Version 6.6
New features
- Email analysis improvements
- IDS improvements
Email analysis improvements
- Increased performance: this version significantly increases the number of emails per hours that a Sensor can process (the actual rate depends on the hardware and the type of email traffic).
- Support for SSL/TLS and STARTTLS for SMTP (both sending and receiving).
- Increased robustness during email processing/delivery.
For in-line MTA mode:
- Better handling of nexthop server errors, including the generation of Delivery Failure Notification messages. Notifications can be sent to the original sender of the email and/or a configured email address.
- Ability to customize the email subject tag added when suspicious/malicious content is found.
- Ability to customize the text used to replace blocked URLs.
- Note: the format of the text added to the body of email messages has changed as compare to previous versions.
IDS improvements
- Fix for a problem that allowed IDS signature events to indicate blocking via TCP RSTs when blocking is actually disabled.
- Performance and robustness enhancements.
Released appliance versions
As part of this release, we are making available the following versions of Lastline appliances:
- Lastline Sensor version 608.1
Deprecation of API methods
The following API methods of the legacy API (/ll_api/ll_api) are being deprecated in this version:
- query_file_downloads
- query_binaries/binaries
- query_downloaded_files
- set_appliance_geoposition
- query_network_status
- switch_to_key
- switch_to_timezone
The Lastline API documentation includes a deprecation schedule for methods in the legacy API, as well as information on how to replace usage of these deprecated methods with supported methods.