NEW: Service & Administration Tool

• ORF now officially supports Microsoft® Windows Server 2025
• A new action called Insert Security Banner has been added to the list of Accept & Modify filtering actions. It allows inserting a security notice into blacklisted emails to alert recipients to suspicious messages
• A new option has been added to the Accept & Modify filtering actions to send a copy of the email rather than redirecting it. This allows the original message to continue to its destination while also being delivered to an alternate recipient
• New local policy options are now available in the DMARC Test settings, providing the ability to filter emails when the author (From) cannot be verified due to a missing policy record or specific verification issues
• A new error type, "Vulnerable signature", has been added to the DKIM Error List. This entry is configurable when "Blacklist emails on neutral and permerror" is enabled in the DKIM Test settings. It currently targets DKIM signatures that use the potentially insecure "l=" (length) tag, as noted in RFC 6376, Section 8.2.
• The SPF Test log settings now include an option to record the queried domain's SPF record in related log messages
• A feedback window now appears after updating ORF, allowing you to easily share your thoughts with us

IMPROVED: Service & Administration Tool

• Greylisting logic has been enhanced to eliminate excessive delays caused by certain mail service providers (e.g., Google) that retry email delivery from different mail servers with varying IP addresses after the initial temporary rejection
• Data Source Names (DSN) are now displayed in the SQL External Database Configuration
• Updated SMTP response codes for the DKIM Test and DMARC Test
• Improved default SMTP responses for the DKIM Test "neutral" and "permerror" results
• Added DMARC author domain to the SMTP response field list
• Added a domain format check to the ARC Signing settings page

IMPROVED: Logging & Log Viewer

• Data Source Names (DSN) are now displayed in the Log Viewer for SQL connections
• Improved error handling when the Log Viewer is connected to a remote ORF service without remote administration rights
• DMARC Test logs now indicate when SPF and/or DKIM checks are skipped due to domain misalignment
• GeoIP database initialization failures are now recorded in the logs

CHANGE: Service & Administration Tool

• The "NiX Spam" service has been removed from the default DNS Blacklist configuration
• Greylisting now automatically removes database entries that have not received a delivery retry within 12 hours
• DKIM signatures using the "l" (length) tag now return a "neutral" error result to better align with RFC 6376, Section 8.2.
• IPv6 resolution is now enabled by default in the built-in DNS resolver
• The IPv6 parser now accepts the non-standard shortening of a single 16-bit zero field
• "None" results from DKIM and SPF checks are no longer added to Authentication-Results and ARC-Authentication-Results headers if the checks were skipped during DMARC testing
• The License Manager will no longer fall back to the Windows system proxy settings if Direct connection (no HTTP proxy) is configured in the HTTP Proxy Settings and the connection fails
• The Import button in the HTTP Proxy Settings window has been repositioned and redesigned. It now also supports importing proxy settings from the Windows system settings
• The Web Access test on the Information > Status page now verifies both HTTP and HTTPS connections

CHANGE: Logging & Log Viewer

• DNS lookup errors occurring during ARC Signing are no longer logged

BUGFIXES: Service & Administration Tool

• A file creation error (EFCreateError) could prevent saving the configuration or completing installation
• Fixed a bug in the SPF Test module that could cause IPv6-originating emails to fail SPF verification when ORF’s built-in DNS resolver handled A, MX, PTR, or %{i} lookups returning AAAA records
• Domain names with specific syntax errors could trigger a DMARC verification error during processing
• DKIM "neutral" and "permerror" entries were missing from the Authentication-Results and ARC-Authentication-Results header
• SMTP responses configured in Custom Actions on the Filtering > Actions page were being overwritten by the SMTP responses defined in the Default Action settings
• When remotely connected to the ORF service, opening the Pending Submissions queue while it contained a GeoIP Blacklist entry resulted in an error
• The "Search in logs..." feature of the User-Defined URL Blacklist did not utilize the defined Comment field to locate related event records in the logs
• License expiration notifications that appear in the Notifications area were created with an incorrect timestamp
• Restarting the ORF service could occasionally trigger a license check error in Demo Mode
• The Repair feature on External Database Configuration > Management ignored "UPDATE" statement errors
• On some systems, the Network Settings page failed to display the DNS and HTTP proxy configuration summaries

BUGFIXES: Logging & Log Viewer

• The Resend feature of the Attachment Quarantine failed to group attachments by their original emails before releasing them
• Errors related to the Auto Sender Whitelist, Directory Harvest Attack (DHA), Greylisting, and Honeypot Test were not included in the corresponding email event group
• In Demo Mode, event records were incorrectly grouped in certain scenarios
• GeoIP Blacklist hits in Test Mode polluted the logs with error messages

Fixed some keyboard shortcuts

-