IPAD 4.0 New Feature List
There are many changes in IPAD 4.0
which include improvements in function, speed and reliability. Major
advancements have been made to help fight spam and to make the IPAD more
available for your legitimate email users with less maintenance time from
The following is a short list of the changes between IPAD 3.0 and IPAD
4.0. A more complete list including all of the details will be included
with your IPAD 4.0 distribution
New 4.0 Features |
Web Manager Changes |
IPAD-OS Boot Loader
Bugs Fixed in version 4.00,
SMTP Email Server
- The mail server will now evenly spread all mail delivery retry
attempts over the rescan period instead of all at once each rescan
interval. This makes the overall flow of mail through an IPAD feel much
smoother even when there are a lot of undeliverable messages. For this
reason it is best to have the rescan interval set much higher than the
- The IPAD's mail server is now much better about cleaning up orphan
files which get stuck in the working directories. These can be partial
files placed onto the mail server by external servers or even
undeliverable bad mail. The files will eventually age out and be erased
without any need for intervention on your part.
- The IPAD takes a much stricter interpretation of 5xx errors in SMTP.
Prior versions required a 5xx from the last MX -- and tried all of them
which may trigger the new anti-spam facilities at Yahoo! We now quit
after the first 5xx error. The original behavior can be restored with a
command line option.
- New back-off logic has been implemented in SMTP. Messages which have
been retried four times go to an "extended hold" queue, which
is retried on every fourth interval.
- Alternate SMTP port. Many Internet service providers, large dialup
providers, DSL and cable providers are filtering port 25 (SMTP) to
prevent trespass SPAM. The IPAD SMTP server will listen on port 25 (SMTP
standard) and one optional extra port of your choosing. Virtually all e
mail clients allow you to set the SMTP port to something other than the
default, bypassing the port 25 filter at the local user connection.
- Added alternate SMTP port support to Multidrop and Mirrored-mail
service. This allows the IPAD to connect to a remote SMTP server to send
mail using a TCP port other than the standard port 25.
- When using a relay host, you may specify an alternate SMTP port
number for outbound mail. This allows a Mirrored mail system to work
when the bandwidth provider blocks traffic on port 25.
- POP before SMTP and SMTP-AUTH. This version supports both SMTP-AUTH
and POP-before-SMTP authentication. Authentication deals mostly with
relay permissions, not with normal incoming mail. When someone checks
their mailbox via POP3, their email address is authenticated for a short
period of time. The timer is reset on any SMTP and POP3 activity from
their IP address. SMTP-AUTH authorizes the current IP for the current
session plus a short time. Three authentication methods are supported:
PLAIN, LOGIN and CRAM-MD5, chosen to cover the majority of available
mail clients. The user name and password are taken from the user's POP3
statement in MAILAUTH. Authenticated users are exempt from DNSBL
checking (which means you may use a DNSBL that lists dialup ports!).
Authenticated users are exempt from IP-based relay permits (you may now
use IP based relay permissions!). Authenticated users are exempt from
Rate-Limiting (see below).
- Anti-SPAM Rate Limiting. To prevent "dictionary based"
address trolling (and block SPAM directly), the IPAD can detect
dictionary attack patterns of activity, and slow down the transfer of
mail from the offending host. If this is legitimate mail, it will simply
be slowed. On the other hand, address trollers and spammers will get
"too busy" responses for all addresses, valid or otherwise. A
"rate limited" counter appears on the console "stat
act" command, and counters for graphing are exposed for MRTG and
other SNMP packages.
- SMTP sessions on the IPAD console (and in STAT ACT CONSOLE) now show
the anti-spam status on the session:
- aSMTP fm -- authenticated during a prior session (probably POP3)
- ASMTP fm -- authenticated via SMTP-AUTH
- bSMTP fm -- blackholed (DNSBL'ed or local black listing)
- rSMTP fm -- rate-limited (421 too busy)
- Normal inbound sessions will show "SMTP fm"
(This can be handy when looking at the IPAD console mail sessions, but
the mail counters are not changing.)
- The SMTP received header now contains much more information from the
SMTP envelope -- making it easier to analyze SPAM. The SMTP header now
shows the reverse-DNS name and the envelope header on the first received
Received from: <helo-name> (reverse-dns name [ip]
The reverse DNS name will help identify
spammers, and the envelope-from will give you the correct
"REJFROM" to block future mail from this sender.
- Modified RSCAN logic to reduce system and connection loading even in
the worst situations. Please note that for best performance, RSCAN should
be at 4 hours or greater.
- Revised SMTP message numbers/file names: The SMTP file name space is
now ten times larger for those who run busy mail systems.
- The IPAD is now much more aware of the file system limits and will
gracefully shut down things like the mail server when the limits are very
near. This will allow a very busy mail server to send out the mail
already in the queue before accepting too much new mail.
- The DNSBL now has a new command called "SPAMHOST" which
allows filtering inbound mail based on the reverse DNS name of the
sending mail server. Rules can be applied to allow only a small amount of
mail from the listed servers in a short period of time.
- The mail server now has the ability to drop mail sessions from
unauthenticated sources when we start running low on connections. This
allows the IPAD to preference our users over everyone else.
- The IPAD's mail server now supports "spam trap" mail
addresses. This is very advanced detection logic which even allows using
functional mailboxes like "postmaster" and "webmaster" as
a spam trap address without blocking legitimate mail to those addresses.
Each operator can set the level of sensitivity on each spam trap address
to best fit their situation.
- The mail server will now reject mail from SMTP servers who flat out
lie about their identity when establishing a connection to the IPAD.
- The IPAD's DNS resolver gets PDQ! This adds "Priority DNS
Queuing" which improves DNS operation, and since everything else
relies on DNS, will improve operation overall.
- Authoritative DNS zones no longer use the main RAM cache, they have
their own cache in memory. This allows much higher performance for both
the authoritative zones and the highly dynamic DNS cache. The new console
command "DOMAIN CACHE AUTH" shows the authoritative
- DNS "RP" records are now supported in zone transfers and
secondary DNS hosting. These reference records are not editable in web
manager in this version of the IPAD.
- When a DNSBL lookup "times out" or reports a server failure,
that DNSBL will be disabled for a short time. This prevents a rather
dramatic performance hit when heavy winds blow down the utility poles
near a DNSBL operator's house. Status changes are logged in the mail log
at the "normal" logging level.
- %ip% may now be used in DNSBL.CTL message strings -- inserts the
remote SMTP server IP address. You'd use it something like this:
DNSBLDOMAIN relays.ordb.org Open Relay, see:
See your DNSBL web page for
the "lookup" URL. Note: all new features are supported in the
- The DNS resolver is now randomized a little more. This allows more
even loading of the root servers and lets "round robin" tricks
for load balancing to work a little better.
- The SMTP "Sender:" header is no longer processed in any
special way by the List Server, you may now set it like any other added
header, strip it out, or leave it unchanged. This is in response to mail
clients that parse both the "sender" and "from"
headers and display them together.
- List server enhancements: Mailing lists may now be password protected.
If a password is set, it must appear on the first line of the subject, or
the message will be discarded. Default is no password.
- An optional "bounce" message may be configured. If
"accept all" is not checked and the sender's address is not on
the list, they will receive the bounce message. Default is no bounce
- List manager messages now use the Errors-To: address if set, or
firstname.lastname@example.org to prevent mail loops and related problems.
- Default headers now match the list management header RFC,
- List server now shows progress (in percent) on local screen and MAINT
- List server now supports footers on each message. The footers are
freeform and can be anything you wish.
- List server now supports subject line tagging. This allows adding a
specific tag or text to the subject line of every message posted to the
- The IPAD now has Long File Name support! This version supports full
Windows 98-style long file names in the FTP server, web-lite server, DNS
server and the console
dir command. Warning: this version does
not support long file names in the SMB/CIFS server. Long file names are
not supported when defining an FTP site or WWW site (i.e. defining the
site root) as this does not add any utility to the server and can
actually negatively impact system performance. Long file name support
requires the IPAD-OS Boot Loader, and you should be well prepared when
upgrading from MS-DOS or Win9x-DOS. Note that Win9x-DOS does not support
long file names outside the Windows GUI. IPAD 4.0 runs fine with DOS
6.22 and with Win9x-DOS, without long file name support.
- The IPAD WhoIs client has been enhanced to handle more top-level
domains including international domains which do not resolve correctly
from the root WhoIs servers hosted in the USA.
- The IPAD's POP3 client (the one where it goes to another server and
picks up mail) now has the ability to detect local user activity and
check the remote POP3 mailbox more often. Two different polling
intervals can now be set on the IPAD. One for when local users are
actively checking email on the IPAD, and one when they are not.
- The IPAD is more file-aware with respect to the total number of files
open at any one point in time. This is visible at the bottom of
"stat files" report. The IPAD is more graceful about shutting
down mail service when too many files are open which will prevent many
of the false
file corruption problems reported in the past.
- Over the years, the number of internal timers has increased which
caused some noticeable things like the clock on the local console
"skipping" once in a while. The IPAD can now handle timers
much more efficiently. This may show in several ways, but the most
noticeable will be an overall smoother feel to the whole system.
- The POP3 Server now suppresses the mbox-format
This helps some versions of MS-Exchange get along better with the
- Log Cycling: at midnight, the IPAD renames all of the active log
files and starts new log files. The previous day's files will have a
.001 extension, two-day-old files will be .002, etc. By default, 50 days
of history are kept. You can change the default by using a command line
option. This will allow any IPAD to run unattended and not fill the
local disk with log files.
- Our old-friend the on-screen display has been enhanced. If you don't
have a monitor on your IPAD, you won't notice much difference. :-)
- The IPAD supports both domain.tld and www.domain.tld for ip-less web
servers. (define servers as www.domain.tld for this to work).
- RFC-1948 compliance (harder to spoof connections)
- New Simple Network Management Protocol (SNMP) Management Information
Base (MIB) variables: ipadFiles, ipadFilesMax, ipadNatCircuits,
ipadMaxNatCircuits, smtpSessionsIn, smtpSessionsOut, ipadZero. This
allows using human-readable names to reference information inside the
- The IPAD now uses a more compatible DHCP response method. DHCP
responses were unicast if the "flags" didn't call for a
broadcast response. Microsoft DHCP servers generally broadcast all
responses even if the flags say they can unicast. We now use the same
- Easier to use MRTG! In the IPAD group, added ipadUpTimeI and
ipadCpuTimeI -- these are the same as ipadUpTime and ipadCpuTime but the
result is reported as an integer. Many SNMP managers, including MRTG,
graph integers, not time. This will allow MRTG to be used without
modifying BER.PM in MRTG. Other new Objects:
- smtpMsgsSent "Number of SMTP messages sent."
- smtpMsgsRcvd "Number of SMTP messages received."
- smtpMsgsDNSBL "Number of messages DNSBLd."
- smtpMsgsHacked "Number of messages Rate-limited for hacking."
- smtpPop3Sessions "Number of POP3 sessions."
- dnsQueries "Number of DNS server queries."
- dnsResponses "Number of DNS server responses."
- dnsAuthLookups "Number of Authoritative Cache lookups."
- dnsAuthHits "Number of Authoritative Cache hits."
Using the latest MRTG (at least in 2.9.18pre9), and probably earlier,
you can: Start with CFGMAKER and let it find the interfaces. Once that
works: Load the eSoft MIB with the following line:
LoadMIBs: c:\esoft.mib (correct path to file)
Then you can track variables by MIB name, not OID (which is much
MaxBytes[MAIL-SMTP]: 500 Options[MAIL-SMTP]: growright, nopercent,
- Directory listings on the IPAD are now much faster. The speed
improvement really shows on directories which are very full.
- Incoming FTP files now use a temporary file name until the upload is
completed. This provides much more protection from potentially corrupted
or incomplete uploads due to unreliable connections.
- Traceroute is now more compatible with the TCP communication methods
commonly used in the Internet even when they differ from the published
- Small TRACEROUTE fix: TRACERT is now a valid IPAD console command (and
in MSUPV> mode).
- Directory options now show the correct disk size and free space up to
the maximum allowed under the FAT32 disk format.
- The IPAD is now able to detect "stuck" TCP sessions and
remove them. The process is not fast, but it is thorough.
- If the BOOT.NAM file had critical errors on startup, the IPAD could
refuse to boot or crash. The IPAD now will start but disable the DNS
server until the critical problem has been fixed.
- Fixed an initialization bug that crashed some IPADs on startup under
- Sometimes the IPAD didn't properly recognize POP3 size limits allowing
more than the allowed mail into a mailbox. This is fixed.
- A malformed FTP "port" command could crash the IPAD in some
situations. This was perhaps sent by a virus that is currently in the
wild. This has been fixed.
- ARP PROXY DEFAULT= is now saved correctly from the web manager.
- "DOMAIN RELOAD ALL" has been updated to work more
consistently and to force a reload of all secondary zones at the same
- Zone transfers used to use the appropriate (or not) interface port, it
now uses the IPAD's primary IP address. This makes it easier for the
Primary DNS hosts to permit your IP.
- HTTP "Cache control:" header added to Web Manager (Fixes
Netscape 7.x flaw).
- Log flush logic moved from the timer thread to a separate daemon. This
will keep the system running smoothly even when a lot of log activity is
- Subscribing or unsubscribing from a list caused a crash in some cases
if there was no errors-to address defined for that list, this has been
- A mailing list could not be changed by the web manager while the list
was actively sending, now it can be changed at any time.
- Changing the DNSBL control file on a busy IPAD could cause a crash.
This has been fixed to be more robust to user changes. It is still
strongly recommended to rename control files before editing them on a
- The POP3 UIDL command didn't always return unique message IDs, now it
does. This fixes a problem downloading messages when the mail client uses
UIDL instead of LIST and RETR.
- TCP values in the web manager (and IPAD.CTL) now show as the correct
unsigned values, even though they were handled correctly in previous
- Fixed a problem when an incoming packet could trigger the H.323 proxy
when a web server Passthru should have been used instead. This
occasionally caused the router to hang.
- The firewall now classifies DNS activity as higher priority than
before. This will allow a system which is overloading the available
bandwidth to feel faster to end users.
- List servers were supposed to be "destinations" under IP
based relay permits. This now works correctly. (also in IPAD 3.02)
- A memory leak in the list manager has been plugged (also in IPAD
WEB MANAGER CHANGES
- The IPAD's web manager interface has been redesigned to use industry
standard cascading style sheets. This allows much more control over the
look of the interface on very different systems and even end user
control. If you need large fonts, there is only one file to change. If
you need higher contrast colors, change one file and the whole
interface changes to follow.
- Removed almost all of the default font sizes for those who do
not or can not use the style sheets (older browsers). The
default font sizes are now selected by your web browser making
everything the same size for those who don't have style sheets
enabled. This gives more control to the end user.
- Added a "default" choice to all of the Setup Wizard
pages. This will allow pressing the Enter key to advance to the
next page in the IPAD Model 1200 and 2500 setup wizard sequence
just as if the Next button was clicked.
- Fixed problem where model 2500 users could not change the
directory path of an FTP account through the web manager. The
2500 was incorrectly placed with the model 1200 logic which
does not allow changing of the user directories.
- Changed help wording for rescan value to expand a little more
on the reason behind the need for higher than minimum
- Completely populated the STYLE.CSS file in the WWWMAN
directory. This file should control just about everything to do
with the look of the web manager interface. You are free to
distribute your custom style sheet files as "skins"
to other IPAD 4.0 owners. The IOA may provide a place on the
web site to display your work if needed.
- Fixed some errors in the icon menu navigation which would
show the wrong label. For example the "Time" option
in the System icon menu showed the word
- Updated the ESOFT.MIB file in the web manager to the current
version. This file is linked from the web manager SNMP page to
allow access to the MIB even if the user does not have SMB/CIFS
or FTP access to the IPAD.
- Changed language text for Forms / Advanced / Message body
help to be more explicit about the "email" tag
- Changed the "+" and "-" for full list
expansion to a table to allow better positioning in all web
- Added default file name for list bounce message file
- Added default file name for list subscribe message file
- Fixed the missing % in the MSGS.HTM file which caused some
result messages not to display.
would cause some versions of Internet Explorer to report an
error when clicking on links in the center box.
- Removed references to the IPAD manual from the IPADLANG file
until the manual is ready.
- Added an update check to the web manager version display
screen. This will link to a page on the IOA web site for the
specific Web Manager version running on the IPAD and allow for
downloading updates as they are released.
- All main menus have more links which will shorten the number
of clicks to get to any part of the Web Manager interface.
- Changed location of the Settings and Reset button to be at
the bottom of the log display forms isolated from the
- Added links from MIRRORED and Multidrop mail pages to SMTP
page to allow full configuration of SMTP server functions when
the IPAD is set to pick up mail from a remote POP3 server.
- Changed formatting and layout to support screen resolutions
up to 2048 pixels wide. This is double the resolution of
- Fixed bug with list moderators that would unsubscribe
(suspend) all members who were turned into moderators.
- Added Subscribed field check box to the list member
- Added 2 minute and 24 hour options to the POP3_CLIENT poll
interval pick list. Note: 2 minutes is only for rare situation
when email response time is more important than being polite to
your ISP and should not be used for a default setting.
- Completely reworked the Setup Wizard on the 1200 and 2500
models to better match the current look and feel of the Web
- Fixed HTML error on many check boxes which mistakenly used
value="ON" instead of "CHECKED" to show a
default checked mode.
- Several of the time related pick lists which jumped directly
from 6 hours to Unlimited now have a new option of 12 hours.
This should help give a little more control to things like the
maximum length of FTP connectivity, POP3 polling frequency, and
supervisor telnet timeout.
- Added the FTP user account startup path and suspend check box
to all IPAD models. This was incorrectly only available in the
model 5000 version when the standard and advanced screens were
combined several versions ago.
- Corrected text for "Sequence Error" language entry
which was a duplicate of the field above it in the IPAD
- Combined the Accounts/ Email/ Edit button page to combine the
standard and advanced pages into one.
- Fixed bug in Accounts/ FTP tab/ edit button page which
prevented the user from changing the idle and max connect time
- Reworded "Cache Wait" help text to better explain
the negative results of values which are too high or too
- Added "SQL:1433" to the Passthru pick list.
- Reformatted table structure in server/lists/mem.htm to allow
display on very low resolution (640x480) web browsers without
wrapping in odd ways.
- Fixed error in server/lists/form-1ma.htm which had a source
code comment line in the HTML part of the code. This caused
strange results in some browsers.
- Fixed error in server/lists/memr.htm and server/lists/mem.htm
which included one too many internal fields preventing
unchecking the moderator check box.
- Major cleanup on the Servers/ E-mail/ Server tab page. This
combines the Standard and Advanced pages into one page and
grouped like commands together in hopes of making it easier to
locate the desired option. This should also allow all of the
fields to be displayed on one form very little or no need for
scrolling on most browsers.
- Updated Ethernet interface Stats page to reflect the new lean
- Corrected help links on Frame Relay stats page so all now
work as they should.
- Corrected ISDN issue with model 1200 which would forget the
INIT string when unrelated ISDN fields changed.
- Reworked the dial-up/dial-out statistics page to make better
use of the screen real estate. This should eliminate the need
for scrolling in most screen resolutions.
- Added "10 minutes" as an option to dial-out
inactivity pick list.
- Repaired many locations in the language file where spaces
between words could be suppressed making things appear to run
together in odd ways.
- Fixed all locations of double open font tags in every ISDN
reference in the language file.
- Changed MIME "Extension" field to 12 characters to
match the new ability to handle long file names with IPAD-OS.
Please note that if you are not using IPAD-OS only the first
three characters of this field will be valid.
- Expanded MIME "Type" field to handle some of the
longer types which are showing up. It was always possible to
add these types in the past, but now it is possible to see the
whole length on one screen.
- Expanded language entries for MIME Extension and Type fields
to hopefully better explain the function to the user.
- Fixed alignment issue with folding menus where direct links
like "Accounts" and menus like "Servers"
did not line up like they should.
- Expanded the help text for both the ECHO and DISCARD servers
to clear up common misconception that these control ICMP (PING)
traffic. (They do not.)
- Added more to the Web Lite Forms page help tags. This should
help to explain the needs of each field a little better.
- Changed the System/ Routing/ Filters/ Interface page to list
filters in normal font weight instead of bold. This along with
the added forced padding between the table cells and the nowrap
tag will allow those with larger fonts to display filters in a
clean and logical way. If the local font is too large to
display all of the information on one screen, scroll bars will
appear. All of this is done without use of any forced font
sizes to allow the user to retain control over the
- Repaired several mismatched font tags which had a single open
tag with multiple close tags. While this should not change the
display of the pages, it will be kinder to the browser trying
to make sense of it all.
- Combined several places where the font face and size were
specified in different tags but enclosing the same block of
text. This should make it more efficient for the browser's
rendering engine to figure things out and display the
- Removed the Blink tag from the System/ Routing/ Firewall/
Firewall page. This was used for any error messages and made
them harder to read.
- Corrected HTML format error in Strict Enforcement language
- Changed the top frameset from 25% of the total screen space
to a static size of 150 pixels. This should be plenty to
display all of the messages without being too cramped while
making more screen real estate available for the rest of the
- Changed the "Server" buttons to the more consistent
"Standard" label on the navigation button at the
bottom of the following pages: Servers/ DNS/ Server tab/
Resolvers Servers/ DNS/ Server tab/ Root Servers/ DNS/
Server tab/ Zone Transfer Permits Servers/ DNS/ Server tab/ DNS
- Corrected default action for "Enter" key on SMTP
bounce message form.
- Changed wording for Passthru "not continuous"
warning to better explain what it really means.
- Added another set of navigation buttons to the bottom of all
log file display pages.
- Changed model 1200 log file display pages to follow the
display methods used by the other models. All IPAD models
should now have the same look for log file display.
- Totally reorganized the List server Management page. This
should be a little easier to understand logically and should
fit comfortably on most browser pages.
- Added 25k choice to mailing list max size select list. This
adds one size smaller than the previous list allowed.
- Fixed a long standing, but hard to track down font error
which only showed up on some Internet Explorer versions when
the Georgia font was not installed and the default serif font
was not in the Times family. This caused different parts of the
web manager, most noticeably the ICON menu, to display boxes in
place of the characters for the link words. This fix should
allow all Mac, Linux and Windows users to display the link
- Repaired the DHCP check box which was always forced to the
existing state of either checked or unchecked no matter what
the user did.
- Added FAVICON.ICO to the web manager. This will make an icon
show up in the location bar and bookmark list of most modern
web browsers. IE seems to want to have the page added to the
Favorites list before the icon will show up. Netscape and other
Mozilla-based browsers show the icon right away. This icon may
be freely edited by the end user to help distinguish one IPAD
from another when managing multiple systems.
- Added a special user-editable graphic to the root of the web
manager directory named MSGBACK.JPG. This file may be edited or
replaced with any JPG format graphic the user desires so the
web manager may be uniquely identified. This helps when
managing more than one IPAD.
IPAD-OS Boot Loader
- IPAD 4.0 includes a new IPAD-OS Boot Loader. This removes all need
for other boot operating systems such as MS-DOS or compatibles.
- IPAD-OS Boot Loader has a professional development team dedicated just
to keeping this part of the IPAD up to date, high performance and
bug free. This is their only job, and they are good at it with many
years of experience.
- IPAD-OS Boot Loader provides full support for Long File Names (LFN)
in IPAD servers. IPAD 4.0 has LFN support enabled in the FTP
server, Web Lite server, DNS server and internal IPAD system backup
functions. Other services will become LFN enabled in future
- IPAD-OS Boot Loader has support for single disk volumes larger than 8
Gigabytes. This allows almost any modern hard drive to be used in any
combination of single or multiple partitions as desired.
- IPAD-OS Boot Loader has full native support for FAT32 format disk
volumes. This brings much more efficient storage of files and helps
reduce the need for disk de-fragmentation to almost Zero when running
on an IPAD. The IPAD-OS Boot Loader combined with the new IPAD kernel
will cause fewer fragmented disk files providing higher performance for
you and your users.
- IPAD-OS Boot Loader is fully compatible with all existing IPAD
support tools. This means the programs and utilities you are already
using will work the same. Note that some of the tools may need updates
to be fully aware of long file names and FAT32 disk partitions.
- IPAD-OS Boot Loader allows room for new abilities in the IPAD kernel
to better deal with disk performance issues such as sub-directories
containing very large numbers (thousands) of files.
- IPAD-OS Boot Loader is much more efficient in how it utilizes memory
allowing more room for the new features in the current IPAD kernel and
- The most important benefit is that IPAD-OS Boot Loader is fully
licensed to allow resale of new IPAD-OS based machines without having to
pay additional royalties above the existing IPAD license. This can save
up to 10% or more of the software cost for value added IPAD
MINOR FIXES IN 4.01
- Limited the web server inbound buffer to 16k bytes. This fixes a
possible Denial of Service attack from very long URLs.
MINOR FIXES IN 4.02
- DNSBL flow control has been improved by 200%. This performance
improvement is most noticeable under heavy spam/virus email attacks.
- The mail server now always advertises SMTP-AUTH availability. This
addresses an authorization issue for Outlook Express on Macintosh.
- The Web Manager now correctly creates TXT records in DNS zone files.
This is useful for adding SPF and
Microsoft Caller ID records. Previous versions appended an erroneous
trailing period to the data field.
- A potential crash in the screen display code has been fixed. This
makes the IPAD even more stable and graceful under the most heavy
- A potential crash in the anti-spam logic has been fixed.
- Anti-Spam DNS activity limited to 10 simultaneous DNS queries to
prevent local resolver saturation. This limit does not apply to reverse
- The Web Manager now has a dynamic "Check for update"
function that tests for the current available version of the IPAD-OS, the
IPAD Boot Loader, the Web Manager and the language files. This is found
by clicking on the IPAD logo, then "Check for update"
- The mail server directory scan always started from the top of the
directory, even when the directory being scanned was quite full. Now it
continues using the same directory list until it reaches the end. Only
then will it start over at the top. This significantly improves
throughput performance on mail servers with extremely large mail volumes
(more than 5,000 simultaneously active messages).
- New logic in the SMTP server tracks and skips servers that are
unreachable. When the IPAD fails to connect to a remote SMTP server, the
IPAD will now remember the IP address and temporarily skip further
connection attempts. Unreachable servers are remembered as
"unreachable" for the SMTP connect delay period (default of 5
minutes). If they are still unreachable after 15 minutes, the address is
changed to "probation" status for 1 hour. An IP address on
probation will be allowed only one session every 6 minutes to check if
the server is available yet. This brings a big increase in sending large
volumes of mail when a major mail destination is down.
- Fixed a web server memory leak introduced in 4.01.
MINOR FIXES IN 4.03
- Improved the SMTP server to make it even more resistant to virus and
spam attack. In previous version 4.0x systems, a rare and specially
malformed SMTP packet could cause the server to restart. There was never
any security issue. This free patch simply provides a performance and
reliability improvement in an unusual situation. It is strongly
recommended that every IPAD 4.0x version upgrade to 4.03 immediately to
prevent this bug from being exploited on your system.
MINOR FIXES IN 4.04
- Fixed a potential web manager crash when Passthrus are not defined
contiguously. Note, the True IP Address Expansion firewall logic will
"own" all of the addresses between the first and last defined
Passthru. This significantly improves firewall routing performance for
systems that use contiguous Passthrus.