Xeams Updates

Version 6.3 build 5973

February 06, 2017


  • Active Directory lookups can be done using SSL.
  • CIDR format is now accepted for Relaying IP, White/Black listed IPs and Acces Control List
  • Screen to manage White/Black listed IP address is enhanced.
  • Ability to send quarantine reports to a different email address
  • Ability to force HTTPS for the web interface
  • A new filter called UniqueAnchors has been added
  • SPF check is skipped if message comes from a server allowed to relay
  • Access Control List for admin account, which restricts admin access to certain IP addresses
  • Score for authenticated user is now configurable using the score.for.auth.users system property
  • Activity by IP report has been updated to work with blacklisted IP addresses in CIDR format

Version 6.2 build 5968

December 11, 2017


  • A new filter called Tricky Sender is added to handle a major security flaw discovered in many email clients. Click here to learn more about this filter.
  • Inherited Profiles are introduced
  • Additional system alerts have added
  • Virus Detector has been updated to look for zips within a zipped file
  • Diagnostic Check – Outbound has been enhanced to report missing PTR records
  • AUTH PLAIN and CRAM-MD5 are now supported in Smtp Authentication

Bug Fixes

  • The license renew button in About screen does not calculate the correct number of license
  • Active license count is incorrect when using AD

Version 6.1 build 5961

November 08, 2017

Bug Fixes

  • Bypassed addresses are ignored in license

Version 6.1 build 5960

November 07, 2017


  • Inconsistent sender filter is enhanced to look for valid DKIM signatures before assigning scores.
  • Warning messages are added if quarantine report is not generated at midnight. Click here for details.
  • Licensing update. Distribution lists containing email addresses for local users is no longer counted towards a license.
  • Auto Updates do not restart Xeams. Even if auto-updates are enabled, necessary files will be downloaded but won’t be patched until administrators restart Xeams

Bug Fixes

  • Default AD is automatically selected even if local domains are missing in SMTP Configuration

Version 6.1 build 5958

October 25, 2017


  • Message status icons have added when viewing messages. Click here for details.
  • Ability to migrate emails from other IMAP/POP3 servers into Xeams. Click here for details
  • Ability to use multiple LDAP servers. Each LDAP can be associated with a different domain.
  • Ability to integrate with Zimbra LDAP
  • Outbound Diagnostic Check
  • Link for Diagnostic Check has been moved from Server Configuration to Tools
  • Outbound forgery alerts. Email alerts are sent to administrators if Xeams detects an outbound email that will be considered a forgery by the receiving end
  • New log file called OutboundForgeries.log has been added, which contains emails that were sent out and could be treated as forged
  • New log file called DeletedEmails.log has been added, which will hold traces of messages that are deleted becuase their score went pass the deletion threshold
  • Ability to snooze email alerts
  • Prefrerred URL for the web interface. This is set under Server Configuration. Xeams will use this URL when generating alerts as well as when new users are created.
  • Outbound reports for DMARC are not sent to the queue if first attempt fails.

Bug Fixes

  • Inconsistent sender rule gets triggered if the MAIL FROM value in SMTP envelope ends with upper-case letters.
  • Subject line of incoming messages is not changed when using the POP3 fetcher
  • Links within quarantine report do not work if the user account contains non-English characters
  • The RUA email address for DMARC report ignores the message size parameter

Version 6.0 build 5948

August 14, 2017


  • Support for DMARC has been added. Click here for details
  • RFC822 Verifier rule has been updated to detect invalid email addresses in the FROM header
  • Temp files are removed much sooner rather than waiting until shutdown.
  • The web server can look for X-Forwarded-IP and X-Real-IP headers before black-listing IP addresses where unsuccessful login attempts are made.
  • The Message-ID header is recreated when restoring messages, preventing MS Exchange from suppressing restored messages.

Bug Fixes

  • Emails that go into Possible Junk cannot be searched.
  • Email on iPhone cannot display contents when connecting via IMAP.
  • Email containing special characters in buddy/enemy list cannot be removed
  • Messages received via POP3-Fetcher are not included in quarantine reports

Version 5.9 build 5934

May 15, 2017

Security Flaw

  • A major security flaw is patched that could allow non-authorized users to login as admin using the web interface.


  • New custom filter that looks for embedded attachments inside a PDF file leading to a ransomware.
  • New custom filter that implements a fuzzy search algorithm to detect previously received spam messages from different senders but similar content
  • Out-of-office notifications are added to user’s screen, allowing them to automatically notify senders when they are not in office.
  • Separator for score search is changed from a (-) dash to a comma. This is done to allow negative searches.

Bug Fixes

  • MS Office Macro detector has been updated to filter XLSX extensions.
  • BCC header filter does not work
  • Messages cannot be moved from Possible Junk to Junk

Version 5.8 build 5925 March 14, 2017


  • Restarting Xeams has been improved on Windows. The patcher will now try to restart Xeams multiple times if the first attempt fails.
  • Temp files are cleaned sooner.
  • New IP Reputation rule is introduced to mark subnets of IP addresses where junk messages are received
  • Smtp Envelope field MAIL FROM is now used to filter buddy/enemy lists.
  • A new operator To, CC, BCC is introduced for header filters
  • New log file called QuarantineReports.log is added that helps troubleshoot problems with Quarantine Reports.
  • IMAP server closes connection after 5 minutes if a client does not send requests but leaves connection open
  • Appearance is applied when a profile-admin logs in
  • Bug Fixes: A previously associated email address cannot be associated with a different user without restarting Xeams