For SmarterMail user, upgrade to Version 13.3

If you have a backdated copy of the SmarterMail, in particular to two of the vulnerabilities found in the earlier version I would suggest to get the latest copy and move up to 13.3.5535. You can download the latest from here: http://smartertools.com/smartermail/mail-server-download.aspx.

Just in case you have forgotten the steps on how to “properly” upgrade your SmarterMail. Please make sure you have a backup before proceed.

1. Stop IIs www publishing service or SmarterMail web service.
2. Uninstall SmarterMail without removing the existing folders or files.
3. Install the latest copy of SmarterMail.
4. Once it’s completed, start SmarterMail web service or IIs www publishing service.

Wait for a minute or so, sign in to admin portal to make sure everything is working. Sometime it might take a little longer to start up if you have a slower server and many mailboxes. Just be patient, do not attempt to restart your Smartermail Service unless it has stopped for some reasons.

• ADDED: Updated administrative logging to include the friendly name of the event that was fired in addition to it’s id number.
• FIXED: A temporary disk error when reading an account’s userConfig.xml file will no longer result in the user’s settings being reset to the defaults, including a blank password.
• FIXED: A user with read-only control of a shared calendar can no longer delete instances of a recurring event.
• FIXED: A zero byte fileStore.xml file will no longer prevent SmarterMail from starting properly.
• FIXED: Adding a calendar event using Android’s default calendar app with Exchange ActiveSync now syncs correctly.
• FIXED: Adding a recurring event that occurs on a specific week of each month now syncs correctly using Exchange ActiveSync.
• FIXED: Adding a task using Outlook 2013 with Exchange ActiveSync now syncs correctly.
• FIXED: Adding duplicate entries to trusted senders is no longer allowed.
• FIXED: Availability conflicts are now calculated correctly when adding or editing a new calendar event in webmail.
• FIXED: Birth dates set on iOS devices using Exchange ActiveSync now sync correctly.
• FIXED: Changing an event’s start time that includes a domain resource now properly updates the availability of that domain resource.
• FIXED: Contacts imported from a CSV file that include only white space in certain imported fields are now saved properly, such that they can be successfully synced with Exchange ActiveSync.
• FIXED: Creating a calendar and immediately deleting an event using the Mac OSX calendar app with Exchange Web Services now syncs correctly.
• FIXED: Declude spam weights now save correctly.
• FIXED: Domain resource availability is now calculated properly when determining scheduling conflicts.
• FIXED: Editing a password brute force or denial of service abuse detection rule for XMPP now correctly sets the service field to XMPP.
• FIXED: Email folders that contain special characters are now sorted correctly in webmail.
• FIXED: Exchange ActiveSync responses will no longer send an empty Exceptions tag, which would cause Outlook 2013 to crash.
• FIXED: Folders with special characters in their name now sync correctly using Exchange ActiveSync.
• FIXED: Made changes to how folder renaming is handled to prevent a scenario that could cause mailbox corruption.
• FIXED: Renaming a folder that contains special characters using Exchange ActiveSync no longer causes an error in webmail when trying to view that folder.
• FIXED: Setting a contact’s birth date on a client synced using CardDAV will no longer save as one day off for users in time zones with positive offsets from GMT.
• FIXED: Temporary files created during Exchange ActiveSync SmartForward, SmartReply and other email attachment operations are now immediately cleaned up when no longer needed.
• FIXED: The number of items sent back per Exchange ActiveSync response is now correctly determined using the WindowSize specified by the client.
• SECURITY: Resolved an XSS vulnerability related to replying to an email.
• SECURITY: Resolved an XSS vulnerability related to viewing email.