Fixed a javascript path (sometimes caused the progress bar not to be shown).
Fixed a syslog message for dropbox with wrong sender name.
Fixed a problem that sometimes caused the Outlook plugin to not be able to login.
Add bcc list in the message log (so you can see who you've bcc'd).
Added 'ft clear_admin_networks' command, if you need to clear the admin network restriction.
Security issue where a user could change the password of the first created user of the system with a specially crafted
URL.
Fixed a problem which could cause some users to be logged out incorrectly
Fixed a display issue where file size wasn't reported correctly in the web interface
Added log message when files are deleted by the automatic cleanup
Update the users last login time when they've been logged in using the remember me cookie
Ensure that content-type is recorded when sending through the
API.
Fixed a problem that prevented some admin functions if admin networks was specified.
Cleaned up some javascript for the download authentication.
Added localization strings for Authorize and Authenticate buttons.
Fixed a time zone issue where data wasn't always stored in UTC in the database.
Sending files with $ signs (and other non-standard characters) works now.
Added a command: 'ft clean_data_dir' to move files out of /var/data/files that are no longer available (run after restoring files from backups).
Fix a problem caching of
LDAP credentials introduced in v1.6.13.
Fix a problem with
API authentication to
LDAP if the user didn't previously exist in the system.
Enable editing of the English locale for simple overwrites without needed a special locale
Fixed the localisation of the date format for the date selector
More robust uploads, edits and validations of the locale files
Reload postfix after changing time zone
Fixed time zone issue with the system log viewer
Check that the last system administrator is not deleted or removed its sysadmin status
Display public
URL to messages in the message log
Added localized_date to localize the date string in the email templates
Updated password reset timeout validation.
Added user time zone display.
Don't login unverified accounts.
Updated the system_url placeholder to display url with ports, if set
Updating the remote syslog didn't restart the syslog service
Fixed a display issue in the message log
Fixed the message url for systems with non-standard ports
Fixed server side filtering of blocked filters for user dropbox
Better explanation on the email validation page
Better error messages when the
API is disabled
Fixed remote syslog configuration
Fixed an issue where messages wouldn't expire properly
Use the email key from
LDAP when validating users
Allow html in the dropbox description
Added a setting to force creation of accounts for remote users
Fixed the documentation link
Fixed a problem with an empty api key for some users
Downloading of locale files failed.
Set From header in system generated emails properly.
Ldapserver priority wasn't automatically set.
Times in the database was UTC between 1.6 and 1.6.3. This update changes to the local timezone.
Downloads using IE7-8 failed with a permission problem in some instances.
Fixed a user registration issue.
Fixed a JavaScript issue that toggles the passwords when
LDAP authentication is enabled/disabled.
Fixed size to human size calculations.
Added quotation marks for the From address when sending dropbox messages.
Load external assets with https when connecting with https.
Fixed a url problem with the user dropbox and the admin section.
Limit IE9 to it's actual 4 Gb upload limit.
Better handling of out of range calculations in email templates.
Fixed custom header image on the front and dropbox page.
Cleaned utf8 from post parameters (this is a
IE UTF8 workaround).
Create a daily local db backup (to /var/data/db_backup).
Fixed a problem with
LDAP preventing new users from authenticating.
Made the default html templates simpler and more compatible.
Message id wasn't shown in the download receipts.
Fixed an issue with displaying custom logotype.
First, if you are storing files on a separate disk, instead of the normal setup. Please see the separate disk FAQ.
Updated
API â the updated
API uses persistent
API keys instead of user authentication. You have to update your code, or download an updated plugin when updating to v1.6.
Brute force protection. The system will now lock out users after multiple failed logins.
Moved the file store to /var/data. Please make sure that you move your files and mountpoints manually if you have added a custom disk storage.
Never send passwords directly. Always send a custom link prompting users to set passwords.
Custom password validation. Use any regular expression to validate passwords according to your password policy.
Email Templates - all emails are now customizable any way that you want.
Builtin reverse
DNS cache - fixes any slowdowns when using the system without a fully functional or responding
DNS server.
Only notify downloads when downloads has completed. This works with resumable downloads as well.
Log download speeds in the application log.
Export users and syslog messages to csv.
Added api enable setting to disable the api if not required on a Pro system.
Api client side override setting - telling the Outlook plugin when to automatically send files through the Filetransfer appliance.
The
API now has functions to download messages as well as sending them.
Support for resumable uploads. Strictly speaking, this is achieved with splitting files into segments and doesn't work using browsers, only using the
API.
Switched from a legacy autocomplete to the latest jQuery autocomplete function for autocomplete recipients.
Updated
LDAP authentication to allow
RFC2254 style filters like: (&(|(sAMAccountName=<user>)(mail=<user>))(objectClass=user)) matching users on multiple ldap attributes on the same time. This example allows users to login either with their email or shortname.
Chunked data transfers. Should improve transfer speeds.
Lots of backend updates (Rails 3, jQuery 1.4 (replacing Prototype) and others)
Disable certificate checking when sending support info
Ask for ticked id/email when sending support info
Search for filename as well in the message log
Strip html tags completely to avoid formatting errors from the Outlook plugin.
Fix for the path when using the custom filescan.
IE9 will now display the progress bar.
LDAP Priority field added, allowing search order of
LDAP servers to be specified.
Fixes for authentication with multiple
LDAP servers.
Security: Fixed a privilege escalation issue where a specially crafted url could escalate a users privileges.
Security: Don't allow script tags in subject or messages.
Security: Fixed a user authorization issue where a local authenticated user with a specially crafted url could read messages from other users (but not download files).
Added a Locale Editor.
Full IPv6 support.
Support for static routes.
Moved the system wide message log to the admin pages.
Updated application log to include all appliance functions.
Use “Login” instead of “Email” on the login page.
Cleaned up the interface.
Fixed an error when creating users with an empty local domains list.
Fixed an error with auto-logging in receive users.
Fixed a typo in the settings page for remote and receive users.
Redirect the old /send path to /message
Added “accepted filetypes” in the initial “account”
API xml response.
-
Added a function to enable remote support, if required.
Added a function to send support information, if required.
Fixed a license validation issue, when upgrading the license.
Fixed a ldap issue for Outlook users.
Use the builtin email system user as the envelope sender address if the user is not local.
Fixed an issue where users in a configured local domain could not register using the register link on the front page.
Better message title display when deleting messages.
Security: Switched to use SHA1 as the hash method when creating certificates.
Enable NTP as a default on new installations.
Better console configuration for initial install
Re-enabled the shutdown/reboot menu
Re-enabled the hostname menu
Operating system updated to OpenBSD 4.7 â should improve general stability and performance.
New admin interface pages.
Updated
LDAP authentication (again).
User Dropboxes.
New 'ft' cli utility that can add admins, do general setups and perform updates.
Lots of small general cleanup and stability fixes.
Don't set size limits as a default when creating users. Users without a pre-defined size limit will inherit the default value. This will make it easier to change the default size for all users.
Built-in Support for non-standard ports (i.e. making the Filetransfer appliance listen on port 8080).
Built-in Syslog browser
Fixed a problem with the
LDAP test.
Fix: When using a non-standard port, sometimes the browser was redirected back to the standard port.
Fix: Tempfiles are deleted after 7 days.
Fix: Reload the web server on updates.
Fix: Dropbox recipients show up correctly in the message log.
Fix: In 10.3.9, the Active Transfers and User Log tables wasn't working properly, displaying javascript errors.
Update: When sending messages - validate local users against
LDAP, if configured. If the user doesn't exist, treat the user as a non-ldap user.
Update: The From address from the dropbox email is now included in the From field of the email.
Fix: Ensure correct file permissions are set when updating from 1.2.x and earlier releases.
Fix: The account create headline in the account create email wasn't set properly.
Update: Improved checking for license server.
Fix: Don't throw an error when an
LDAP server isn't available.
Update: HTML version of the user activation email.
Update: List a reason if the max file size has been decreased from max.
Fix: The VMWare version of 1.3.3 could not be updated, or connect to the license server
Update: Limit uploads based on browser capability and available disk space.
Fix: It wasn't possible to enable console in the 1.3-1.3.2 releases.
Fix: Ensure proper file and folder permissions on uploaded files.
New Feature: Pro Only - 32Gb max file size. The Standard license is still limited to 2Gb.
New Feature: AD Group authorization. Limit logins to the Filetransfer appliance to certain AD groups.
Update: Send page cleanup
Update: Updated Branding.
Update: Demo license branding update - the demo will allow branding to be displayed to sysadmins only.
New Feature: Support for either accepted filetypes or blocked filetypes. Accepted filetypes is handy of you only want to allow certain filetypes.
Update: Removed the flash upload component and replaced Apache with Nginx.
Update: Internet Explorer 6 and earlier support has ended. If you need support for
IE6, please use version 1.2.x.
Update: Remote Authentication is now
LDAP only.
Fix: LDAP authentication for non AD
LDAP would fail since the v1.2.11 update.
Fix: Compatibility fixes for external
SSL offloaders.
Fix: Better https redirection for integration with external web proxies.
Fix: domain1.com,domain2.com (without space) wasn't recognized as two domains in the local domain settings.
Fix: Disk space wasn't reported properly
Fix: Javascript error reported in Internet Explorer
Fix: Sometimes updates from v1.2.3 to v1.2.4 would fail with a database error
Update: The type-ahead find has been updated to allow pasting of addresses better.
Fix: The interface didn't display properly in
IE6.
Update: Cleaned up the Getting Started interface.
Fix: The user registration registers users as local users.
Update: Removed the drop down for send options.
Update: Set send copy to myself default in configuration.
Update: Configuration to allow users to change require authentication.
Fix: The interface getting started page didn't display properly in
IE.
Fix: Setting interface configuration didn't work unless media type was set.
Fix: Cumulative updates from versions before v1.2 didn't work properly (i.e. update to v1.2.2 would only work from v1.2 or v1.2.1, this has been fixed and it's possible to update from 1.1.x directly to 1.2.3).
-
-
New Feature: Option to require authentication of files for download, another much requested feature
New Feature: Added a tab for users to see which sent files are available to them.
New Feature: Added a system status bar for system administrators displaying current CPU, Memory, Swap and Disk load.
New Feature: Increased the number of running application servers and switched from SQLite to MySQL for database storage. This should tenfold the amount of concurrent connections each Filetransfer Appliance can handle. The memory consumption has increased as a result of this and it's recommended to run the Filetransfer Appliance with 512Mb of RAM.
Update: Send page cleanup
Update: System configuration cleanup. When configuring NTP and
DNS servers, the system will automatically check if each server responds.
Security: Administrators cannot edit System Administrators
Fix: Set return-receipt to the sending user for the outgoing emails. This will make sure that bounces gets delivered back to the sending user.
Fix: local domains are always stored lowercase, and checking for local domains are case-insensitive
Fix: The activation gives better error reporting
Reliability: Fixed a problem with authenticating to the PMDF
IMAP server
Fix: The custom stylesheet was not displayed on the front page
Fix: An empty list of blocked file extension throws an error
Fix: Sometimes user self registration fails when remote authentication is set
Enhancement: Built-in Antivirus scanning using ClamAV
Enhancement: Blocking of files with certain file types (Windows executables blocked as default)
Enhancement: Hooks to create custom file checks on upload.
Fix: email addresses are stored as lower case when entered
Enhancement: Localization: The Filetransfer appliance can now be set to use English, English with Australian numbering format, German and Swedish. French and Dutch is under development and will be added soon.
Enhancement: Added setting for when to delete downloaded files.
Enhancement: Added setting for default download expiration
Enhancement: Added setting to allow users to change default download expiration or not
Enhancement: Added outgoing email relay authentication through the web interface
Enhancement: Added the ability to change login domain for
LDAP logins
Enhancement: Updated
IMAP authentication mechanism to allow both “user@domain” and “user” type logins
Fix: Stability update to the update mechanism
Fix: Delete all active transfer belonging to a user if the user is deleted
Fix: Self-signed certificates wasn't detected reliably for the Firefox ssl/flash warning
Fix: Fixed logo display errors in Internet Explorer 7
Fix: Fixed general display errors (white areas that shouldn't be there) in Internet Explorer 6
Fix: Fixed transparent image background problems in Internet Explorer 6
Fix: Fixed Javascript errors in Internet Explorer 7
Stability: Updated the flash upload library to the latest version
-
Enhancement: Added a setting to set all remote authenticated users as local
Enhancement: Added
IMAP configuration for imap servers that authenticate with usernames only (without @domain)
Fix: downcase email before authentication so that user@Company.com and user@company.com is the same user
Security: if user registration is disabled, redirect users back to the login page if they try to browse to the register
URL
Stability: Max file size is now set to 2000 Mb if left blank
Fix: Password resets is disabled for remote authenticated users
Fix: The outgoing email sender envelope address is now set correctly
Stability: Added CrashReporter so in case the application crashes it will email the relevant log (no data) for analysis to crashreporter@allardsoft.com
Enhancement: Changed DEMO limitations, if you update to version 1.0.5, you will be able to send large files, and instead the system will be rebranded with a AllardSoft File Transfer DEMO branding
Enhancement: If an ip address hasn't been properly set (when the appliance boots for the first time) you will be prompted on the command line to set/change it, will make it easier to get started
Security: The VMware demo no longer comes with a predefined root password. In version 1.0.5 an onwards, the root account is locked and a password needs to be set from the webadmin console before it's possible to login as root.
Enhancement: Support for flash version 10
New Feature: Added branding options to set a logotype, background colors and stylesheet overrides. The Allard Consulting copyright notice is only shown to system administrators.
New Feature: Cookie authentication to “remember me”
Stability: Updated the update mechanism
Version 1.0.3 was released 2008-11-15 and had the following changes and enhancements
New Feature: Added a configuration option to remove the user signup link from the front page.
New Feature: Added display of Active Transfers and the possibility to delete files that hasn't been downloaded yet. This is available both for administrators that can delete any file, and individual users who can delete their own files.
New Feature: It's now possible to set individual expirations on transfers.
Stability: A much improved system watchdog system has been implemented.
Version 1.0.2 was released 2008-10-30 and had the following changes and enhancements
Enhancement: It's now possible to upload Certificate Chains for subordinate CA's such as Godaddy.
Stability: Proper checking of certificates are now being performed when uploading certificates. It's no longer possible to upload certificates that will cause the webserver to stop.
Version 1.0.1 was released 2008-10-28 and had the following changes and enhancements
Enhancement: There is an incompatibility with Firefox, Self-signed certificates and flash based functions, such as the uploader function in the Filetransfer Appliance. A warning is now issued when someone logs in with Firefox using https, and when there's a self-signed certificate installed.
Fix: There was a missing database entry causing an error during downloads
Fix: There was a problem with permissions when uploading certificates which caused Apache not to start.
First Public Release: 2008-10-26