Queuefile Transport support

BaruwaOS now uses the queuefile transport that was developed by us to queue messages for scanning.

IDNA support

BaruwaOS now supports IDNA. Internationalized domain names can now be configured on the system and translation is automatically handled. Most functions in the web interface that use domain names and host names now have IDNA support.

This feature is still a technology preview so may be rough around the edges.

MTA improvements

The MTA has added support for the following as technology previews.

• CHUNKING ESMTP
• PRDR
• SMTPUTF8
• DANE

DANE protocol support

BaruwaOS now supports the DANE protocol both in client and server mode. This feature is still a technology preview so may be rough around the edges.

To better support DNSSEC on BaruwaOS, the Bind DNS caching server has been replaced with the Unbound caching server. Forward zones configured for the Bind server will automatically be migrated by the baruwa-setup command.

Improved outbound relaying

This version improves upon the outbound relaying functionality within BaruwaOS.

The following issues have been fixed.

• SPF checking on outbound messages fails
• DNSBL checks run on outbound connections authenticated via SMTP-AUTH
• IPv6 Addresses not working when configured as relay clients.

Starting with this version, servers relaying through Baruwa will no longer trigger SPF failures.

Starting with this version, users connecting via SMTP-AUTH will not have their IP addresses checked on DNSBL's, this will allow for users from SOHO with dynamic network addresses to relay mail via Baruwa servers.

IPv6 relay clients will now be able to relay via Baruwa servers.

Improved IPv6 support

NOTE: Accepting of external mail via IPv6 addresses is discouraged as our data feeds do not yet adequetly track IPv6 spam sources.

The handling of IPv6 addresses has been further enhanced in this version.

It is now possible to add IPv6 addresses to the Approved and Banned sender lists.

It is also possible to configure IPv6 addresses as relay clients.

It is now possible to proxy IPv6 connections to Baruwa servers.

Various bugs related to handling of IPv6 addresses were fixed in this update.

Blocking of Macros

baruwa-setup now has an option to enable the blocking of messages that contain macros.

Improved Sophos Integration

The more efficient SAVDI and SOPHIE integration option is now available for SMTP time Anti-Virus scanning using Sophos Antivirus for Linux.

Bind

The Bind DNS caching server has been replaced by the Unbound DNS caching server.

This means the way forward zones are configured has changed. Forward zones now need to be configured based on the Unbound format.

Existing zones added to the previous Bind server will be automatically migrated to Unbound format by the baruwa-setup tool.

New zones can be added to /etc/unbound/conf.d/local.conf. Please refer to the Unbound documentation for in depth information.

SMTP Sender Callback verification

The use of SMTP callbacks to verify the existense of email accounts when the senders reverse DNS record does not exist has now been depreciated.

Scanner Spam Lists

The use of Scanner Spam Lists (Settings > MailScanner Settings > Spam Checks > Spam List) is depreciated. Please do not enable those entries. If you have them enabled, please deselect them.

This option will be removed in the next release.

Scanner Spam Domain Lists

The use of Scanner Spam Domain Lists (Settings > MailScanner Settings > Spam Checks > Spam Domain List) is depreciated. Please do not enable those entries. If you have them enabled, please deselect them.

This option will be removed in the next release.