collax Information & Security Intelligence: Reports with automatic mail
This release introduces new features for the Collax Information and Security Intelligence module. It is now possible to generate reports. There are a number of default reports available. Layout and content can also be adapted to given requirements. The reports can be regular and automatically generated and sent as a PDF to selected recipients.
Collax Information & Security Intelligence: Retention periods for data
With a high volume of data, the indexes can quickly use up the disk space. Also, the GDPR may require the deletion of older data. It’s now possible to automatically delete data from the indices that are older than a configurable deadline. The retention periods can be adjusted according to the area of the data (eg syslog, mail or firewall) set differently.
Collax Information & Security Intelligence: Backup items
All data that has been collected can be included in the backup with this update. For each area (eg syslog, mail or firewall) there is a separate backup item available. As a result, different backup strategies can be applied to the areas.
Issues Fixed in this Version
Security: Internet Domain Name Server BIND
In the source code of the internet domain name server BIND security holes have been discovered. These holes will be closed within this Collax software update to bind 9.11.4
File: Fileshare synchronisation, hash key in password
The synchronisation of a fileshare failed if the password of the remote peer contained a hash key. This is going to be fixed within this release.
E-Mail: Status information to the email address of the virus administrator
An e-mail address for an administrator is specified here. This administrator receives status information from the virus filter. Up to now, under certain circumstances, invalid@invalid was used as the sender when sending messages. This caused uncertainty and is resolved. The notification will now be sent as root@FQDN.
E-Mail: Increased required space when using IMAP and full-text index
The option “Generate full-text index” in the options of the dialog “Mail and Messaging -> Mail Storage -> IMAP and POP3” generates a full-text index of the local IMAP folders which accelerates the search within the IMAP folders and e-mails. While activated, the system could use up to 20% more space compared to the former release (also with activated index) for the service cyrus. Please check the space requirements of the service cyrus in advance. Under the dialog “Status -> System -> Statistics” the graph “filesystem/data” shows further details.
E-Mail: Collax Virus Protection powered by Kaspersky prior Version 7
Version 7 of the Collax C servers has updated the anti-virus engine and the format of the patterns. This was done to respond to new threats with the best possible protection. Patterns for versions prior to 7.0.0 will be available until December 31, 2017. From 01.01.2018 Kaspersky will not update the patterns for Collax version 5 and older. All installations using the Collax Virus Protection module should therefore, be brought up to date.
E-Mail: Release already deleted emails in IMAP mailboxes
In the dialog “Mail and Messaging -> Mail Storage -> IMAP and POP3” the IMAP server can be activated for the users to get access to their IMAP mailboxes. Due to a modified standard directive within the Cyrus IMAP mail server since the release V7, e-mails already deleted by the mail client have not been completely released from the harddisc. Since release 7.0.22, cyr_expire will free up memory for already deleted emails. Please note that already after restarting the IMAP service during the update, the process is started and proceeded after restarting the server and thus start the IMAP service.
E-Mail: Collax Avira AntiVir prior Version 7.0.24
Version 7.0.24 of the Collax C servers has updated the anti-virus engine and the format of the patterns. This was done to respond to new threats with the best possible protection. Patterns for versions prior to 7.0.24 will be available until December 31, 2018. From 01.01.2019 Avira will not update the patterns for Collax version 7.0.22 and older. All installations using the Collax Avira AntiVir module should therefore, be brought up to date.
Collax Information & Security Intelligence: Modified mapping of the indices
When updating Elastic Stack to 6.4.0, the mapping of the indexes was changed. This prevents Filebeat to write the data to the same index before and after the update. Therefore, after the update has been performed, the resulting data will no longer be included in the index. From 0:00 clock on, Elastic Stack will create a new index and all data from this point will be written again to the index. The data between the end of the update and midnight will be lost. If it is better to renounce to the data before the update, from 0:00 until the end of the update, the index for the current day can be deleted after the update via the administration interface. Then all data will be lost after 0:00 and the deletion of the index.