<<USE COURIER REGULAR 10 FONT IF YOU WOULD LIKE TO PRINT THIS DOCUMENT>>

  Trend Micro Incorporated                                April 17, 2020

  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Trend Micro(TM) ScanMail(TM) for Microsoft(TM) Exchange(TM) 14
                           Patch 3 Build 3031
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTICE: This Readme file was current as of the date above. However,
            all customers are advised to check Trend Micro's website for
            documentation updates.

            GM release documentation:
            http://docs.trendmicro.com

            Patch/Service Pack release documentation:
            http://www.trendmicro.com/download


    TIP:    Register online with Trend Micro within 30 days of
            installation to continue downloading new pattern files and
            product updates from the Trend Micro website. Register
            during installation or online at:

            https://clp.trendmicro.com/FullRegistration?T=TM


     Contents
     ==========================================================

     1.  About ScanMail (for Microsoft Exchange)
         1.1 Overview of This Release
         1.2 Who Should Install This Release
     2.  What's New
         2.1 Enhancements
         2.2 Resolved Known Issues
     3.  Documentation Set
     4.  System Requirements
     5.  Installation
         5.1 Installing
         5.2 Uninstalling
     6.  Post-Installation Configuration
     7.  Known Issues
     8.  Release History
     9.  Files Included in This Release
     10. Contact Information
     11. About Trend Micro
     12. License Agreement

     ==========================================================


  1. About ScanMail (for Microsoft Exchange)
  ======================================================================
     ScanMail protects Exchange Server 2019, Exchange Server 2016, and
     Exchange Server 2013. Use the ScanMail installation program to
     quickly install ScanMail to one or more, local or remote, Exchange
     servers. Once installed, ScanMail can protect your servers in real
     time against viruses/malware, Trojans, worms, and spyware/grayware.
     ScanMail sustains business and network integrity by screening out
     spam messages and messages containing undesirable or unwanted
     content. ScanMail monitors and protects sensitive information that
     is traveling across your network.


     1.1 Overview of This Release
     ===================================================================
     ScanMail (for Microsoft Exchange) 14 Patch 3 consolidates all
     solutions to issues resolved after the release of ScanMail for
     Microsoft Exchange 14 build.


     1.2 Who Should Install This Release
     ===================================================================
     You should install this Patch if you are currently running
     ScanMail (for Microsoft Exchange) 14 build.


  2. What's New
  ======================================================================
     NOTE: Please install the Patch before completing any procedures in
           this section (see "Installation").


     This patch addresses the following issues and includes the
     following enhancements:

     2.1 Enhancements
     ===================================================================
     The following enhancements are included in this release:

     Enhancement 1: Integration with Cloud App Security - This patch 
                    enables ScanMail to integrate with Trend Micro Cloud
                    App Security to provide visibility and resend 
                    capability of quarantined logs from one or more 
                    ScanMail servers on Cloud App Security.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Enhancement 2: Data Loss Prevention Identifiers - This patch 
                    supports file attribute detection in Data Loss 
                    Prevention.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Enhancement 3: Quarantine - This patch provides an option for users
                    to configure whether quarantined messages need Web 
                    Reputation rescanning before being sent.
     Procedure 3:   To configure this feature:
                    1. Install this patch (see "Installation").

                    2. Open the Registry Editor.

                    3. Locate the following key and set the preferred 
                    value:
                    
                    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for                 
                          Exchange\CurrentVersion                        
                    Key:  EnableResendWithWRSUI
                    Type: REG_DWORD                      
                    Data value: 
                    "1" = ScanMail shows the option to support Web 
                          Reputation protection when resending a 
                          quarantined message                     
                    "0" = ScanMail does not show the option to support 
                          Web Reputation protection when resending a 
                          quarantined message (default)         
                    

     2.2 Resolved Known Issues
     ===================================================================
     This release resolves the following issues:

     Issue 1:     [SEG-56061][Hotfix 3008]
                  When "SpecialUser/Groups" is configured in ScanMail 
                  filters, memory leak may happen in ScanMail.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 1:  This patch updates the cache to prevent the memory 
                  usage issue.

     Issue 2:     [SEG-63660][Hotfix 3009]
                  In certain environments, one SQL instance may contain
                  a large number of ScanMail databases. This causes 
                  performance issues while ScanMail checks the database 
                  connection and runs SQL queries 
                  ["SELECT COUNT(TABLE_NAME) as num FROM 
                  INFORMATION_SCHEMA.TABLES"] from the system view.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 2:  This patch enables ScanMail to run the queries 
                  from the database itself (instead of running the 
                  queries from the system view) to help prevent the 
                  performance issues.

     Issue 3:     [SEG-70457][Hotfix 3010]
                  Quarantine Maintenance is prevented from deleting some
                  files that were quarantined by the "Quarantine message
                  part" action from the quarantine folder.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 3:  This patch ensures that Quarantine Maintenance can 
                  successfully delete files that were quarantined by the
                  "Quarantine message part" action from the quarantine 
                  folder.

     Issue 4:     [SEG-67814][Hotfix 3011]
                  Under certain conditions, ScanMail may not be able to 
                  register successfully to Trend Micro Apex Central(TM) 
                  through port 443.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 4:  This patch resolves the issue by enabling ScanMail 
                  to apply the test connection settings in the ini
                  file of Trend Micro Control Manager(TM) when testing 
                  the connection to Apex Central. 

     Issue 5:     [SEG-67397][Hotfix: NA]
                  When detecting New Spam resources is enabled, URL 
                  Time-of-Click protection does not rewrite URLs except 
                  newly born URLs and unrated URLs.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 5:  This patch ensures that the URLs are rewritten.

     Issue 6:     [SEG-69405][Hotfix: NA]
                  After ScanMail quarantines a message, the log may not 
                  be inserted into the database. Therefore, users cannot
                  find the log from quarantined logs.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 6:  This patch ensures that the log is inserted into the 
                  database successfully. 

     Issue 7:     [SEG-64877][Hotfix 3019]
                  An issue related to the parsing function of the
                  dtSearch module prevents ScanMail for Microsoft
                  Exchange from detecting keywords.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 7:  This patch resolves the issue by updating dtSearch to
                  the latest version.

     Issue 8:     [SEG-67801/SEG-63413][Hotfix: NA]
                  Hotfix 14.0.0.1340 provides a way for users to 
                  configure the types of unscannable message parts logs
                  that ScanMail sends to the Apex Central server. 
                  Users request to implement this feature to the UI of
                  the ScanMail web console.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 8:  This patch implements the hidden keys to ScanMail web 
                  console under Administration -> Apex Central Settings
                  -> Unscannable Message Parts Logs. On this UI, users 
                  can select the types of unscannable message parts logs
                  sent to Apex central.

     Issue 9:     [SEG-72957][Hotfix 3014]
                  Microsoft packaged a password protected document as a 
                  .doc file. When uses check the box to allow password 
                  protected Office documents and block .doc files, 
                  password protected Office documents will be blocked.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 9:  When ScanMail detects .doc files, ScanMail will first
             	  skip password protected documents. And then ScanMail 
 		  will block password protected documents only if the
		  users check the box to allow password protected 
                  Office documents.


  3. Documentation Set
  ======================================================================
     To download or view electronic versions of the documentation set
     for this product, go to http://docs.trendmicro.com

     In addition to this Readme file, the documentation set for this
     product includes the following:

     - Online Help: The Online Help contains an overview of features
       and key concepts, and information on configuring and
       maintaining ScanMail (for Microsoft Exchange).

       To access the Online Help, go to http://docs.trendmicro.com

     - Installation Guide (IG): The Installation Guide contains
       information on requirements and procedures for installing and
       deploying ScanMail (for Microsoft Exchange).

     - Administrator's Guide (AG): The Administrator's Guide contains
       an overview of features and key concepts, and information on
       configuring and maintaining ScanMail (for Microsoft Exchange).

     - Support Portal: The Support Portal contains information on
       troubleshooting and resolving known issues.

       To access the Support Portal, go to
       http://esupport.trendmicro.com


  4. System Requirements
  ======================================================================
     There are no changes to the system requirements in the ScanMail
     (for Microsoft Exchange) 14 readme file.


  5. Installation
  ======================================================================
     This section explains key steps for installing.

     - This Patch supports remote and multi-server deployment.

     - This Patch automatically restarts the following services on both
       Normal and Cluster Servers:

       - ScanMail (for Microsoft Exchange) Master Service
       - ScanMail (for Microsoft Exchange) Remote Configuration Server
       - ScanMail (for Microsoft Exchange) System Watcher
       - ScanMail EUQ Monitor
       - Microsoft Exchange Transport
       - MOM service
       - HealthService service

     - To install or uninstall this Patch, you must have at least
       local administrator and domain user privileges.


     5.1 Installing
     ===================================================================
     To install:

     1. Log on using an account with local administrator and domain user
        privileges.

     2. Run "smex_140_win_en_patch3_b3031.exe" and select "Install".

        The framework automatically installs the Patch to the
        appropriate directory, replaces the outdated files, and updates
        the database.

        The "Successfully completed" count increases upon the completion
        of the installation.

     3. Clear the browser cache and re-launch the browser.


     5.2 Uninstalling
     ===================================================================
     To roll back to the previous build:

      - run "smex_140_win_en_patch3_b3031.exe" and select
        "uninstall";

     The framework automatically rolls back to the previous build and
     a confirmation message indicating a successful uninstallation is
     displayed on the setup screen.


  6. Post-Installation Configuration
  ======================================================================
     No post-installation steps are required.

     NOTE: Trend Micro recommends that you update your scan engine and
           virus pattern files immediately after installing the product.


  7. Known Issues
  ======================================================================
     There are no known issues in this release.


  8. Release History
  ======================================================================
     For more information about updates to this product, go to:

     http://www.trendmicro.com/download

     ScanMail 12.0 for Microsoft Exchange                 March 2016
     ScanMail 12.0 for Microsoft Exchange Service Pack 1  November 2016
     ScanMail 12.5 for Microsoft Exchange                 November 2017
     ScanMail 12.5 for Microsoft Exchange Service Pack 1  August 2018
     ScanMail 14.0 for Microsoft Exchange                 June 2019
     ScanMail 14.0 for Microsoft Exchange Patch 1         September 2019
     ScanMail 14.0 for Microsoft Exchange Patch 2         December 2019

     8.1 Patch 1
     ===================================================================

     8.1.1 Enhancements
     ===================================================================
     The following enhancements are included in this release:

     Enhancement 1: [SEG-52055]
                    Attachment Blocking Filter and Virtual Analyzer -
                    This patch enables users to configure ScanMail to
                    detect PDF files with embedded scripts through the
                    attachment blocking filter settings and in Virtual
                    Analyzer.

     Enhancement 2: Approved List - This patch provides global approved
                    list feature to enable ScanMail to bypass all
                    scanning for specific senders and recipients.

     Enhancement 3: [SEG-42090]
                    Security Risk Filter - This patch allows users to
                    create an approved list of file extension name(s)
                    such as "jretk" for the Security Risk filter.

     Enhancement 4: TrendX - This patch enables ScanMail to support
                    Signature extraction in TrendX.

     Enhancement 5: ScanMail Configuration - This patch migrates some
                    common hidden keys to the web console to allow users
                    to configure the related feature from the ScanMail
                    web console.

     Enhancement 6: Data Loss Prevention Template - This patch updates
                    the Data Loss Prevention(TM) (DLP) template to
                    version 3.1.1036.

     Enhancement 7: [SEG-45978] [SEG-52236] [Hotfix 2041]
                    Content Violation Logs - This patch enables ScanMail
                    to send unscannable message parts logs to
                    Trend Micro Control Manager(TM). These logs will
                    appear under Content Violations logs.

     NOTE:          For the solution to work, you need to apply
                    "tmcm_70_patch1_win_en_hfb3097.zip" onto Control
                    Manager 7 first. The hotfix can be downloaded from
                    the following link:

       https://fix-int.trendmicro.com/product/10/release/429/hotfix/9828

     Enhancement 8: [SEG-47536] [Hotfix 2046]
                    Log Queries - ScanMail uses the Envelope Sender of
                    an email message as the Mail Sender in some features
                    and stores this information in the database. This
                    means that Envelop Sender will appear as the sender
                    information in Log Query results. This patch
                    provides an option for users to configure ScanMail
                    to use and store the address from the "From" header
                    for the sender information.
                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Procedure 8:   To configure this feature:

                    1. Install this patch (see "Installation").
                    2. Open the Registry Editor.
                    3. Locate the following key and set the preferred
                       value:
                       - Path: HKLM\SOFTWARE\TrendMicro\ScanMail for
                         Exchange\CurrentVersion
                       - Key: UseHeaderSenderInLog
                       - Type: REG_DWORD
                       - Data value:
                         - "0" = ScanMail uses and stores the envelope
                                 sender of an email message as the mail
                                 sender (default).
                         - "1" = ScanMail uses and stores the
                                 information in the "From" header as the
                                 mail sender.
                    4. Restart the ScanMail service.

     Enhancement 9: [SEG-54685] [JP Hotfix 2641]
                    Email Scans - ScanMail cannot scan deleted email
                    messages in the Recoverable Folder in Exchange 2013
                    and Exchange 2016. This patch provides an option
                    to configure ScanMail to scan deleted email messages
                    in the Recoverable Folder.
                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Procedure 9:   To configure this feature:

                    1. Install this patch (see "Installation").
                    2. Open the Registry Editor.
                    3. Locate the following key and set the preferred
                       value:
                       - Path: HKLM\SOFTWARE\TrendMicro\ScanMail for
                               Exchange\CurrentVersion
                       - Key: SkipScanDeletedRecoverableFolder
                       - Type: REG_DWORD
                       - Data value:
                         - "1" = ScanMail does not scan deleted email
                                 messages in the Recoverable Folder
                                 (default).
                         - "0" = ScanMail scans deleted email messages
                                 in the recoverable folder.
                    4. Restart the ScanMail service.


     8.1.2 Resolved Known Issues
     ===================================================================
     This release resolves the following issues:

     Issue 1:     [SEG-50638] [Hotfix 1311]
                  The System Watcher service closes immediately after
                  starting or restarting.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 1:  This patch ensures that the System Watcher service
                  runs normally.

     Issue 2:     [SEG-51208] [Hotfix 1310]
                  Users encounter the following issues while running a
                  Quarantine Query on a remote server(s):
                  - After users delete a message from the quarantine
                    folder using the "Delete" button, the confirmation
                    pop up and progress bar appear, but the message
                    remains in the query results and in the quarantine
                    folder.
                  - If a query returns multiple pages of results,
                    clicking the next page arrow resets the page view.
                  - When users click the "Search", "Delete" or
                    "Resend" button, the "Selected Server(s)" and
                    "Available Server(s)" lists are displayed empty.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 2:  This patch resolves these known issues.

     Issue 3:     [SEG-47942] [Hotfix 2037]
                  When users send time-of-click (TOC) log queries to
                  remote servers and filter results by URL, the query
                  results still display all TOC logs, but those sent to
                  local servers can filter the results normally. This
                  happens because the URL filter is not carried to the
                  remote server so remote servers respond with all TOC
                  logs.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 3:  This patch adds the URL parameter in the remote query
                  function to resolve this issue.

     Issue 4:     [SEG-47788]
                  Exchange email messages cannot be detected as internal
                  messages so that system email messages are sent to
                  Trend Micro Deep Discovery Analyzer for analysis.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 4:  This patch prevents ScanMail from sending system-
                  generated email messages to Deep Discovery Analyzer.

     Issue 5:     [SEG-43197]
                  Manual Scan takes a long time to complete when the
                  "Scan messages that have not been scanned" option is
                  enabled.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 5:  This patch ensures that manual scans run normally with
                  the option.

     Issue 6:     [SEG-48122] [Hotfix 2040]
                  ScanMail may encounter a mail loop issue when the
                  "Submit email messages to Virtual Analyzer" option is
                  enabled simultaneously with the URL rewrite feature.
                  This happens when ScanMail cannot verify if the URL
                  has already been rewritten or not, and keeps
                  attempting to rewrite the URL.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 6:  This patch resolves this known issue.

     Issue 7:     [SEG-42320] [Hotfix 1823]
                  An issue prevents ScanMail for Microsoft Exchange from
                  running certain database operations that contain
                  datetime information on some Microsoft Windows(TM)
                  platforms.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 7:  This patch resolves the issue by changing the datetime
                  format in the affected database operations.

     Issue 8:     [SEG-48497] [Hotfix 2045]
                  Users cannot delete items from a mailbox using the
                  Search & Destroy function because certificate
                  validation by EWS Managed API is not successful.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 8:  This patch ensures that certificate validation by
                  EWS Management API completes successfully.

     Issue 9:     [SEG-53244] [Hotfix 2045]
                  The TrendMicro Site Safety Center URL
                  "http://reclassify.wrs.trendmicro.com" in the "Web
                  Reputation Filter" page of the ScanMail web console
                  cannot be accessed.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 9:  This patch updates the TrendMicro Site Safety Center
                  URL on the page to
                  "https://global.sitesafety.trendmicro.com".

     Issue 10:    [SEG-52663]
                  The "Take action on unrated URLs" option in the Web
                  Reputation settings is disabled automatically when
                  the "Enable URL Analysis" option is enabled.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 10: This patch ensures that the "Take action on unrated
                  URLs" option in the Web Reputation settings can be
                  enabled successfully when the "Submit email messages
                  to Virtual Analyzer" or "Enable URL Analysis" is
                  disabled.

     Issue 11:    [SEG-53238] [Hotfix 1321]
                  The ScanMail 14 Online Help page redirects to
                  ScanMail 12.5 pages.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 11: This patch ensures that the Online Help page redirects
                  to the correct pages.

     NOTE:        Clear your browser cache and log in to ScanMail again
                  after applying this patch.

     Issue 12:    [SEG-51440] [Hotfix 2044]
                  A URL extracted from an email message with text/plain
                  content type but is in RTF format may not contain the
                  "\line" RTF flag and may be rewritten. When this
                  happens, the email message will not display correctly.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 12: This patch enables ScanMail to correctly identify that
                  a plain text email message that starts with an RTF
                  flag is in RTF format. This allows ScanMail to skip
                  rewriting URLs in this kind of email messages.

     Issue 13:    [SEG-51783]
                  The DLP policy exception does not work if other
                  non-exception addresses are listed.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 13: This patch resolves the issue by adding a boundary
                  match and a condition to decide whether to retrieve
                  the recipient information from an email message.

     Issue 14:    [SEG-57951]
                  The following issues have been discovered in ScanMail:

                  1. The following System Event settings cannot be
                     replicated through the "Server Management" page of
                     the web console or through Control Manager.

                     - Predictive Machine Learning service was
                     - Writing Style service was

                  2. The "Apply All" button on the Notification Settings
                     section of the Administration web console does not
                     work on the following alert settings:

                     - System Event Predictive Machine Learning service
                       was
                     - Writing Style service was
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 14: This patch ensures that both System Event settings can
                  be replicated through the "Server Management" page and
                  the Control Manager web console. This patch also
                  ensures that the "Apply All" button works on both
                  alert settings.

     8.2 Patch 2
     ===================================================================

     8.2.1 Enhancements
     ===================================================================
     The following enhancements are included in this release:

     Enhancement 1: [SEG-60644][SEG-63413]
                    This patch enables administrator to configure the
                    type of unscannable message log ScanMail sends to
                    Trend Micro Control Manager (TMCM).
                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Procedure 1:   To configure this feature:
                    1. Install this patch (see "Installation").
                    2. Open Registry Editor.
                       a. Locate the following key and set the preferred
                          values as follows:

                          - Path: HKLM\SOFTWARE\TrendMicro\ScanMail for
                                  Exchange\CurrentVersion
                          - Key: SkipSendUnscannableMessageLogToCM
                          - Type: REG_DWORD
                          - Data value:
                            - "0" = enable ScanMail to send unscannable
                                    message parts log to Control Manager
                                    (default).
                            - "1" = disable ScanMail to send
                                    unscannable message parts log to
                                    Control Manager.

                          Note: If SkipSendUnscannableMessageLogToCM is
                                set to 1, skip step b.

                       b. If SkipSendUnscannableMessageLogToCM is not
                          configured or set to 0, locate the following
                          key and set the preferred value:

                          - Path: HKLM\SOFTWARE\TrendMicro\ScanMail for
                                  Exchange\CurrentVersion
                          - Key:UnsupportMessageTypesSendToCM
                          - Type: REG_SZ
                          - Data value:
                            - "1;2;3;4" = (default) ScanMail sends all
                                          types of unscannable message
                                          logs to Trend Micro Control
                                          Manager.

                          NOTE: Separate unscannable message log type by
                                a semi-colon (;)
                                - 1 represents "Encrypted email
                                    messages".
                                - 2 represents "Encrypted and password
                                    protected files".
                                - 3 represents "Files outside of scan
                                    restriction criteria".
                                - 4 represents "Unsupported or corrupted
                                    files"

                    3. Restart the ScanMail service.

     Enhancement 2: This patch enables ScanMail to integrate with Trend
                    Micro Cloud App Security to provide visibility of
                    policy violation logs from one or more ScanMail
                    servers on Cloud App Security.


     8.2.2 Resolved Known Issues
     ===================================================================
     This release resolves the following issues:

     Issue 1:     [SEG-58468][Hotfix 1335]
                  Hebrew file names do not display correctly in the Deep
                  Discovery Analyzer web console.

                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 1:  When attachment file names are encoded in base64, wide
                  characters are transformed to UTF-8 before encoding.
                  However, during base64 decoding, the function that
                  transforms multibyte characters to wide characters is
                  called instead of the one that transforms UTF-8
                  characters to wide characters. As a result, Hebrew
                  file names cannot be displayed correctly in the Deep
                  Discovery Analyzer web console.

                  This patch ensures that the correct function, that
                  transforms UTF-8 to wide characters, is called while
                  decoding attachment file names in base64, and thus
                  display the Hebrew file names correctly.

     Issue 2:     [SEG-62061][Hotfix 1337]
                  TrendX scan results on the ScanMail for Exchange
                  console may not contain information on viruses
                  detected in OLE layers because the scan results are
                  released before the final scan results are recorded.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 2:  This patch ensures that TrendX scan results are
                  released only after the final scan results are
                  recorded, so that the viruses detected in OLE layers
                  appear as detected using TrendX in scan results.

     Issue 3:     [SEG-59825]
                  When resending the email with original quarantined
                  email as attachment, the quarantined email triggers
                  Advanced Spam Prevention rule, and as a result, the
                  attachment becomes a document file.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 3:  This patch resolves this known issue.

     Issue 4:     [SEG-63222]
                  The numbers of DDAN submissions are sometimes
                  mismatched between the ScanMail web console and the
                  DDAN web console.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 4:  This issue is caused by inappropriate handling method
                  on 0 size attachment.

                  This patch resolves this known issue.

     Issue 5:     [VRTS-3703]
                  Code Injection vulnerability in OpenSSL/libcurl is
                  caused by a non-privileged user or program that can
                  put code and a config file in a known non-privileged
                  path and make cURL automatically run the code (as an
                  OpenSSL "engine") on invocation. If that cURL is
                  invoked by a privileged user, it can do anything that
                  it is designed to perform.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 5:  This patch updates Trend Micro common modules to fix
                  this known issue.

     Issue 6:     [SEG-59268]
                  Trend Micro Apex Central(TM) identifies and searches
                  for connected ScanMail servers using hostname only,
                  and not by FQDN or IP address. However, this method is
                  not ideal for large environments that contain several
                  domains where some suffixes are not in the
                  dns-suffix-search-list.
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Solution 6:  This patch enables Apex Central to identify connected
                  ScanMail servers using FQDN.


  9. Files Included in This Release
  ======================================================================
     This is a full package release. Detail files list refer to ScanMail
     (for Microsoft Exchange) 14 installation package.


  10. Contact Information
  ======================================================================
     A license to Trend Micro software usually includes the right to
     product updates, pattern file updates, and basic technical support
     for one (1) year from the date of purchase only. After the first
     year, you must renew Maintenance on an annual basis at
     Trend Micro's then-current Maintenance fees.

     Contact Trend Micro via fax, phone, and email, or visit our website
     to download evaluation copies of Trend Micro products.

     http://www.trendmicro.com/us/about-us/contact/index.html

     NOTE: This information is subject to change without notice.


  11. About Trend Micro
  ======================================================================
     Smart, simple, security that fits

     As a global leader in IT security, Trend Micro develops innovative
     security solutions that make the world safe for businesses and
     consumers to exchange digital information.

     Copyright 2020, Trend Micro Incorporated. All rights reserved.

     Trend Micro, ScanMail, Control Manager, Data Loss Prevention,
     OfficeScan, eManager and the t-ball logo are trademarks of
     Trend Micro Incorporated and are registered in some jurisdictions.
     All other marks are the trademarks or registered trademarks of
     their respective companies.


  12. License Agreement
  ======================================================================
     View information about your license agreement with Trend Micro at:

     http://www.trendmicro.com/us/about-us/legal-policies/
          license-agreements

     Third-party licensing agreements can be viewed:

     - By selecting the "About" option in the application user interface

     - By referring to the "Legal" page of the Administrator's Guide
