Update Notices
General Information
- The installation process upgrades the software automatically by uninstalling any previous version first. Administrators will be asked during setup to confirm the uninstallation. The new version must be installed in the same directory as the old version. The installation directory has to be adjusted manually in case the old version has been installed in a non default directory.
- During the installation process services are automatically stopped and restarted afterwards. Running archiving profiles will be cancelled and may show up as failed. Active user sessions will be terminated. Should stopping the service fail for any reason, please stop the service manually and run the installation again.
- In a multi server environment, upgrade the components in the following order: Management Server, Instance Host, Client Access Server
- After each update check the files in the sample branding folder to identify if new settings or template variables have been introduced.
- Please note the following version specific upgrade notices. Also read the notices from all version numbers between yours and the one you are going to install.
Upgrading to 13.x
- Update of MailStore Client and Outlook Add-in
Irrespective of MailStore Client's auto-update mechanism, a reinstallation of MailStore Client and the MailStore Outlook Add-in is required to make use of the following improvements:- Unified validation of TLS certificates.
- Unified evaluation of group policies.
- Distinct error messages for certain certificate errors.
- Outlook Add-in: Due to the required changes of the login process to support modern authentication with Microsoft 365 and Google Workspace, the Outlook Add-in must be updated to version 13 to be able to connect to MailStore SPE 13.x. Connecting to an older version of MailStore SPE is no longer supported after the update.
- Microsoft 365 Support
- A new directory service synchronization profile Microsoft 365 (Modern Authentication) as well as new profiles for archiving and exporting emails from or to Microsoft 365 have been introduced. These support modern authentication (OAuth 2.0 & OpenID Connect) and customers of Microsoft 365 are advised to regularly check for Microsoft's announcement on the timeline for removing HTTP Basic Auth from Microsoft Exchange Web Services (EWS) and to plan the migration to the new profiles in advance.
Once Microsoft disables support for HTTP Basic Auth in Exchange Web Services on Microsoft 365, the existing directory service synchronization profile Microsoft 365 (Basic Auth) (formerly named Office 365) and the Microsoft Exchange archiving and export profiles will stop working.
- A new directory service synchronization profile Microsoft 365 (Modern Authentication) as well as new profiles for archiving and exporting emails from or to Microsoft 365 have been introduced. These support modern authentication (OAuth 2.0 & OpenID Connect) and customers of Microsoft 365 are advised to regularly check for Microsoft's announcement on the timeline for removing HTTP Basic Auth from Microsoft Exchange Web Services (EWS) and to plan the migration to the new profiles in advance.
- Google Workspace Support
- The Google Workspace directory service synchronization profile has been extended with support for modern authentication (OAuth 2.0 & OpenID Connect). Customers of Google Workspace are advised to regularly check for Google's announcement on the timeline for removing support for less secure apps, and should plan the migration to the new setting in advance.
Once Google disables support for Less Secure Apps in Google Workspace, the existing directory service synchronization profile Google Workspace will no longer allow users to login to MailStore as long as the authentication method is still set to IMAP.
- The Google Workspace directory service synchronization profile has been extended with support for modern authentication (OAuth 2.0 & OpenID Connect). Customers of Google Workspace are advised to regularly check for Google's announcement on the timeline for removing support for less secure apps, and should plan the migration to the new setting in advance.
- GPO Templates
- GPO templates are now bundled with the application. End customers may download the GPO templates from the default page of the Client Access Server. See the index.html file in the sample branding folder on how to integrate the corresponding link. As the Email Archive Client and Email Archive Outlook Add-in use the same registry keys as MailStore Server and MailStore Outlook Add-in, the GPO templates provided are those bundled with the original MailStore products.
- IMAP Access to Archive
- When using either the new Microsoft 365 (Modern Authentication) or Google Workspace directory service synchronization profile, users that have been added by these profiles cannot access their archive via the integrated IMAP server as a MailStore SPE instance is not able to verify their credentials by itself.
- Mobile Web Access
- The dedicated Mobile Web Access has been removed due to no longer supported third-party components (e.g. jQuery Mobile) and in favor of MailStore Web Access, which has been received major enhancements in terms of performance and usability.
- Legacy Web Access
- As parts of Legacy Web Access are representing the server-side of the Outlook Add-in, the Legacy Web Access is still present, but no longer advertised on the login screen of the Web Access.
- Group Policies
- The following group policy settings are no longer supported in MailStore 13
- MailStore Client: Accept Thumbprint
- If a server name has been defined by a group policy, the certificate used by the Client Access Server must be trusted by the client computer and it must not be revoked or expired.
- MailStore Outlook Add-in: Accept Thumbprint
- If a server name has been defined by a group policy, the certificate used by the Client Access Server must be trusted by the client computer and it must not be revoked or expired.
Upgrading to 12.1
- TLS Compatibility
To connect to Instances in environments that support TLS version 1.1 or 1.2 only via the MailStoreCmd command line util, the Email Archive Client launcher must be updated by downloading and reinstalling it either manually or through a GPO.
Upgrading to 12
- Expired Certificates
- Irrespective of whether the certificate's trust can be verified, no connection is established by the E-Mail Archive Client to Client Access Server's whose certificate has expired or was revoked. In such a case, the certificate on the Client Access Server must be replaced first.
Upgrading to Version 11
- Upgrading Archive Stores
Depending on the archive size this can take an excessive amount of time. On average 50.000 messages are processed per minute during the upgrade.
- Until the archive stores have been upgraded, not all functionality of the software is available. To facilitate
- retention policies,
- the search functionality,
- the improved recovery records,
- the databases of the archive stores must be upgraded.
- Proceed as follows to upgrade
- Log in to the Management Console.
- Click on Instances
- Select the instance to upgrade
- Open the Storage tab
- Right-click on an archive store and select Perform Upgrade to upgrade a single archive store.
- Carefully read the notices and click on OK to start the upgrade process or click on Cancel.
- Retention Policies
If not all attached archive stores are available (State: Archive here, Normal), or their status is Write-Protected, no automatic processing of retention policies takes place. Therefore verify if an archive store is set to Disabled or Write-Protected after the upgrade and change it to one of the above states or detach it completely. Please notice that only end customers are allowed to manage retention policies. - Jobs
With the release of this version, the service provider administrator $archiveadmin is limited to manage only his own jobs. - Access via Integrated IMAP Server
To access the archive via the integrated IMAP server, an encrypted connection is now mandatory. If necessary, adjust the configuration of your email clients accordingly and enable TLS or STARTTLS. - SMTP Settings
In order to being able to select system administrators as notification recipients in the new SMTP settings, the email address needs to be configured in the properties of the corresponding system administrator. - Management API Commands Get-/SetComplianceConfiguration
The property globalRetentionTimeYears has been removed from the commands. Own scripts using these commands have to be adjusted accordingly. To manage retention policies, two new commands are available: GetRetentionPolicies and SetRetentionPolicies.
Upgrading to 10.2
- Branding
For the new responsive Web Access additional branding parameters were introduced. Please review your branding configuration after installing the upgrade. See Branding for the full list of options.
Upgrading to 10.1
- Archiving Emails
If not all attached archive stores are available (State: Archive here, Normal, or Write-Protected), no archiving takes place. Running archiving profiles are terminated with an appropriate message. Under certain circumstances this prevents the creation of duplicate emails while archiving. Therefore verify if an archive store is set to disabled after the upgrade and change it to one of the above states or detach it completely.
Upgrading to Version 10
- Upgrade of Master Database
To facilitate encryption of the master database it is upgraded to Firebird 3 during the first start of an instance and encrypted afterwards. This process might extend the time required for the first start of the instance by several minutes. - Upgrading Archive Stores
To facilitate encryption the databases of the archive store must be upgraded. Proceed as follows to upgrade:- Log in to the Management Console.
- Click on Instances
- Select the instance to upgrade
- Open the Storage tab
- Right-click on an archive store and select Perform Upgrade to upgrade a single archive store.
- Carefully read the notices and click on OK to start the upgrade process or click on Cancel.
- Archives of Other Users
These are no longer visible for instance administrators if the Archive Access (formerly knows as E-mail Preview) is blocked. Administrative functions such as deleting or renaming user archives are accessible through Administrative Tools > Users and Archives > Archives in the Email Archive Client. - Export E-mails
The previous change may also have an impact on export profiles owned by an instance administrator, in case the export scope contains archives of other users. As these are no longer visible to instance administrators if the Archive Access (formerly knows as E-mail Preview) is blocked, they are not taken into account by export profiles. - Auditing
All activities that are exclusively executable by instance administrators are displayed as Enabled (locked) at Compliance > Auditing. Irrespective of the Disabled status, all activities of instance administrators, excluding MessageRetrieveContent, are written into the audit log.
Upgrading to Version 9.x
- System Requirements
Please ensure that your system configuration matches the updated system requirements. MailStore Service Provider Edition now requires .NET Framework 4.5.1. The E-mail Archive Client and E-mail Archive Add-in for Outlook now require .NET Framework 4.5.1 and Internet Explorer 8 or higher. - E-mail Archive Client Compatibility
Due to a bug in version 8.5 of the E-mail Archive Client, it cannot update itself to version 9. Therefore re-deployment of version 9 of the E-mail Archive Client is required. - PDF Support of Full Text Search
PDF support has been removed from MailStore SPE's own indexer. Therefore it is required to either install a recent version of Adobe Reader or an appropriate IFilter driver (i.e. Adobe PDF iFilter on the Instance Host machines. - MailStore Management API
The Management API is now listening on its own TCP port, 8474 by default. It does no longer support sessions, thus login, logout and cookie handling is no longer required nor supported. HTTP basic authentication must be used instead. Please make sure to modify your scripts accordingly. The API is not enabled by default. You have to activate it in the Management Role.