Version 5.5 Release Notes

Release Date: November, 2008

Improvements (5.5)

Data Leakage Prevention (DLP)

Two new tests are available to protect your organization against the loss of sensitive or confidential data that could be leaked via outgoing email messages. These tests can be used to block the delivery of messages that contain specified words and phrases or credit card numbers.

For more information about these tests, see "Message Characteristics " in the Policy Tab section of the Manager Reference documentation, or the pmx-policy man page.

Content scanning for the DLP tests described above is supported for the following formats:

If you require more detailed information about these formats, contact Sophos support.

True File Type Detection

PureMessage's file detection capabilities have been extended with the introduction of an "Attachment true filetype" test, and the enhancement of existing tests that support true filetype (TFT) detection.

For more information, see "Message Characteristics " in the Policy Tab section of the Manager Reference documentation, or the pmx-policy man page.

Message Routing

You can now route messages from PureMessage servers to other SMTP servers using the "Route message" (pmx_route) action. Messages can either be rerouted to a different server, or they can be delivered to the original recipient, with a copy sent to a different server. This action is useful for archiving or encrypting messages. For more information, see "Actions Defined" in the Policy Tab section of the Manager Reference documentation, or the pmx-policy man page.

Bundled Software and Language Versions

The latest version of PureMessage contains the following:

Note: If you have made any modifications to the version of Apache included with PureMessage, these changes will not be preserved when you upgrade to PureMessage 5.5 from a previous version. Following an upgrade, you must edit /opt/pmx/etc/manager/httpd2.conf so that it includes any settings that were previously stored in /opt/pmx/etc/manager/httpd.conf

Behavioral Genotype Protection

Behavioral Genotype was introduced in an earlier release to guard against unknown malware (and families of malware). It analyzes code contained within files to determine how the code will behave, before it actually executes. The technology has been extended to also detect "suspicious behavior" files as viruses. This provides added security in cases where PureMessage cannot conclusively identify the suspicious behavior as a specific type of malware or malware family, even though it is almost certainly malware. Whenever suspicious behavior is detected, the virus identifier will have a "Sus/" prefix.

Other Improvements