<> Trend Micro Incorporated October 8, 2019 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) InterScan(TM) Messaging Security Suite 9.1 Patch 1 - Build 1323 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: This readme file was current as of the date above. However, all customers are advised to check Trend Micro's website for documentation updates at: http://www.trendmicro.com/download TIP: Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro website. Register during installation or online at: https://clp.trendmicro.com/FullRegistration?T=TM Contents ========================================================== 1. About InterScan Messaging Security Suite 1.1 Overview of This Release 1.2 Who Should Install This Release 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation 5.1 Installing 5.2 Uninstalling 6. Post-Installation Configuration 7. Known Issues 8. Release History 9. Files Included in This Release 10. Contact Information 11. About Trend Micro 12. License Agreement ========================================================== 1. About InterScan Messaging Security Suite ======================================================================== InterScan Messaging Security Suite (IMSS) 9.1 integrates antivirus, antispam, anti-phishing, and content filtering technology for complete email protection. This flexible software solution features award-winning antivirus and zero-day protection to block known and potential viruses. Multi-layered antispam combines the first level of defense in Email reputation technology with customizable traffic management through IP Profiler and the blended techniques of a powerful composite engine. Multi-lingual antispam provides additional support to global companies. Advanced content filtering helps to achieve regulatory compliance and corporate governance, and protects confidential information. IMSS delivers protection on a single, highly scalable platform with centralized management for comprehensive email security at the gateway. 1.1 Overview of This Release ===================================================================== This patch includes all patches and critical patches released after IMSS 9.1 Build 1172. 1.2 Who Should Install This Release ===================================================================== Install this patch if you are currently running any package released before IMSS 9.1 Patch 1 Build 1323. 2. What's New ======================================================================== NOTES: - Please install the Patch before completing any procedures in this section (see "Installation"). - You must restart all IMSS devices as scheduled after applying this patch. 2.1 Enhancements ===================================================================== The following enhancements are included in this patch: Enhancement 1: Even if there are multiple LDAP and KDC servers, IMSS can only have one KDC server. This is enforced in "krb5.conf". Editing "krb5.conf" manually should allow IMSS to use multiple KDC servers. However, the "euqutil -e" command that updates "krb5.conf" using the LDAP/KDC server information in the database is executed from scheduled tasks and starting scripts. As a result, IMSS will still not be able to use multiple KDC servers even if you add a second KDC server to "krb5.conf". This patch allows users to configure IMSS not to export the "krb5.conf" file by the "euqutil -e" command that enables them to manually edit the file, so IMSS can use multiple KDC servers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: To configure IMSS not to export the "krb5.conf" file by the "euqutil -e" command: 1. Install this patch (see "Installation"). 2. Open the "imss.ini" file. 3. Add the following key under the "LDAP" section and set it to "yes". [LDAP] DonotUpdateKRB5CONF=yes NOTE: The default value is "no", which disables the feature. 4. Save the changes and close the file. NOTE: If you specified a second KDC server in "krb5.conf", IMSS will use that server when the first KDC server is not working. Enhancement 2: When the domain specified in the "From" header does not match the specified domain in the "d=" of the DKIM-Signature header, IMSS 9.1 treats the email message as "DKIM verification failure", but adds a "X-DKIM-Authentication-Result: dkim=pass" to the header. This patch enables users to configure IMSS to allow these email messages to pass DKIM verification. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 2: To configure IMSS to allow email messages when the domain specified in the "From" header does not match the specified domain in the "d=" of the DKIM-Signature header to pass DKIM verification: 1. Install this patch (see "Installation"). 2. Connect to the database by running the following command: /opt/trend/imss/PostgreSQL/bin/psql imss sa 3. Add a hidden key in the database by running the following command: insert into tb_global_setting (section, name, value, inifile) VALUES ('dkim', 'DomainNoNeedChecked', '1', 'imss.ini'); 4. Close the database connection using the following command: \q Enhancement 3: This patch enables "Attachment True File Type" of IMSS to detect MSI files. Enhancement 4: This patch adds a setting to help ensure that the "Attachment Name or Extension" filter can detect and block files embedded in .doc file attachments. To ensure that IMSS can successfully detect and block files embedded in .doc file attachments: 1. Install this patch (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set its value to "yes": [general] ScanFileNameInOle=yes 4. Save the changes and close the file. 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99IMSS restart Enhancement 5: This patch enables IMSS 9.1 to support version 7.0 of Trend Micro Control Manager(TM). Enhancement 6: Tomcat-connector - This patch upgrades Tomcat-connector in IMSS. Enhancement 7: OpenSSL - This patch upgrades OpenSSL in IMSS. Enhancement 8: Apache - This patch upgrades Apache in IMSS. Enhancement 9: Tomcat - This patch upgrades Tomcat in IMSS. Enhancement 10: PHP - This patch upgrades PHP in IMSS. Enhancement 11: PCRE - This patch upgrades PCRE in IMSS. Enhancement 12: eManager(TM) - This patch upgrades the eManager(TM) module. The internal logic of the eManager module is refined to deal with a performance issue of IMSS. Enhancement 13: Trend Micro Virtual Analyzer - This patch enables IMSS to send suspicious URLs to Virtual Analyzer. NOTE: This enhancement supports only versions 6.1 and 6.5 of Virtual Analyzer. Enhancement 14: Attachment Phishing - This patch enables the IMSS Web Reputation Services (WRS) policy to automatically extract URLS from file attachments and to check the safety of each URL. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 14: To enable attachment Phishing: 1. Install this patch (see "Installation"). 2. Connect to the database by running the following command: /opt/trend/imss/PostgreSQL/bin/psql imss sa 3. Add a hidden key in the database by running the following command: insert into tb_global_setting (section, name, value, inifile) VALUES ('wrs', 'enable_extract_att_url', 'yes', 'imss.ini'); 4. Close the database connection using the following command: \q" 5. Restart the scan service using the following command. S99IMSS restart Enhancement 15: LDAPS Enhancement - This patch enables IMSS to encrypt its communication with the LDAP server with TLS 1.2 WARNING: To support TLS 1.2, IMSS has upgraded its NSS with newly-introduced RSA-PSS signatures. Users using OpenLDAP with NSS may need to upgrade NSS on the LDAP server machine. Otherwise, IMSS will not be able to connect to the LDAP server because the LDAP server will refuse to communicate with it. Enhancement 16: Macrowave Enhancement - This patch enables IMSS to detect unknown malware in an email attachment based on machine learning technology. This technology is integrated with the IMSS anti-spam policy and enabled by default. Enhancement 17: This patch allows users to configure the allowed maximum DFA node number and maximum regex match times to prevent performance issues. This patch also enables IMSS to display the DFA node number of a configured policy and to generate logs if the DFA exceeds the configured maximum number in "contentFilterMaxDFANodeLimit" or when match times exceed the configured number of times in "contentFilterMaxRegMatchLimit". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 17: To configure the maximum values: 1. Install this patch (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set its value to a customized value; suggested value is from 50000 to 100000. [general] contentFilterMaxDFANodeLimit=50000 contentFilterMaxRegMatchLimit=50000 4. Save the changes and close the file. 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99IMSS restart Enhancement 18: This patch improves the End User Quarantine (EUQ) digest performance, enhancing ldapcache and changing euqutil to multi-threads. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 18: To set a number of threads for each EUQ database in the digest process: 1. Install this patch (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set it to the maximum number of threads. Trend Micro recommends setting it to "10". [general] DigestThrdNumPerEUQDB=10 4. Save the changes and close the file. Enhancement 19: This patch improves the way the IMSS queue monitor thread calculates the archive and quarantine sizes. Enhancement 20: After upgrading to IMSS 9.1, a client's SNMP parser script cannot parse the SNMP trap message from IMSS. This patch resolves the issue by enabling users to set the SNMP trap format in IMSS 9.1 to the same SNMP trap format in IMSS 7.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 20: To set the SNMP trap format in IMSS 9.1 to the same SNMP trap format in IMSS 7.1: 1. Install this hot fix (see "Installation"). 2. Insert a record into the IMSS database by running the following SQL statement: insert into tb_global_setting (section, name, value, inifile) values ('general', 'SNMPMultiBinding', '1', 'imss.ini') 3. Run the following command in the IMSS backend: /opt/trend/imss/script/imssctl.sh restart Enhancement 21: This patch enables IMSS to send more accurate logs to Control Manager. Enhancement 22: This Patch resolves vulnerabilities discovered by a Veracode scan on IMSS to improve product security. Enhancement 23: This Patch enables IMSS to support the TLS protocol for ActiveUpdate (AU) updates. It also provides an option to configure IMSS to use only TLS 1.2 for AU updates. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 23: To configure IMSS to use only TLS 1.2 for AU updates: 1. Install this patch (see "Installation"). 2. Connect to the IMSS database using the following command: /opt/trend/imss/PostgreSQL/bin/psql imss sa 3. Run the following SQL statement to set the threshold to the preferred value: insert into tb_global_setting values('Update', 'TLS12_Only','1','imss.ini',''); 4. Log off from the database server by running the following command: \q 5. Restart the adminUI using the following command: S99ADMINUI restart 6. Save the changes and close the file. Enhancement 24: When BCC action is configured, IMSS sends the BCC email messages in the same session as the original email message. This patch enables users to configure IMSS to send BCC email messages in a new session. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 24: To configure IMSS to send BCC email messages in a new session: 1. Install this patch (see "Installation"). 2. Open the "imss.ini" file in the "/opt/trend/imss/config" folder using a text editor. 3. Add the following setting under the "General-Notification" section and set its value to "yes": * [General-Notification] * SendBccInNewSession=yes NOTES: * The default value of this key is "no". * For security, the newly-generated BCC email message is sent back to IMSS for re-scanning. To skip the re-scan, add "BccInNewSessionSkipScan=yes" under the "General-Notification" section. 4. Save the change and close the file. 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99IMSS restart 2.2 Resolved Known Issues ===================================================================== This release resolves the following issues: Issue 1: When IMSS quarantines a suspicious file, the corresponding log in the ad hoc query results on Control Manager does not display the file name. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This patch ensures that the corresponding logs on the Control Manager ad hoc query results display the file name of the quarantined files. Issue 2: It may take a long time for IMSS to process email tracking queries and deadlock issues related to the pglog file occur. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This patch can fix the issue. Issue 3: The Trend Micro Feedback Engine (TMFBE) may stop unexpectedly on a third-party SSL library if certain types of proxy servers with SHA256 certificates exist in the network. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This patch can fix the issue. Issue 4: A Tomcat exception occurs after users disable the detection level in the spam rule. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This patch can fix the issue. Issue 5: The "imss.ini.db" does not support the HTTPS equivalent of the HTTP websites for license updates (PrServerUpdateURL). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This patch can fix the issue. Issue 6: IMSS stops processing email messages unexpectedly. When this happens, email messages are reprocessed only after restarting IMSS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This patch ensures that IMSS processes email messages normally. Issue 7: IMSS unexpectedly quarantines email messages when duplicate internal ID archive exists. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This patch can fix the issue. Issue 8: Under certain conditions, IMSS may send out policy notifications with no email body and without attaching the original email message attached. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This patch can fix the issue. Issue 9: Some email messages have mojibake characters because IMSS did not insert the stamp without encoding. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: This patch can fix the issue. Issue 10: The scan service could not start when other services such as Postfix use the reprocess port (10024). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: This patch can fix the issue. Issue 11: IMSS stops processing email messages unexpectedly. When this happens, email messages are reprocessed only after restarting IMSS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: This patch can fix the issue. Issue 12: If an email is detected as SNAP and is sent to Virtual Analyzer for further analysis, IMSS may still take action on the email message even when Virtual Analyzer returns a safe result. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: This patch ensures that IMSS does not take action on email messages when the Virtual Analyzer considers it as safe. Issue 13: Automatic updates do not run. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: This patch updates the imssausched process to the latest version to ensure that automatic updates run normally on IMSS clients. Issue 14: Configuration replication fails in InterScan Messaging Security Suite (IMSS) servers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 14: This patch enables the web console to limit the keyword expression in each group to 614,400 characters. This helps ensure that configuration replication proceeds normally in IMSS servers. Issue 15: IMSS stops processing email messages unexpectedly. When this happens, email messages are reprocessed only after IMSS restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 15: This patch ensures that IMSS processes email messages normally. Issue 16: In version 7.3 and any higher version of Red Hat(TM) Enterprise for Linux, TmFoxProxy stops unexpectedly after glibc is updated. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 16: This patch resolves the issue by replacing the TmFoxProxy binary. Issue 17: The date on the "last updated" column in the Managed Product status page on the Trend Micro Control Manager(TM) console is not updated when components are updated. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 17: This patch updates CMAgent to ensure that the information in the "last updated" column is updated promptly when components are updated. Issue 18: The dashboard does not display because the environment variables related to HTTP proxy is unexpectedly used. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 18: This patch resolves the issue. Issue 19: IMSS cannot detect a sample when the target string is inside an HTML tag. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 19: This patch changes some default settings for the eManager(TM) module. To apply the changes: 1.Install this patch (see "Installation"). 2.Insert a record into the IMSS database by running the following SQL statement: insert into tb_global_setting (section, name, value, inifile) values('general', 'EnableExtractPlainTextFromOriginalContent', 'all', 'imss.ini') 3.Run the following command in the IMSS backend: /opt/trend/imss/script/imssctl.sh restart Issue 20: The Anti-spoofing Filter cannot skip IPv6 addresses. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 20: This patch resolves the issue. Issue 21: Several IMSS UI scripts may run simultaneously which may cause the UI to behave abnormally. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 21: This patch ensures that when the IMSS UI script is called two or more times, the instances run one by one. Issue 22: A 0 sized file may be exported from Data Loss Prevention (DLP) when IMSS 9.1 is installed on a non-default path. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 22: This patch fixes the path of the compliance template file to resolve this issue. Issue 23: The pattern file cannot be rolled back after it has been upgraded from Trend Micro Control Manager(TM). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 23: This patch ensures that pattern files can be rolled back normally. Issue 24: An issue prevents IMSS from starting the imssd process. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 24: This patch adds a new exclusive lock to synchronize imssmgr and imsstasks when the Active Update (AU) monitor thread is updating AU patterns. Issue 25: IMSS may not able to export configuration files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 25: This patch ensures IMSS can export configuration files. Issue 26: An Apache Tomcat(R) exception occurs after users disable the detection level in the spam rule. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 26: This patch ensures that users can reconfigure the spam rule detection level without encountering any issues. Issue 27: When a compressed file contains Microsoft Office(TM) files, IMSS may not be able to count the total number of files included in the compressed file if the threshold in "Policy > Scanning Exceptions > Total # files in compressed file exceeds" is set to a small value. This may trigger a scan exception. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 27: This patch ensures that IMSS can count the total number of files in compressed files correctly. Issue 28: When POP3 is used to receive email messages from IMSS but IMSS cannot query the Smart Scan server due to a network problem, users may receive an empty email message. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 28: This patch ensures that users receive a notification message under this scenario. Issue 29: The IMSS policy service may encounter performance issues if the LDAP server is slow. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 29: This patch ensures IMSS multi-threads run in parallel when querying the LDAP to reduce the impact of the LDAP performance. Issue 30: .js files embedded in a .doc file attachment are allowed to pass even when the Attachment Rule Policy is set to block these files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 30: This patch ensures that when configured, the Attachment Rule Policy can block .js files embedded in .doc file attachments. Issue 31: When users send out an email message in any non-UTF-8 type of encoding, garbled characters appear in the subject action heading. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 31: This patch ensures that users can send out email messages using supported non-UTF-8 encoding without issues. Issue 32: The "Imssausched.pid" file is not deleted automatically after the imssausched process stops. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 32: This patch ensures that the "Imssausched.pid" file is deleted promptly after the imssausched process stops. Issue 33: The manager service sends out quarantined email messages empty when Smart Scan encounters an error while reprocessing these messages from the quarantine folder. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 33: This patch ensures that the manager service can send out quarantined email messages correctly. Issue 34: When an email message is quarantined, IMSS does not check if another file with the same file name exists in the quarantine folder. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 34: This patch enables IMSS to check if a file with the same file name already exists in the quarantine folder before sending an email message to quarantine. Issue 35: When a compressed file contains Microsoft(TM) Office(TM) files, IMSS may not be able to count the total number of files in the compressed file. If the threshold in "Policy > Scanning Exceptions > Total # files in compressed file exceeds" is small, this may trigger a scan exception. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 35: This patch ensures that IMSS can count the total number of files in a compressed file correctly. Issue 36: When IMSS integrates with Virtual Analyzer, IMSS applies the "pass" action on an attached file that was analyzed as a high risk file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 36: This patch ensures that IMSS blocks high risk files successfully after integrating with Virtual Analyzer. Issue 37: If the size of the archive queue exceeds the configured maximum, IMSS deletes the End-User Quarantine (EUQ) records from the database. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 37: This patch resolves this issue. Issue 38: Users cannot open the web console after disabling TLS 1.0 and 1.1 and configuring IMSS 9.1 to use only TLS 1.2. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 38: This patch updates the OpenSSL module in the Apache HTTPD server to resolve this issue. Issue 39: IMSS may record certain sensitive information in the log file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 39: This patch ensures that IMSS does not add sensitive information into the log file. Issue 40: The current version of OpenSSL in IMSS 9.1 may be affected by certain vulnerabilities. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 40: This patch updates the OpenSSL module to the latest version to resolve this issue. Issue 41: The current version of Tomcat in IMSS 9.1 may be affected by certain vulnerabilities. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 41: This patch updates the Tomcat module to the latest version to resolve this issue. Issue 42: The eManager(TM) module still detects certain files in password-protected ZIP files even when the files are in the approved list. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 42: This patch ensures that the eManager module is not triggered by files in the approved list. Issue 43: IMSS uses an outdated version of eManager. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 43: This patch updates the eManager module in IMSS 9.1 to the latest 7.5 version. Issue 44: Administrators cannot delete attached files that Deep Discovery Analyzer (DDAN) tags as high risk. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 44: This patch ensures that administrators can delete attached files tagged by DDAN as high risk. Issue 45: Dtasagent stops working after IMSS restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 45: This patch ensures that dtasagent restarts automatically and works normally when IMSS restarts. Issue 46: IMSS recognizes all internal messages that include an IPv6 "Received" header as spoofed internal messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 46: This patch prevents IPv6 addresses in the "Received" header from triggering the spoofed internal message rule. Issue 47: The root partition repeatedly runs out of memory. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 47: This patch resolves the issue by ensuring that the imsscmagent log is generated in the correct folder. Issue 48: Email messages have piled up in the 'Deferred' queue, and some messages might be sent more than once. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 48: This patch upgrades the eManager to resolve the issue. Issue 49: eManager detects the file names of certain password protected 7-zip files unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 49: This patch upgrades the eManager to resolve the issue. Issue 50: Email Reputation Services (ERS) stops working after the ERS server restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 50: This patch updates FoxProxy to ensure that ERS works normally after the ERS server restarts. Issue 51: The split message log is not displayed in message tracking logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 51: This patch updates imssd to eliminate the duplicated UUID to ensure that message tracking log can be generated normally. Issue 52: The database connection may leak out when certain types of logs are queried. When this happens, the IMSS console may respond very slowly and may not be able to display some information. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 52: This patch prevents performance issues of the IMSS console. Issue 53: If a rule's "Scanning Conditions" is a combination of conditions that need Virtual Analyzer and some that do not need Virtual Analyzer, and the Virtual Analyzer result is "safe", IMSS will not be able to apply the action from the "Scanning Conditions" that do not need Virtual Analyzer. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 53: This patch ensures that IMSS can apply all the required actions in the scenario described above. Issue 54: If IMSS attempts to send a large number of suspicious email messages that do not contain attachments to Virtual Analyzer, some of the email messages may not be sent and trigger Virtual Analyzer scanning exceptions. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 54: This patch ensures that IMSS can successfully send a large number of suspicious email messages to Virtual Analyzer for further analysis. Issue 55: IMSS may not be able to create "Admin Accounts" if it is using a Domino LDAP server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 55: This patch ensures that IMSS can create "Admin Accounts" without issues. Issue 56: The "Trusted Internal IP List" for the "Spoofed internal messages" policy allows IMSS to add 500 records only. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 56: This patch enables IMSS to add more records. To extend the number of records that IMSS can add to the "Trusted Internal IP List" for "Spoofed internal messages": 1. Install this patch (see "Installation"). 2. Open the "imssDefine.properties" file in the "/opt/trend/imss/UI/adminUI/ROOT/WEBINF/classes/" folder using a text editor. 3. Add the following setting and set its value to the preferred maximum number of records. policyAntiSpoof.TrustedIPList.sizeLimit=800 NOTE: The default value of this key is "500" which allows IMSS to add up to 500 records. 4. Save the change and close the file. 5. Restart the admin console using the following command: /opt/trend/imss/script/S99ADMINUI restart Issue 57: Users cannot add more than one LDAP server when there are duplicate records in the current LDAP server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 57: This patch removes the duplicate records so that users can add multiple LDAP servers. Issue 58: Smart Scan cannot be enabled after users import the configuration file from InterScan Messaging Security Suite (IMSS) 9.1 for Microsoft(TM) Windows(TM). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 58: This patch ensures Smart Scan can be enabled normally. Issue 59: When a compressed file contains Microsoft Office(TM) files, IMSS may not be able to count the total number of files in the compressed file. If the threshold in "Policy > Scanning Exceptions > Total # files in compressed file exceeds " is small, this may trigger a scan exception. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 59: This patch ensures that IMSS can count the total number of files in a compressed file correctly. Issue 60: IMSS may record certain sensitive information in the log file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 60: This patch ensures that IMSS does not add sensitive information into the log file. Issue 61: If the maximum number of scanner processes that can run at the same time is set to a very small value, the SNAP report service may keep restarting. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 61: This patch resolves the issue so the SNAP report service runs normally. Issue 62: An issue may prevent IMSS from adding stamps to email messages sent from iCloud. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 62: This patch ensures that IMSS can add stamps to email messages. Issue 63: Under certain extreme conditions, an issue within the eManager(TM) module can trigger IMSS to stop unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 63: This patch updates the eManager module to resolve the issue. Issue 64: Sometimes, certain email messages cannot be delivered because IMSS detects that the email messages were not archived even when the messages have been archived successfully. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 64: This patch ensures that IMSS can correctly detect when an email message has been archived successfully. Issue 65: Some users may need to match the data that are in multiple lines. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 65: This patch provides an option to normalize the email data into one line to match. To enable IMSS to normalize the email data into one line before matching: 1. Install this patch (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set its value to "yes": [general] EnableContentFilterNormalize=yes 4. Save the changes and close the file. 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99IMSS restart Issue 66: DLP Template for Verve. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 66: This patch upgrades the Trend Micro Data Loss Prevention(TM) Compliance Templates to enable it to support more templates. Issue 67: Sometimes, if the downstream mail transfer agent (MTA) of the next hop MTA uses the tarpitting feature on the RCPT command, IMSS times out and stops sending the notification. When this happens, the notifications stack up in IMSS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 67: This patch enables IMSS to correctly retry sending a notification email under this scenario and allows users to extend the timeout value for the RCPT command to a value larger than 120 seconds to help ensure that the tarpitting feature works. Issue 68: When users import the "Trusted Internal IP List" for "Spoofed internal messages" from a file, only 500 IPs will be imported by default even if the user sets the maximum number of IPs to a larger number. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 68: This patch resolves the issue by ensuring that IMSS reads the limit on the number of IPs that can be imported from the configuration files before importing the "Trusted Internal IP List". Issue 69: The TMMSG module version may stop working while adding stamps to email messages that are not encoded. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 69: This patch updates the TMMSG module to resolve the issue. Issue 70: When users add a long email address in the End-User Quarantine (EUQ) Approved Sender list, they may not able to see the entire email address. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 70: This patch ensures that users can see the entire email address. Issue 71: When the attached RAR file is corrupted, IMSS cannot detect it using the "file name and extension" filter for attachment files, even if the file name or extension contains the keyword. This issue occurs because when the filtering is "file name and extension", eManager tries to check the file name in the ZIP/RAR file. If the file is corrupted in the ZIP/RAR format, eManager fails to scan the file name in ZIP/RAR file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 71: This patch ensures that if IMSS detects that the RAR file is corrupted, it only checks the file name of the ZIP/RAR file. Issue 72: Under some extreme conditions, the IMSS DTAS agent may fail to start when restarting the machine. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 72: This patch ensures that the DTAS agent restarts correctly under these extreme conditions. Issue 73: The VSAPI may not be able to extract compressed files that contain new features and returns an -81 error instead, which triggers the IMSS scan exception policy. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 73: This patch enables users to configure IMSS to ignore the error. To configure IMSS to ignore the -81 error: 1. Install this patch (see "Installation"). 2. Connect to the IMSS database using the following command: /opt/trend/imss/PostgreSQL/bin/psql imss sa 3. Run the following SQL statement in a single line: INSERT INTO tb_global_setting VALUES ('virus', 'VSBIgnNotSupportedErr', '1', 'imss.ini', NULL); NOTE: The default value is "0", which allows the -81 error to trigger the IMSS scan exception policy. 4. Log off from the database server by running the following command: \q 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99IMSS restart Issue 74: IMSS may not be able to import configuration files that use a large number of Data Loss Prevention (DLP) compliance templates. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 74: This patch ensures that IMSS can import configuration files that use a large number of DLP compliance templates. Issue 75: A configured alternative LDAP server may not be able to connect to the main LDAP server because the wrong server principle name is used for Kerberos authentication. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 75: This patch ensures that IMSS uses the correct server principle name for Kerberos authentication so that the alternative and main LDAP servers can communicate normally. Issue 76: Under extreme conditions, the IMSS Control Manager agent may incorrectly set the log path to an incorrect disk partition. Once this happens, the IMSS disk may become full. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 76: This patch ensures the IMSS Control Manager agent does not modify the log path by mistake. Issue 77: An issue occurs when users enable certain functions that may instruct IMSS manager to parse the logs. Users observe this issue when they disable these functions, and the system does not generate the logs. After the system purges all the old logs, the IMSS manager keeps logging "FATAL" messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 77: This patch ensures that "FATAL" logs will not generate under these conditions. Issue 78: The IMSS "Spoofed internal messages" policy may detect certain email messages by mistake. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 78: This patch resolves the issue. Issue 79: IMSS may not update the LDAP cache in a child IMSS device when there are multiple parent LDAPs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 79: This patch ensures that the LDAP cache in child IMSS device are updated normally and resemble the parent's LDAP cache. Issue 80: Users may not be able to open policy notifications after importing the configuration from IMSS 9.1 for Microsoft(TM) Windows(TM). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 80: This patch ensures that users can open policy notifications without issues. Issue 81: Under certain extreme conditions, the message tracing feature of IMSS may stop working. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 81: This patch resolves this issue. Issue 82: Sometimes, users may find a running zombie process that does not affect any IMSS function. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 82: This patch removes the zombie process. Issue 83: Users may not be able to manually release email messages that have a password-protected attachment(s) and were previously sent to Virtual Analyzer that returns an exception error to IMSS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 83: This patch ensures that users can release this type of email messages. Issue 84: IMSS may treat certain files as EXE files by mistake. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 84: This patch resolves this issue. Issue 85: The IMSS spam filter may not be able to detect certain email messages with encoded headers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 85: This patch ensures that the spam filter can recognize these email messages. Issue 86: The IMSS manager automatically flushes email messages to the scanner after a pattern update. However, under certain conditions, IMSS does not flush the Postfix queue after a pattern update and when this happens, the email messages are delayed or not sent. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 86: This patch ensures IMSS always flushes the Postfix queue after a pattern update. Issue 87: The IMSS "true file type" policy may not able to detect certain files inside other files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 87: This patch upgrades the eManager(TM) module to ensure that the IMSS "true file type" policy can detect files inside files. Issue 88: IMSS may not be able to delete an attachment from some special email messages which should not contain any attachment according to RFC standards even when the Virtual Analyzer has tagged these messages as high risks. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 88: This patch ensures IMSS takes the necessary actions on these email messages. If IMSS detects only one attachment, IMSS will remove the whole email message. If IMSS detects several attachments but cannot determine which one Virtual Analyzer is reporting as malware, IMSS will raise an exception. Issue 89: Some files are assigned the wrong permissions. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 89: This patch corrects the file permissions. Issue 90: IMSS may not be able to send End User Quarantine (EUQ) digest notification email messages that contain at least one long email address. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 90: This patch ensures that IMSS can send EUQ digest notification email messages that contain long email addresses. Issue 91: A blank sender address may be added to the EUQ approved sender list. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 91: This patch prevents this from happening. Issue 92: The IMSS "Name or extension" policy may not be able to detect certain types of files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 92: This patch ensures that the policy can detect files normally. Issue 93: The IMSS FoxProxy process may stop unexpectedly when users add a subnet that contains a large number of IP addresses to the approved/blocked list. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 93: This patch ensures that users can add subnets that contain a large number of IP addresses to the approved/blocked list. Issue 94: If IMSS cannot connect to the Email Reputation Services (ERS) server during startup, the ERS feature will be disabled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 94: This patch enables IMSS to monitor the ERS server status if it was not reachable during startup. Once the ERS server recovers, IMSS will restart TmFoxFilter to automatically enable the ERS feature. Issue 95: IMSS always uses the HTTP protocol when querying the Web Reputation Services (WRS) even when the URL uses a different protocol. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 95: This patch enables IMSS to use the correct protocol for WRS queries. Issue 96: The "EnableScanFileNameInPasswordCompress" hidden key does not work in IMSS 9.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 96: This patch updates the eManager(TM) module to resolve this issue. Issue 97: Users cannot renew IMSS licenses from Trend Micro Control Manager(TM) if one of the licenses is not activated. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 97: This patch resolves the issue by enabling the license renewal procedure to skip unactivated licenses and continue to activate the rest of the licenses. Issue 98: IMSS does not purge outdated "localservermgmt.*" log files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 98: This patch ensures that outdated log files are purged promptly. Issue 99: Some email messages trigger the "DLP Compliance" policy by mistake. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 99: This patch resolves this issue. Issue 100: The "Text Exemption Rules" feature does not work if the rule name contains wide characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 100: This patch ensures that the "Text Exemption Rules" feature works normally. Issue 101: IMSS daily reports show zero email messages in the "Time-of-Click Protection" section. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 101: This patch ensures that IMSS retrieves the correct statistical information for the "Time-of-Click Protection" section in reports. Issue 102: IMSS stops processing email messages unexpectedly while scanning certain types of PDF files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 102: This patch upgrades the eManager module to resolve this issue. Issue 103: IMSS sends the wrong user name for proxy authentication for the Smart Protection Network. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 103: This patch ensures that IMSS uses the right proxy user name for the Smart Protect Network. Issue 104: The IMSS message tracking feature may not be able to track some email messages under certain extreme scenarios. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 104: This patch ensures the IMSS message tracking feature can track these mail messages. Issue 105: The Content Filtering policy may not be able to detect and quarantine certain email messages that contain Bitcoin. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 105: This patch upgrades the eManager(TM) module and adds two hidden keys to resolve this issue. To enable the "ContentFilterNormalize" and "IgnoreZeroWidthNonJoiner" keys: 1. Install this patch (see "Installation"). 2. Open the "imss.ini" file. 3. Add the following keys under the "general" section and set each to "yes". [general] EnableContentFilterNormalize=yes EnableIgnoreZeroWidthNonJoiner=yes 4. Save the changes and close the file. 5. Run the following command in the IMSS backend: /opt/trend/imss/script/S99IMSS restart Issue 106: Users encounter high CPU usage when IMSS scans certain email messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 106: This patch upgrades the eManager module to resolve this issue. Issue 107: Sometimes, the IMSS root partition is filled up by ATSE temporary files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 107: This patch resolves the issue by moving the ATSE temporary folder path to the largest partition "/var/app_data", and adds an automatic purge mechanism for the folder. Issue 108: If user input invalid email address in anti-spam Approved/Blocked sender list , the error message is not correct. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 108: This patch corrects the error message. Issue 109: The imsscmagent service may encounter high CPU usage issues. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 109: This patch prevents the issue. Issue 110: Some information may be missing from IMSS reports because the information is missing from the database. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 110: This patch ensures that all required information is properly saved in the database so that IMSS reports contain complete and accurate information. Issue 111: IMSS uses the wrong SNMP Trap message ID for "Switched to Conventional Scan". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 111: This patch corrects the "Switched to Conventional Scan" SNMP trap ID. Issue 112: The "X-TM-AS-GCONF" email header displays incorrect information. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 112: This patch ensures that the "X-TM-AS-GCONF" email header displays the correct information. Issue 113: An issue prevents the Product Registration (PR) module from validating product Activation Codes (AC) correctly during Daylight Saving Time (DST). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 113: This patch upgrades the PR module to ensure that it can validate ACs correctly during DST. Issue 114: An eManager(TM) update from hot fix 1232 may cause a memory leak issue that triggers IMSS to create the following log entry: tmem_hf_closeScanSection_error:-2117004511. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 114: This patch resolves the error. Issue 115: Sometimes, the imssd process cannot start successfully after a pattern upgrade. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 115: This patch ensures that imssd can start successfully after a pattern upgrade. Issue 116: The wrong InstallMethod setting is specified in the BIF file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 116: This patch corrects the InstallMethod setting in the BIF file. Issue 117: The "check_outboundIP.sh" tool is missing in IMSS 9.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 117: This patch adds the "check_outboundIP.sh" tool. Issue 118: IMSS services restart even when the expiration date has not been renewed manually online. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 118: This patch adds a condition that helps ensure that IMSS services restart only when the PR has been updated successfully. Issue 119: Customers cannot select all of true file types for a policy rule from the web UI page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 119: This patch makes customers able to select all of true file types for a policy rule from the web UI page. Issue 120: Email messages with invalid message-id's cannot be sent to Virtual Analyzer. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 120: This patch ensures that these email messages can be sent to Virtual Analyzer successfully. Issue 121: There is a minor bug in "macrowave" enhancement. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 121: This patch resolves the issue. Issue 122: This patch enables IMSS to send out notifications using the first anti-virus or Web Reputation Service (WRS) policy notification when triggered by suspicious objects (SO) and the SO-URL policy. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 122: To enable the notification 1. Install this patch (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "policy_server" section and set its value to "true". [policy_server] EnableSORuleNotifyAction=true 4. Save the changes and close the file. 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99POLICY restart Issue 123: Users cannot create admin accounts using LDAP authentication when they have previously accessed the "Administration > End-User Quarantine" page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 123: This patch resolves the issue. Issue 124: Some temporary files under the "/tmp/" folder are not purged automatically. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 124: This patch ensures that IMSS purges temporary files under the "/tmp/" regularly. Issue 125: imssd may stop working while scanning certain email messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 125: This patch ensures that imssd can scan email messages normally. Issue 126: IMSS may submit a URL sample to Virtual Analyzer when the URL is very long or when all the URLs are in cache but the Virtual Analyzer report is not ready. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 126: This patch ensures IMSS submits the correct URL samples to Virtual Analyzer for analysis. Issue 127: The IMSS "Password protected zip files (unscannable files)" policy does not work if it scans an email after receiving the Virtual Analyzer reports. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 127: This patch ensures that the policy works normally. Issue 128: An error message is added into the IMSS database log. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 128: This patch resolves the error. Issue 129: Previously, IMSS does not treat adding an X-header to an email message as modifying the email and does not split the email. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 129: This patch provides to configure IMSS to treat this event as email modification. To configure IMSS to treat adding an X-header to an email message as email modification: 1. Install this patch (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set its value to "yes": [general] InsertXHeaderTagIfModifyMsgBody=yes 4. Save the changes and close the file. 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99IMSS restart Issue 130: The IMSS scanner may stop unexpectedly when the "Smart Scan" is enabled and "Pattern update" is disabled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 130: This patch updates the Smart Scan module to resolve the issue. Issue 131: If the local server management module cannot access the database during initialization, it will not be able to work normally even after the database is back to normal. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 131: This patch resolves the issue. Issue 132: If the IMSS product license has expired but is still within the renewal grace period, Trend Micro Control Manager(TM) will not be able to deploy components like pattern files and search engines to IMSS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 132: This patch resolves the issue. Issue 133: Expressions may be saved with an unnecessary ".*" at the beginning or at the end which may impact IMSS performance. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 133: This patch enables IMSS to automatically remove "." from the beginning or end of old expressions before scanning and to remind users to remove the "." at the beginning or at the end of an expression when saving it. Issue 134: IMSS cannot display the dashboard because the page reloads repeatedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 134: This patch updates the corresponding php file to support IPV6 and enable it to access the dashboard. Issue 135: The "Header keyword expressions" filter may not be able to detect some certain types of email messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 135: This patch resolves the issue. Issue 136: Under certain special network conditions, the End User Quarantine (EUQ) console displays an exception error while refreshing 20 minutes after users log in. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 136: This patch resolves the issue. Issue 137: "Virtual Analyzer Settings" and "DKIM Signature Event" notifications display the wrong SNMP trap IDs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 137: This patch defines new SNMP trap IDs for these two event notifications. Issue 138: URLs in the web reputation approved list are still rewritten because the approved list is case-sensitive. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 138: This patch makes the list case-insensitive. Issue 139: The tmmsg module may modify the "Reply-To" header unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 139: This patch prevents this issue. Issue 140: The IMSS content filter may encounter performance issues when using certain kinds of expressions. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 140: This patch resolves the issue. Issue 141: A solution from the Japanese Version of IMSS 9.1 needs to be applied to the English Version. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 141: This patch applies the equivalent solution to ensure that the English and Japanese versions of IMSS 9.1 are in synchronization. Issue 142: Users cannot apply hot fixes through an external database using an FQDN. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 142: This patch ensures that users can apply hot fixes successfully through an external database using FQDN. Issue 143: IMSS stops processing email messages unexpectedly. When this situation occurs, the system only reprocesses email messages after restarting IMSS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 143: This patch ensures that IMSS processes email messages normally. Issue 144: Email Reputation Services (ERS) and IP filtering do not run properly in Red Hat 7.5. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 144: This patch ensures that ERS and IP filtering run normally in Red Hat 7.5. Issue 145: The imssd process stops unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 145: This patch upgrades the TmMsg module to the latest version to resolve this issue. Issue 146: The system runs out of resources while IMSS performs root cause analysis on the IMSS queue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 146: This patch upgrades the eManager(TM) module to fix this issue. Issue 147: Configuration replication fails in IMSS servers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 147: This patch enables the web console to limit the keyword expression in each group to 614,400 characters. This helps ensure that configuration replication proceeds normally on IMSS servers. Issue 148: Administrators observe that the IMSS eManager filter does not work. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 148: This patch upgrades the required module to resolve this issue. Issue 149: Smart Scan queries fail if the proxy server stops unexpectedly while restarting. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 149: This patch splits the "server_list" database file into four different database files in the "localservermgmt" folder to resolve this issue. Issue 150: If IMSS cannot connect to the Email Reputation Services (ERS) server during startup, the ERS feature will be disabled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 150: This patch enables IMSS to monitor the ERS server status if it was not reachable during startup. Once the ERS server recovers, IMSS will restart TmFoxFilter to automatically enable the ERS feature. Issue 151: The "Text Exemption Rules" feature does not work if the rule name contains wide-characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 151: This patch ensures the "Text Exemption Rules" feature works normally. Issue 152: eManager(TM) behaves abnormally when scanning base 64-encoded email samples that contain the "\n" new line character. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 152: This patch ensures the eManager can scan these email samples normally. Issue 153: The "Cloud Pre-Filter Status and Scheduled Maintenance Information" link in the "Cloud Pre-Filter" page of the IMSS web console is unavailable. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 153: This patch removes the "Cloud Pre-Filter Status and Scheduled Maintenance Information" link from the "Cloud Pre-Filter" page. Issue 154: It takes longer to query message tracking logs from the IMSS 9.1 console compared to the IMSS 7.1 console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 154: This patch ensures that users can query message tracking logs from the IMSS 9.1 web console normally. Issue 155: Sometimes, the Simple Network Management Protocol (SNMP) notification feature does not work. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 155: This patch ensures the SNMP notification feature works normally. Issue 156: IMSS does not purge quarantined files according to their expiration setting. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 156: This patch makes sure IMSS purges quarantined files according to their expiration setting. Issue 157: Some functions may not work on RedHat 6 or 7 because some modules have been updated. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 157: This patch ensures these functions works normally. Issue 158: IMSS intermittently stops submitting objects to Virtual Analyzer for sandboxing during a replication of a Control Manager configuration. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 158: This patch ensures that IMSS consistently submits objects to Virtual Analyzer. Issue 159: If the local server management module cannot access the database during initialization, it will not be able to work normally even after the database is back to normal. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 159: This patch ensures that the local server management feature works normally once the database is back to normal. Issue 160: The Attachment Content Filter does not work properly on certain iCalendar format files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 160: This patch updates eManagerFilter to resolve this issue. Issue 161: An issue prevents the Product Registration (PR) module from validating product Activation Codes (AC) correctly during Daylight Saving Time (DST). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 161: This patch upgrades the PR module to resolve this issue. Issue 162: Sometimes, the imssd process cannot start successfully after a pattern upgrade. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 162: This patch ensures that the imssd process can start successfully after a pattern upgrade. Issue 163: The web console may stop unexpectedly when users attempt to delete a large number of Keywords & Expressions. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 163: This patch prevents this issue. Issue 164: End User Quarantine (EUQ) digests are delivered late. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 164: This patch helps ensure that EUQ digests are sent out on time by updating the euqutil and ldapcache processes and providing a way to optimize the performance of these processes. To set a maximum number of threads for each EUQ database in the digest process: 1. Install this patch (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set it to the maximum number of threads: [general] DigestThrdNumPerEUQDB=10 4. Save the changes and close the file. Issue 165: After a child IMSS registers to a parent IMSS, the child adminUI may still be accessible. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 165: This patch ensures that users will be able to access the child IMSS adminUI only through the parent IMSS console. Issue 166: IMSS may not be able to generate cloud Pre-Filter reports. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 166: This patch resolves the issue to ensure that IMSS can generate cloud Pre-Filter reports normally. Issue 167: Dashboard display wrong after apply hf1843. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 167: This patch resolves this issue. Issue 168: When VSAPI returns a "BAD_FILE_ERR" or "BAD_ZIP_ERR" error, the file name is not recorded in the "%FILENAME%" variable. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 168: This Patch ensures that the information is stored successfully. Issue 169: IMSS is affected by certain vulnerabilities ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 169: This patch resolves the vulnerabilities. Issue 170: The IMSS manager automatically flushes email messages to the scanner after a pattern update. However, under certain conditions, IMSS does not flush the Postfix queue after a pattern update and when this happens, the email messages are delayed or not sent. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 170: This patch ensures IMSS always flushes the Postfix queue after a pattern update. 3. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com In addition to this Readme file, the documentation set for this product includes the following: - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining IMSS. - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying IMSS. - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining IMSS. - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. To access the Support Portal, go to http://esupport.trendmicro.com 4. System Requirements ======================================================================== Trend Micro recommends installing IMSS 9.1 before installing this patch. You can download the package from: http://www.trendmicro.com/download/ 5. Installation ======================================================================== This section explains key steps for installing the patch. NOTE: You must install this patch on all computers running IMSS if you are using distributed deployment mode. 5.1 Installing ===================================================================== To install: 1. Log on to the IMSS management console. 2. Go to "Administration > Updates > System & Applications". 3. Select the patch package and upload it. 4. After a few minutes, check the latest uploaded package information to make sure the management console successfully uploads the patch package to IMSS. 5. If you have set up a group of IMSS devices, select all child devices in the "Current status" section. Otherwise, select the parent device. 6. Click "Update". 7. If a group has been set up, wait for all child devices to finish updating before selecting the parent device in the "Current status" section. Otherwise, go to step 10. 8. Click "Update". 9. Wait for a few minutes and log on to the IMSS management console again. 10. Go to "Administration > Updates > System & Applications". 11. Verify that the "OS version"/"Application version" values for all items in the "Current status" section match the patch version. 12. Restart all IMSS devices as scheduled. NOTE: Once IMSS 9.1 patch 1 is installed, the hot fix installed before this patch cannot be rolled back. 5.2 Uninstalling ===================================================================== To roll back to the previous build: 1. Log on to the IMSS management console. 2. Go to "Administration > Updates > System & Applications". 3. Under "Host Name", click the name of the device you want to view. A summary screen appears, showing the updates and related log information. 4. Click "Rollback" to remove an update. 6. Post-Installation Configuration ======================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 7. Known Issues ======================================================================== 1. WARNING: To support TLS 1.2, IMSS has upgraded its NSS with newly-introduced RSA-PSS signatures. Users using OpenLDAP with NSS may need to upgrade NSS on the LDAP server machine. Otherwise, IMSS will not be able to connect to the LDAP server because the LDAP server will refuse to communicate with it. 2. The URL analysis feature of Virtual Analyzer does not support local SPS servers. 3. Users need to change the URL analysis setting to "bypass" or "apply to policy" before rollback; otherwise the policy "send URLs to Virtual Analyzer" could not work. 8. Release History ======================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 9. Files Included in This Release ======================================================================== Filename Build No. --------------------------------------------------------------------- aucmd 9.1.0.1323 certagent 9.1.0.1323 cgiCmdNotify 9.1.0.1323 close_handle_sh 9.1.0.1323 config.lua 9.1.0.1323 c_rehash 9.1.0.1323 db_maintain 9.1.0.1323 dkim 9.1.0.1323 dkim-genkey 9.1.0.1323 dkim-genzone 9.1.0.1323 dtasagent 9.1.0.1323 euqlimpexp 9.1.0.1323 euqop 9.1.0.1323 euqutil 9.1.0.1323 forceUpdate 9.1.0.1323 foxdns 9.1.0.1323 ibe_job_doer 9.1.0.1323 ibe_job_getter 9.1.0.1323 ibe_reg 9.1.0.1323 ibes 9.1.0.1323 imp_exp 9.1.0.1323 imssausched 9.1.0.1323 imssauutil 9.1.0.1323 imsscmagent 9.1.0.1323 imssd 9.1.0.1323 imssdps 9.1.0.1323 imssdump 9.1.0.1323 imssmgr 9.1.0.1323 imssmgrmon 9.1.0.1323 imssps 9.1.0.1323 imsstasks 9.1.0.1323 IpcCleaner 9.1.0.1323 is_euq_enable 9.1.0.1323 localservermgmt 9.1.0.1323 logtransfer 9.1.0.1323 openssl 9.1.0.1323 pack_tool 9.1.0.1323 passwd_util 9.1.0.1323 pemverify 9.1.0.1323 PolicyAgent 9.1.0.1323 prcmd 9.1.0.1323 purge_by_dbsize 9.1.0.1323 purge_scanner_info 9.1.0.1323 rc4 9.1.0.1323 rt_mail_traffic 9.1.0.1323 rtstat 9.1.0.1323 smtp_conn_agent 9.1.0.1323 soapclient 9.1.0.1323 tlsagent 9.1.0.1323 TmFoxFilter 9.1.0.1323 TmFoxProxy 9.1.0.1323 TmFoxPurgeLog 9.1.0.1323 TmFoxServiceOP 9.1.0.1323 wrsagent 9.1.0.1323 smart_reporter 9.1.0.1323 predata_gen 9.1.0.1323 dblog_janitor 9.1.0.1323 traffic_summary_gen 9.1.0.1323 libFilterAntiSpoof.so 9.1.0.1323 libpatch.so 9.1.0.1323 libGsoapClient.so 9.1.0.1323 libgssrpc.so 9.1.0.1323 libTMNotify.so 9.1.0.1323 libem_debug.so 9.1.0.1323 libssl3.so 9.1.0.1323 libssldap60.so 9.1.0.1323 liblogin.so 9.1.0.1323 libsmime3.so 9.1.0.1323 libpq.so 9.1.0.1323 libFilterSpsTmase.so 9.1.0.1323 libldif60.so 9.1.0.1323 libkdb5.so 9.1.0.1323 libImssPolicy.so 9.1.0.1323 libImssEncrypt.so 9.1.0.1323 liblogwtr.so 9.1.0.1323 libplc4.so 9.1.0.1323 libodbcinst.so 9.1.0.1323 libkrad.so 9.1.0.1323 libkadm5clnt.so 9.1.0.1323 libcrc0filter.so 9.1.0.1323 libtmau.so 9.1.0.1323 libldap60.so 9.1.0.1323 dtv_pdfcrypto.so 9.1.0.1323 libprldap60.so 9.1.0.1323 libFoxParser.so 9.1.0.1323 libopendkim.so 9.1.0.1323 icudata.so 9.1.0.1323 libxerces-c-3.1.so 9.1.0.1323 libnss3.so 9.1.0.1323 libPolicyCaller.so 9.1.0.1323 libicutoolutil.so 9.1.0.1323 libsqlite3.so 9.1.0.1323 libnssdbm3.so 9.1.0.1323 libIMSSjni.so 9.1.0.1323 libtmmsg.so 9.1.0.1323 libFilterEmgrPlugin.so 9.1.0.1323 libFilterWrs.so 9.1.0.1323 libTmIbeCryptoSdk.so 9.1.0.1323 libSSO_PKIHelper.so 9.1.0.1323 libcurl.so 9.1.0.1323 libEn_Utility.so 9.1.0.1323 libTrendAprWrapper.so 9.1.0.1323 liblowlib.so 9.1.0.1323 libodbcpsqlS.so 9.1.0.1323 libFilterAction.so 9.1.0.1323 libkrb5support.so 9.1.0.1323 libidn.so 9.1.0.1323 libdb-4.so 9.1.0.1323 libtmactupdate.so 9.1.0.1323 libcrypto.so 9.1.0.1323 libkadm5srv_mit.so 9.1.0.1323 libpcrecpp.so 9.1.0.1323 libicudt.so 9.1.0.1323 libPolicyUtility.so 9.1.0.1323 libFilterGraymail.so 9.1.0.1323 libtmpr.so 9.1.0.1323 libdb-4.8.so 9.1.0.1323 libpcre.so 9.1.0.1323 libodbc.so 9.1.0.1323 libtmlogwpr.so 9.1.0.1323 libkrb5.so 9.1.0.1323 libGsoapMtaClient.so 9.1.0.1323 libxml2.so 9.1.0.1323 libGuid.so 9.1.0.1323 libkadm5clnt_mit.so 9.1.0.1323 libem_helpr.so 9.1.0.1323 libodbcpsql.so 9.1.0.1323 liblogmgt.so 9.1.0.1323 libk5crypto.so 9.1.0.1323 libcme_dll.so 9.1.0.1323 libtmfbeng.so 9.1.0.1323 libplds4.so 9.1.0.1323 libfreeblpriv3.so 9.1.0.1323 libicudt18l.so 9.1.0.1323 libfreebl3.so 9.1.0.1323 libImssCrypto.so 9.1.0.1323 libnspr4.so 9.1.0.1323 libICRCHdler.so 9.1.0.1323 libtmprapi.so 9.1.0.1323 libICRCPerfLib_Cli.so 9.1.0.1323 libcom_err.so 9.1.0.1323 libdkim.so 9.1.0.1323 libtmprapid.so 9.1.0.1323 libImssRule.so 9.1.0.1323 libTMNotifymt.so 9.1.0.1323 libnsssysinit.so 9.1.0.1323 libdb.so 9.1.0.1323 libTmIntLog.so 9.1.0.1323 libcme_vxe_dll.so 9.1.0.1323 libdtsearch.so 9.1.0.1323 libProductLibrary.so 9.1.0.1323 liblogshr.so 9.1.0.1323 libstrl.so 9.1.0.1323 libustdio.so 9.1.0.1323 libicuuc.so 9.1.0.1323 libkadm5srv.so 9.1.0.1323 libEUQjni.so 9.1.0.1323 libicui18n.so 9.1.0.1323 libcme_vxe_dll_static.so 9.1.0.1323 libFilterVirus.so 9.1.0.1323 libtmufeng.so 9.1.0.1323 libnssckbi.so 9.1.0.1323 libgssapi_krb5.so 9.1.0.1323 libImssDKIM.so 9.1.0.1323 libxslt.so 9.1.0.1323 libmimepp.so 9.1.0.1323 libssl.so 9.1.0.1323 libImssCommon.so 9.1.0.1323 libFilterDkimEF.so 9.1.0.1323 libnssutil3.so 9.1.0.1323 libsysinfo.so 9.1.0.1323 libciuas32.so 9.1.0.1323 libexslt.so 9.1.0.1323 libImssDAO.so 9.1.0.1323 libTmFoxSocketLib.so 9.1.0.1323 libsoftokn3.so 9.1.0.1323 libapr-1.so 9.1.0.1323 libeuq.so 9.1.0.1323 libEmExpression.so 9.1.0.1323 libtmalc.so 9.1.0.1323 libverto.so 9.1.0.1323 libpcreposix.so 9.1.0.1323 liblogrdr.so 9.1.0.1323 libi18n.so 9.1.0.1323 policy_DDA_setting.jsp 9.1.0.1323 policy_DDA_server_mgmt.jsp 9.1.0.1323 DDAServer.class 9.1.0.1323 DDAServerDAO.class 9.1.0.1323 DDASetting.class 9.1.0.1323 ProcQueueQueryDAO.class 9.1.0.1323 DDAServerMgmtAction.class 9.1.0.1323 DDASettingAction$1.class 9.1.0.1323 DDASettingAction.class 9.1.0.1323 DdaSettingForm.class 9.1.0.1323 UrlSandBoxExemptWordsSetting.class 9.1.0.1323 RuleAttrWrsForm.class 9.1.0.1323 Constants.class 9.1.0.1323 RuleAttribute.class 9.1.0.1323 UrlSandBoxExemptWordsDAO.class 9.1.0.1323 XMLAttributes.class 9.1.0.1323 SessionKeys.class 9.1.0.1323 RuleAttrWrsAction.class 9.1.0.1323 Utility.class 9.1.0.1323 INIFile.class 9.1.0.1323 BifInfo.class 9.1.0.1323 BifInfo$1.class 9.1.0.1323 BifConnect.class 9.1.0.1323 BifConnect$1.class 9.1.0.1323 LogBaseAction.class 9.1.0.1323 rule_attr_wrs.jsp 9.1.0.1323 rule_attr_wrs_import.jsp 9.1.0.1323 url_sandbox_words_import.jsp 9.1.0.1323 url_sandbox_words_setting_home.jsp 9.1.0.1323 wrs_setting_home.jsp 9.1.0.1323 imss6Errors.properties 9.1.0.1323 imss6Errors_en.properties 9.1.0.1323 imss6Logs.properties 9.1.0.1323 imss6Logs_en.properties 9.1.0.1323 imss6Policy.properties 9.1.0.1323 imss6Policy_en.properties 9.1.0.1323 LogConst.class 9.1.0.1323 imss6Common_en.properties 9.1.0.1323 imss6Common.properties 9.1.0.1323 imss6Sql.properties 9.1.0.1323 imss6UIEvtLogs.properties 9.1.0.1323 imss6UIEvtLogs_en.properties 9.1.0.1323 imssOLH.properties 9.1.0.1323 imssOLH_en.properties 9.1.0.1323 imss6Backup.properties 9.1.0.1323 imss6Backup_en.properties 9.1.0.1323 imss.dat 9.1.0.1323 imss.root 9.1.0.1323 root.res 9.1.0.1323 apache 9.1.0.1323 php 9.1.0.1323 tomcat 9.1.0.1323 add_white_list.jsp 9.1.0.1323 smartsearch.dat 9.1.0.1323 dbscript.conf 9.1.0.1323 smtp_conn.jsp 9.1.0.1323 smtp_rule.jsp 9.1.0.1323 sys_patch_history.jsp 9.1.0.1323 sys_patch_progress.jsp 9.1.0.1323 imsa8WrsCategory.properties 9.1.0.1323 imsa8WrsCategory_en.properties 9.1.0.1323 imsa7patch_en.properties 9.1.0.1323 imsa7patch.properties 9.1.0.1323 PolicyLogs.class 9.1.0.1323 librule.so 9.1.0.1323 MsgTracing-0.2-py2.7.egg 9.1.0.1323 MsgTracing-0.2-py2.7.egg-info 9.1.0.1323 LogQueryPolDAO.class 9.1.0.1323 QtQueryDAO.class 9.1.0.1323 ProcQueueQueryForm.class 9.1.0.1323 ProcQueueQueryAction.class 9.1.0.1323 RuleAttrKeywordAction.class 9.1.0.1323 SmartProtectionScanServiceAction.class 9.1.0.1323 CommonParams.class 9.1.0.1323 ConditionAction.class 9.1.0.1323 LogQueryMsgDAO.class 9.1.0.1323 ConfigDomain.class 9.1.0.1323 DigestInlineActionAction.class 9.1.0.1323 EuqViewMessageAction.class 9.1.0.1323 EuqDistributionListAction.class 9.1.0.1323 sys_dkim_sign_setting_detail.jsp 9.1.0.1323 LogQueryIpDAO.class 9.1.0.1323 AdminUser.class 9.1.0.1323 prefilter_domain_list.jsp 9.1.0.1323 trend-style.css 9.1.0.1323 EuqMessagesAction.class 9.1.0.1323 logs_query_mtaevent.jsp 9.1.0.1323 RuleAttrSpamAction.class 9.1.0.1323 S99IMSS 9.1.0.1323 HttpTalk.php 9.1.0.1323 S99ADMINUI 9.1.0.1323 imssfunctions 9.1.0.1323 S99EUQ 9.1.0.1323 S99DTASAGENT 9.1.0.1323 Apache.sh 9.1.0.1323 semlock 9.1.0.1323 ComplianceTemplatesAction.class 9.1.0.1323 ExpressionAction.class 9.1.0.1323 FileAttributeAction.class 9.1.0.1323 KeywordListsAction.class 9.1.0.1323 QtEditAreaAction.class 9.1.0.1323 quarantines_settings_detail.jsp 9.1.0.1323 archive_settings_detail.jsp 9.1.0.1323 DetailReportAction.class 9.1.0.1323 RuleActionNotifyAction.class 9.1.0.1323 product_auth.php 9.1.0.1323 config.php 9.1.0.1323 RuleAttrAntiSpoofAction.class 9.1.0.1323 ldaprep-0.1-py2.7.egg 9.1.0.1323 ldaprep-0.1-py2.7.egg-info 9.1.0.1323 smtp_tls_certificate_add.jsp 9.1.0.1323 imss6System_en.properties 9.1.0.1323 imss6System.properties 9.1.0.1323 MTASettingAction$3.class 9.1.0.1323 MTASettingAction$24.class 9.1.0.1323 MTASettingAction$14.class 9.1.0.1323 MTASettingAction$8.class 9.1.0.1323 MTASettingAction$10.class 9.1.0.1323 MTASettingAction$6.class 9.1.0.1323 MTASettingAction$2.class 9.1.0.1323 MTASettingAction$21.class 9.1.0.1323 MTASettingAction$11.class 9.1.0.1323 MTASettingAction$12.class 9.1.0.1323 MTASettingAction$26.class 9.1.0.1323 MTASettingAction$16.class 9.1.0.1323 MTASettingAction$1.class 9.1.0.1323 MTASettingAction$7.class 9.1.0.1323 MTASettingAction$19.class 9.1.0.1323 MTASettingAction$4.class 9.1.0.1323 MTASettingAction$13.class 9.1.0.1323 MTASettingAction$25.class 9.1.0.1323 MTASettingAction$15.class 9.1.0.1323 MTASettingAction$18.class 9.1.0.1323 MTASettingAction$5.class 9.1.0.1323 MTASettingAction$17.class 9.1.0.1323 MTASettingAction$22.class 9.1.0.1323 MTASettingAction$23.class 9.1.0.1323 MTASettingAction.class 9.1.0.1323 MTASettingAction$20.class 9.1.0.1323 MTASettingAction$9.class 9.1.0.1323 tmpeEnum.xml 9.1.0.1323 DLPExpressionInterface.class 9.1.0.1323 ip_settings_conn_management.jsp 9.1.0.1323 MessageTracing.py 9.1.0.1323 euquarantine_settings.jsp 9.1.0.1323 rule_attr_true_file.jsp 9.1.0.1323 sync_slave_ldapcache.sh 9.1.0.1323 aumsg.0 9.1.0.1323 aumsg.932 9.1.0.1323 aumsg.936 9.1.0.1323 AuPatch 9.1.0.1323 expapply.so 9.1.0.1323 AdminAccountAction.class 9.1.0.1323 admin_auth.jsp 9.1.0.1323 IMSVA8.mib 9.1.0.1323 IMSVA8-V2.mib 9.1.0.1323 rule_attr_keyword_item.jsp 9.1.0.1323 ClickLogrec.class 9.1.0.1323 banner.png 9.1.0.1323 sys_patch.jsp 9.1.0.1323 LogQueryMsgAction.class 9.1.0.1323 logs_query_msg_details_imss.jsp 9.1.0.1323 sys_backup.jsp 9.1.0.1323 dkim_white_list_import.jsp 9.1.0.1323 logs_query_sysevent.jsp 9.1.0.1323 logs_query_qt_summary.jsp 9.1.0.1323 logs_query_policyevent.jsp 9.1.0.1323 logs_query_messageevent.jsp 9.1.0.1323 logs_query_filtering.jsp 9.1.0.1323 logs_query_click.jsp 9.1.0.1323 quarantines_query.jsp 9.1.0.1323 quarantines_postpone.jsp 9.1.0.1323 quarantines_archive.jsp 9.1.0.1323 procqueue_query.jsp 9.1.0.1323 postfix_queue_query.jsp 9.1.0.1323 adapter.js 9.1.0.1323 scanner.info 9.1.0.1323 BackupAction.class 9.1.0.1323 WizardImportAction.class 9.1.0.1323 RuleAttrCCCAAction.class 9.1.0.1323 RuleAttrGraymailAction.class 9.1.0.1323 DstServerListAction.class 9.1.0.1323 LogCollectionAction.class 9.1.0.1323 Postfix.class 9.1.0.1323 QtQueryAction.class 9.1.0.1323 rule_attr_keyword_list.jsp 9.1.0.1323 Proxy.php 9.1.0.1323 check_outboundIP.sh 9.1.0.1323 ProductRegAction.class 9.1.0.1323 smtp_tls_outgoing.jsp 9.1.0.1323 libICRCHdler.so.1 9.1.0.1323 libICRCPerfLib_Cli.so.1 9.1.0.1323 libSSO_PKIHelper.so.1 9.1.0.1323 libSSO_PKIHelper.so.1.0.0 9.1.0.1323 libTMNotify.so.1 9.1.0.1323 libTMNotifymt.so.1 9.1.0.1323 libTmIbeCryptoSdk.so.0 9.1.0.1323 libTmIbeCryptoSdk.so.0.0.0 9.1.0.1323 libapr-1.so.0 9.1.0.1323 libapr-1.so.0.1.1 9.1.0.1323 libattr.so.1 9.1.0.1323 libcap.so.1 9.1.0.1323 libcme_dll.so.0 9.1.0.1323 libcom_err.so.2 9.1.0.1323 libcom_err.so.3 9.1.0.1323 libcom_err.so.3.0 9.1.0.1323 libcrc0filter.so.1 9.1.0.1323 libcrypto.so.1.0.0 9.1.0.1323 libcrypto.so.4 9.1.0.1323 libcrypto.so.6 9.1.0.1323 libcurl.so.4 9.1.0.1323 libcurl.so.4 9.1.0.1323 libdlpEngine.so.0 9.1.0.1323 libexslt.so.0 9.1.0.1323 libexslt.so.0.8.17 9.1.0.1323 libgcc_s.so.1 9.1.0.1323 libgcrypt.so 9.1.0.1323 libgcrypt.so.11 9.1.0.1323 libgcrypt.so.11.8.5 9.1.0.1323 libgpg-error.so 9.1.0.1323 libgpg-error.so.0 9.1.0.1323 libgpg-error.so.0.21.0 9.1.0.1323 libgssapi_krb5.so.2 9.1.0.1323 libgssapi_krb5.so.2.2 9.1.0.1323 libgssrpc.so.4 9.1.0.1323 libgssrpc.so.4.2 9.1.0.1323 libi18n.so.1 9.1.0.1323 libicudata.so.51 9.1.0.1323 libicui18n.so.18 9.1.0.1323 libicui18n.so.18.1 9.1.0.1323 libicui18n.so.51 9.1.0.1323 libicutoolutil.so.18 9.1.0.1323 libicutoolutil.so.18.1 9.1.0.1323 libicuuc.so.18 9.1.0.1323 libicuuc.so.18.1 9.1.0.1323 libicuuc.so.51 9.1.0.1323 libidn.so.11 9.1.0.1323 libk5crypto.so.3 9.1.0.1323 libk5crypto.so.3.1 9.1.0.1323 libkadm5clnt_mit.so.9 9.1.0.1323 libkadm5clnt_mit.so.9.0 9.1.0.1323 libkadm5srv_mit.so.9 9.1.0.1323 libkadm5srv_mit.so.9.0 9.1.0.1323 libkdb5.so.7 9.1.0.1323 libkdb5.so.7.0 9.1.0.1323 libkeyutils.so.1 9.1.0.1323 libkrad.so.0 9.1.0.1323 libkrad.so.0.0 9.1.0.1323 libkrb5.so.3 9.1.0.1323 libkrb5.so.3.3 9.1.0.1323 libkrb5support.so.0 9.1.0.1323 libkrb5support.so.0.1 9.1.0.1323 liblber-2.3.so.0 9.1.0.1323 libldap-2.3.so.0 9.1.0.1323 liblogmgt.so.1 9.1.0.1323 liblogrdr.so.1 9.1.0.1323 liblogshr.so.1 9.1.0.1323 liblogwtr.so.1 9.1.0.1323 liblowlib.so.1 9.1.0.1323 libluabind.so.0.9.0 9.1.0.1323 libodbc.la 9.1.0.1323 libodbc.so.1 9.1.0.1323 libodbc.so.1.0.0 9.1.0.1323 libodbcinst.so.1 9.1.0.1323 libodbcinst.so.1.0.0 9.1.0.1323 libodbcpsql.la 9.1.0.1323 libodbcpsql.so.2 9.1.0.1323 libodbcpsql.so.2.0.0 9.1.0.1323 libodbcpsqlS.la 9.1.0.1323 libodbcpsqlS.so.1 9.1.0.1323 libodbcpsqlS.so.1.0.0 9.1.0.1323 libopendkim.so.9 9.1.0.1323 libopendkim.so.9.0.1 9.1.0.1323 libpcre.so.1 9.1.0.1323 libpcre.so.1.2.10 9.1.0.1323 libpcre.so.1.2.11 9.1.0.1323 libpcre.so.1.2.9 9.1.0.1323 libpcrecpp.so.0 9.1.0.1323 libpcrecpp.so.0.0.1 9.1.0.1323 libpcreposix.so.0 9.1.0.1323 libpcreposix.so.0.0.5 9.1.0.1323 libpcreposix.so.0.0.6 9.1.0.1323 libpq.so.5 9.1.0.1323 libpq.so.5.9 9.1.0.1323 libsasl2.so.2 9.1.0.1323 libssl.so.1.0.0 9.1.0.1323 libssl.so.4 9.1.0.1323 libssl.so.6 9.1.0.1323 libstdc++-libc6.2-2.so.3 9.1.0.1323 libstdc++.so.5 9.1.0.1323 libstdc++.so.6 9.1.0.1323 libstrl.so.1 9.1.0.1323 libstrl.so.1.0.0 9.1.0.1323 libtermcap.so.2 9.1.0.1323 libustdio.so.18 9.1.0.1323 libustdio.so.18.1 9.1.0.1323 libverto.so.0 9.1.0.1323 libverto.so.0.0 9.1.0.1323 libxml2.so.2 9.1.0.1323 libxml2.so.2.9.2 9.1.0.1323 libxslt.so.1 9.1.0.1323 libxslt.so.1.1.28 9.1.0.1323 libz.so.1 9.1.0.1323 webhelp 9.1.0.1323 10. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 11. About Trend Micro ======================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2019, Trend Micro Incorporated. All rights reserved. Trend Micro, InterScan, Control Manager, eManager, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: www.trendmicro.com/us/about-us/legal-policies/license-agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide